PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Namespaces | Functions | Variables
artefacts_util.cpp File Reference
#include "artefacts_util.h"
#include <peconv.h>
#include "code_patterns.h"

Go to the source code of this file.

Namespaces

namespace  pesieve
 

Functions

size_t pesieve::init_32_patterns (Node *rootN)
 
size_t pesieve::init_64_patterns (Node *rootN)
 
size_t pesieve::search_till_pattern (sig_finder::Node &rootN, const BYTE *loadedData, size_t loadedSize)
 

Variables

std::set< DWORD > pesieve::HardcodedPatterns
 
pesieve::util::Mutex pesieve::g_HardcodedPatternsMutex
 
Generated by doxygen 1.12.0