PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Public Member Functions | Public Attributes | List of all members
pesieve::CachedModule Struct Reference

#include <module_cache.h>

Public Member Functions

 CachedModule ()
 
 CachedModule (BYTE *_moduleData, size_t _moduleSize)
 
BYTEmapFromCached (size_t &mappedSize) const
 
 ~CachedModule ()
 

Public Attributes

BYTEmoduleData
 
size_t moduleSize
 
DWORD lastUsage
 

Detailed Description

Definition at line 55 of file module_cache.h.

Constructor & Destructor Documentation

◆ CachedModule() [1/2]

pesieve::CachedModule::CachedModule ( )
inline

Definition at line 57 of file module_cache.h.

◆ CachedModule() [2/2]

pesieve::CachedModule::CachedModule ( BYTE * _moduleData,
size_t _moduleSize )
inline

Definition at line 62 of file module_cache.h.

Here is the call graph for this function:

◆ ~CachedModule()

pesieve::CachedModule::~CachedModule ( )
inline

Definition at line 81 of file module_cache.h.

Member Function Documentation

◆ mapFromCached()

BYTE * pesieve::CachedModule::mapFromCached ( size_t & mappedSize) const
inline

Definition at line 73 of file module_cache.h.

Here is the call graph for this function:

Member Data Documentation

◆ lastUsage

DWORD pesieve::CachedModule::lastUsage

Definition at line 93 of file module_cache.h.

◆ moduleData

BYTE* pesieve::CachedModule::moduleData

Definition at line 91 of file module_cache.h.

◆ moduleSize

size_t pesieve::CachedModule::moduleSize

Definition at line 92 of file module_cache.h.

The documentation for this struct was generated from the following file:
Generated by doxygen 1.10.0