PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Public Member Functions | Protected Member Functions | Protected Attributes | Friends | List of all members
pesieve::ScannedModule Class Reference

Represents a basic info about the scanned module, such as its base offset, size, and the status. More...

#include <scanned_modules.h>

Public Member Functions

ULONGLONG getStart () const
 
ULONGLONG getEnd () const
 
size_t getSize ()
 
bool isSuspicious () const
 
std::string getModName () const
 

Protected Member Functions

 ScannedModule (ULONGLONG _start, size_t _moduleSize)
 
 ~ScannedModule ()
 
bool operator< (ScannedModule other) const
 
void setSuspicious (bool _is_suspicious)
 
bool resize (size_t newSize)
 

Protected Attributes

const ULONGLONG start
 

Friends

class ModulesInfo
 

Detailed Description

Represents a basic info about the scanned module, such as its base offset, size, and the status.

Definition at line 14 of file scanned_modules.h.

Constructor & Destructor Documentation

◆ ScannedModule()

pesieve::ScannedModule::ScannedModule ( ULONGLONG _start,
size_t _moduleSize )
inlineprotected

Definition at line 44 of file scanned_modules.h.

◆ ~ScannedModule()

pesieve::ScannedModule::~ScannedModule ( )
inlineprotected

Definition at line 50 of file scanned_modules.h.

Member Function Documentation

◆ getEnd()

ULONGLONG pesieve::ScannedModule::getEnd ( ) const
inline

Definition at line 23 of file scanned_modules.h.

◆ getModName()

std::string pesieve::ScannedModule::getModName ( ) const
inline

Definition at line 38 of file scanned_modules.h.

◆ getSize()

size_t pesieve::ScannedModule::getSize ( )
inline

Definition at line 28 of file scanned_modules.h.

◆ getStart()

ULONGLONG pesieve::ScannedModule::getStart ( ) const
inline

Definition at line 18 of file scanned_modules.h.

◆ isSuspicious()

bool pesieve::ScannedModule::isSuspicious ( ) const
inline

Definition at line 33 of file scanned_modules.h.

◆ operator<()

bool pesieve::ScannedModule::operator< ( ScannedModule other) const
inlineprotected

Definition at line 54 of file scanned_modules.h.

◆ resize()

bool pesieve::ScannedModule::resize ( size_t newSize)
inlineprotected

Definition at line 63 of file scanned_modules.h.

Here is the call graph for this function:

◆ setSuspicious()

void pesieve::ScannedModule::setSuspicious ( bool _is_suspicious)
inlineprotected

Definition at line 59 of file scanned_modules.h.

Here is the call graph for this function:

Friends And Related Symbol Documentation

◆ ModulesInfo

friend class ModulesInfo
friend

Definition at line 80 of file scanned_modules.h.

Member Data Documentation

◆ start

const ULONGLONG pesieve::ScannedModule::start
protected

Definition at line 73 of file scanned_modules.h.

The documentation for this class was generated from the following file:
Generated by doxygen 1.10.0