Metadata-Version: 2.1
Name: versioninfo
Version: 1.1.0
Summary: Parse PE VS_VERSIONINFO structure and return JSON string.
Home-page: https://github.com/malwarology/versioninfo
Author: Malwarology LLC
Project-URL: Bug Tracker, https://github.com/malwarology/versioninfo/issues
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Information Technology
Classifier: Intended Audience :: System Administrators
Classifier: License :: OSI Approved :: MIT License
Classifier: Natural Language :: English
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3 :: Only
Classifier: Programming Language :: Python :: 3.11
Classifier: Topic :: Security
Classifier: Topic :: Software Development
Classifier: Topic :: Software Development :: Libraries
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Classifier: Topic :: System :: Systems Administration
Classifier: Topic :: Utilities
Requires-Python: >=3.11.0
Description-Content-Type: text/markdown
License-File: LICENSE.txt

# VS_VERSIONINFO Structure Extractor

This package parses a VS_VERSIONINFO structure and returns a JSON string. Certain szKey members in this struct and its children are compared with the expected and the structs are marked non-standard if the strings are not as expected. Data returned from this parser is meant for malware analysis.

If you need to isolate the RT_VERSION resource for input into this extractor, try [this](https://gist.github.com/utkonos/86585b85a313a2e41d33471c22cc26c6) Jupyter Notebook.

## Usage

### Native Python Dictionary Output

```python
versioninfo.parser.get_versioninfo(data)
```

### JSON Output

```python
versioninfo.parser.to_json(data)
```

#### Bugs

If the parsing fails or there are any other problems, please provide the file that caused the problem in addition to opening a Github issue.
