PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
Public Member Functions | Public Attributes | Protected Member Functions | Protected Attributes | Friends | List of all members
pesieve::AreaEntropyStats Class Reference

#include <entropy_stats.h>

Inheritance diagram for pesieve::AreaEntropyStats:
Inheritance graph
[legend]

Public Member Functions

 AreaEntropyStats ()
 
 AreaEntropyStats (const AreaEntropyStats &p1)
 
void _appendVal (BYTE val)
 
virtual void summarize ()
 
- Public Member Functions inherited from pesieve::AreaStats
 AreaStats ()
 
void setStartOffset (size_t _area_start)
 
void appendVal (BYTE val)
 
bool isFilled () const
 
virtual bool fillSettings (StatsSettings *_settings)
 
virtual const bool toJSON (std::stringstream &outs, size_t level)
 

Public Attributes

double entropy
 

Protected Member Functions

virtual const void fieldsToJSON (std::stringstream &outs, size_t level)
 

Protected Attributes

std::map< BYTE, size_t > histogram
 
- Protected Attributes inherited from pesieve::AreaStats
size_t area_size
 
size_t area_start
 

Friends

class AreaStatsCalculator
 

Detailed Description

Definition at line 9 of file entropy_stats.h.

Constructor & Destructor Documentation

◆ AreaEntropyStats() [1/2]

pesieve::AreaEntropyStats::AreaEntropyStats ( )
inline

Definition at line 11 of file entropy_stats.h.

Here is the call graph for this function:

◆ AreaEntropyStats() [2/2]

pesieve::AreaEntropyStats::AreaEntropyStats ( const AreaEntropyStats & p1)
inline

Definition at line 18 of file entropy_stats.h.

Here is the call graph for this function:

Member Function Documentation

◆ _appendVal()

void pesieve::AreaEntropyStats::_appendVal ( BYTE val)
inlinevirtual

Implements pesieve::AreaStats.

Definition at line 25 of file entropy_stats.h.

◆ fieldsToJSON()

virtual const void pesieve::AreaEntropyStats::fieldsToJSON ( std::stringstream & outs,
size_t level )
inlineprotectedvirtual

Implements pesieve::AreaStats.

Definition at line 38 of file entropy_stats.h.

◆ summarize()

virtual void pesieve::AreaEntropyStats::summarize ( )
inlinevirtual

Implements pesieve::AreaStats.

Definition at line 30 of file entropy_stats.h.

Here is the call graph for this function:

Friends And Related Symbol Documentation

◆ AreaStatsCalculator

friend class AreaStatsCalculator
friend

Definition at line 52 of file entropy_stats.h.

Member Data Documentation

◆ entropy

double pesieve::AreaEntropyStats::entropy

Definition at line 35 of file entropy_stats.h.

◆ histogram

std::map<BYTE, size_t> pesieve::AreaEntropyStats::histogram
protected

Definition at line 50 of file entropy_stats.h.

The documentation for this class was generated from the following file:
Generated by doxygen 1.13.2