{ "info": { "author": "Deep Packer Inspector team", "author_email": "packerinspector@deusto.es", "bugtrack_url": null, "classifiers": [ "Development Status :: 5 - Production/Stable", "Intended Audience :: Developers", "Intended Audience :: Science/Research", "License :: OSI Approved :: GNU General Public License v3 (GPLv3)", "Natural Language :: English", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3.5", "Topic :: Security" ], "description": "# ![dpi-logo](https://www.packerinspector.com/box-mini.png) packerinspector-api\n\n[Deep Packer Inspector's](https://www.packerinspector.com/) API.\n\nYou can access the API reference at: [https://www.packerinspector.com/reference#dpi-api-v1](https://www.packerinspector.com/reference#dpi-api-v1)\n\n## How to install\n\n```\npip install packerinspector-api\n```\n\n## How to use\n\nYou are given an API key when you create an account at Deep Packer Inspector\n(create an account [here](https://www.packerinspector.com/login)), copy your\nAPI key from [here](https://www.packerinspector.com/settings).\n\n```python\nimport packerinspector\n\n\ndpi = packerinspector.PublicAPI('your API key')\n\n# Public scan\nresponse = dpi.scan_sample('path-to-sample.exe', private=False)\n\n# Public scan with some extra dlls\nresponse = dpi.scan_sample('path-to-sample.exe', private=False,\n 'extrastuff.dll', 'another.dll')\n\n# Private scan\nresponse = dpi.scan_sample('path-to-sample.exe', private=True)\n\n# Force sample re-scan (aka private scan)\nresponse = dpi.rescan_sample('path-to-sample.exe')\n\n# Get analysis report\nresponse = dpi.get_report('MzU2Ng.taDvVrLuqvOn1GRXgTRJiDGSfsE') # report id\n\n# Get only the behavioural packer analysis info\nresponse = dpi.get_report('MzU2Ng.taDvVrLuqvOn1GRXgTRJiDGSfsE',\n get_static_pe_info=False,\n get_vt_scans=False)\n\n# Download unpacking graph (stores a png in the given folder)\nerror = dpi.get_unpacking_graph('MzU2Ng.taDvVrLuqvOn1GRXgTRJiDGSfsE',\n '/path/to/graphs-folder/')\n\n# Download memory dump (stores a tar.gz in the given folder)\nerror = dpi.get_memory_dump('report-id', '/path/to/memory-dumps-folder/')\n\n```\n\n### Unpacking graph example\n\n![unpacking graph](https://www.packerinspector.com/graph/2e965b6c2734dfef93c5b517f192607c97219c5334c76fa22b0971ffdfaafbd920170608135058423189)\n\n### Report example\n\nSee [https://www.packerinspector.com/reference#get-report-response-example](https://www.packerinspector.com/reference#get-report-response-example) for a description of each field.\n\n```json\n{\n \"report-url\": \"https://www.packerinspector.com/report/2e965b6c2734dfef93c5b517f192607c97219c5334c76fa22b0971ffdfaafbd9/MzUzOQ.QwIOR1r3E1pMnRzZZhFKYO1PCVA\", \n \"status\": 200, \n \"description\": \"Report successfully retrieved.\",\n \"dpicode\": 1,\n \"id\": \"MzUzOQ.QwIOR1r3E1pMnRzZZhFKYO1PCVA\", \n \"vt-scans\": true, \n \"file-identification\": true, \n \"static-pe-information\": true,\n \"packer-analysis\": true,\n \"report\": { \n \"packer-analysis\": {\n \"layers-and-regions\": [\n {\n \"lowest-address\": 4198400, \n \"highest-address\": 4198400, \n \"regions\": 1, \n \"layer-num\": 0, \n \"frames\": 0, \n \"size\": 34487\n }, \n {\n \"lowest-address\": 50514240, \n \"highest-address\": 50514240, \n \"regions\": 1, \n \"layer-num\": 1, \n \"frames\": 1, \n \"size\": 281\n }, \n {\n \"lowest-address\": 1184486, \n \"highest-address\": 1184486, \n \"regions\": 1, \n \"layer-num\": 2, \n \"frames\": 1, \n \"size\": 4579\n }, \n {\n \"lowest-address\": 64946176, \n \"highest-address\": 64946176, \n \"regions\": 1, \n \"layer-num\": 3, \n \"frames\": 1, \n \"size\": 3776\n }\n ], \n \"num-downward-trans\": 17, \n \"remote-memory-writes\": [\n {\n \"source-address\": \"\", \n \"dest-process\": 0, \n \"source-process\": 0, \n \"dest-address\": 65142784, \n \"type\": \"Memory unmap|deallocate\", \n \"size\": 12288\n }, \n {\n \"source-address\": \"\", \n \"dest-process\": 0, \n \"source-process\": 0, \n \"dest-address\": 65077248, \n \"type\": \"Memory unmap|deallocate\", \n \"size\": 12288\n }, \n {\n \"source-address\": \"\", \n \"dest-process\": 0, \n \"source-process\": 0, \n \"dest-address\": 65077248, \n \"type\": \"Memory unmap|deallocate\", \n \"size\": 65536\n }\n ], \n \"num-layers\": 4, \n \"graph\": \"https://www.packerinspector.com/graph/2e965b6c2734dfef93c5b517f192607c97219c5334c76fa22b0971ffdfaafbd920170608135058423189\", \n \"num-regions\": 4, \n \"api-calls\": {\n \"1\": {\n \"0\": {\n \"address-space\": \"50514240-50514521\", \n \"total-api-calls\": 0\n }, \n \"total-api-calls\": 0\n }, \n \"0\": {\n \"0\": {\n \"ntdll.dll\": [\n \"RtlImageNtHeader\", \n \"ZwFsControlFile\", \n \"ZwPulseEvent\", \n \"RtlValidateUnicodeString\", \n \"RtlImageDirectoryEntryToData\", \n \"RtlNtStatusToDosError\", \n \"KiFastSystemCallRet\", \n \"bsearch\", \n \"KiFastSystemCall\", \n \"RtlAcquirePebLock\", \n \"RtlInitializeCriticalSectionAndSpinCount\", \n \"RtlInitString\", \n \"ZwRequestWakeupLatency\", \n \"RtlFindCharInUnicodeString\", \n \"ZwQueryPerformanceCounter\", \n \"RtlFreeHeap\", \n \"ZwOpenThreadToken\", \n \"RtlReleasePebLock\", \n \"ZwContinue\", \n \"ZwQueryVirtualMemory\", \n \"strchr\", \n \"RtlCreateHeap\", \n \"ZwFlushBuffersFile\", \n \"LdrLockLoaderLock\", \n \"ZwAdjustPrivilegesToken\", \n \"RtlSetLastWin32Error\", \n \"RtlFindActivationContextSectionString\", \n \"ZwDuplicateToken\", \n \"RtlUnicodeToMultiByteN\", \n \"RtlUnicodeStringToAnsiString\", \n \"RtlUnlockHeap\", \n \"RtlGetLastWin32Error\", \n \"RtlFindClearBits\", \n \"RtlLogStackBackTrace\", \n \"RtlImpersonateSelf\", \n \"RtlAllocateHeap\", \n \"RtlHashUnicodeString\", \n \"memmove\", \n \"RtlEqualUnicodeString\", \n \"RtlSetBits\", \n \"LdrGetDllHandle\", \n \"RtlEncodePointer\", \n \"RtlNtStatusToDosErrorNoTeb\", \n \"ZwOpenProcessToken\", \n \"RtlFreeUnicodeString\", \n \"RtlDecodePointer\", \n \"RtlSizeHeap\", \n \"RtlCompactHeap\", \n \"RtlIsValidHandle\", \n \"RtlFindClearBitsAndSet\", \n \"ZwOpenProcess\", \n \"RtlDosApplyFileIsolationRedirection_Ustr\", \n \"RtlLeaveCriticalSection\", \n \"LdrUnlockLoaderLock\", \n \"RtlLockHeap\", \n \"ZwClose\", \n \"ZwSetInformationThread\", \n \"LdrGetDllHandleEx\", \n \"RtlInitUnicodeString\", \n \"ZwQueryInformationProcess\", \n \"RtlTryEnterCriticalSection\", \n \"ZwAllocateVirtualMemory\", \n \"ZwQuerySystemInformation\", \n \"RtlEnterCriticalSection\", \n \"LdrGetProcedureAddress\", \n \"RtlGetNtGlobalFlags\", \n \"ZwProtectVirtualMemory\", \n \"ZwSetInformationProcess\", \n \"RtlInitAnsiString\"\n ], \n \"KERNEL32.DLL\": [\n \"RequestWakeupLatency\", \n \"QueryPerformanceCounter\", \n \"GetEnvironmentStringsW\", \n \"GetModuleFileNameW\", \n \"PulseEvent\", \n \"GlobalUnfix\", \n \"GetProcessHandleCount\", \n \"GetProcAddress\", \n \"GetStartupInfoA\", \n \"InterlockedIncrement\", \n \"CloseHandle\", \n \"InterlockedDecrement\", \n \"GetCurrentThreadId\", \n \"GetSystemTimeAsFileTime\", \n \"LocalCompact\", \n \"GetCPInfo\", \n \"MultiByteToWideChar\", \n \"FlushFileBuffers\", \n \"GetCommandLineA\", \n \"IsWow64Process\", \n \"UnhandledExceptionFilter\", \n \"VirtualQuery\", \n \"SetUnhandledExceptionFilter\", \n \"GlobalUnWire\", \n \"OpenProcess\", \n \"GetModuleFileNameA\", \n \"TlsGetValue\", \n \"LCMapStringW\", \n \"TlsAlloc\", \n \"IsValidCodePage\", \n \"HeapCreate\", \n \"SetHandleCount\", \n \"GetModuleHandleW\", \n \"InitializeCriticalSectionAndSpinCount\", \n \"GetProcessHeap\", \n \"GetStdHandle\", \n \"FreeEnvironmentStringsW\", \n \"GetACP\", \n \"GetFileType\", \n \"SetProcessPriorityBoost\", \n \"GetTickCount\", \n \"VirtualQueryEx\", \n \"GetProcessTimes\", \n \"WideCharToMultiByte\", \n \"GetCurrentProcessId\", \n \"GlobalUnlock\", \n \"SetProcessWorkingSetSize\", \n \"TlsSetValue\", \n \"GetStringTypeW\", \n \"GetVersion\", \n \"PeekNamedPipe\", \n \"VerifyConsoleIoHandle\"\n ], \n \"address-space\": \"4198400-4232887\", \n \"total-api-calls\": 169960\n }, \n \"total-api-calls\": 169960\n }, \n \"3\": {\n \"0\": {\n \"ntdll.dll\": [\n \"ZwUnmapViewOfSection\", \n \"ZwCreateSection\", \n \"RtlLeaveCriticalSection\", \n \"ZwClose\", \n \"RtlImageDirectoryEntryToData\", \n \"KiFastSystemCallRet\", \n \"KiFastSystemCall\", \n \"ZwFreeVirtualMemory\", \n \"ZwMapViewOfSection\", \n \"ZwAllocateVirtualMemory\", \n \"ZwQuerySystemInformation\", \n \"RtlEnterCriticalSection\", \n \"LdrGetProcedureAddress\", \n \"wcscpy\", \n \"RtlInitString\"\n ], \n \"KERNEL32.DLL\": [\n \"Process32Next\", \n \"lstrcpyW\", \n \"GetCurrentProcessId\", \n \"Process32First\", \n \"CloseHandle\", \n \"GetProcAddress\", \n \"Process32FirstW\", \n \"WideCharToMultiByte\", \n \"CreateToolhelp32Snapshot\", \n \"Process32NextW\"\n ], \n \"address-space\": \"64946176-64949952\", \n \"total-api-calls\": 467\n }, \n \"total-api-calls\": 467\n }, \n \"2\": {\n \"0\": {\n \"ntdll.dll\": [\n \"RtlValidateUnicodeString\", \n \"RtlImageNtHeader\", \n \"RtlMultiByteToUnicodeN\", \n \"RtlFreeHeap\", \n \"RtlFindCharInUnicodeString\", \n \"RtlInitUnicodeString\", \n \"RtlTryEnterCriticalSection\", \n \"LdrLoadDll\", \n \"RtlLeaveCriticalSection\", \n \"LdrUnlockLoaderLock\", \n \"ZwSetInformationThread\", \n \"RtlUpcaseUnicodeChar\", \n \"RtlAnsiStringToUnicodeString\", \n \"_stricmp\", \n \"LdrFindResource_U\", \n \"RtlAllocateHeap\", \n \"wcsncmp\", \n \"RtlFreeUnicodeString\", \n \"RtlImageDirectoryEntryToData\", \n \"RtlHashUnicodeString\", \n \"LdrAlternateResourcesEnabled\", \n \"LdrLoadAlternateResourceModule\", \n \"RtlNtStatusToDosError\", \n \"KiFastSystemCallRet\", \n \"bsearch\", \n \"KiFastSystemCall\", \n \"LdrLockLoaderLock\", \n \"memmove\", \n \"RtlReleasePebLock\", \n \"wcsrchr\", \n \"RtlFindActivationContextSectionString\", \n \"RtlAcquirePebLock\", \n \"wcslen\", \n \"wcschr\", \n \"ZwAllocateVirtualMemory\", \n \"RtlEnterCriticalSection\", \n \"LdrAccessResource\", \n \"RtlNtStatusToDosErrorNoTeb\", \n \"RtlQueryEnvironmentVariable_U\", \n \"LdrGetProcedureAddress\", \n \"RtlGetNtGlobalFlags\", \n \"RtlInitString\", \n \"KiUserExceptionDispatcher\", \n \"RtlDosApplyFileIsolationRedirection_Ustr\", \n \"RtlInitAnsiString\", \n \"RtlEqualUnicodeString\"\n ], \n \"KERNEL32.DLL\": [\n \"LoadLibraryExA\", \n \"LocalAlloc\", \n \"FindResourceA\", \n \"SetHandleCount\", \n \"GetModuleHandleA\", \n \"SetThreadIdealProcessor\", \n \"GetProcAddress\", \n \"LoadLibraryA\", \n \"VirtualAlloc\", \n \"VirtualAllocEx\", \n \"LoadLibraryExW\", \n \"LoadResource\", \n \"SizeofResource\"\n ], \n \"address-space\": \"1184486-1189065\", \n \"total-api-calls\": 1343\n }, \n \"total-api-calls\": 1343\n }\n }, \n \"num-upward-trans\": 20, \n \"complexity-type\": 3, \n \"num-regions-special-apis\": 2, \n \"loaded-modules\": [\n {\n \"pid\": 1968, \n \"name\": \"dbghelp.dll\", \n \"start-address\": 1565196288, \n \"size\": 659456\n }, \n {\n \"pid\": 1968, \n \"name\": \"comdlg32.dll\", \n \"start-address\": 1983250432, \n \"size\": 303104\n }, \n {\n \"pid\": 1968, \n \"name\": \"msvcrt.dll\", \n \"start-address\": 2008940544, \n \"size\": 360448\n }, \n {\n \"pid\": 1968, \n \"name\": \"version.dll\", \n \"start-address\": 2008875008, \n \"size\": 32768\n }, \n {\n \"pid\": 1968, \n \"name\": \"gdi32.dll\", \n \"start-address\": 2012151808, \n \"size\": 299008\n }, \n {\n \"pid\": 1968, \n \"name\": \"advapi32.dll\", \n \"start-address\": 2010775552, \n \"size\": 704512\n }, \n {\n \"pid\": 1968, \n \"name\": \"kernel32.dll\", \n \"start-address\": 2088763392, \n \"size\": 1060864\n }, \n {\n \"pid\": 1968, \n \"name\": \"shell32.dll\", \n \"start-address\": 2120876032, \n \"size\": 8523776\n }, \n {\n \"pid\": 1968, \n \"name\": \"secur32.dll\", \n \"start-address\": 2013003776, \n \"size\": 69632\n }, \n {\n \"pid\": 1968, \n \"name\": \"rpcrt4.dll\", \n \"start-address\": 2011496448, \n \"size\": 598016\n }, \n {\n \"pid\": 1968, \n \"name\": \"45317968759d3e37282ceb75149f627d648534c5b4685f6da3966d8f6fca662\", \n \"start-address\": 4194304, \n \"size\": 54423552\n }, \n {\n \"pid\": 1968, \n \"name\": \"ntdll.dll\", \n \"start-address\": 2089877504, \n \"size\": 741376\n }, \n {\n \"pid\": 1968, \n \"name\": \"shlwapi.dll\", \n \"start-address\": 2012479488, \n \"size\": 483328\n }, \n {\n \"pid\": 1968, \n \"name\": \"user32.dll\", \n \"start-address\": 2117664768, \n \"size\": 593920\n }, \n {\n \"pid\": 1968, \n \"name\": \"comctl32.dll\", \n \"start-address\": 1489174528, \n \"size\": 630784\n }\n ], \n \"execution-time\": 1804, \n \"granularity\": \"Not applicable\", \n \"num-pro-ipc\": 0, \n \"last-executed-region\": {\n \"calls-api-getvers\": false, \n \"calls-api-getcomm\": false, \n \"num-api-fun-called\": 25, \n \"writes-exe-region\": false, \n \"process\": 0, \n \"address\": 64946176, \n \"num-diff-apis-called\": 25, \n \"layer-num\": 3, \n \"modified-by-extern-pro\": false, \n \"memory-type\": \"\", \n \"calls-api-getmodu\": false, \n \"region-num\": 0, \n \"size\": 3776\n }, \n \"num-processes\": 1, \n \"regions-pot-original\": []\n }, \n \"file-identification\": {\n \"size\": 246272, \n \"sdhash\": \"omitted\",\n \"first-seen\": \"Thu, 08 Jun 2017 13:50:58 GMT\", \n \"auxiliary-files\": [], \n \"mime-type\": \"application/x-dosexec\", \n \"trid\": [\n {\n \"type\": \"(.DLL) Win32 Dynamic Link Library (generic)\", \n \"percent\": 14.2\n }, \n {\n \"type\": \"(.EXE) Win32 Executable (generic)\", \n \"percent\": 9.7\n }, \n {\n \"type\": \"(.EXE) Generic Win/DOS Executable\", \n \"percent\": 4.3\n }, \n {\n \"type\": \"(.EXE) DOS Executable Generic\", \n \"percent\": 4.3\n }, \n {\n \"type\": \"(.EXE) Win32 Executable MS Visual C++ (generic)\", \n \"percent\": 67.3\n }\n ], \n \"sha256\": \"45317968759d3e37282ceb75149f627d648534c5b4685f6da3966d8f6fca662d\", \n \"sha1\": \"ca963033b9a285b8cd0044df38146a932c838071\", \n \"entropy\": 5.41605, \n \"known-names\": [\n \"45317968759d3e37282ceb75149f627d648534c5b4685f6da3966d8f6fca662d\"\n ], \n \"imphash\": \"edbc0337cc897a187d263d79c09c15c7\", \n \"file-type\": \"PE32 executable (GUI) Intel 80386, for MS Windows\", \n \"packer-signatures\": [], \n \"ssdeep\": \"3072:xkeyloECBch6ZCGBGSmHJ0y5lj6jdojK7+MGOXpXx8z3Lp7Yoq:xGlnCIwMpj6ijKfxx8z3F0V\", \n \"md5\": \"47363b94cee907e2b8926c1be61150c7\"\n },\n \"vt-scans\": [\n {\n \"sha256\": \"45317968759d3e37282ceb75149f627d648534c5b4685f6da3966d8f6fca662d\", \n \"scans\": {\n \"date\": \"Wed, 24 May 2017 12:42:12 GMT\", \n \"status\": 3, \n \"description\": \"VT scan available.\", \n \"results\": [\n {\n \"result\": \"W32.Ransomware_LTK.Trojan\", \n \"antivirus\": \"Bkav\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.GenericKD.2080196\", \n \"antivirus\": \"MicroWorld-eScan\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan/W32.Agent.246272.IJ\", \n \"antivirus\": \"nProtect\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Not detected\", \n \"antivirus\": \"CMC\", \n \"update\": 20170523\n }, \n {\n \"result\": \"Ransom.CryptoWall.WR5\", \n \"antivirus\": \"CAT-QuickHeal\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.GenericKD.2080196\", \n \"antivirus\": \"ALYac\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.Agent.0BGen\", \n \"antivirus\": \"Malwarebytes\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.Win32.CryptoWall.gen\", \n \"antivirus\": \"VIPRE\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan/Injector.bstc\", \n \"antivirus\": \"TheHacker\", \n \"update\": 20170522\n }, \n {\n \"result\": \"Trojan.GenericKD.2080196\", \n \"antivirus\": \"BitDefender\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan ( 004b3f201 )\", \n \"antivirus\": \"K7GW\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan ( 004b3f201 )\", \n \"antivirus\": \"K7AntiVirus\", \n \"update\": 20170524\n }, \n {\n \"result\": \"W32/Backdoor2.HXGO\", \n \"antivirus\": \"F-Prot\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Ransom.Cryptodefense\", \n \"antivirus\": \"Symantec\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Win32/Filecoder.CryptoWall.D\", \n \"antivirus\": \"ESET-NOD32\", \n \"update\": 20170524\n }, \n {\n \"result\": \"TROJ_CRYPTWALL.F\", \n \"antivirus\": \"TrendMicro-HouseCall\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Win32:Androp [Drp]\", \n \"antivirus\": \"Avast\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Win.Malware.Vawtrak-860\", \n \"antivirus\": \"ClamAV\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.Win32.Agent.ieva\", \n \"antivirus\": \"Kaspersky\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.Win32.Panda.eahzta\", \n \"antivirus\": \"NANO-Antivirus\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.Win32.Agent.246272.E[h]\", \n \"antivirus\": \"ViRobot\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Troj.Ransom.W32.Cryptodef.cbs!c\", \n \"antivirus\": \"AegisLab\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.GenericKD.2080196\", \n \"antivirus\": \"Ad-Aware\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Troj/Vawtrak-AN\", \n \"antivirus\": \"Sophos\", \n \"update\": 20170524\n }, \n {\n \"result\": \"TrojWare.Win32.Ransom.Crowti.~RM\", \n \"antivirus\": \"Comodo\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.GenericKD.2080196\", \n \"antivirus\": \"F-Secure\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.PWS.Panda.7278\", \n \"antivirus\": \"DrWeb\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Backdoor.Androm.Win32.14641\", \n \"antivirus\": \"Zillya\", \n \"update\": 20170523\n }, \n {\n \"result\": \"TROJ_CRYPTWALL.F\", \n \"antivirus\": \"TrendMicro\", \n \"update\": 20170524\n }, \n {\n \"result\": \"BehavesLike.Win32.PackedAP.dm\", \n \"antivirus\": \"McAfee-GW-Edition\", \n \"update\": 20170523\n }, \n {\n \"result\": \"Trojan.GenericKD.2080196 (B)\", \n \"antivirus\": \"Emsisoft\", \n \"update\": 20170524\n }, \n {\n \"result\": \"W32/Backdoor.CNGJ-2770\", \n \"antivirus\": \"Cyren\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Backdoor/Androm.ebf\", \n \"antivirus\": \"Jiangmin\", \n \"update\": 20170524\n }, \n {\n \"result\": \"W32/Vawtrak.AN!tr\", \n \"antivirus\": \"Fortinet\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan[Backdoor]/Win32.Androm\", \n \"antivirus\": \"Antiy-AVL\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Not detected\", \n \"antivirus\": \"Kingsoft\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.Generic.D1FBDC4\", \n \"antivirus\": \"Arcabit\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.Agent/Gen-Injector\", \n \"antivirus\": \"SUPERAntiSpyware\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Ransom:Win32/Crowti.A\", \n \"antivirus\": \"Microsoft\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan/Win32.MDA.R131384\", \n \"antivirus\": \"AhnLab-V3\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Ransom-CWall\", \n \"antivirus\": \"McAfee\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.Win32.CryptoWall.gen\", \n \"antivirus\": \"AVware\", \n \"update\": 20170524\n }, \n {\n \"result\": \"SScope.Trojan.Agent.2315\", \n \"antivirus\": \"VBA32\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Not detected\", \n \"antivirus\": \"Zoner\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Win32.Trojan.Bp-generic.Wpav\", \n \"antivirus\": \"Tencent\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan-Ransom.CryptoWall3\", \n \"antivirus\": \"Ikarus\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Win32.Trojan-Ransom.CryptoWall.C\", \n \"antivirus\": \"GData\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Generic_r.EKI\", \n \"antivirus\": \"AVG\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trj/WLT.B\", \n \"antivirus\": \"Panda\", \n \"update\": 20170523\n }, \n {\n \"result\": \"HEUR/QVM10.1.Malware.Gen\", \n \"antivirus\": \"Qihoo-360\", \n \"update\": 20170524\n }, \n {\n \"result\": \"TR/Crypt.Xpack.134743\", \n \"antivirus\": \"Avira\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.Generic (cloud:07G3VqhU2BR) \", \n \"antivirus\": \"Rising\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.Cryptodef!\", \n \"antivirus\": \"Yandex\", \n \"update\": 20170518\n }, \n {\n \"result\": \"worm.win32.dorkbot.i\", \n \"antivirus\": \"Invincea\", \n \"update\": 20170519\n }, \n {\n \"result\": \"malicious_confidence_100% (W)\", \n \"antivirus\": \"CrowdStrike\", \n \"update\": 20170130\n }, \n {\n \"result\": \"malicious (high confidence)\", \n \"antivirus\": \"Endgame\", \n \"update\": 20170515\n }, \n {\n \"result\": \"W32.Malware.gen\", \n \"antivirus\": \"Webroot\", \n \"update\": 20170524\n }, \n {\n \"result\": \"Trojan.Win32.Agent.ieva\", \n \"antivirus\": \"ZoneAlarm\", \n \"update\": 20170524\n }, \n {\n \"result\": \"generic.ml\", \n \"antivirus\": \"Paloalto\", \n \"update\": 20170524\n }, \n {\n \"result\": \"static engine - malicious\", \n \"antivirus\": \"SentinelOne\", \n \"update\": 20170516\n }\n ]\n }\n }\n ], \n \"static-pe-analysis\": {\n \"exports\": [], \n \"target-machine\": \"Intel 386 or later processors and compatible processors\", \n \"overlay-size\": 0, \n \"imports\": {\n \"dbghelp.dll\": [\n \"ImageNtHeader\", \n \"ImageRvaToSection\", \n \"ImageRvaToVa\"\n ], \n \"comdlg32.dll\": [\n \"GetSaveFileNameA\", \n \"GetOpenFileNameA\"\n ], \n \"KERNEL32.DLL\": [\n \"IsValidCodePage\", \n \"GetOEMCP\", \n \"GetACP\", \n \"GetCPInfo\", \n \"GetSystemTimeAsFileTime\", \n \"GetCurrentProcessId\", \n \"GetTickCount\", \n \"QueryPerformanceCounter\", \n \"HeapFree\", \n \"VirtualFree\", \n \"HeapCreate\", \n \"GetFileType\", \n \"SetHandleCount\", \n \"GetEnvironmentStringsW\", \n \"WideCharToMultiByte\", \n \"FreeEnvironmentStringsW\", \n \"GetEnvironmentStrings\", \n \"FreeEnvironmentStringsA\", \n \"InitializeCriticalSectionAndSpinCount\", \n \"LoadLibraryA\", \n \"IsDebuggerPresent\", \n \"SetUnhandledExceptionFilter\", \n \"UnhandledExceptionFilter\", \n \"GetCurrentProcess\", \n \"TerminateProcess\", \n \"EnterCriticalSection\", \n \"HeapSize\", \n \"LeaveCriticalSection\", \n \"DeleteCriticalSection\", \n \"GetLocaleInfoA\", \n \"WriteFile\", \n \"InterlockedDecrement\", \n \"GetLastError\", \n \"GetCurrentThreadId\", \n \"SetLastError\", \n \"InterlockedIncrement\", \n \"TlsFree\", \n \"TlsSetValue\", \n \"TlsAlloc\", \n \"TlsGetValue\", \n \"GetStartupInfoA\", \n \"ExitProcess\", \n \"GetProcAddress\", \n \"Sleep\", \n \"GetModuleHandleW\", \n \"GlobalCompact\", \n \"SetProcessWorkingSetSize\", \n \"EncodePointer\", \n \"OpenProcess\", \n \"GlobalUnWire\", \n \"GetStdHandle\", \n \"IsWow64Process\", \n \"GetProcessHandleCount\", \n \"GetProcessHeap\", \n \"FlushFileBuffers\", \n \"PulseEvent\", \n \"GetVersion\", \n \"RtlUnwind\", \n \"HeapAlloc\", \n \"VirtualAlloc\", \n \"HeapReAlloc\", \n \"GetStringTypeA\", \n \"MultiByteToWideChar\", \n \"GetStringTypeW\", \n \"GetCommandLineA\", \n \"GetProcessId\", \n \"LockResource\", \n \"GlobalDeleteAtom\", \n \"LCMapStringA\", \n \"LCMapStringW\", \n \"GetModuleFileNameA\", \n \"SetProcessPriorityBoost\", \n \"GlobalUnfix\", \n \"RequestWakeupLatency\", \n \"IsProcessInJob\", \n \"GetThreadTimes\", \n \"GetProcessTimes\", \n \"PeekNamedPipe\"\n ], \n \"ADVAPI32.dll\": [\n \"RegSetValueA\", \n \"RegQueryValueExA\", \n \"OpenProcessToken\", \n \"LookupPrivilegeValueA\", \n \"AdjustTokenPrivileges\", \n \"RegOpenKeyExA\", \n \"RegCloseKey\", \n \"RegCreateKeyA\", \n \"RegDeleteKeyA\", \n \"GetUserNameA\"\n ], \n \"USER32.DLL\": [\n \"EnableMenuItem\", \n \"GetDlgItem\", \n \"SendDlgItemMessageA\", \n \"AppendMenuA\", \n \"GetWindowLongA\", \n \"wvsprintfA\", \n \"SetWindowPos\", \n \"FindWindowA\", \n \"RedrawWindow\", \n \"GetWindowTextA\", \n \"EnableWindow\", \n \"GetSystemMetrics\", \n \"IsWindow\", \n \"CheckRadioButton\", \n \"UnregisterClassA\", \n \"SetCursor\", \n \"GetSysColorBrush\", \n \"DialogBoxParamA\", \n \"DestroyAcceleratorTable\", \n \"DispatchMessageA\", \n \"TranslateMessage\", \n \"LoadIconA\", \n \"EmptyClipboard\", \n \"SetClipboardData\", \n \"SetFocus\", \n \"CharUpperA\", \n \"OpenClipboard\", \n \"IsDialogMessageA\", \n \"TranslateAcceleratorA\", \n \"GetMessageA\", \n \"LoadAcceleratorsA\", \n \"RemoveMenu\", \n \"InvalidateRect\", \n \"ChildWindowFromPoint\", \n \"PostMessageA\", \n \"DestroyCursor\", \n \"CreateDialogParamA\", \n \"GetWindowRect\", \n \"IsMenu\", \n \"GetSubMenu\", \n \"SetDlgItemInt\", \n \"GetWindowPlacement\", \n \"CharLowerBuffA\", \n \"LoadCursorA\", \n \"CheckMenuRadioItem\", \n \"GetSysColor\", \n \"KillTimer\", \n \"DestroyIcon\", \n \"DestroyWindow\", \n \"PostQuitMessage\", \n \"GetClientRect\", \n \"MoveWindow\", \n \"GetSystemMenu\", \n \"SetTimer\", \n \"SetWindowPlacement\", \n \"InsertMenuItemA\", \n \"GetMenu\", \n \"CheckMenuItem\", \n \"SetMenuItemInfoA\", \n \"SetActiveWindow\", \n \"DefDlgProcA\", \n \"RegisterClassA\", \n \"EndDialog\", \n \"SetDlgItemTextA\", \n \"EnumClipboardFormats\", \n \"GetClipboardData\", \n \"CloseClipboard\", \n \"GetClassInfoA\", \n \"CallWindowProcA\", \n \"SetWindowLongA\", \n \"IsDlgButtonChecked\", \n \"SetWindowTextA\", \n \"CheckDlgButton\", \n \"GetActiveWindow\", \n \"MessageBoxA\", \n \"wsprintfA\", \n \"GetDlgItemTextA\", \n \"SendMessageA\", \n \"GetCursorPos\", \n \"TrackPopupMenu\", \n \"ClientToScreen\", \n \"DestroyMenu\", \n \"CreatePopupMenu\"\n ], \n \"COMCTL32.dll\": [\n \"ImageList_Destroy\", \n \"InitCommonControlsEx\", \n \"ImageList_ReplaceIcon\", \n \"ImageList_Remove\", \n \"CreateToolbarEx\", \n \"ImageList_SetBkColor\", \n \"ImageList_Create\"\n ]\n }, \n \"overlay-entropy\": 0, \n \"resources\": [\n {\n \"count\": 1, \n \"sha1\": \"57d1f324f19a5669e9d71527d1cd73b0ff7c349d\", \n \"name\": \"RT_MESSAGETABLE\", \n \"size\": 91740, \n \"sha256\": \"ef97603fbb1ed118f972e91e194d6c34255c87c0fa23eb28089d6b58d870319d\", \n \"ssdeep\": \"1536:+rCm5BGSt4HJ0yfGOlXzbGcw7R4jjK7+MGVUXpXJfT8zooLpE4YZ1lObN:cCGBGSmHJ0y5lj6jdojK7+MGOXpXx8z1\", \n \"sdhash\": \"omitted\", \n \"type\": \"ASCII text, with very long lines, with no line terminators\", \n \"md5\": \"01351f623950a354353819e93c173cd8\"\n }, \n {\n \"count\": 2, \n \"sha1\": \"4260284ce14278c397aaf6f389c1609b0ab0ce51\", \n \"name\": \"RT_MANIFEST\", \n \"size\": 381, \n \"sha256\": \"4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df\", \n \"ssdeep\": \"6:TM3iSnjUglRu9TbX+A1WBRu9TNNSTfUTdNciW7N2x8RTdN9TIHG:TM3iSnRuV1aMN2U5Nci62xA5NEG\", \n \"sdhash\": \"Not applicable\", \n \"type\": \"XML 1.0 document text\", \n \"md5\": \"1e4a89b11eae0fcf8bb5fdd5ec3b6f61\"\n }\n ], \n \"entry-point\": \"0x403487\", \n \"sections\": [\n {\n \"sha1\": \"dad1bd7bddfe0bbf5e13eac1ed754ed0c784fda4\", \n \"name\": \".text\\u0000\\u0000\\u0000\", \n \"virtual-address\": \"0x1000\", \n \"raw-size\": \"0x8800\", \n \"raw-address\": \"0x86b7\", \n \"sha256\": \"a32a62ccd0d08681c0c3018a330e9bf3135239afc707a20e6761e34973aaf3d0\", \n \"flags\": [\n {\n \"name\": \"IMAGE_SCN_MEM_EXECUTE\", \n \"value\": 536870912\n }, \n {\n \"name\": \"IMAGE_SCN_CNT_CODE\", \n \"value\": 32\n }, \n {\n \"name\": \"IMAGE_SCN_MEM_READ\", \n \"value\": 1073741824\n }\n ], \n \"virtual-size\": \"0x86b7\", \n \"entropy\": 6.52148, \n \"ssdeep\": \"768:k1T+ZKX+VvDEzu+0CXIWBVip1IcaOK1uw7W9ekK+G5:UTCmzuw45LOf1uw7ueD+\", \n \"sdhash\": \"omitted\", \n \"type\": \"Code\", \n \"md5\": \"c14b15c6f6e70cd124a1dcde16f070b3\"\n }, \n {\n \"sha1\": \"dad1bd7bddfe0bbf5e13eac1ed754ed0c784fda4\", \n \"name\": \".text\\u0000\\u0000\\u0000\", \n \"virtual-address\": \"0x1000\", \n \"raw-size\": \"0x8800\", \n \"raw-address\": \"0x86b7\", \n \"sha256\": \"a32a62ccd0d08681c0c3018a330e9bf3135239afc707a20e6761e34973aaf3d0\", \n \"flags\": [\n {\n \"name\": \"IMAGE_SCN_MEM_EXECUTE\", \n \"value\": 536870912\n }, \n {\n \"name\": \"IMAGE_SCN_CNT_CODE\", \n \"value\": 32\n }, \n {\n \"name\": \"IMAGE_SCN_MEM_READ\", \n \"value\": 1073741824\n }\n ], \n \"virtual-size\": \"0x86b7\", \n \"entropy\": 6.52148, \n \"ssdeep\": \"768:k1T+ZKX+VvDEzu+0CXIWBVip1IcaOK1uw7W9ekK+G5:UTCmzuw45LOf1uw7ueD+\", \n \"sdhash\": \"omitted\", \n \"type\": \"Code\", \n \"md5\": \"c14b15c6f6e70cd124a1dcde16f070b3\"\n }, \n {\n \"sha1\": \"dad1bd7bddfe0bbf5e13eac1ed754ed0c784fda4\", \n \"name\": \".text\\u0000\\u0000\\u0000\", \n \"virtual-address\": \"0x1000\", \n \"raw-size\": \"0x8800\", \n \"raw-address\": \"0x86b7\", \n \"sha256\": \"a32a62ccd0d08681c0c3018a330e9bf3135239afc707a20e6761e34973aaf3d0\", \n \"flags\": [\n {\n \"name\": \"IMAGE_SCN_MEM_EXECUTE\", \n \"value\": 536870912\n }, \n {\n \"name\": \"IMAGE_SCN_CNT_CODE\", \n \"value\": 32\n }, \n {\n \"name\": \"IMAGE_SCN_MEM_READ\", \n \"value\": 1073741824\n }\n ], \n \"virtual-size\": \"0x86b7\", \n \"entropy\": 6.52148, \n \"ssdeep\": \"768:k1T+ZKX+VvDEzu+0CXIWBVip1IcaOK1uw7W9ekK+G5:UTCmzuw45LOf1uw7ueD+\", \n \"sdhash\": \"omitted\", \n \"type\": \"Code\", \n \"md5\": \"c14b15c6f6e70cd124a1dcde16f070b3\"\n }, \n {\n \"sha1\": \"f031b0de605ed5cb9d615e79240fe33af12eeac8\", \n \"name\": \".rdata\\u0000\\u0000\", \n \"virtual-address\": \"0xa000\", \n \"raw-size\": \"0x2a00\", \n \"raw-address\": \"0x2820\", \n \"sha256\": \"36965f23b49ba777d7d0831f079e47087ad87ec2cf53ab952d8271e59287c43c\", \n \"flags\": [\n {\n \"name\": \"IMAGE_SCN_CNT_INITIALIZED_DATA\", \n \"value\": 64\n }, \n {\n \"name\": \"IMAGE_SCN_MEM_READ\", \n \"value\": 1073741824\n }\n ], \n \"virtual-size\": \"0x2820\", \n \"entropy\": 5.41741, \n \"ssdeep\": \"192:vhpls/KRn4nnnnnnnnnnLurh2AdTFJL/S+ZozitizDvZ1IHb7Dec8:5plGluFnJL/BZozitizDvZQPKc8\", \n \"sdhash\": \"omitted\", \n \"type\": \"Data\", \n \"md5\": \"196eabd2bfebff72df631efba401fbdd\"\n }, \n {\n \"sha1\": \"f031b0de605ed5cb9d615e79240fe33af12eeac8\", \n \"name\": \".rdata\\u0000\\u0000\", \n \"virtual-address\": \"0xa000\", \n \"raw-size\": \"0x2a00\", \n \"raw-address\": \"0x2820\", \n \"sha256\": \"36965f23b49ba777d7d0831f079e47087ad87ec2cf53ab952d8271e59287c43c\", \n \"flags\": [\n {\n \"name\": \"IMAGE_SCN_CNT_INITIALIZED_DATA\", \n \"value\": 64\n }, \n {\n \"name\": \"IMAGE_SCN_MEM_READ\", \n \"value\": 1073741824\n }\n ], \n \"virtual-size\": \"0x2820\", \n \"entropy\": 5.41741, \n \"ssdeep\": \"192:vhpls/KRn4nnnnnnnnnnLurh2AdTFJL/S+ZozitizDvZ1IHb7Dec8:5plGluFnJL/BZozitizDvZQPKc8\", \n \"sdhash\": \"omitted\", \n \"type\": \"Data\", \n \"md5\": \"196eabd2bfebff72df631efba401fbdd\"\n }, \n {\n \"sha1\": \"b48165649b37200709423573adfac5d9297ec1e0\", \n \"name\": \".data\\u0000\\u0000\\u0000\", \n \"virtual-address\": \"0xd000\", \n \"raw-size\": \"0x1a200\", \n \"raw-address\": \"0x33c2be0\", \n \"sha256\": \"30c22d47b8294b12b0f15aeba97f129dd682de09faf32b32b9051456762e5aef\", \n \"flags\": [\n {\n \"name\": \"IMAGE_SCN_CNT_INITIALIZED_DATA\", \n \"value\": 64\n }, \n {\n \"name\": \"IMAGE_SCN_MEM_WRITE\", \n \"value\": 2147483647\n }, \n {\n \"name\": \"IMAGE_SCN_MEM_READ\", \n \"value\": 1073741824\n }\n ], \n \"virtual-size\": \"0x33c2be0\", \n \"entropy\": 2.35016, \n \"ssdeep\": \"96:jgT/tQBwX2jVmW8rP37hO50ZU0GbgtIQYtqHKm+S8/ACEba7VKbWmkdb/jABgtN0:jstQB1VmWBqUBqIQDXy4CGa7YbqECE\", \n \"sdhash\": \"omitted\", \n \"type\": \"Data\", \n \"md5\": \"dde216807b0f1105151c2caf33fee281\"\n }, \n {\n \"sha1\": \"b48165649b37200709423573adfac5d9297ec1e0\", \n \"name\": \".data\\u0000\\u0000\\u0000\", \n \"virtual-address\": \"0xd000\", \n \"raw-size\": \"0x1a200\", \n \"raw-address\": \"0x33c2be0\", \n \"sha256\": \"30c22d47b8294b12b0f15aeba97f129dd682de09faf32b32b9051456762e5aef\", \n \"flags\": [\n {\n \"name\": \"IMAGE_SCN_CNT_INITIALIZED_DATA\", \n \"value\": 64\n }, \n {\n \"name\": \"IMAGE_SCN_MEM_WRITE\", \n \"value\": 2147483647\n }, \n {\n \"name\": \"IMAGE_SCN_MEM_READ\", \n \"value\": 1073741824\n }\n ], \n \"virtual-size\": \"0x33c2be0\", \n \"entropy\": 2.35016, \n \"ssdeep\": \"96:jgT/tQBwX2jVmW8rP37hO50ZU0GbgtIQYtqHKm+S8/ACEba7VKbWmkdb/jABgtN0:jstQB1VmWBqUBqIQDXy4CGa7YbqECE\", \n \"sdhash\": \"omitted\", \n \"type\": \"Data\", \n \"md5\": \"dde216807b0f1105151c2caf33fee281\"\n }, \n {\n \"sha1\": \"b48165649b37200709423573adfac5d9297ec1e0\", \n \"name\": \".data\\u0000\\u0000\\u0000\", \n \"virtual-address\": \"0xd000\", \n \"raw-size\": \"0x1a200\", \n \"raw-address\": \"0x33c2be0\", \n \"sha256\": \"30c22d47b8294b12b0f15aeba97f129dd682de09faf32b32b9051456762e5aef\", \n \"flags\": [\n {\n \"name\": \"IMAGE_SCN_CNT_INITIALIZED_DATA\", \n \"value\": 64\n }, \n {\n \"name\": \"IMAGE_SCN_MEM_WRITE\", \n \"value\": 2147483647\n }, \n {\n \"name\": \"IMAGE_SCN_MEM_READ\", \n \"value\": 1073741824\n }\n ], \n \"virtual-size\": \"0x33c2be0\", \n \"entropy\": 2.35016, \n \"ssdeep\": \"96:jgT/tQBwX2jVmW8rP37hO50ZU0GbgtIQYtqHKm+S8/ACEba7VKbWmkdb/jABgtN0:jstQB1VmWBqUBqIQDXy4CGa7YbqECE\", \n \"sdhash\": \"omitted\", \n \"type\": \"Data\", \n \"md5\": \"dde216807b0f1105151c2caf33fee281\"\n }, \n {\n \"sha1\": \"b1be2680150b9ab2177ecc48db9dade0b4f752dc\", \n \"name\": \".rsrc\\u0000\\u0000\\u0000\", \n \"virtual-address\": \"0x33d0000\", \n \"raw-size\": \"0x16a00\", \n \"raw-address\": \"0x1687c\", \n \"sha256\": \"04f9b14aaf26e35e0f32fca09bc63e7fbdd16d6bba24618625917a54fbe8a78c\", \n \"flags\": [\n {\n \"name\": \"IMAGE_SCN_CNT_INITIALIZED_DATA\", \n \"value\": 64\n }, \n {\n \"name\": \"IMAGE_SCN_MEM_READ\", \n \"value\": 1073741824\n }\n ], \n \"virtual-size\": \"0x1687c\", \n \"entropy\": 6.02005, \n \"ssdeep\": \"1536:FrCm5BGSt4HJ0yfGOlXzbGcw7R4jjK7+MGVUXpXJfT8zooLpE4YZ1lOb+:5CGBGSmHJ0y5lj6jdojK7+MGOXpXx8zm\", \n \"sdhash\": \"omitted\", \n \"type\": \"Data\", \n \"md5\": \"be2219bffc936ebf7c285253194f3167\"\n }, \n {\n \"sha1\": \"b1be2680150b9ab2177ecc48db9dade0b4f752dc\", \n \"name\": \".rsrc\\u0000\\u0000\\u0000\", \n \"virtual-address\": \"0x33d0000\", \n \"raw-size\": \"0x16a00\", \n \"raw-address\": \"0x1687c\", \n \"sha256\": \"04f9b14aaf26e35e0f32fca09bc63e7fbdd16d6bba24618625917a54fbe8a78c\", \n \"flags\": [\n {\n \"name\": \"IMAGE_SCN_CNT_INITIALIZED_DATA\", \n \"value\": 64\n }, \n {\n \"name\": \"IMAGE_SCN_MEM_READ\", \n \"value\": 1073741824\n }\n ], \n \"virtual-size\": \"0x1687c\", \n \"entropy\": 6.02005, \n \"ssdeep\": \"1536:FrCm5BGSt4HJ0yfGOlXzbGcw7R4jjK7+MGVUXpXJfT8zooLpE4YZ1lOb+:5CGBGSmHJ0y5lj6jdojK7+MGOXpXx8zm\", \n \"sdhash\": \"omitted\", \n \"type\": \"Data\", \n \"md5\": \"be2219bffc936ebf7c285253194f3167\"\n }\n ], \n \"compi-timestamp\": \"Tue, 13 Jan 2015 09:25:45 GMT\"\n }\n }\n}\n\n```", "description_content_type": null, "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/7flying/packerinspector-api", "keywords": "malware packers packerinspector deep packer inspector", "license": "GPLv3", "maintainer": "", "maintainer_email": "", "name": "packerinspector-api", "package_url": "https://pypi.org/project/packerinspector-api/", "platform": "", "project_url": "https://pypi.org/project/packerinspector-api/", "project_urls": { "Homepage": "https://github.com/7flying/packerinspector-api" }, "release_url": "https://pypi.org/project/packerinspector-api/1.0.0/", "requires_dist": null, "requires_python": "", "summary": "Deep Packer Inspector API", "version": "1.0.0" }, "last_serial": 3020824, "releases": { "1.0.0": [ { "comment_text": "", "digests": { "md5": "0d4cc010f73c5c853f7785e63cd0db15", "sha256": "90e594bca8f11339365e60053014c875513a057eb0ee854e99f4a58b21ddcf7a" }, "downloads": -1, "filename": "packerinspector-api-1.0.0.tar.gz", "has_sig": false, "md5_digest": "0d4cc010f73c5c853f7785e63cd0db15", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 41045, "upload_time": "2017-07-13T16:33:27", "url": "https://files.pythonhosted.org/packages/0a/9a/746a0f5b9c37d4841f39e08082c97ee21c1483840457dd273824136c9f91/packerinspector-api-1.0.0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "0d4cc010f73c5c853f7785e63cd0db15", "sha256": "90e594bca8f11339365e60053014c875513a057eb0ee854e99f4a58b21ddcf7a" }, "downloads": -1, "filename": "packerinspector-api-1.0.0.tar.gz", "has_sig": false, "md5_digest": "0d4cc010f73c5c853f7785e63cd0db15", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 41045, "upload_time": "2017-07-13T16:33:27", "url": "https://files.pythonhosted.org/packages/0a/9a/746a0f5b9c37d4841f39e08082c97ee21c1483840457dd273824136c9f91/packerinspector-api-1.0.0.tar.gz" } ] }