This overrides the base x86 vtypes with x64 vtypes.
More...
|
|
def | modification (self, profile) |
| |
|
def | check (self, profile) |
| | Returns True or False as to whether the Modification should be applied.
|
| |
|
def | dependencies (self, profile) |
| | Returns a list of modifications that should go before this, and modifications that need to be after this.
|
| |
|
def | modification (self, profile) |
| | Abstract function for modifying the profile.
|
| |
|
|
list | before = ['WindowsOverlay', 'WindowsObjectClasses', 'ServiceBase'] |
| |
| dictionary | conditions |
| |
|
list | before = [] |
| |
|
list | after = [] |
| |
|
dictionary | conditions = {} |
| |
This overrides the base x86 vtypes with x64 vtypes.
| dictionary volatility.plugins.malware.svcscan.ServiceBasex64.conditions |
|
static |
Initial value: 1 = {
'os':
lambda x: x ==
'windows',
2 'memory_model':
lambda x: x ==
'64bit'}
The documentation for this class was generated from the following file:
- volatility/plugins/malware/svcscan.py
Public Member Functions inherited from volatility.obj.ProfileModification
1.8.9.1