calculate_pehash throws exception for PE+ file format

[kohnakagawa]

According to the current implementation of calculate_pehash, "pad to 16 bits"

viper-modules/pehash/pehasher.py

Lines 25 to 28 in d21d555

	# pad to 16 bits
	img_chars = bitstring.BitArray(bytes=img_chars.tobytes())
	img_chars_xor = img_chars[0:8] ^ img_chars[8:16]

is not properly performed as its comment. If the value of exe.FILE_HEADER.Characteristics is 0x22 (e.g., PE+ EXE), upper 8bits data cannot be accessed, so "ValueError: Bitstrings must have the same length for ^ operator." exception is thrown as follows

                #pad to 16 bits
                img_chars = bitstring.BitArray(bytes=img_chars.tobytes())
-->             img_chars_xor = img_chars[0:8] ^ img_chars[8:16]

/usr/local/lib/python3.5/dist-packages/bitstring-3.1.5-py3.5.egg/bitstring.py in __xor__(self, bs)
   1128         bs = Bits(bs)
   1129         if self.len != bs.len:
-> 1130             raise ValueError("Bitstrings must have the same length "
   1131                              "for ^ operator.")
   1132         s = self._copy()

ValueError: Bitstrings must have the same length for ^ operator.

I think these lines should be fixed as follows.

        #image characteristics
        img_chars = bitstring.BitArray(hex(exe.FILE_HEADER.Characteristics))
        #pad to 16 bits
        # img_chars = bitstring.BitArray(bytes=img_chars.tobytes()) # <- this line do not do 16bits padding
        img_chars = img_chars.bin.zfill(16) # <- correct 16bits padding
        img_chars_xor = img_chars[0:8] ^ img_chars[8:16]

Is this an intended behavior of calculate_pehash function?