Properties of a KernelRootkit.
Properties:
| Name | Type | Attributes | Description |
|---|---|---|---|
name |
string | null |
<optional> |
KernelRootkit name |
unexpectedCodeModification |
boolean | null |
<optional> |
KernelRootkit unexpectedCodeModification |
unexpectedReadOnlyDataModification |
boolean | null |
<optional> |
KernelRootkit unexpectedReadOnlyDataModification |
unexpectedFtraceHandler |
boolean | null |
<optional> |
KernelRootkit unexpectedFtraceHandler |
unexpectedKprobeHandler |
boolean | null |
<optional> |
KernelRootkit unexpectedKprobeHandler |
unexpectedKernelCodePages |
boolean | null |
<optional> |
KernelRootkit unexpectedKernelCodePages |
unexpectedSystemCallHandler |
boolean | null |
<optional> |
KernelRootkit unexpectedSystemCallHandler |
unexpectedInterruptHandler |
boolean | null |
<optional> |
KernelRootkit unexpectedInterruptHandler |
unexpectedProcessesInRunqueue |
boolean | null |
<optional> |
KernelRootkit unexpectedProcessesInRunqueue |