Stuck on parsing a malformed PE

Sample:
+ [439ca9d490cb27c45fa08a807fc935e9b6260bc715854da42a8ce32ec79aebb4 ](https://www.virustotal.com/gui/file/439ca9d490cb27c45fa08a807fc935e9b6260bc715854da42a8ce32ec79aebb4)

Parser gets stuck on parsing this sample.

The sample has an atypical section alignment:

```json
    "sections_aligmnent": "0x1000",
    "file_aligmnent": "0x1",
```

```json
"sections": [
    {
      "name": "mbw",
      "raw_offset": "0x200",
      "raw_size": "0x580",
      "virtual_offset": "0x1000",
      "virtual_size": "0x580",
      "characteristics": "0x60000020",
      "entropy": 5.525607716586443
    },
    {
      "name": "hm",
      "raw_offset": "0x780",
      "raw_size": "0x30e",
      "virtual_offset": "0x2000",
      "virtual_size": "0x30e",
      "characteristics": "0x40000040",
      "entropy": 4.876276356664052
    },
    {
      "name": "therk",
      "raw_offset": "0xa8e",
      "raw_size": "0x4c",
      "virtual_offset": "0x3000",
      "virtual_size": "0x4c",
      "characteristics": "0x42000040",
      "entropy": 4.720582776146015
    }
  ]
```

The sample loads fine with PE-bear [0.5.5.3](https://github.com/hasherezade/pe-bear-releases/releases/tag/0.5.5.3).

+ The issue appeared starting from the commit: https://github.com/hasherezade/bearparser/commit/3330039c66aa29b3a97df17a3522b8f9f435fa1a



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Stuck on parsing a malformed PE #16

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Stuck on parsing a malformed PE #16

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions