schwartz1375/imphash.py

## imphash.py
# Tracking Malware with Import Hashing
# https://www.mandiant.com/resources/blog/tracking-malware-import-hashing

import pefile
import argparse
import sys

def Main(file):
    print("Interrogating file: '%s'" % file)
    try:
        pe = pefile.PE(file)
    except pefile.PEFormatError as e:
        print('Aw Snap!  PEFormatError: ' + str(e))
        sys.exit(1)
    except:
        print('Something went wrong loading the file with pefile!')
        sys.exit(1)
    print('Import hash (imphash): %s' % pe.get_imphash())

if __name__ == '__main__':
    parser = argparse.ArgumentParser(description='A rapid file analysis tool')
    parser.add_argument("file", help="The file to be inspected by the tool")
    args = parser.parse_args()
    Main(args.file)
	# Tracking Malware with Import Hashing
	# https://www.mandiant.com/resources/blog/tracking-malware-import-hashing

	import pefile
	import argparse
	import sys

	def Main(file):
	print("Interrogating file: '%s'" % file)
	try:
	pe = pefile.PE(file)
	except pefile.PEFormatError as e:
	print('Aw Snap! PEFormatError: ' + str(e))
	sys.exit(1)
	except:
	print('Something went wrong loading the file with pefile!')
	sys.exit(1)
	print('Import hash (imphash): %s' % pe.get_imphash())

	if __name__ == '__main__':
	parser = argparse.ArgumentParser(description='A rapid file analysis tool')
	parser.add_argument("file", help="The file to be inspected by the tool")
	args = parser.parse_args()
	Main(args.file)