STIX 2.x documentation is available here. This site contains archived STIX 1.x documentation. STIX is now maintained by the OASIS CTI TC.

Heads up! These docs are for STIX 1.1.1, which is not the latest version (1.2). View the latest!

PEHeadersTypeWin Executable File Object Schema

The PEHeadersType specifies the headers found in PE and COFF files.

Fields

Field Name	Type	Description
DOS_Header0..1	DOSHeaderType	The DOS_Header field refers to the MS-DOS PE header and its associated characteristics.
Signature0..1	HexBinaryObjectPropertyType	The Signature field specifies the 4-bytes sugnature that identifies the file as a PE file.
File_Header0..1	PEFileHeaderType	The File_Header field refers to the PE file header (sometimes referred to as the COFF header) and its associated characteristics.
Optional_Header0..1	PEOptionalHeaderType	The Optional_Header field refers to the PE optional header and its associated characteristics. The Optional Header is required for executable (PE) files, but optional for object (COFF) files.
Entropy0..1	EntropyType	The Entropy field specifies the calculated entropy of the PE file header.
Hashes0..1	HashListType	The Hashes field is used to include any hash values computed using the specified PE binary file header as input.