MoskalovIlya Sergee (Assistant Professor,
Moscow Technical University of Communications and Informatics (MTUCI)
)
| |
This article presents an algorithm for automatically extracting metadata from an executable software file during the disassembly stage. Methods for reading binary content, converting byte sequences to string representation, and filtering the resulting data using PowerShell and the strings.exe utility are discussed. An experiment was conducted confirming the feasibility of extracting structural and textual elements of executable modules without complete decompilation.
Results: A working algorithm capable of extracting key metadata characterizing the structure and functional dependencies of executable code has been implemented. The scientific novelty of this study lies in the following:
1. A new algorithm for extracting metadata from executable files without decompiling or loading them into a disassembler has been developed.
2. A binary analysis method is proposed with sequential conversion of byte arrays into text form and data filtering.
3. PowerShell and strings.exe tools are integrated into a single analysis framework, ensuring compatibility and automation.
4. A classification of the extracted data into text, system, and structural elements has been determined.
5. A text analytics technique has been applied for the first time in the context of binary analysis, expanding the scope of reverse engineering methods.
Keywords:metadata, disassembly, reverse engineering, PowerShell, binary analysis, strings.exe
|
|
| |
|
Read the full article …
|
Citation link:
MoskalovIlya S. ALGORITHM FOR EXTRACTING META-DATA FROM AN EXECUTIVE FILE AT THE SOFTWARE DISASSEMBLY STAGE // Современная наука: актуальные проблемы теории и практики. Серия: Естественные и Технические Науки. -2026. -№02. -С. 118-122 DOI 10.37882/2223-2966.2026.02.23 |
|
|
LEGAL
INFORMATION:
