brad-sp
commented
9 years ago What version of pefile are you using? I'm not able to reproduce it here.
Closed b3nw closed 9 years ago
brad-sp
commented
9 years ago What version of pefile are you using? I'm not able to reproduce it here.
b3nw
commented
9 years ago using ubuntu-server 14.04 LTS
ben@cuckoo:~/cuckoo-modified$ pip show pefile
---
Name: pefile
Version: 1.2.9.1
Location: /usr/lib/python2.7/dist-packages
Requires:
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.3 LTS
Release: 14.04
Codename: trustyalso catching an error here
[lib.cuckoo.core.plugins] ERROR: Failed to run the processing module "Static":
Traceback (most recent call last):
File "/home/ben/cuckoo-modified/utils/../lib/cuckoo/core/plugins.py", line 197, in process
data = current.run()
File "/home/ben/cuckoo-modified/utils/../modules/processing/static.py", line 1039, in run
static = PortableExecutable(self.file_path, self.results).run()
File "/home/ben/cuckoo-modified/utils/../modules/processing/static.py", line 704, in run
results["pe_actual_checksum"] = self._get_actual_checksum()
File "/home/ben/cuckoo-modified/utils/../modules/processing/static.py", line 472, in _get_actual_checksum
return "0x{0:08x}".format(self.pe.generate_checksum())
File "/usr/lib/python2.7/dist-packages/pefile.py", line 3720, in generate_checksum
dword = struct.unpack('L', self.__data__[ i*4 : i*4+4 ])[0]
error: unpack requires a string argument of length 8
KillerInstinct
commented
9 years ago Try updating pefile to:
pefile (1.2.10-123)
brad-sp
commented
9 years ago This is due to an outdated version of pefile. The unpack line there should be using the "I" type instead of "L" or it'll be incorrect on 64-bit. I'll add a workaround/warning to the code.
brad-sp
commented
9 years ago
with has 6fe7de5e1ac73f069348cdbff9cf2feb but it reproduces every time.