The Volatility Framework
Public Member Functions | Public Attributes | List of all members
volatility.plugins.malware.apihooks.ModuleGroup Class Reference

A class to assist with module lookups. More...

Inheritance diagram for volatility.plugins.malware.apihooks.ModuleGroup:

Public Member Functions

def __init__ (self, mod_list)
 Initialize. More...
 
def find_module (self, address)
 Find a module by an address it contains. More...
 

Public Attributes

 mods
 
 mod_name
 
 mod_fast
 

Detailed Description

A class to assist with module lookups.

Constructor & Destructor Documentation

def volatility.plugins.malware.apihooks.ModuleGroup.__init__ (   self,
  mod_list 
)

Initialize.

Parameters
mod_lista list of _LDR_DATA_TABLE_ENTRY objects. This can be a generator.

Member Function Documentation

def volatility.plugins.malware.apihooks.ModuleGroup.find_module (   self,
  address 
)

Find a module by an address it contains.

Parameters
addresslocation in process or kernel AS to find an owning module.

When performing thousands of lookups, this method is actually quicker than tasks.find_module.

The documentation for this class was generated from the following file: