Experiment with TLSH Bytes vs. Hex Strings

tlsh.py

#!/usr/bin/env python

# pip install hexdump python-tlsh

import tlsh
from hexdump import hexdump


str_0 = b'55 8b ec 81 ec 0c 02 00 00 66 83 a5 ?? ?? ?? ?? ?? 56 68 08 02 00 00 8d 85 ?? ?? ?? ?? 6a 00 50 e8 86 89 00 00 83 c4 0c 8d b5 ?? ?? ?? ?? e8 a6 ff ff ff 8b c6 50 6a 00 ff 15 ?? ?? ?? ?? 50 e8 15 ff ff ff 59 59 5e c9 c3'
str_1 = b'55 8b ec 83 ec 20 85 c0 89 4d ?? 8b 4d ?? 89 4d ?? 8b 4d ?? 89 4d ?? 89 45 ?? 74 0a 50 e8 34 c4 00 00 59 89 45 ?? 83 65 ?? ?? 83 65 ?? ?? 83 65 ?? ?? 8d 45 ?? 50 ff 75 ?? 68 61 10 00 00 ff 75 ?? ff 15 ?? ?? ?? ?? c9 c3'

bytes_0 = bytes(bytearray.fromhex(str_0.decode('utf-8').replace(' ', '').replace('?', '')))
bytes_1 = bytes(bytearray.fromhex(str_1.decode('utf-8').replace(' ', '').replace('?', '')))

str_h0 = tlsh.Tlsh()
str_h0.update(str_0)
str_h0.final()

bytes_h0 = tlsh.Tlsh()
bytes_h0.update(bytes_0)
bytes_h0.final()

str_h1 = tlsh.Tlsh()
str_h1.update(str_1)
str_h1.final()

bytes_h1 = tlsh.Tlsh()
bytes_h1.update(bytes_1)
bytes_h1.final()

print('str_h0 : ' + str_0.decode('utf-8'))
print('str_tlsh_h0: ' + str_h0.hexdigest())

print('str_h1: ' + str_1.decode('utf-8'))
print('str_tlsh_h1: ' + str_h1.hexdigest())

print('string_score: ' + str(str_h0.diff(str_h1)))

print('bytes_h0: ' + str_0.decode('utf-8'))
hexdump(bytes_0)
print('bytes_h0: ' + bytes_h0.hexdigest())

print('bytes_h0: ' + str_1.decode('utf-8'))
hexdump(bytes_1)
print('bytes_tlsh_h1: ' + bytes_h1.hexdigest())

print('bytes_score: ' + str(bytes_h0.diff(bytes_h1)))