Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Header ¶
type Header struct {
CompilationTimestamp *time.Time `json:"compilationTimestamp,omitempty"`
Entrypoint uint32 `json:"entrypoint"`
TargetMachine string `json:"targetMachine"`
ContainedSections int `json:"containedSections"`
}
Header contains information found in a PE header.
type Info ¶
type Info struct {
Sections []Section `json:"sections,omitempty"`
FileVersionInfo []VersionInfo `json:"version_info,omitempty"`
Header Header `json:"header,omitempty"`
Imports map[string][]string `json:"imports,omitempty"`
Exports []string `json:"exports,omitempty"`
ContainedResourcesByType map[string]int `json:"containedResourcesByType,omitempty"`
ContainedResourcesByLanguage map[string]int `json:"containedResourcesByLanguage,omitempty"`
Resources []Resource `json:"resources,omitempty"`
Packer string `json:"packer,omitempty"`
ImpHash string `json:"imphash,omitempty"`
}
Info contains high level fingerprinting an analysis of a PE file.
type Resource ¶
type Resource struct {
Type string `json:"type"`
Language string `json:"language"`
SHA256 string `json:"sha256,omitempty"`
MIME string `json:"mime,omitempty"`
Size int `json:"size"`
// contains filtered or unexported fields
}
Resource represents a resource entry embedded in a PE file.
type Section ¶
type Section struct {
Name string `json:"name"`
VirtualAddress uint32 `json:"virtualAddress"`
VirtualSize uint32 `json:"virtualSize"`
RawSize uint32 `json:"rawSize"`
Entropy float64 `json:"entropy"`
ChiSquare float64 `json:"chi2"`
MD5 string `json:"md5,omitempty"`
}
Section contains information about a section in a PE file.
type VersionInfo ¶
VersionInfo hold keys and values parsed from the version info resource.
Source Files
Click to show internal directories.
Click to hide internal directories.