PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Public Attributes | |
PVOID | FirstArgument |
USHORT | SystemCallNumber |
Definition at line 17 of file threads_util.cpp.
PVOID pesieve::util::_THREAD_LAST_SYSCALL_INFORMATION::FirstArgument |
Definition at line 19 of file threads_util.cpp.
USHORT pesieve::util::_THREAD_LAST_SYSCALL_INFORMATION::SystemCallNumber |
Definition at line 20 of file threads_util.cpp.