mws-file-static-report

Get static analysis result of the analyzed file from malwares.com

mws-file-static-report hash=HASH [profile=PROFILE] [raw=t]

Output Fields

Field	Type	Name	Description
profile	String	Connect profile	Profile name of malwares.com
hash	String	Hash value	MD5, SHA1, or SHA256 value
result_code	Integer	Result code	e.g. 1, 0
result_msg	String	Result message	e.g. Data exists
api_version	String	API version	e.g. 2015072100
file_name	String	File name	e.g. EXPLORER.EXE
file_version	String	File version	e.g. 10.0.19041.1889 (WinBuild.160101.0800)
file_description	String	File description	e.g. Windows Explorer
company_name	String	Company name	e.g. Microsoft Corporation
internal_name	String	Internal name	e.g. explorer
product_name	String	Product name	e.g. Microsoft Windows Operating System
product_version	String	Product version	e.g. 10.0.19041.1889
md5	String	MD5	e.g. 7A413DDD10E81ADB6BB5D5E38F399D08
sha1	String	SHA1
sha256	String	SHA256
format_type	String	Format type	e.g. pe
subsystem	String	Subsystem	e.g. 0x2(WINDOWS)
image_base	String	Image base	e.g. 0x140000000
characteristics	String	Characteristics	e.g. 0x22(LARGE_ADDRESS_AWARE, EXECUTABLE_IMAGE)
pe_file_type	String	PE file type	e.g. PE64
stored_checksum	String	Stored checksum	e.g. 0x4EB54A
file_alignment	String	File alignment	e.g. 0x200
entrypoint	String	Entrypoint	e.g. 0xA1DC0
section_alignment	String	Section alignment	e.g. 0x1000
sections	List	Sections	Elements with section_name, raw_data_offset, raw_data_hash properties.
imports	List	Imports	Elements with dll_name and functions properties.
strings	List	Strings	Elements with offset, charset, pattern, string properties.
raw	String	Raw data	Original HTTP response