Advertisement
opexxx

pe_compiledate.py

Nov 14th, 2014
267
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 0.84 KB | None | 0 0
  1. #!/usr/bin/python
  2.  
  3. # grab the compile time of a piece of malware
  4.  
  5. import time
  6. import pefile
  7. import sys
  8. import argparse
  9.  
  10. def parse_pe(arg_file):
  11. pe = pefile.PE(arg_file)
  12. epoch = pe.FILE_HEADER.TimeDateStamp
  13. humantime = time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime(epoch))
  14. print "Possible compile time: " + humantime
  15.  
  16. def __main__():
  17. parser = argparse.ArgumentParser(description='grab the compile date of a file', usage='%(prog)s -f file')
  18. parser.add_argument('--file', '-f', dest='filein', help='file to nuke')
  19. parser.add_argument('--version', '-v', action='version', version='%(prog)s 0.1')
  20. args = parser.parse_args()
  21. arg_file = args.filein
  22.  
  23. if not args.filein:
  24. sys.exit(parser.print_help())
  25.  
  26. try:
  27. parse_pe(arg_file)
  28. except:
  29. print "Error!! Looks like there's a problem with the PE file"
  30.  
  31. if __name__ == '__main__':
  32. __main__()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement