Topics
Getting started
Usage
Analysis engine
Scripting
Analysis object (analysis)
File object (analysis.file)
Address mapping (analysis.map)
File structures (analysis.struct)
File entropy (analysis.entropy)
Strings (analysis.strings)
Cross References (analysis.xrefs)
Disassembly (analysis.asm)
Control Flow Graph (analysis.cfg)
Strongly Connected Components (analysis.loops)
Functions (analysis.fns)
Symbols (analysis.syms)
Cross References (analysis.xrefs)
Carved files (analysis.carved)
Virtual files (analysis.vfiles)
Known constants (analysis.constants)
Capa rules (analysis.capa)
Yara signatures (analysis.sigs)
Anomalies (analysis.anomalies)
Kesakode
User comments (analysis.comments)
User highlighted regions (analysis.highlights)
Index
Links
Malcat Website
Malcat
Index
Index
_
|
A
|
B
|
C
|
D
|
E
|
F
|
G
|
H
|
I
|
J
|
K
|
L
|
M
|
N
|
O
|
P
|
Q
|
R
|
S
|
T
|
U
|
V
|
W
|
X
_
__contains__() (malcat.FileTypeAnalyzer method)
(malcat.Function method)
(malcat.Functions method)
,
[1]
(malcat.KesakodeResult method)
__getitem__() (malcat.FileTypeAnalyzer method)
(malcat.Functions method)
,
[1]
,
[2]
(malcat.KesakodeResult method)
,
[1]
__init__() (intelligence.OnlineDetection method)
(intelligence.OnlineFile method)
(intelligence.OnlineResult method)
__iter__() (malcat.FileTypeAnalyzer method)
(malcat.Function method)
(malcat.Functions method)
(malcat.KesakodeResult method)
__len__() (malcat.Function method)
(malcat.Functions method)
(malcat.KesakodeResult method)
(malcat.types.Struct method)
A
access (malcat.CodeReference attribute)
action (malcat.malcat.InstructionOperand attribute)
ADD (malcat.malcat.Instruction.Type attribute)
add_file() (malcat.FileTypeAnalyzer method)
add_metadata() (malcat.FileTypeAnalyzer method)
add_section() (malcat.FileTypeAnalyzer method)
add_symbol() (malcat.FileTypeAnalyzer method)
address (malcat.BasicBlock attribute)
(malcat.BasicBlockEdge attribute)
(malcat.CapaRuleMatch attribute)
(malcat.CarvedFile attribute)
(malcat.Constant attribute)
(malcat.FoundString attribute)
(malcat.Function attribute)
(malcat.Instruction attribute)
(malcat.KesakodeMatch attribute)
(malcat.malcat.FileSymbol attribute)
(malcat.Reference attribute)
(malcat.ReferenceList attribute)
(malcat.Region attribute)
(malcat.StructAccess attribute)
(malcat.Symbol attribute)
(malcat.UndoableOperation attribute)
(malcat.UserComment attribute)
(malcat.UserHighlight attribute)
ADWARE (intelligence.DetectionLevel attribute)
all (malcat.CapaScan attribute)
(malcat.Signatures attribute)
analysis (built-in variable)
Analysis (class in malcat)
Analysis.a2p() (in module malcat)
Analysis.a2r() (in module malcat)
Analysis.a2v() (in module malcat)
analysis.anomalies (built-in variable)
analysis.asm (built-in variable)
analysis.capa (built-in variable)
analysis.carved (built-in variable)
analysis.cfg (built-in variable)
analysis.comments (built-in variable)
analysis.constants (built-in variable)
analysis.entropy (built-in variable)
analysis.file (built-in variable)
analysis.fns (built-in variable)
analysis.highlights (built-in variable)
Analysis.invalidate() (in module malcat)
Analysis.load() (in module malcat)
analysis.loops (built-in variable)
analysis.map (in module malcat)
Analysis.p2a() (in module malcat)
Analysis.ppa() (in module malcat)
Analysis.r2a() (in module malcat)
Analysis.raise_if_failed() (in module malcat)
Analysis.run() (in module malcat)
Analysis.save() (in module malcat)
analysis.sigs (built-in variable)
analysis.strings (built-in variable)
analysis.struct (built-in variable)
analysis.syms (built-in variable)
Analysis.v2a() (in module malcat)
analysis.vfiles (built-in variable)
analysis.xrefs (built-in variable)
AND (malcat.malcat.Instruction.Type attribute)
Anomalies (class in malcat)
anomalies (malcat.Analysis attribute)
Anomalies.__contains__() (in module malcat)
Anomalies.__getattr__() (in module malcat)
Anomalies.__getitem__() (in module malcat)
Anomalies.__iter__() (in module malcat)
Anomaly (class in malcat)
ANOMALY (malcat.malcat.Category attribute)
APPL (intelligence.DetectionLevel attribute)
Architecture (class in malcat)
architecture (malcat.Analysis attribute)
(malcat.FileTypeAnalyzer attribute)
ARCHIVE (malcat.FileType.Category attribute)
args (malcat.Function attribute)
ASCII (malcat.malcat.FoundString.Encoding attribute)
Asm (class in malcat)
asm (malcat.Analysis attribute)
Asm.__getitem__() (in module malcat)
,
[1]
Asm.align() (in module malcat)
Asm.size() (in module malcat)
ASSIGN (malcat.malcat.Instruction.Type attribute)
at() (malcat.FileTypeAnalyzer method)
attack (malcat.CapaRule attribute)
(malcat.CapaScan attribute)
AU3 (malcat.Architecture attribute)
author (malcat.CapaRule attribute)
authors (malcat.CapaRule attribute)
B
base (malcat.MappingAnnotation attribute)
BasicBlock (class in malcat)
BasicBlock.__contains__() (in module malcat)
BasicBlock.__iter__() (in module malcat)
BasicBlock.__len__() (in module malcat)
BasicBlock.disasm() (in module malcat)
BasicBlockEdge (class in malcat)
bb (malcat.Instruction attribute)
behavior (malcat.CapaMbcBehavior attribute)
BIFF (malcat.Architecture attribute)
BINARY (malcat.malcat.FoundString.Encoding attribute)
built-in function
malcat.UI.idle()
malcat.UI.msgbox()
malcat.UI.open_after()
malcat.UI.print()
malcat.UI.progress()
bytes (malcat.FoundString attribute)
(malcat.malcat.FieldAccess attribute)
(malcat.StructAccess attribute)
C
CALL (malcat.malcat.BasicBlockEdge.Type attribute)
(malcat.malcat.Instruction.Type attribute)
callees (malcat.Function attribute)
callers (malcat.Function attribute)
capa (malcat.Analysis attribute)
capa_run() (malcat.Analysis method)
CapaAttackTechnique (class in malcat)
CapaEvalResult (class in malcat)
CapaMbcBehavior (class in malcat)
CapaRule (class in malcat)
CapaRule.__iter__() (in module malcat)
CapaRule.__len__() (in module malcat)
CapaRuleMatch (class in malcat)
CapaScan (class in malcat)
CapaScan.__contains__() (in module malcat)
CapaScan.__getitem__() (in module malcat)
CapaScan.__iter__() (in module malcat)
CapaScan.__len__() (in module malcat)
CapaScan.run() (in module malcat)
carved (malcat.Analysis attribute)
CarvedFile (class in malcat)
CarvedFile.__len__() (in module malcat)
CarvedFile.open() (in module malcat)
CarvedFiles (class in malcat)
CarvedFiles.__contains__() (in module malcat)
CarvedFiles.__getitem__() (in module malcat)
,
[1]
CarvedFiles.__iter__() (in module malcat)
CarvedFiles.__len__() (in module malcat)
CarvedFiles.find() (in module malcat)
CarvedFiles.find_backward() (in module malcat)
CarvedFiles.find_forward() (in module malcat)
CAST (malcat.malcat.Instruction.Type attribute)
category (malcat.Analysis attribute)
(malcat.Anomaly attribute)
(malcat.CarvedFile attribute)
(malcat.Constant attribute)
(malcat.FileTypeAnalyzer attribute)
(malcat.FoundString attribute)
(malcat.Function attribute)
(malcat.ScanRule attribute)
CFG (class in malcat)
cfg (malcat.Analysis attribute)
CFG.__getitem__() (in module malcat)
,
[1]
CFG.__iter__() (in module malcat)
CFG.__len__() (in module malcat)
CFG.align() (in module malcat)
CFG.find() (in module malcat)
CFG.find_backward() (in module malcat)
CFG.find_forward() (in module malcat)
check() (intelligence.OnlineChecker method)
children (malcat.CapaEvalResult attribute)
CJUMP (malcat.malcat.Instruction.Type attribute)
CLEAN (intelligence.DetectionLevel attribute)
(malcat.malcat.Detection.Level attribute)
CMP (malcat.malcat.Instruction.Type attribute)
code (malcat.BasicBlock attribute)
CODE (malcat.malcat.Category attribute)
(malcat.malcat.Reference.Type attribute)
CodeReference (class in malcat)
comment (malcat.Anomaly attribute)
comments (malcat.Analysis attribute)
conditional (malcat.BasicBlockEdge attribute)
confirm() (malcat.FileTypeAnalyzer method)
Constant (class in malcat)
CONSTANT (malcat.malcat.InstructionOperand.Type attribute)
Constant.__len__() (in module malcat)
Constants (class in malcat)
constants (malcat.Analysis attribute)
Constants.__contains__() (in module malcat)
,
[1]
Constants.__getitem__() (in module malcat)
,
[1]
Constants.__iter__() (in module malcat)
Constants.__len__() (in module malcat)
Constants.find() (in module malcat)
Constants.find_backward() (in module malcat)
Constants.find_forward() (in module malcat)
content (intelligence.OnlineFile attribute)
(malcat.UserHighlight attribute)
count (malcat.malcat.FieldAccess attribute)
(malcat.ReferenceList attribute)
(malcat.StructAccess attribute)
count_clean (malcat.KesakodeResult attribute)
count_library (malcat.KesakodeResult attribute)
count_malware (malcat.KesakodeResult attribute)
count_unknown (malcat.KesakodeResult attribute)
CRASH (malcat.malcat.AnalysisError.Status attribute)
crc32 (malcat.Entropy attribute)
CrossReferences (class in malcat)
CrossReferences.__contains__() (in module malcat)
CrossReferences.__getitem__() (in module malcat)
,
[1]
CrossReferences.__iter__() (in module malcat)
CrossReferences.__len__() (in module malcat)
CrossReferences.find() (in module malcat)
CrossReferences.find_backward() (in module malcat)
CrossReferences.find_forward() (in module malcat)
cursor (malcat.UI attribute)
D
data (malcat.BasicBlock attribute)
DATA (malcat.malcat.Category attribute)
(malcat.malcat.FileSymbol.Type attribute)
(malcat.malcat.Reference.Type attribute)
DATABASE (malcat.FileType.Category attribute)
DEBUG (malcat.malcat.Category attribute)
decompile() (malcat.Analysis method)
(malcat.Function method)
definition (malcat.CapaRule attribute)
description (malcat.CapaRule attribute)
(malcat.ScanRule attribute)
DetectionLevel (class in intelligence)
detections (intelligence.OnlineResult attribute)
disasm() (malcat.Function method)
DIV (malcat.malcat.Instruction.Type attribute)
DOCUMENT (malcat.FileType.Category attribute)
DOTNET (malcat.Architecture attribute)
download() (intelligence.OnlineChecker method)
DYNAMIC (malcat.malcat.FoundString.Type attribute)
E
encoding (malcat.FoundString attribute)
ENCRYPTED (intelligence.DetectionLevel attribute)
end (malcat.BasicBlock attribute)
(malcat.CarvedFile attribute)
(malcat.Constant attribute)
(malcat.Function attribute)
(malcat.Instruction attribute)
(malcat.MappingAnnotation attribute)
(malcat.Region attribute)
(malcat.StructAccess attribute)
Entropy (class in malcat)
entropy (malcat.Analysis attribute)
(malcat.FoundString attribute)
Entropy.__getitem__() (in module malcat)
entry (malcat.BasicBlock attribute)
ENTRY (malcat.malcat.FileSymbol.Type attribute)
(malcat.malcat.Symbol.Type attribute)
entrypoint (malcat.Analysis attribute)
enum (malcat.malcat.FieldAccess attribute)
(malcat.StructAccess attribute)
eof() (malcat.FileTypeAnalyzer method)
ERROR (malcat.malcat.AnalysisError.Status attribute)
(malcat.malcat.Anomaly.Level attribute)
EXCEPTION (malcat.malcat.BasicBlockEdge.Type attribute)
exec (malcat.CodeReference attribute)
(malcat.Region attribute)
exotic (malcat.BasicBlock attribute)
EXPORT (malcat.malcat.FileSymbol.Type attribute)
(malcat.malcat.Symbol.Type attribute)
F
failed (malcat.Analysis attribute)
FAULTY (malcat.malcat.Instruction.Type attribute)
File (class in malcat)
file (malcat.Analysis attribute)
File.__getitem__() (in module malcat)
,
[1]
File.__len__() (in module malcat)
File.__setitem__() (in module malcat)
,
[1]
File.read() (in module malcat)
File.read_cstring_ascii() (in module malcat)
File.read_cstring_utf16be() (in module malcat)
File.read_cstring_utf16le() (in module malcat)
File.read_cstring_utf8() (in module malcat)
File.read_until() (in module malcat)
File.search() (in module malcat)
File.search_all() (in module malcat)
File.search_bytes() (in module malcat)
File.write() (in module malcat)
files (malcat.FileTypeAnalyzer attribute)
FileStructure (class in malcat)
FileStructure.__contains__() (in module malcat)
FileStructure.__getattr__() (in module malcat)
FileStructure.__getitem__() (in module malcat)
,
[1]
FileStructure.__iter__() (in module malcat)
FileStructure.__len__() (in module malcat)
FileStructure.at() (in module malcat)
FileStructure.find() (in module malcat)
FileStructure.find_backward() (in module malcat)
FileStructure.find_forward() (in module malcat)
FileStructure.force() (in module malcat)
FileStructure.unforce() (in module malcat)
FILESYSTEM (malcat.FileType.Category attribute)
FileType.Category (class in malcat)
FileTypeAnalyzer (class in malcat)
find() (malcat.Functions method)
(malcat.KesakodeResult method)
find_backward() (malcat.Functions method)
(malcat.KesakodeResult method)
find_forward() (malcat.Functions method)
(malcat.KesakodeResult method)
FIXUP (malcat.malcat.Category attribute)
fns (malcat.Analysis attribute)
force() (malcat.Functions method)
FoundString (class in malcat)
FoundString.__len__() (in module malcat)
FoundString.__repr__() (in module malcat)
FPU (malcat.malcat.Instruction.Type attribute)
from_number() (intelligence.DetectionLevel static method)
from_text() (intelligence.DetectionLevel static method)
fullname (malcat.Function attribute)
Function (class in malcat)
function (malcat.BasicBlock attribute)
(malcat.Instruction attribute)
FUNCTION (malcat.malcat.FileSymbol.Type attribute)
(malcat.malcat.KesakodeMatch.Type attribute)
(malcat.malcat.Symbol.Type attribute)
FunctionParameter (class in malcat)
Functions (class in malcat)
G
get_decompile_aliases() (malcat.Function method)
GLOBAL (malcat.malcat.InstructionOperand.Type attribute)
gui (built-in variable)
H
HACKTOOL (intelligence.DetectionLevel attribute)
HEADER (malcat.malcat.Category attribute)
hex() (malcat.Analysis method)
(malcat.BasicBlock method)
(malcat.Function method)
highlights (malcat.Analysis attribute)
history (malcat.Analysis attribute)
hits (malcat.KesakodeMatch attribute)
I
id (malcat.CapaAttackTechnique attribute)
(malcat.CapaMbcBehavior attribute)
(malcat.ScanPattern attribute)
(malcat.ScanRule attribute)
IMAGE (malcat.FileType.Category attribute)
imagebase (malcat.Analysis attribute)
(malcat.FileTypeAnalyzer attribute)
IMPORT (malcat.malcat.FileSymbol.Type attribute)
(malcat.malcat.Symbol.Type attribute)
incoming (malcat.BasicBlock attribute)
indirect (malcat.CodeReference attribute)
INFO (malcat.malcat.ScanRule.Type attribute)
inrefs (malcat.BasicBlock attribute)
(malcat.Function attribute)
(malcat.Instruction attribute)
Instruction (class in malcat)
Instruction.__getitem__() (in module malcat)
Instruction.__iter__() (in module malcat)
Instruction.__len__() (in module malcat)
Instruction.__repr__() (in module malcat)
Instruction.disasm() (in module malcat)
intelligence (intelligence.KesakodeExternalResult attribute)
INVALID (malcat.malcat.Instruction.Type attribute)
is_code (malcat.Constant attribute)
(malcat.Reference attribute)
is_confirmed() (malcat.FileTypeAnalyzer method)
is_data (malcat.Reference attribute)
is_library (malcat.Function attribute)
is_text (malcat.Analysis attribute)
J
JUMP (malcat.malcat.BasicBlockEdge.Type attribute)
(malcat.malcat.Instruction.Type attribute)
jump() (malcat.FileTypeAnalyzer method)
K
kesakode (malcat.Analysis attribute)
kesakode() (intelligence.OnlineChecker method)
kesakode_lookup() (malcat.Analysis method)
kesakode_quota() (malcat.Analysis method)
KesakodeExternalResult (class in intelligence)
KesakodeMatch (class in malcat)
KesakodeResult (class in malcat)
L
label (malcat.Function attribute)
LABEL (malcat.malcat.Symbol.Type attribute)
label (malcat.UndoableOperation attribute)
level (intelligence.OnlineDetection attribute)
(malcat.Anomaly attribute)
(malcat.KesakodeMatch attribute)
(malcat.malcat.KesakodeMatch.Hit attribute)
LIBRARY (intelligence.DetectionLevel attribute)
(malcat.malcat.Detection.Level attribute)
LOCAL (malcat.malcat.InstructionOperand.Type attribute)
locate() (malcat.FileTypeAnalyzer class method)
locations (malcat.Anomaly attribute)
(malcat.CapaEvalResult attribute)
log (malcat.Analysis attribute)
look_ahead() (malcat.FileTypeAnalyzer method)
(malcat.types.Struct method)
Loops (class in malcat)
loops (malcat.Analysis attribute)
LSHIFT (malcat.malcat.Instruction.Type attribute)
M
malcat
module
malcat.analyse() (in module malcat)
,
[1]
,
[2]
malcat.AnalysisError (class in malcat)
malcat.AnalysisError.__repr__() (in module malcat)
malcat.AnalysisError.Status (class in malcat)
malcat.Anomaly.Level (class in malcat)
malcat.BasicBlockEdge.Type (class in malcat)
malcat.Category (class in malcat)
malcat.Detection.Level (class in malcat)
malcat.FieldAccess (class in malcat)
malcat.FieldAccess.__getattr__() (in module malcat)
malcat.FieldAccess.__getitem__() (in module malcat)
,
[1]
,
[2]
malcat.FieldAccess.__iter__() (in module malcat)
malcat.FieldAccess.__len__() (in module malcat)
malcat.FieldAccess.at() (in module malcat)
,
[1]
malcat.FieldAccess.has_enum() (in module malcat)
malcat.FileSymbol (class in malcat)
malcat.FileSymbol.Type (class in malcat)
malcat.FoundString.Encoding (class in malcat)
malcat.FoundString.Type (class in malcat)
malcat.Instruction.Type (class in malcat)
malcat.InstructionOperand (class in malcat)
malcat.InstructionOperand.Action (class in malcat)
malcat.InstructionOperand.Type (class in malcat)
malcat.KesakodeMatch.Hit (class in malcat)
malcat.KesakodeMatch.Type (class in malcat)
malcat.Reference.Type (class in malcat)
malcat.ScanRule.Type (class in malcat)
malcat.Symbol.Type (class in malcat)
malcat.UI (built-in class)
malcat.UI.idle()
built-in function
malcat.UI.msgbox()
built-in function
malcat.UI.open_after()
built-in function
malcat.UI.print()
built-in function
malcat.UI.progress()
built-in function
malcat.VirtualFile (class in malcat)
malcat.VirtualFile.open() (in module malcat)
MALWARE (intelligence.DetectionLevel attribute)
(malcat.malcat.Detection.Level attribute)
(malcat.malcat.ScanRule.Type attribute)
map (malcat.Analysis attribute)
MappingAnnotation (class in malcat)
MappingAnnotation.__contains__() (in module malcat)
MappingAnnotation.__getitem__() (in module malcat)
,
[1]
MappingAnnotation.__iter__() (in module malcat)
MappingAnnotation.a2p() (in module malcat)
MappingAnnotation.a2r() (in module malcat)
MappingAnnotation.a2v() (in module malcat)
MappingAnnotation.from_phys() (in module malcat)
MappingAnnotation.from_rva() (in module malcat)
MappingAnnotation.from_virt() (in module malcat)
MappingAnnotation.get_region() (in module malcat)
MappingAnnotation.p2a() (in module malcat)
MappingAnnotation.r2a() (in module malcat)
MappingAnnotation.to_phys() (in module malcat)
MappingAnnotation.to_rva() (in module malcat)
MappingAnnotation.to_virt() (in module malcat)
MappingAnnotation.v2a() (in module malcat)
MATCH (malcat.malcat.Category attribute)
matches (malcat.CapaRule attribute)
(malcat.ScanPattern attribute)
matching (malcat.CapaRule attribute)
(malcat.CapaScan attribute)
(malcat.ScanRule attribute)
(malcat.Signatures attribute)
mbc (malcat.CapaRule attribute)
(malcat.CapaScan attribute)
md5 (malcat.Entropy attribute)
META (malcat.malcat.FoundString.Type attribute)
metadata (malcat.Analysis attribute)
METADATA (malcat.malcat.Category attribute)
method (malcat.CapaMbcBehavior attribute)
MISSING (malcat.malcat.AnalysisError.Status attribute)
MMX (malcat.malcat.Instruction.Type attribute)
mnemonic (malcat.Instruction attribute)
module
malcat
module (malcat.Function attribute)
(malcat.malcat.AnalysisError attribute)
msg (malcat.malcat.AnalysisError attribute)
MSI (malcat.Architecture attribute)
MUL (malcat.malcat.Instruction.Type attribute)
N
name (intelligence.OnlineDetection attribute)
(malcat.Anomaly attribute)
(malcat.CapaRule attribute)
(malcat.CarvedFile attribute)
(malcat.Constant attribute)
(malcat.File attribute)
(malcat.FileTypeAnalyzer attribute)
(malcat.Function attribute)
(malcat.FunctionParameter attribute)
(malcat.malcat.FieldAccess attribute)
(malcat.malcat.FileSymbol attribute)
(malcat.malcat.KesakodeMatch.Hit attribute)
(malcat.Region attribute)
(malcat.ScanRule attribute)
(malcat.StructAccess attribute)
(malcat.Symbol attribute)
namespace (malcat.CapaRule attribute)
NONE (malcat.Architecture attribute)
(malcat.malcat.InstructionOperand.Action attribute)
NOP (malcat.malcat.Instruction.Type attribute)
NSIS (malcat.Architecture attribute)
num_api_calls (malcat.Function attribute)
num_arithmetic_ops (malcat.Function attribute)
num_assign_ops (malcat.Function attribute)
num_bb (malcat.Function attribute)
num_bb_code (malcat.Function attribute)
num_bb_data (malcat.Function attribute)
num_binary_ops (malcat.Function attribute)
num_calls (malcat.Function attribute)
num_dynamic_jumps (malcat.Function attribute)
num_fpu_ops (malcat.Function attribute)
num_highvalue_immediates (malcat.Function attribute)
num_instructions (malcat.Function attribute)
num_intra_jumps (malcat.Function attribute)
num_known_constants_uses (malcat.Function attribute)
num_mmx_ops (malcat.Function attribute)
num_stack_ops (malcat.Function attribute)
num_string_references (malcat.Function attribute)
num_unique_immediate_bytes (malcat.Function attribute)
num_xor_ops (malcat.Function attribute)
num_xrefs (malcat.FoundString attribute)
number_of_entrypoints (malcat.Symbols attribute)
number_of_exports (malcat.Symbols attribute)
number_of_functions (malcat.Symbols attribute)
number_of_imports (malcat.Symbols attribute)
number_of_labels (malcat.Symbols attribute)
number_of_typedefs (malcat.Symbols attribute)
number_of_variables (malcat.Symbols attribute)
O
OBJECT (malcat.malcat.InstructionOperand.Type attribute)
objective (malcat.CapaMbcBehavior attribute)
ODD (malcat.malcat.Anomaly.Level attribute)
offset (malcat.malcat.FieldAccess attribute)
(malcat.StructAccess attribute)
ok (malcat.Analysis attribute)
online_lookup() (malcat.KesakodeResult method)
OnlineChecker (class in intelligence)
OnlineDetection (class in intelligence)
OnlineFile (class in intelligence)
OnlineResult (class in intelligence)
open_vfile() (malcat.Analysis method)
options (intelligence.OnlineChecker attribute)
OR (malcat.malcat.Instruction.Type attribute)
OTHER (malcat.malcat.Instruction.Type attribute)
outgoing (malcat.BasicBlock attribute)
outrefs (malcat.BasicBlock attribute)
(malcat.Function attribute)
(malcat.Instruction attribute)
P
PACKED (intelligence.DetectionLevel attribute)
parse() (malcat.FileTypeAnalyzer method)
(malcat.types.Struct method)
parser (malcat.Analysis attribute)
(malcat.types.Struct attribute)
PASCALSCRIPT (malcat.Architecture attribute)
path (malcat.CapaRule attribute)
(malcat.File attribute)
(malcat.malcat.VirtualFile property)
patterns (malcat.ScanRule attribute)
PCODE (malcat.Architecture attribute)
phys (malcat.Region attribute)
phys_size (malcat.Region attribute)
POP (malcat.malcat.Instruction.Type attribute)
PROGRAM (malcat.FileType.Category attribute)
PUA (intelligence.DetectionLevel attribute)
PUSH (malcat.malcat.Instruction.Type attribute)
PY310 (malcat.Architecture attribute)
PY36 (malcat.Architecture attribute)
PY37 (malcat.Architecture attribute)
PY38 (malcat.Architecture attribute)
PY39 (malcat.Architecture attribute)
Q
quota_left (intelligence.KesakodeExternalResult attribute)
(malcat.KesakodeResult attribute)
quota_total (intelligence.KesakodeExternalResult attribute)
(malcat.KesakodeResult attribute)
R
R (malcat.malcat.InstructionOperand.Action attribute)
r (malcat.Reference attribute)
read (malcat.Region attribute)
read() (malcat.FileTypeAnalyzer method)
read_cstring_ascii() (malcat.FileTypeAnalyzer method)
read_cstring_utf16be() (malcat.FileTypeAnalyzer method)
read_cstring_utf16le() (malcat.FileTypeAnalyzer method)
read_cstring_utf8() (malcat.FileTypeAnalyzer method)
readonly (malcat.CapaRule attribute)
Reference (class in malcat)
REFERENCE (malcat.malcat.Category attribute)
ReferenceList (class in malcat)
ReferenceList.__iter__() (in module malcat)
ReferenceList.__len__() (in module malcat)
regexp (malcat.FileTypeAnalyzer attribute)
Region (class in malcat)
Region.__len__() (in module malcat)
regions (malcat.MappingAnnotation attribute)
register (malcat.malcat.InstructionOperand attribute)
REGISTER (malcat.malcat.InstructionOperand.Type attribute)
reliability (malcat.ScanRule attribute)
remaining() (malcat.FileTypeAnalyzer method)
RESOURCE (malcat.malcat.Category attribute)
result (malcat.CapaRuleMatch attribute)
RETURN (malcat.malcat.Instruction.Type attribute)
RSHIFT (malcat.malcat.Instruction.Type attribute)
rule (malcat.CapaRuleMatch attribute)
RW (malcat.malcat.InstructionOperand.Action attribute)
S
SCANNED (malcat.malcat.FoundString.Type attribute)
ScanPattern (class in malcat)
ScanRule (class in malcat)
ScanRule.__len__() (in module malcat)
scope (malcat.CapaRule attribute)
(malcat.CapaRuleMatch attribute)
score (malcat.FoundString attribute)
(malcat.malcat.KesakodeMatch.Hit attribute)
sections (malcat.FileTypeAnalyzer attribute)
set_architecture() (malcat.FileTypeAnalyzer method)
set_decompile_aliases() (malcat.Function method)
set_eof() (malcat.FileTypeAnalyzer method)
set_imagebase() (malcat.FileTypeAnalyzer method)
SETUP (malcat.malcat.AnalysisError.Status attribute)
severity (malcat.malcat.AnalysisError attribute)
sha1 (malcat.Entropy attribute)
sha256 (malcat.Entropy attribute)
Signatures (class in malcat)
Signatures.__contains__() (in module malcat)
Signatures.__getitem__() (in module malcat)
Signatures.__iter__() (in module malcat)
Signatures.__len__() (in module malcat)
sigs (malcat.Analysis attribute)
size (malcat.BasicBlock attribute)
(malcat.CarvedFile attribute)
(malcat.Constant attribute)
(malcat.File attribute)
(malcat.FoundString attribute)
(malcat.Function attribute)
(malcat.FunctionParameter attribute)
(malcat.Instruction attribute)
(malcat.KesakodeMatch attribute)
(malcat.malcat.FieldAccess attribute)
(malcat.malcat.VirtualFile property)
(malcat.Region attribute)
(malcat.StructAccess attribute)
(malcat.UndoableOperation attribute)
(malcat.UserHighlight attribute)
size() (malcat.FileTypeAnalyzer method)
size_code (malcat.Function attribute)
size_data (malcat.Function attribute)
SOUND (malcat.FileType.Category attribute)
source (malcat.CodeReference attribute)
SPR (intelligence.DetectionLevel attribute)
STACK (malcat.malcat.Instruction.Type attribute)
start (malcat.BasicBlock attribute)
(malcat.CarvedFile attribute)
(malcat.Constant attribute)
(malcat.Function attribute)
(malcat.Instruction attribute)
(malcat.Region attribute)
(malcat.StructAccess attribute)
statement (malcat.CapaEvalResult attribute)
STEP (malcat.malcat.BasicBlockEdge.Type attribute)
STRING (malcat.malcat.KesakodeMatch.Type attribute)
Strings (class in malcat)
strings (malcat.Analysis attribute)
Strings.__contains__() (in module malcat)
,
[1]
Strings.__getitem__() (in module malcat)
,
[1]
,
[2]
Strings.__iter__() (in module malcat)
Strings.__len__() (in module malcat)
Strings.filter() (in module malcat)
Strings.find() (in module malcat)
Strings.find_backward() (in module malcat)
Strings.find_forward() (in module malcat)
struct (malcat.Analysis attribute)
STRUCT (malcat.malcat.Reference.Type attribute)
StructAccess (class in malcat)
StructAccess.__getattr__() (in module malcat)
StructAccess.__getitem__() (in module malcat)
,
[1]
,
[2]
StructAccess.__iter__() (in module malcat)
StructAccess.__len__() (in module malcat)
StructAccess.at() (in module malcat)
,
[1]
StructAccess.has_enum() (in module malcat)
SUB (malcat.malcat.Instruction.Type attribute)
subtechnique (malcat.CapaAttackTechnique attribute)
success (malcat.CapaEvalResult attribute)
SUSPECT (intelligence.DetectionLevel attribute)
SUSPICIOUS (malcat.malcat.Detection.Level attribute)
(malcat.malcat.ScanRule.Type attribute)
Symbol (class in malcat)
symbol (malcat.malcat.InstructionOperand attribute)
SYMBOL (malcat.malcat.InstructionOperand.Type attribute)
symbol (malcat.malcat.KesakodeMatch.Hit attribute)
SYMBOL (malcat.malcat.Reference.Type attribute)
Symbols (class in malcat)
symbols (malcat.FileTypeAnalyzer attribute)
Symbols.__contains__() (in module malcat)
,
[1]
Symbols.__delitem__() (in module malcat)
Symbols.__getitem__() (in module malcat)
,
[1]
,
[2]
Symbols.__iter__() (in module malcat)
Symbols.__len__() (in module malcat)
Symbols.__setitem__() (in module malcat)
Symbols.set_label() (in module malcat)
Symbols.unset_label() (in module malcat)
syms (malcat.Analysis attribute)
T
tactic (malcat.CapaAttackTechnique attribute)
tag (malcat.FoundString attribute)
tags (malcat.ScanRule attribute)
target (malcat.CodeReference attribute)
(malcat.ReferenceList attribute)
technique (malcat.CapaAttackTechnique attribute)
tell() (malcat.FileTypeAnalyzer method)
template_args (malcat.Function attribute)
text (malcat.FoundString attribute)
(malcat.UserComment attribute)
title (malcat.UserHighlight attribute)
tlsh (malcat.Entropy attribute)
TOOL (malcat.malcat.ScanRule.Type attribute)
total (malcat.Strings attribute)
total_size (malcat.Functions attribute)
TRACE (malcat.malcat.Anomaly.Level attribute)
type (malcat.Analysis attribute)
(malcat.BasicBlockEdge attribute)
(malcat.CarvedFile attribute)
(malcat.FoundString attribute)
(malcat.FunctionParameter attribute)
(malcat.Instruction attribute)
(malcat.KesakodeMatch attribute)
(malcat.malcat.FileSymbol attribute)
(malcat.malcat.InstructionOperand attribute)
(malcat.Reference attribute)
(malcat.ScanRule attribute)
(malcat.Symbol attribute)
TYPEDEF (malcat.malcat.Symbol.Type attribute)
types.Struct (class in malcat)
U
UNCOMMON (malcat.malcat.ScanRule.Type attribute)
UndoableOperation (class in malcat)
UndoableOperation.__len__() (in module malcat)
UndoableOperation.__repr__() (in module malcat)
UndoRedoManager (class in malcat)
UndoRedoManager.__iter__() (in module malcat)
UndoRedoManager.__len__() (in module malcat)
UndoRedoManager.group() (in module malcat)
UndoRedoManager.record() (in module malcat)
UndoRedoManager.redo() (in module malcat)
UndoRedoManager.undo() (in module malcat)
UndoRedoManager.undo_all() (in module malcat)
unforce() (malcat.Functions method)
UNKNOWN (intelligence.DetectionLevel attribute)
(malcat.FileType.Category attribute)
url (intelligence.OnlineFile attribute)
(intelligence.OnlineResult attribute)
USER (malcat.malcat.FoundString.Type attribute)
UserComment (class in malcat)
UserComment.__init__() (in module malcat)
UserComment.__repr__() (in module malcat)
UserComments (class in malcat)
UserComments.__contains__() (in module malcat)
UserComments.__delitem__() (in module malcat)
UserComments.__getitem__() (in module malcat)
,
[1]
UserComments.__iter__() (in module malcat)
UserComments.__len__() (in module malcat)
UserComments.__setitem__() (in module malcat)
UserComments.add() (in module malcat)
UserComments.find() (in module malcat)
UserComments.find_backward() (in module malcat)
UserComments.find_forward() (in module malcat)
UserComments.remove() (in module malcat)
UserHighlight (class in malcat)
UserHighlight.__init__() (in module malcat)
UserHighlight.__len__() (in module malcat)
UserHighlight.__repr__() (in module malcat)
UserHighlights (class in malcat)
UserHighlights.__contains__() (in module malcat)
UserHighlights.__delitem__() (in module malcat)
UserHighlights.__getitem__() (in module malcat)
,
[1]
UserHighlights.__iter__() (in module malcat)
UserHighlights.__len__() (in module malcat)
UserHighlights.__setitem__() (in module malcat)
UserHighlights.add() (in module malcat)
UserHighlights.find() (in module malcat)
UserHighlights.find_backward() (in module malcat)
UserHighlights.find_forward() (in module malcat)
UserHighlights.remove() (in module malcat)
UTF16 (malcat.malcat.FoundString.Encoding attribute)
UTF8 (malcat.malcat.FoundString.Encoding attribute)
V
value (malcat.CapaAttackTechnique attribute)
(malcat.CapaMbcBehavior attribute)
(malcat.malcat.FieldAccess attribute)
(malcat.malcat.InstructionOperand attribute)
(malcat.StructAccess attribute)
VARIABLE (malcat.malcat.Symbol.Type attribute)
VBA (malcat.Architecture attribute)
verdict (intelligence.KesakodeExternalResult attribute)
(malcat.KesakodeResult attribute)
vfiles (malcat.Analysis attribute)
virt (malcat.Region attribute)
virt_size (malcat.Region attribute)
W
W (malcat.malcat.InstructionOperand.Action attribute)
w (malcat.Reference attribute)
WARNING (malcat.malcat.AnalysisError.Status attribute)
(malcat.malcat.Anomaly.Level attribute)
write (malcat.Region attribute)
X
x (malcat.Reference attribute)
X64 (malcat.Architecture attribute)
X86 (malcat.Architecture attribute)
XOR (malcat.malcat.Instruction.Type attribute)
xrefs (malcat.Analysis attribute)