Last active
August 16, 2023 07:03
-
-
Save caueb/eb0f49a90ca3532b3e04e6c65d7c2acd to your computer and use it in GitHub Desktop.
Extract binary metadata. Useful to spoof binary metadata in malware development.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Usage: .\getbinmetadata.ps1 -File 7-zip.exe | |
param( | |
[Parameter(Mandatory = $true)] | |
[ValidateScript({Test-Path $_ -PathType Leaf})] | |
[string]$File | |
) | |
# Retrieve basic properties | |
$fileProperties = Get-ItemProperty -Path $File | |
# Print selected properties | |
Write-Host "Metadata for file: $File" | |
Write-Host ("-" * 50) | |
Write-Host "FileVersion : $($fileProperties.VersionInfo.FileVersionRaw)" | |
Write-Host "Company Name : $($fileProperties.VersionInfo.CompanyName)" | |
Write-Host "FileDescription : $($fileProperties.VersionInfo.FileDescription)" | |
Write-Host "InternalName : $($fileProperties.VersionInfo.InternalName)" | |
Write-Host "LegalCopyright : $($fileProperties.VersionInfo.LegalCopyright)" | |
Write-Host "OriginalFilename : $($fileProperties.VersionInfo.OriginalFilename)" | |
Write-Host "ProductName : $($fileProperties.VersionInfo.ProductName)" | |
Write-Host "ProductVersion : $($fileProperties.VersionInfo.ProductVersion)" | |
Write-Host ("-" * 50) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment