dissect.target.loaders.phobos
#
Module Contents#
Classes#
Load Phobos Ransomware files. |
Functions#
Attributes#
- dissect.target.loaders.phobos.BLOCK_SIZE#
- dissect.target.loaders.phobos.NTFS_NEEDLE = b'\xebR\x90NTFS \x00'#
- dissect.target.loaders.phobos.EXTFS_NEEDLE = b'\xff\xffS\xef'#
- dissect.target.loaders.phobos.EXTFS_NEEDLE_OFFSET#
- dissect.target.loaders.phobos.FS_NEEDLES#
- dissect.target.loaders.phobos.scrape_pos(fp: BinaryIO, needles: list[bytes], block_size: int = BLOCK_SIZE) Iterator[tuple[bytes, int]] #
- class dissect.target.loaders.phobos.PhobosLoader(path: pathlib.Path, **kwargs)#
Bases:
dissect.target.loader.Loader
Load Phobos Ransomware files.
References
- static detect(path: pathlib.Path) bool #
Detects wether this
Loader
class can load this specificpath
.- Parameters:
path – The target path to check.
- Returns:
True
if thepath
can be loaded by aLoader
instance.False
otherwise.
- map(target: dissect.target.Target) None #
Maps the loaded path into a
Target
.- Parameters:
target – The target that we’re mapping into.