search

erocarrera / pefile

pefile is a Python module to read and work with PE (Portable Executable) files
MIT License
1.88k stars 522 forks source link

'PE' object has no attribute 'DIRECTORY_ENTRY_IMPORT' #369

Closed spotted-deer closed 1 year ago

spotted-deer commented 1 year ago

I cannot get the import table from target malware. The md5 of malware is 5409005cda4d50f634053ed1de25241367f67fd3

erocarrera commented 1 year ago

The directory entry IMAGE_DIRECTORY_ENTRY_IMPORT does not point to any import information. Hence, according to the headers, there's none.

[IMAGE_DIRECTORY_ENTRY_IMPORT]
0xE0       0x0   VirtualAddress:                0x0       
0xE4       0x4   Size:                          0x0