How to use the pefile.retrieve_flags function in pefile
To help you get started, we’ve selected a few pefile examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
idiom / pftriage / pftriage.py View on Github 
fobj += ' {:4}{:<16} {}\n'.format('', "Size", self.filesize)
fobj += ' {:4}{:<16} {}\n\n'.format('', "First Bytes", self.getbytestring(0, 16))
fobj += ' Hashes\n'
fobj += ' {:4}{:<16} {}\n'.format('', "MD5", self.gethash('md5'))
fobj += ' {:4}{:<16} {}\n'.format('', "SHA1", self.gethash('sha1'))
fobj += ' {:4}{:<16} {}\n'.format('', "SHA256", self.gethash('sha256'))
fobj += ' {:4}{:<16} {}\n'.format('', "Import Hash", self.getimphash())
fobj += ' {:4}{:<16} {}\n\n'.format('', "ssdeep", self.getfuzzyhash())
fobj += ' Headers\n'
if self.pe is not None:
for str_key in self.metadata:
fobj += ' {:4}{:<16} {}\n'.format('', str_key, self.metadata[str_key])
fobj += ' {:4}{:<16} {}\n'.format('', "PDB Path", self.get_pdb_path())
iflags = pefile.retrieve_flags(pefile.IMAGE_CHARACTERISTICS, 'IMAGE_FILE_')
fobj += ' {:4}{:<16} \n'.format('', "Characteristics")
for flag in iflags:
if getattr(self.pe.FILE_HEADER, flag[0]):
fobj += " {:20s} {:<20s}\n".format('', str(flag[0]))
return fobj
Popular pefile functions
- pefile.BaseRelocationData
- pefile.DataContainer
- pefile.DIRECTORY_ENTRY
- pefile.get_sublang_name_for_lang
- pefile.IMAGE_CHARACTERISTICS
- pefile.LANG
- pefile.LANG.get
- pefile.MACHINE_TYPE
- pefile.MACHINE_TYPE.get
- pefile.OPTIONAL_HEADER_MAGIC_PE
- pefile.OPTIONAL_HEADER_MAGIC_PE_PLUS
- pefile.PE
- pefile.PEFormatError
- pefile.RelocationData
- pefile.RESOURCE_TYPE
- pefile.RESOURCE_TYPE.get
- pefile.retrieve_flags
- pefile.SECTION_CHARACTERISTICS
- pefile.Structure
- pefile.SUBSYSTEM_TYPE.get