The Kernel Module data contains all attributes about a Linux kernel module that was flagged by Sandfly Security or a user defined sandfly for whatever reason.


{
  "name": "",
  "memory_size": 0,
  "instance_count": 0,
  "state": "",
  "memory_offset": "",
  "hidden": false,
  "missing_file": false,
  "dependencies": null,
  "module_file_path": "",
  "file": {
    "date": {
      "created": "",
      "created_minutes": 0,
      "modified": "",
      "modified_minutes": 0,
      "accessed": "",
      "accessed_minutes": 0
    },
    "inode": 0,
    "device": 0,
    "rdevice": 0,
    "nlink": 0,
    "mode": "",
    "uid": 0,
    "uid_name": "",
    "gid": 0,
    "gid_name": "",
    "size": 0,
    "size_byte_count": 0,
    "size_mismatch": false,
    "blksize": 0,
    "blocks": 0,
    "path": "",
    "path_root": "",
    "path_link": "",
    "name": "",
    "extension": "",
    "flags": {
      "directory": false,
      "regular": false,
      "link": false,
      "suid": false,
      "suid_root": false,
      "sgid": false,
      "sgid_root": false,
      "socket": false,
      "device": false,
      "char_device": false,
      "named_pipe": false,
      "sticky": false,
      "immutable": false,
      "hidden": false,
      "deleted": false
    },
    "entropy": 0,
    "hash": {
      "md5": "",
      "sha1": "",
      "sha256": "",
      "sha512": ""
    },
    "magic_num": {
      "hex": "",
      "text": "",
      "type": "",
      "class": "",
      "expected_extensions": null
    },
    "data": null
  }
}



Previous
Previous Article:

Next Article:
Next