A scanner over all memory regions of a process. More...

Inheritance diagram for volatility.plugins.malware.malfind.VadYaraScanner:

Public Member Functions
def	__init__ (self, task=None, kwargs)
	Scan the process address space through the Vads. More...

def	scan

Public Member Functions inherited from volatility.plugins.malware.malfind.BaseYaraScanner
def	__init__

def	scan (self, offset, maxlen)

Public Attributes
	task

Public Attributes inherited from volatility.plugins.malware.malfind.BaseYaraScanner
	rules

	address_space

Additional Inherited Members
Static Public Attributes inherited from volatility.plugins.malware.malfind.BaseYaraScanner
int	overlap = 1024

Detailed Description

A scanner over all memory regions of a process.

Constructor & Destructor Documentation

def volatility.plugins.malware.malfind.VadYaraScanner.__init__	(	self,
		task = `None`,
		kwargs
	)

Scan the process address space through the Vads.

Args: task: The _EPROCESS object for this task.

The documentation for this class was generated from the following file: