PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Public Member Functions | Public Attributes | List of all members
pesieve::ChunkStats Struct Reference

Statistics from a block of data. More...

#include <multi_stats.h>

Public Member Functions

 ChunkStats ()
 ChunkStats (size_t _offset, size_t _size)
 ChunkStats (const ChunkStats &p1)
void fillSettings (MultiStatsSettings *_settings)
void appendVal (BYTE val)
void finishLastStr (bool isClean)
virtual void fieldsToJSON (std::stringstream &outs, size_t level) const
void summarize ()

Public Attributes

double entropy
size_t size
size_t offset
BYTE prevVal
size_t longestStr
std::string lastStr
size_t stringsCount
size_t cleanStringsCount
std::map< BYTE, size_t > histogram
std::map< size_t, std::set< BYTE > > frequencies
MultiStatsSettingssettings
std::map< std::string, size_t > foundStrings

Detailed Description

Statistics from a block of data.

Definition at line 54 of file multi_stats.h.

Constructor & Destructor Documentation

◆ ChunkStats() [1/3]

pesieve::ChunkStats::ChunkStats ( )
inline

Definition at line 56 of file multi_stats.h.

◆ ChunkStats() [2/3]

pesieve::ChunkStats::ChunkStats ( size_t _offset,
size_t _size )
inline

Definition at line 62 of file multi_stats.h.

◆ ChunkStats() [3/3]

pesieve::ChunkStats::ChunkStats ( const ChunkStats & p1)
inline

Definition at line 69 of file multi_stats.h.

Here is the call graph for this function:

Member Function Documentation

◆ appendVal()

void pesieve::ChunkStats::appendVal ( BYTE val)
inline

Definition at line 89 of file multi_stats.h.

Here is the call graph for this function:

◆ fieldsToJSON()

virtual void pesieve::ChunkStats::fieldsToJSON ( std::stringstream & outs,
size_t level ) const
inlinevirtual

Definition at line 132 of file multi_stats.h.

Here is the call graph for this function:

◆ fillSettings()

void pesieve::ChunkStats::fillSettings ( MultiStatsSettings * _settings)
inline

Definition at line 84 of file multi_stats.h.

◆ finishLastStr()

void pesieve::ChunkStats::finishLastStr ( bool isClean)
inline

Definition at line 108 of file multi_stats.h.

◆ summarize()

void pesieve::ChunkStats::summarize ( )
inline

Definition at line 157 of file multi_stats.h.

Here is the call graph for this function:

Member Data Documentation

◆ cleanStringsCount

size_t pesieve::ChunkStats::cleanStringsCount

Definition at line 178 of file multi_stats.h.

◆ entropy

double pesieve::ChunkStats::entropy

Definition at line 169 of file multi_stats.h.

◆ foundStrings

std::map<std::string, size_t> pesieve::ChunkStats::foundStrings

Definition at line 184 of file multi_stats.h.

◆ frequencies

std::map<size_t, std::set<BYTE> > pesieve::ChunkStats::frequencies

Definition at line 180 of file multi_stats.h.

◆ histogram

std::map<BYTE, size_t> pesieve::ChunkStats::histogram

Definition at line 179 of file multi_stats.h.

◆ lastStr

std::string pesieve::ChunkStats::lastStr

Definition at line 176 of file multi_stats.h.

◆ longestStr

size_t pesieve::ChunkStats::longestStr

Definition at line 174 of file multi_stats.h.

◆ offset

size_t pesieve::ChunkStats::offset

Definition at line 171 of file multi_stats.h.

◆ prevVal

BYTE pesieve::ChunkStats::prevVal

Definition at line 173 of file multi_stats.h.

◆ settings

MultiStatsSettings* pesieve::ChunkStats::settings

Definition at line 182 of file multi_stats.h.

◆ size

size_t pesieve::ChunkStats::size

Definition at line 170 of file multi_stats.h.

◆ stringsCount

size_t pesieve::ChunkStats::stringsCount

Definition at line 177 of file multi_stats.h.

The documentation for this struct was generated from the following file:
Generated by doxygen 1.17.0