PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Public Member Functions | Public Attributes | Protected Member Functions | Protected Attributes | Friends | List of all members
pesieve::AreaEntropyStats Class Reference

#include <entropy_stats.h>

Inheritance diagram for pesieve::AreaEntropyStats:
Inheritance graph
[legend]

Public Member Functions

 AreaEntropyStats ()
 AreaEntropyStats (const AreaEntropyStats &p1)
void _appendVal (BYTE val)
virtual void summarize ()
Public Member Functions inherited from pesieve::AreaStats
 AreaStats ()
void setStartOffset (size_t _area_start)
void appendVal (BYTE val)
bool isFilled () const
virtual bool fillSettings (StatsSettings *_settings)
virtual bool toJSON (std::stringstream &outs, size_t level) const

Public Attributes

double entropy

Protected Member Functions

virtual void fieldsToJSON (std::stringstream &outs, size_t level) const

Protected Attributes

std::map< BYTE, size_t > histogram
Protected Attributes inherited from pesieve::AreaStats
size_t area_size
size_t area_start

Friends

class AreaStatsCalculator

Detailed Description

Definition at line 9 of file entropy_stats.h.

Constructor & Destructor Documentation

◆ AreaEntropyStats() [1/2]

pesieve::AreaEntropyStats::AreaEntropyStats ( )
inline

Definition at line 11 of file entropy_stats.h.

Here is the call graph for this function:

◆ AreaEntropyStats() [2/2]

pesieve::AreaEntropyStats::AreaEntropyStats ( const AreaEntropyStats & p1)
inline

Definition at line 18 of file entropy_stats.h.

Here is the call graph for this function:

Member Function Documentation

◆ _appendVal()

void pesieve::AreaEntropyStats::_appendVal ( BYTE val)
inlinevirtual

Implements pesieve::AreaStats.

Definition at line 25 of file entropy_stats.h.

◆ fieldsToJSON()

virtual void pesieve::AreaEntropyStats::fieldsToJSON ( std::stringstream & outs,
size_t level ) const
inlineprotectedvirtual

Implements pesieve::AreaStats.

Definition at line 38 of file entropy_stats.h.

◆ summarize()

virtual void pesieve::AreaEntropyStats::summarize ( )
inlinevirtual

Implements pesieve::AreaStats.

Definition at line 30 of file entropy_stats.h.

Here is the call graph for this function:

◆ AreaStatsCalculator

friend class AreaStatsCalculator
friend

Definition at line 52 of file entropy_stats.h.

Member Data Documentation

◆ entropy

double pesieve::AreaEntropyStats::entropy

Definition at line 35 of file entropy_stats.h.

◆ histogram

std::map<BYTE, size_t> pesieve::AreaEntropyStats::histogram
protected

Definition at line 50 of file entropy_stats.h.

The documentation for this class was generated from the following file:
Generated by doxygen 1.17.0