Warning
This documentation is still a work in progress. If you have any issues or
questions, please ask on the cybox-discussion mailing list or file a bug
in our issue tracker.
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.DOSHeaderType
XML Binding class name: e_cblp
Dictionary key name: e_cblp
XML Binding class name: e_cp
Dictionary key name: e_cp
XML Binding class name: e_cparhdr
Dictionary key name: e_cparhdr
XML Binding class name: e_crlc
Dictionary key name: e_crlc
XML Binding class name: e_cs
Dictionary key name: e_cs
XML Binding class name: e_csum
Dictionary key name: e_csum
XML Binding class name: e_ip
Dictionary key name: e_ip
XML Binding class name: e_lfanew
Dictionary key name: e_lfanew
XML Binding class name: e_lfarlc
Dictionary key name: e_lfarlc
XML Binding class name: e_magic
Dictionary key name: e_magic
XML Binding class name: e_maxalloc
Dictionary key name: e_maxalloc
XML Binding class name: e_minalloc
Dictionary key name: e_minalloc
XML Binding class name: e_oemid
Dictionary key name: e_oemid
XML Binding class name: e_oeminfo
Dictionary key name: e_oeminfo
XML Binding class name: e_ovro
Dictionary key name: e_ovro
XML Binding class name: e_sp
Dictionary key name: e_sp
XML Binding class name: e_ss
Dictionary key name: e_ss
XML Binding class name: Hashes
Dictionary key name: hashes
XML Binding class name: reserved2
Dictionary key name: reserved2
-
class cybox.objects.win_executable_file_object.DataDirectory[source]
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.DataDirectoryType
-
architecture
XML Binding class name: Architecture
Dictionary key name: architecture
-
base_relocation_table
XML Binding class name: Base_Relocation_Table
Dictionary key name: base_relocation_table
-
bound_import
XML Binding class name: Bound_Import
Dictionary key name: bound_import
-
certificate_table
XML Binding class name: Certificate_Table
Dictionary key name: certificate_table
XML Binding class name: CLR_Runtime_Header
Dictionary key name: clr_runtime_header
-
debug
XML Binding class name: Debug
Dictionary key name: debug
-
delay_import_descriptor
XML Binding class name: Delay_Import_Descriptor
Dictionary key name: delay_import_descriptor
-
exception_table
XML Binding class name: Exception_Table
Dictionary key name: exception_table
-
export_table
XML Binding class name: Export_Table
Dictionary key name: export_table
-
global_ptr
XML Binding class name: Global_Ptr
Dictionary key name: global_ptr
-
import_address_table
XML Binding class name: Import_Address_Table
Dictionary key name: import_address_table
-
import_table
XML Binding class name: Import_Table
Dictionary key name: import_table
-
load_config_table
XML Binding class name: Load_Config_Table
Dictionary key name: load_config_table
-
reserved
XML Binding class name: Reserved
Dictionary key name: reserved
-
resource_table
XML Binding class name: Resource_Table
Dictionary key name: resource_table
-
tls_table
XML Binding class name: Tls_Table
Dictionary key name: tls_table
-
class cybox.objects.win_executable_file_object.Entropy[source]
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.EntropyType
-
max
XML Binding class name: Max
Dictionary key name: max
-
min
XML Binding class name: Min
Dictionary key name: min
-
value
XML Binding class name: Value
Dictionary key name: value
-
class cybox.objects.win_executable_file_object.PEBuildInformation[source]
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.PEBuildInformationType
-
compiler_name
XML Binding class name: Compiler_Name
Dictionary key name: compiler_name
-
compiler_version
XML Binding class name: Compiler_Version
Dictionary key name: compiler_version
-
linker_name
XML Binding class name: Linker_Name
Dictionary key name: linker_name
-
linker_version
XML Binding class name: Linker_Version
Dictionary key name: linker_version
-
class cybox.objects.win_executable_file_object.PEChecksum[source]
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.PEChecksumType
-
pe_computed_api
XML Binding class name: PE_Computed_API
Dictionary key name: pe_computed_api
-
pe_file_api
XML Binding class name: PE_File_API
Dictionary key name: pe_file_api
-
pe_file_raw
XML Binding class name: PE_File_Raw
Dictionary key name: pe_file_raw
-
class cybox.objects.win_executable_file_object.PEDataDirectoryStruct[source]
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.PEDataDirectoryStructType
-
size
XML Binding class name: Size
Dictionary key name: size
-
virtual_address
XML Binding class name: Virtual_Address
Dictionary key name: virtual_address
-
class cybox.objects.win_executable_file_object.PEExportedFunction[source]
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.PEExportedFunctionType
-
entry_point
XML Binding class name: Entry_Point
Dictionary key name: entry_point
-
function_name
XML Binding class name: Function_Name
Dictionary key name: function_name
-
ordinal
XML Binding class name: Ordinal
Dictionary key name: ordinal
-
class cybox.objects.win_executable_file_object.PEExportedFunctions(*args)[source]
Bases: cybox.EntityList
XML binding class: cybox.bindings.win_executable_file_object.PEExportedFunctionsType
-
class cybox.objects.win_executable_file_object.PEExports[source]
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.PEExportsType
-
exported_functions
XML Binding class name: Exported_Functions
Dictionary key name: exported_functions
-
exports_time_stamp
XML Binding class name: Exports_Time_Stamp
Dictionary key name: exports_time_stamp
-
name
XML Binding class name: Name
Dictionary key name: name
-
number_of_addresses
XML Binding class name: Number_Of_Addresses
Dictionary key name: number_of_addresses
-
number_of_functions
XML Binding class name: Number_Of_Functions
Dictionary key name: number_of_functions
-
number_of_names
XML Binding class name: Number_Of_Names
Dictionary key name: number_of_names
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.PEFileHeaderType
XML Binding class name: Characteristics
Dictionary key name: characteristics
XML Binding class name: Hashes
Dictionary key name: hashes
XML Binding class name: Machine
Dictionary key name: machine
XML Binding class name: Number_Of_Sections
Dictionary key name: number_of_sections
XML Binding class name: Number_Of_Symbols
Dictionary key name: number_of_symbols
XML Binding class name: Pointer_To_Symbol_Table
Dictionary key name: pointer_to_symbol_table
XML Binding class name: Size_Of_Optional_Header
Dictionary key name: size_of_optional_header
XML Binding class name: Time_Date_Stamp
Dictionary key name: time_date_stamp
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.PEHeadersType
XML Binding class name: DOS_Header
Dictionary key name: dos_header
XML Binding class name: Entropy
Dictionary key name: entropy
XML Binding class name: File_Header
Dictionary key name: file_header
XML Binding class name: Hashes
Dictionary key name: hashes
XML Binding class name: Optional_Header
Dictionary key name: optional_header
XML Binding class name: Signature
Dictionary key name: signature
-
class cybox.objects.win_executable_file_object.PEImport[source]
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.PEImportType
-
delay_load
XML Binding class name: delay_load
Dictionary key name: delay_load
-
file_name
XML Binding class name: File_Name
Dictionary key name: file_name
-
imported_functions
XML Binding class name: Imported_Functions
Dictionary key name: imported_functions
-
initially_visible
XML Binding class name: initially_visible
Dictionary key name: initially_visible
-
virtual_address
XML Binding class name: Virtual_Address
Dictionary key name: virtual_address
-
class cybox.objects.win_executable_file_object.PEImportList(*args)[source]
Bases: cybox.EntityList
XML binding class: cybox.bindings.win_executable_file_object.PEImportListType
-
class cybox.objects.win_executable_file_object.PEImportedFunction[source]
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.PEImportedFunctionType
-
bound
XML Binding class name: Bound
Dictionary key name: bound
-
function_name
XML Binding class name: Function_Name
Dictionary key name: function_name
-
hint
XML Binding class name: Hint
Dictionary key name: hint
-
ordinal
XML Binding class name: Ordinal
Dictionary key name: ordinal
-
virtual_address
XML Binding class name: Virtual_Address
Dictionary key name: virtual_address
-
class cybox.objects.win_executable_file_object.PEImportedFunctions(*args)[source]
Bases: cybox.EntityList
XML binding class: cybox.bindings.win_executable_file_object.PEImportedFunctionsType
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.PEOptionalHeaderType
XML Binding class name: Address_Of_Entry_Point
Dictionary key name: address_of_entry_point
XML Binding class name: Base_Of_Code
Dictionary key name: base_of_code
XML Binding class name: Base_Of_Data
Dictionary key name: base_of_data
XML Binding class name: Checksum
Dictionary key name: checksum
XML Binding class name: Data_Directory
Dictionary key name: data_directory
XML Binding class name: DLL_Characteristics
Dictionary key name: dll_characteristics
XML Binding class name: File_Alignment
Dictionary key name: file_alignment
XML Binding class name: Hashes
Dictionary key name: hashes
XML Binding class name: Image_Base
Dictionary key name: image_base
XML Binding class name: Loader_Flags
Dictionary key name: loader_flags
XML Binding class name: Magic
Dictionary key name: magic
XML Binding class name: Major_Image_Version
Dictionary key name: major_image_version
XML Binding class name: Major_Linker_Version
Dictionary key name: major_linker_version
XML Binding class name: Major_OS_Version
Dictionary key name: major_os_version
XML Binding class name: Major_Subsystem_Version
Dictionary key name: major_subsystem_version
XML Binding class name: Minor_Image_Version
Dictionary key name: minor_image_version
XML Binding class name: Minor_Linker_Version
Dictionary key name: minor_linker_version
XML Binding class name: Minor_OS_Version
Dictionary key name: minor_os_version
XML Binding class name: Minor_Subsystem_Version
Dictionary key name: minor_subsystem_version
-
number_of_rva_and_sizes
XML Binding class name: Number_Of_Rva_And_Sizes
Dictionary key name: number_of_rva_and_sizes
XML Binding class name: Section_Alignment
Dictionary key name: section_alignment
XML Binding class name: Size_Of_Code
Dictionary key name: size_of_code
XML Binding class name: Size_Of_Headers
Dictionary key name: size_of_headers
XML Binding class name: Size_Of_Heap_Commit
Dictionary key name: size_of_heap_commit
XML Binding class name: Size_Of_Heap_Reserve
Dictionary key name: size_of_heap_reserve
XML Binding class name: Size_Of_Image
Dictionary key name: size_of_image
XML Binding class name: Size_Of_Initialized_Data
Dictionary key name: size_of_initialized_data
XML Binding class name: Size_Of_Stack_Commit
Dictionary key name: size_of_stack_commit
XML Binding class name: Size_Of_Stack_Reserve
Dictionary key name: size_of_stack_reserve
XML Binding class name: Size_Of_Uninitialized_Data
Dictionary key name: size_of_uninitialized_data
XML Binding class name: Subsystem
Dictionary key name: subsystem
XML Binding class name: Win32_Version_Value
Dictionary key name: win32_version_value
-
class cybox.objects.win_executable_file_object.PEResource[source]
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.PEResourceType
-
data
XML Binding class name: Data
Dictionary key name: data
-
hashes
XML Binding class name: Hashes
Dictionary key name: hashes
-
language
XML Binding class name: Language
Dictionary key name: language
-
name
XML Binding class name: Name
Dictionary key name: name
-
size
XML Binding class name: Size
Dictionary key name: size
-
sub_language
XML Binding class name: Sub_Language
Dictionary key name: sub_language
-
type_
XML Binding class name: Type
Dictionary key name: type
-
virtual_address
XML Binding class name: Virtual_Address
Dictionary key name: virtual_address
-
class cybox.objects.win_executable_file_object.PEResourceList(*args)[source]
Bases: cybox.EntityList
XML binding class: cybox.bindings.win_executable_file_object.PEResourceListType
-
static from_list(pe_resource_list)[source]
-
class cybox.objects.win_executable_file_object.PESection[source]
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.PESectionType
-
data_hashes
XML Binding class name: Data_Hashes
Dictionary key name: data_hashes
-
entropy
XML Binding class name: Entropy
Dictionary key name: entropy
XML Binding class name: Header_Hashes
Dictionary key name: header_hashes
XML Binding class name: Section_Header
Dictionary key name: section_header
Bases: cybox.Entity
XML binding class: cybox.bindings.win_executable_file_object.PESectionHeaderStructType
XML Binding class name: Characteristics
Dictionary key name: characteristics
XML Binding class name: Name
Dictionary key name: name
XML Binding class name: Number_Of_Linenumbers
Dictionary key name: number_of_linenumbers
XML Binding class name: Number_Of_Relocations
Dictionary key name: number_of_relocations
XML Binding class name: Pointer_To_Linenumbers
Dictionary key name: pointer_to_linenumbers
XML Binding class name: Pointer_To_Raw_Data
Dictionary key name: pointer_to_raw_data
XML Binding class name: Pointer_To_Relocations
Dictionary key name: pointer_to_relocations
XML Binding class name: Size_Of_Raw_Data
Dictionary key name: size_of_raw_data
XML Binding class name: Virtual_Address
Dictionary key name: virtual_address
XML Binding class name: Virtual_Size
Dictionary key name: virtual_size
-
class cybox.objects.win_executable_file_object.PESectionList(*args)[source]
Bases: cybox.EntityList
XML binding class: cybox.bindings.win_executable_file_object.PESectionListType
-
class cybox.objects.win_executable_file_object.PEVersionInfoResource[source]
Bases: cybox.objects.win_executable_file_object.PEResource
XML binding class: cybox.bindings.win_executable_file_object.PEVersionInfoResourceType
XML Binding class name: Comments
Dictionary key name: comments
-
companyname
XML Binding class name: CompanyName
Dictionary key name: companyname
-
filedescription
XML Binding class name: FileDescription
Dictionary key name: filedescription
-
fileversion
XML Binding class name: FileVersion
Dictionary key name: fileversion
-
internalname
XML Binding class name: InternalName
Dictionary key name: internalname
-
static keyword_test(pe_resource_dict)[source]
-
langid
XML Binding class name: LangID
Dictionary key name: langid
-
legalcopyright
XML Binding class name: LegalCopyright
Dictionary key name: legalcopyright
-
legaltrademarks
XML Binding class name: LegalTrademarks
Dictionary key name: legaltrademarks
-
originalfilename
XML Binding class name: OriginalFilename
Dictionary key name: originalfilename
-
privatebuild
XML Binding class name: PrivateBuild
Dictionary key name: privatebuild
-
productname
XML Binding class name: ProductName
Dictionary key name: productname
-
productversion
XML Binding class name: ProductVersion
Dictionary key name: productversion
-
specialbuild
XML Binding class name: SpecialBuild
Dictionary key name: specialbuild
-
class cybox.objects.win_executable_file_object.WinExecutableFile[source]
Bases: cybox.objects.win_file_object.WinFile
XML binding class: cybox.bindings.win_executable_file_object.WindowsExecutableFileObjectType
-
build_information
XML Binding class name: Build_Information
Dictionary key name: build_information
-
digital_signature
XML Binding class name: Digital_Signature
Dictionary key name: digital_signature
-
exports
XML Binding class name: Exports
Dictionary key name: exports
XML Binding class name: Extraneous_Bytes
Dictionary key name: extraneous_bytes
XML Binding class name: Headers
Dictionary key name: headers
-
imports
XML Binding class name: Imports
Dictionary key name: imports
-
pe_checksum
XML Binding class name: PE_Checksum
Dictionary key name: pe_checksum
-
resources
XML Binding class name: Resources
Dictionary key name: resources
-
sections
XML Binding class name: Sections
Dictionary key name: sections
-
type_
XML Binding class name: Type
Dictionary key name: type