The Volatility Framework
volatility.plugins.malware.svcscan.ServiceVistax64 Class Reference

Override the base with vtypes for x64 Vista, 2008, and 7. More...

Inheritance diagram for volatility.plugins.malware.svcscan.ServiceVistax64:
volatility.obj.ProfileModification

Public Member Functions

def modification (self, profile)
 
- Public Member Functions inherited from volatility.obj.ProfileModification
def check (self, profile)
 Returns True or False as to whether the Modification should be applied.
 
def dependencies (self, profile)
 Returns a list of modifications that should go before this, and modifications that need to be after this.
 
def modification (self, profile)
 Abstract function for modifying the profile.
 

Static Public Attributes

list before = ['WindowsOverlay', 'WindowsObjectClasses', 'ServiceBase']
 
dictionary conditions
 
- Static Public Attributes inherited from volatility.obj.ProfileModification
list before = []
 
list after = []
 
dictionary conditions = {}
 

Detailed Description

Override the base with vtypes for x64 Vista, 2008, and 7.

Member Data Documentation

dictionary volatility.plugins.malware.svcscan.ServiceVistax64.conditions
static
Initial value:
1 = {'os': lambda x: x == 'windows',
2  'major': lambda x: x == 6,
3  'minor': lambda x: x < 2,
4  'memory_model': lambda x: x == '64bit'}

The documentation for this class was generated from the following file: