PyPI - dissect.target - Versions diffs - 3.17.dev37__py3-none-any.whl → 3.18.dev2__py3-none-any.whl - Mend

dissect.target 3.17.dev37py3-none-any.whl → 3.18.dev2py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (47) hide show

dissect/target/exceptions.py CHANGED Viewed

@@ -114,3 +114,7 @@ class RegistryCorruptError(RegistryError):
 class ConfigurationParsingError(Error):
     """An error occurred during configuration parsing."""
+class TargetPathNotFoundError(TargetError):
+    """The path to the target does not exist."""

dissect/target/loaders/raw.py CHANGED Viewed

@@ -1,6 +1,7 @@
 from pathlib import Path
 from dissect.target import container
+from dissect.target.exceptions import TargetPathNotFoundError
 from dissect.target.loader import Loader
 from dissect.target.target import Target
@@ -8,6 +9,12 @@ from dissect.target.target import Target
 class RawLoader(Loader):
     """Load raw container files such as disk images."""
+    def __init__(self, path: Path, **kwargs):
+        if not path.exists():
+            raise TargetPathNotFoundError("Provided target path does not exist")
+        super().__init__(path, **kwargs)
     @staticmethod
     def detect(path: Path) -> bool:
         return not path.is_dir()

dissect/target/plugins/apps/av/mcafee.py CHANGED Viewed

@@ -71,6 +71,9 @@ class McAfeePlugin(Plugin):
         """Return msc log history records from McAfee.
         Yields McAfeeMscLogRecord with the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): timestamp.

dissect/target/plugins/apps/av/sophos.py CHANGED Viewed

@@ -56,6 +56,9 @@ class SophosPlugin(Plugin):
         """Return alert log records from Sophos Hitman Pro/Alert.
         Yields HitmanAlertRecord with the following fields:
+        .. code-block:: text
             ts (datetime): Timestamp.
             alert (string): Type of Alert.
             description (string): Short description of the alert.
@@ -85,6 +88,9 @@ class SophosPlugin(Plugin):
         """Return log history records from Sophos Home.
         Yields SophosLogRecord with the following fields:
+        .. code-block:: text
             ts (datetime): Timestamp.
             description (string): Short description of the alert.
             path (path): Path to the infected file (if available).

dissect/target/plugins/apps/av/symantec.py CHANGED Viewed

@@ -293,6 +293,9 @@ class SymantecPlugin(Plugin):
         """Return log records.
         Yields SEPLogRecord with the following fields:
+        .. code-block:: text
             ts (datetime): Timestamp associated with the event.
             virus (string): Name of the virus.
             user (string): Name of the user associated with the event.
@@ -326,6 +329,9 @@ class SymantecPlugin(Plugin):
         """Return log firewall records.
         Yields SEPFirewallRecord with the following fields:
+        .. code-block:: text
             ts (datetime): Timestamp associated with the event.
             protocol (string): Protocol name associated with the firewall record.
             local_ip ("net.ipaddress"): Local IP address associated with the event.

dissect/target/plugins/apps/av/trendmicro.py CHANGED Viewed

@@ -71,6 +71,9 @@ class TrendMicroPlugin(Plugin):
         """Return Trend Micro Worry-free log history records.
         Yields TrendMicroWFLogRecord with the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): timestamp.
@@ -94,6 +97,9 @@ class TrendMicroPlugin(Plugin):
         """Return Trend Micro Worry-free firewall log history records.
         Yields TrendMicroWFFirewallRecord with the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): timestamp.

dissect/target/plugins/apps/browser/chromium.py CHANGED Viewed

@@ -148,6 +148,9 @@ class ChromiumMixin:
             browser_name: The name of the browser as a string.
         Yields:
+        .. code-block:: text
             Records with the following fields:
                 ts (datetime): Visit timestamp.
                 browser (string): The browser from which the records are generated from.
@@ -209,6 +212,9 @@ class ChromiumMixin:
             browser_name: The name of the browser as a string.
         Yields:
+        .. code-block:: text
             Records with the following fields:
                 ts_created (datetime): Cookie created timestamp.
                 ts_last_accessed (datetime): Cookie last accessed timestamp.
@@ -284,6 +290,9 @@ class ChromiumMixin:
             browser_name: The name of the browser as a string.
         Yields:
+        .. code-block:: text
             Records with the following fields:
                 ts_start (datetime): Download start timestamp.
                 ts_end (datetime): Download end timestamp.
@@ -344,6 +353,9 @@ class ChromiumMixin:
             browser_name (str): Name of the browser to scan for extensions.
         Yields:
+        .. code-block:: text
             Records with the following fields:
                 ts_install (datetime): Extension install timestamp.
                 ts_update (datetime): Extension update timestamp.

dissect/target/plugins/apps/browser/firefox.py CHANGED Viewed

@@ -132,6 +132,9 @@ class FirefoxPlugin(BrowserPlugin):
         """Return browser history records from Firefox.
         Yields BrowserHistoryRecord with the following fields:
+        .. code-block:: text
             ts (datetime): Visit timestamp.
             browser (string): The browser from which the records are generated from.
             id (string): Record ID.
@@ -193,6 +196,9 @@ class FirefoxPlugin(BrowserPlugin):
             browser_name: The name of the browser as a string.
         Yields:
+        .. code-block:: text
             Records with the following fields:
                 ts_created (datetime): Cookie created timestamp.
                 ts_last_accessed (datetime): Cookie last accessed timestamp.
@@ -232,6 +238,9 @@ class FirefoxPlugin(BrowserPlugin):
         """Return browser download records from Firefox.
         Yields BrowserDownloadRecord with the following fields:
+        .. code-block:: text
             ts_start (datetime): Download start timestamp.
             ts_end (datetime): Download end timestamp.
             browser (string): The browser from which the records are generated from.
@@ -315,7 +324,10 @@ class FirefoxPlugin(BrowserPlugin):
     def extensions(self) -> Iterator[BrowserExtensionRecord]:
         """Return browser extension records for Firefox.
-        Yields BrowserExtensionRecord with the following fields::
+        Yields BrowserExtensionRecord with the following fields:
+        .. code-block:: text
             ts_install (datetime): Extension install timestamp.
             ts_update (datetime): Extension update timestamp.
             browser (string): The browser from which the records are generated.

dissect/target/plugins/apps/browser/iexplore.py CHANGED Viewed

@@ -131,6 +131,9 @@ class InternetExplorerPlugin(BrowserPlugin):
         """Return browser history records from Internet Explorer.
         Yields BrowserHistoryRecord with the following fields:
+        .. code-block:: text
             ts (datetime): Visit timestamp.
             browser (string): The browser from which the records are generated from.
             id (string): Record ID.
@@ -183,6 +186,9 @@ class InternetExplorerPlugin(BrowserPlugin):
         """Return browser downloads records from Internet Explorer.
         Yields BrowserDownloadRecord with the following fields:
+        .. code-block:: text
             ts_start (datetime): Download start timestamp.
             ts_end (datetime): Download end timestamp.
             browser (string): The browser from which the records are generated from.

dissect/target/plugins/os/unix/linux/cmdline.py CHANGED Viewed

@@ -29,6 +29,9 @@ class CmdlinePlugin(Plugin):
         Think of this output as the command line that the process wants you to see.
         Yields CmdlineRecord with the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): The starttime of the process.

dissect/target/plugins/os/unix/linux/environ.py CHANGED Viewed

@@ -27,6 +27,9 @@ class EnvironPlugin(Plugin):
         the environ(7) variable directly), this plugin will not reflect those changes.
         Yields EnvironmentVariableRecord with the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): The modification timestamp of the processes' environ file.

dissect/target/plugins/os/unix/linux/processes.py CHANGED Viewed

@@ -29,6 +29,9 @@ class ProcProcesses(Plugin):
         Each ``/proc/[pid]`` subdirectory contains various pseudo-files.
         Yields ProcProcessRecord with the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): The start time of the process.

dissect/target/plugins/os/unix/linux/sockets.py CHANGED Viewed

@@ -78,6 +78,9 @@ class NetSocketPlugin(Plugin):
         """This plugin yields the packet sockets and available stats associated with them.
         Yields PacketSocketRecord with the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             protocol (int): The captured protocol i.e. 0003 is ETH_P_ALL
@@ -101,6 +104,9 @@ class NetSocketPlugin(Plugin):
         """This plugin yields the unix sockets and available stats associated with them.
         Yields UnixSocketRecord with the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             protocol (string): The protocol used by the socket.
@@ -117,6 +123,9 @@ class NetSocketPlugin(Plugin):
         """This plugin yields the raw and raw6 sockets and available stats associated with them.
         Yields NetSocketRecord with the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             protocol (string): The protocol used by the socket.
@@ -140,6 +149,9 @@ class NetSocketPlugin(Plugin):
         """This plugin yields the udp and udp6 sockets and available stats associated with them.
         Yields NetSocketRecord with the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             protocol (string): The protocol used by the socket.
@@ -163,6 +175,9 @@ class NetSocketPlugin(Plugin):
         """This plugin yields the tcp and tcp6 sockets and available stats associated with them.
         Yields NetSocketRecord with the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             protocol (string): The protocol used by the socket.

dissect/target/plugins/os/unix/log/atop.py CHANGED Viewed

@@ -270,6 +270,9 @@ class AtopPlugin(Plugin):
             - https://diablohorn.com/2022/11/17/parsing-atop-files-with-python-dissect-cstruct/
         Yields AtopRecord with fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             process (string): The process name.
             cmdline (string): The command-line of the process.

dissect/target/plugins/os/windows/activitiescache.py CHANGED Viewed

@@ -77,6 +77,9 @@ class ActivitiesCachePlugin(Plugin):
             - https://salt4n6.com/2018/05/03/windows-10-timeline-forensic-artefacts/
         Yields ActivitiesCacheRecords with the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             start_time (datetime): StartTime field.

dissect/target/plugins/os/windows/catroot.py CHANGED Viewed

@@ -105,6 +105,9 @@ class CatrootPlugin(Plugin):
             - https://docs.microsoft.com/en-us/windows-hardware/drivers/install/catalog-files
         Yields CatrootRecords with the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             digest (digest): The parsed digest.
@@ -210,6 +213,9 @@ class CatrootPlugin(Plugin):
             - https://docs.microsoft.com/en-us/windows-hardware/drivers/install/catalog-files
         Yields CatrootRecords with the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             digest (digest): The parsed digest.

dissect/target/plugins/os/windows/lnk.py CHANGED Viewed

@@ -51,6 +51,9 @@ class LnkPlugin(Plugin):
         """Parse all .lnk files in /ProgramData, /Users, and /Windows or from a specified path in record format.
         Yields a LnkRecord record with the following fields:
+        .. code-block:: text
             lnk_path (path): Path of the link (.lnk) file.
             lnk_name (string): Name of the link (.lnk) file.
             lnk_mtime (datetime): Modification time of the link (.lnk) file.

dissect/target/plugins/os/windows/log/etl.py CHANGED Viewed

@@ -122,6 +122,9 @@ class EtlPlugin(Plugin):
         Yields dynamically created records based on the fields inside an ETL event.
         At least contains the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): The TimeCreated_SystemTime field of the event.
@@ -140,6 +143,9 @@ class EtlPlugin(Plugin):
         Yields dynamically created records based on the fields inside an ETL event.
         At least contains the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): The TimeCreated_SystemTime field of the event.
@@ -157,6 +163,9 @@ class EtlPlugin(Plugin):
         Yields dynamically created records based on the fields inside an ETL event.
         At least contains the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): The TimeCreated_SystemTime field of the event.

dissect/target/plugins/os/windows/log/evt.py CHANGED Viewed

@@ -125,6 +125,9 @@ class EvtPlugin(WindowsEventlogsMixin, plugin.Plugin):
         Yields dynamically created records based on the fields in the event.
         At least contains the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): The TimeCreated_SystemTime field of the event.

dissect/target/plugins/os/windows/log/evtx.py CHANGED Viewed

@@ -47,6 +47,9 @@ class EvtxPlugin(WindowsEventlogsMixin, plugin.Plugin):
         Yields dynamically created records based on the fields in the event.
         At least contains the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): The TimeCreated_SystemTime field of the event.

dissect/target/plugins/os/windows/log/pfro.py CHANGED Viewed

@@ -41,6 +41,9 @@ class PfroPlugin(Plugin):
             - https://community.ccleaner.com/topic/49106-pending-file-rename-operations-log/
         Yields PfroRecords with fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): The parsed timestamp.

dissect/target/plugins/os/windows/log/schedlgu.py CHANGED Viewed

@@ -129,9 +129,12 @@ class SchedLgUPlugin(Plugin):
         Adversaries may use malicious ``.job`` files to gain persistence on a system.
-        Yield:
+        Yields SchedLgURecord with fields:
+        .. code-block:: text
             ts (datetime): The timestamp of the event.
-            job (str): The name of the ``.job`` file.
+            job (str): The name of the .job file.
             command (str): The command executed.
             status (str): The status of the event (finished, completed, exited, stopped).
             exit_code (int): The exit code of the event.

dissect/target/plugins/os/windows/prefetch.py CHANGED Viewed

@@ -258,6 +258,9 @@ class PrefetchPlugin(Plugin):
             - https://www.geeksforgeeks.org/prefetch-files-in-windows/
         Yields PrefetchRecords with fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): Run timestamp.
@@ -269,6 +272,9 @@ class PrefetchPlugin(Plugin):
         with --grouped:
         Yields PrefetchRecords with fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): Run timestamp.

dissect/target/plugins/os/windows/recyclebin.py CHANGED Viewed

@@ -66,6 +66,9 @@ class RecyclebinPlugin(Plugin):
         Return files located in the recycle bin ($Recycle.Bin).
         Yields RecycleBinRecords with fields:
+        .. code-block:: text
           hostname (string): The target hostname
           domain (string): The target domain
           ts (datetime): The time of deletion

dissect/target/plugins/os/windows/regf/appxdebugkeys.py CHANGED Viewed

@@ -86,6 +86,9 @@ class AppxDebugKeysPlugin(Plugin):
             - https://oddvar.moe/2018/09/06/persistence-using-universal-windows-platform-apps-appx/
         Yields AppXDebugKeyRecords with fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): The registry key last modified timestamp.

dissect/target/plugins/os/windows/regf/bam.py CHANGED Viewed

@@ -41,6 +41,9 @@ class BamDamPlugin(Plugin):
         """Parse bam and dam registry keys.
         Yields BamDamRecords with fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): The parsed timestamp.

dissect/target/plugins/os/windows/regf/clsid.py CHANGED Viewed

@@ -55,6 +55,9 @@ class CLSIDPlugin(Plugin):
         HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID.
         Yields CLSIDRecords with fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): Last modified timestamp of the registry key.

dissect/target/plugins/os/windows/regf/firewall.py CHANGED Viewed

@@ -26,6 +26,9 @@ class FirewallPlugin(Plugin):
         HKLM\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules registry key.
         Yields dynamic records with usually the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             key (string): The rule key name.

dissect/target/plugins/os/windows/regf/muicache.py CHANGED Viewed

@@ -48,6 +48,9 @@ class MuiCachePlugin(Plugin):
             - https://forensafe.com/blogs/muicache.html
         Yields MuiCacheRecords with fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             index (varint): The index of the entry.

dissect/target/plugins/os/windows/regf/recentfilecache.py CHANGED Viewed

@@ -45,6 +45,9 @@ class RecentFileCachePlugin(Plugin):
         """Parse RecentFileCache.bcf.
         Yields RecentFileCacheRecords with fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             path (uri): The parsed path.

dissect/target/plugins/os/windows/regf/regf.py CHANGED Viewed

@@ -49,6 +49,9 @@ class RegfPlugin(Plugin):
         Yields RegistryKeyRecords and RegistryValueRecords
         RegistryKeyRecord fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): The registry key last modified time.
@@ -57,6 +60,9 @@ class RegfPlugin(Plugin):
             source (string): The hive file path.
         RegistryValueRecord fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): The registry key last modified time.

dissect/target/plugins/os/windows/regf/runkeys.py CHANGED Viewed

@@ -61,6 +61,9 @@ class RunKeysPlugin(Plugin):
             - https://docs.microsoft.com/en-us/windows/win32/setupapi/run-and-runonce-registry-keys
         Yields RunKeyRecords with fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): The registry key last modified timestamp.

dissect/target/plugins/os/windows/regf/shimcache.py CHANGED Viewed

@@ -318,6 +318,9 @@ class ShimcachePlugin(Plugin):
             - https://www.andreafortuna.org/2017/10/16/amcache-and-shimcache-in-forensic-analysis/
         Yields ShimcacheRecords with the following fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             last_modified (datetime): The last modified date.

dissect/target/plugins/os/windows/regf/trusteddocs.py CHANGED Viewed

@@ -61,6 +61,9 @@ class TrustedDocumentsPlugin(Plugin):
         Yields records based on the values within the TrustRecords registry keys.
         At least contains the following fields:
+        .. code-block:: text
             application (string): Application name of the Office product that produced the TrustRecords registry key.
             document_path (path): Path to the document for which a TrustRecords entry is created.
             ts (datetime): The created time of the TrustRecord registry key.

dissect/target/plugins/os/windows/regf/usb.py CHANGED Viewed

@@ -93,6 +93,9 @@ class UsbPlugin(Plugin):
         HKLM\\SYSTEM\\CurrentControlSet\\Enum\\USBSTOR registry key.
         Yields UsbRegistryRecord with fields:
+        .. code-block:: text
             hostname (string): The target hostname
             domain (string): The target domain
             type (string): Type of USB device

dissect/target/plugins/os/windows/regf/userassist.py CHANGED Viewed

@@ -72,6 +72,9 @@ class UserAssistPlugin(Plugin):
             - https://www.aldeid.com/wiki/Windows-userassist-keys
         Yields UserAssistRecords with fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datetime): The entry timestamp.

dissect/target/plugins/os/windows/sam.py CHANGED Viewed

@@ -356,6 +356,9 @@ class SamPlugin(Plugin):
             - https://en.wikipedia.org/wiki/Security_Account_Manager
         Yields SamRecords with fields:
+        .. code-block:: text
             rid (uint32): The RID.
             fullname (string): Parsed fullname.
             username (string): Parsed username.

dissect/target/plugins/os/windows/services.py CHANGED Viewed

@@ -72,6 +72,9 @@ class ServicesPlugin(Plugin):
             - https://artifacts-kb.readthedocs.io/en/latest/sources/windows/ServicesAndDrivers.html
         Yields ServiceRecords with fields:
+        .. code-block:: text
             hostname (string): The target hostname.
             domain (string): The target domain.
             ts (datatime): The last modified timestamp of the registry key.

dissect/target/plugins/os/windows/wer.py CHANGED Viewed

@@ -155,6 +155,9 @@ class WindowsErrorReportingPlugin(Plugin):
         Yields dynamically created records based on the fields in the files. A record at least contains the following
         fields:
+        .. code-block:: text
             ts (datetime): The moment in time when the error event took place.
             version (string): WER file version.
             event_type (string): WER file event type.

dissect/target/target.py CHANGED Viewed

@@ -14,6 +14,7 @@ from dissect.target.exceptions import (
     PluginError,
     PluginNotFoundError,
     TargetError,
+    TargetPathNotFoundError,
     UnsupportedPluginError,
     VolumeSystemError,
 )
@@ -284,7 +285,11 @@ class Target:
                     try:
                         ldr = loader_cls(sub_entry, parsed_path=parsed_path)
                     except Exception as e:
-                        getlogger(sub_entry).error("Failed to initiate loader: %s", e)
+                        message = "Failed to initiate loader: %s"
+                        if isinstance(e, TargetPathNotFoundError):
+                            message = "%s"
+                        getlogger(sub_entry).error(message, e)
                         getlogger(sub_entry).debug("", exc_info=e)
                         continue

{dissect.target-3.17.dev37.dist-info → dissect.target-3.18.dev2.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.target
-Version: 3.17.dev37
+Version: 3.18.dev2
 Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{dissect.target-3.17.dev37.dist-info → dissect.target-3.18.dev2.dist-info}/RECORD RENAMED Viewed

@@ -1,11 +1,11 @@
 dissect/target/__init__.py,sha256=Oc7ounTgq2hE4nR6YcNabetc7SQA40ldSa35VEdZcQU,63
 dissect/target/container.py,sha256=0YcwcGmfJjhPXUB6DEcjWEoSuAtTDxMDpoTviMrLsxM,9353
-dissect/target/exceptions.py,sha256=VVW_Rq_vQinapz-2mbJ3UkxBEZpb2pE_7JlhMukdtrY,2877
+dissect/target/exceptions.py,sha256=ULi7NXlqju_d8KENEL3aimmfKTFfbNssfeWhAnOB654,2972
 dissect/target/filesystem.py,sha256=1i-lToeTX-HgQXQOYxPXH-90M_eq43W4FFzNDRdpgpk,60094
 dissect/target/loader.py,sha256=hjKInZAEcv43RiqxZJ0yBI4Y2YZ2-nrsKWu_BKrgba4,7336
 dissect/target/plugin.py,sha256=HAN8maaDt-Rlqt8Rr1IW7gXQpzNQZjCVz-i4aSPphSw,48677
 dissect/target/report.py,sha256=06uiP4MbNI8cWMVrC1SasNS-Yg6ptjVjckwj8Yhe0Js,7958
-dissect/target/target.py,sha256=jq0Ii8073GOfwfqRj7UMuJT5jTVvQ_FD9Vrl9TMGpVc,32180
+dissect/target/target.py,sha256=8vg0VdEQuy5Ih5ewlm0b64o3HcJq_Nley4Ygyp2fLI4,32362
 dissect/target/volume.py,sha256=aQZAJiny8jjwkc9UtwIRwy7nINXjCxwpO-_UDfh6-BA,15801
 dissect/target/containers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/containers/asdf.py,sha256=DJp0QEFwUjy2MFwKYcYqIR_BS1fQT1Yi9Kcmqt0aChM,1366
@@ -95,7 +95,7 @@ dissect/target/loaders/phobos.py,sha256=XtxF7FZXfZrXJruFUZUQzxlREyfc86dTxph7BNoN
 dissect/target/loaders/profile.py,sha256=5ylgmzEEGyBFW3izvb-BZ7dGByXN9OFyRnnggR98P9w,1667
 dissect/target/loaders/pvm.py,sha256=b-PvHNTbRVdOnf7-OR5dbikbDTCFlW85b-9Z8PEL2Cs,406
 dissect/target/loaders/pvs.py,sha256=dMqdYSBQtH9QLM3tdu0mokLBcn73edg_HUtYtqrdi6E,955
-dissect/target/loaders/raw.py,sha256=wfi1qnmLritNfBOqJbyEjsb2C8RjAZHO8IJ9R3XaNjI,412
+dissect/target/loaders/raw.py,sha256=tleNWoO0BkC32ExBIPVOpzrQHXXHChZXoZr02oYuC8A,674
 dissect/target/loaders/remote.py,sha256=4cGCQfBwuhh5vo0zgVCK8V3I0w9SSWX3AjbW9eebPRg,9512
 dissect/target/loaders/res.py,sha256=8b178x05t9K31wOeP8yGD1IdR3RpiMGz7wcvtHmmHjk,8819
 dissect/target/loaders/smb.py,sha256=qP8m4Jq7hvAvUCF9jB4yr2Zut7p_R02_vxziNN3R1to,13070
@@ -114,18 +114,18 @@ dissect/target/loaders/xva.py,sha256=WmqdM9qGrZcChx0PiiTLyMTSatJIy_ItGO9cPMALQSE
 dissect/target/plugins/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/apps/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/apps/av/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-dissect/target/plugins/apps/av/mcafee.py,sha256=4lro9iwcL2Vl9Lyy69Sk1D9JWSRTXv5yjpV6NJbbZXE,5409
-dissect/target/plugins/apps/av/sophos.py,sha256=gSfTvjBZMuT0hsL-p4oYxuYmakbqApoOYvL0lKYkSV4,4102
-dissect/target/plugins/apps/av/symantec.py,sha256=RFLyNW6FyuoGcirJ4xHbQM8oGjua9W4zXmC7YDF-H20,14109
-dissect/target/plugins/apps/av/trendmicro.py,sha256=jloy_N4hHAqF1sVIEeD5Q7LRYal3_os14Umk-hGaAR4,4613
+dissect/target/plugins/apps/av/mcafee.py,sha256=YWrsB5kQFtXfhqi6mdMPMVk2qh_KCiOBiaTnbj8mVrM,5440
+dissect/target/plugins/apps/av/sophos.py,sha256=TuO-ggdD5De0UTouzNF7-1iLULIOvr6FDktocnM0aF0,4164
+dissect/target/plugins/apps/av/symantec.py,sha256=I1_zZ2ihKptB2JJ7sYZ7df0AgtK3KhWPsbDkc2m_hPA,14171
+dissect/target/plugins/apps/av/trendmicro.py,sha256=ZhxL4IkzyHfR2xaNIzk-M-v-ITMuLG_yqq_0djqGMjU,4675
 dissect/target/plugins/apps/browser/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/apps/browser/brave.py,sha256=EW1ubL10swHeV9CscfpE-SrNZozul_Ewj48LNRaG5Kg,2865
 dissect/target/plugins/apps/browser/browser.py,sha256=rBIwcgdl73gm-8APwx2jEUAYXRniXkqcdMr2UYj_tS8,4118
 dissect/target/plugins/apps/browser/chrome.py,sha256=hxS8gqpBwoCrPaxNpllIa6K9DtsSGzn6XXcUaHyes6w,3048
-dissect/target/plugins/apps/browser/chromium.py,sha256=1oaQhMN5mJysw0VIVpTEmRCAifgv-mUQxZwrGmGHqAQ,27875
+dissect/target/plugins/apps/browser/chromium.py,sha256=N9hS-a45iEv_GyKhLZQR_FSkEjWlMA0f22eURBuxF5Y,27999
 dissect/target/plugins/apps/browser/edge.py,sha256=woXzZtHPWmfcV8vbxGKHELKru5JRb32MAXs43_b4K4E,2883
-dissect/target/plugins/apps/browser/firefox.py,sha256=Msicw-13AJWbXRRF6m_p4L84rXAjsIYGFRve29cPY2M,30806
-dissect/target/plugins/apps/browser/iexplore.py,sha256=MqMonoaM5lj0ZFqGwS4F-P1eLmnLvX7VQGE9S3hxXag,8739
+dissect/target/plugins/apps/browser/firefox.py,sha256=ROrzhI2SV81E63hi5PRtyJveRrBacWNJ9FWZS_ondlk,30929
+dissect/target/plugins/apps/browser/iexplore.py,sha256=g_xw0toaiyjevxO8g9XPCOqc-CXZp39FVquRhPFGdTE,8801
 dissect/target/plugins/apps/container/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/apps/container/docker.py,sha256=67Eih9AfUbqsP-HlnlwoHi4rSAnVCZWM76sEyO_1m18,15316
 dissect/target/plugins/apps/remoteaccess/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -211,15 +211,15 @@ dissect/target/plugins/os/unix/esxi/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQ
 dissect/target/plugins/os/unix/esxi/_os.py,sha256=8kFFK9986zN8hXmDUWwdQHtbV33nWKerRuisg_xbsoQ,17504
 dissect/target/plugins/os/unix/linux/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/os/unix/linux/_os.py,sha256=YJYwuq_iAinOrPqTE49Q4DLYMWBeRCly1uTbDvPhp6Q,2796
-dissect/target/plugins/os/unix/linux/cmdline.py,sha256=XIvaTL42DzeQGhqHN_RTMI5g8hbI2_wjzb7KZ0kPOM0,1591
-dissect/target/plugins/os/unix/linux/environ.py,sha256=FDf3_bNbaL5Qltnp0Ch-t8tp_6Lv3v9HY54qE4RWO7M,1850
+dissect/target/plugins/os/unix/linux/cmdline.py,sha256=AyMfndt3UsmJtoOyZYC8nWq2GZg9oPvn8SiI3M4NxnE,1622
+dissect/target/plugins/os/unix/linux/environ.py,sha256=UOQD7Xmu754u2oAh3L5g5snuz-gv4jbWbVy46qszYjo,1881
 dissect/target/plugins/os/unix/linux/iptables.py,sha256=qTzY5PHHXA33WnPYb5NESgoSwI7ECZ8YPoEe_Fmln-8,6045
 dissect/target/plugins/os/unix/linux/modules.py,sha256=H1S5CkpXttCVwzE2Ylz3jkvrCptN2f-fXcQ_hCB0FG0,2443
 dissect/target/plugins/os/unix/linux/netstat.py,sha256=MAC4ZdeNqcKpxT2ZMh1-7rjt4Pt_WQIRy7RChr7nlPk,1649
 dissect/target/plugins/os/unix/linux/proc.py,sha256=jm35fAasnNbObN2tpflwQuCfVYLDkTP2EDrzYG42ZSk,23354
-dissect/target/plugins/os/unix/linux/processes.py,sha256=sTQqZYPW-_gs7Z3f0wwsV6clUX4NK44GGyMiZToBIrg,1936
+dissect/target/plugins/os/unix/linux/processes.py,sha256=rvDJWAp16WAJZ91A8_GJJIj5y0U7BNnU8CW_47AueKY,1967
 dissect/target/plugins/os/unix/linux/services.py,sha256=-d2y073mOXUM3XCzRgDVCRFR9eTLoVuN8FsZVewHzRg,4075
-dissect/target/plugins/os/unix/linux/sockets.py,sha256=11de73KiF2D2s1eyPBA4EWDpNsEzOunbj3YqSlMYZ2Y,9765
+dissect/target/plugins/os/unix/linux/sockets.py,sha256=CXstlQt0tLcVSpvi0xOXJu580O6BGUBW3lJQt20aMUw,9920
 dissect/target/plugins/os/unix/linux/android/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/os/unix/linux/android/_os.py,sha256=trmESlpHdwVu7wV18RevEhh_TsVyfKPFCd5Usb5-fSU,2056
 dissect/target/plugins/os/unix/linux/debian/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -245,7 +245,7 @@ dissect/target/plugins/os/unix/locate/locate.py,sha256=uXFcWAqoz_3eNWHhsGoEtkkhm
 dissect/target/plugins/os/unix/locate/mlocate.py,sha256=DhrFgxDQF-fMZaA0WK8Z-5o9i9iDsuTHW7MHJtWwz6o,4485
 dissect/target/plugins/os/unix/locate/plocate.py,sha256=Skb24ba_MVzM4nuDaZHw-ZmomIEZ3TJ7g5kHCvQViko,6545
 dissect/target/plugins/os/unix/log/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-dissect/target/plugins/os/unix/log/atop.py,sha256=UmaqdnSmE8AO8bEj4drGSc1HH2n4Pdlxpwfa7RgraIY,16314
+dissect/target/plugins/os/unix/log/atop.py,sha256=DdiTf-gVJJvvPbR36khU4388lxQzABaWI-95jLCGgSw,16345
 dissect/target/plugins/os/unix/log/audit.py,sha256=OjorWTmCFvCI5RJq6m6WNW0Lhb-poB2VAggKOGZUHK4,3722
 dissect/target/plugins/os/unix/log/auth.py,sha256=l7gCuRdvv9gL0U1N0yrR9hVsMnr4t_k4t-n-f6PrOxg,2388
 dissect/target/plugins/os/unix/log/journal.py,sha256=eiNNVLmKWFj4dTQX8PNRNgKpVwzQWEHEsKyYfGUAPXQ,17376
@@ -254,10 +254,10 @@ dissect/target/plugins/os/unix/log/messages.py,sha256=CXA-SkMPLaCgnTQg9nzII-7tO8
 dissect/target/plugins/os/unix/log/utmp.py,sha256=21tvzG977LqzRShV6uAoU-83WDcLUrI_Tv__2ZVi9rw,7756
 dissect/target/plugins/os/windows/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/os/windows/_os.py,sha256=g5XGtruvyWx4YAhMpGZnAaIFWQqLNQpee_Ot7ROmD8w,12606
-dissect/target/plugins/os/windows/activitiescache.py,sha256=yY41YdCZk9e97Q8_rjZHknMUeOVDxgBG9VtXQHANUsQ,6710
+dissect/target/plugins/os/windows/activitiescache.py,sha256=Q2aILnhJ2rp2AwEbWwyBuSLjMbGqaYJTsavSbfkcFKE,6741
 dissect/target/plugins/os/windows/adpolicy.py,sha256=rvsvywChfms7d2kMwXRVHZaf8zJ46WmMwYplGAYEax8,6984
 dissect/target/plugins/os/windows/amcache.py,sha256=ZZNOs3bILTf0AGkDkhoatndl0j39DXkstN7oOyxJECU,27188
-dissect/target/plugins/os/windows/catroot.py,sha256=eSfVqXvWWZpXoxKB1FT_evjXXNmlD7wHhA3lYpfQDeQ,11043
+dissect/target/plugins/os/windows/catroot.py,sha256=wHW_p4M0aFonZJ2xZFIbgLbJopdCIXO9jVrGPHLsMLc,11105
 dissect/target/plugins/os/windows/cim.py,sha256=jsrpu6TZpBUh7VWI9AV2Ib5bebTwsvqOwRfa5gjJd7c,3056
 dissect/target/plugins/os/windows/clfs.py,sha256=begVsZ-CY97Ksh6S1g03LjyBgu8ERY2hfNDWYPj0GXI,4872
 dissect/target/plugins/os/windows/credhist.py,sha256=FX_pW-tU9esdvDTSx913kf_CpGE_1jbD6bkjDb-cxHk,7069
@@ -265,21 +265,21 @@ dissect/target/plugins/os/windows/datetime.py,sha256=tuBOkewmbCW8sFXcYp5p82oM5RC
 dissect/target/plugins/os/windows/defender.py,sha256=Vp_IP6YKm4igR765WvXJrHQ3RMu7FJKM3VOoR8AybV8,23737
 dissect/target/plugins/os/windows/env.py,sha256=-u9F9xWy6PUbQmu5Tv_MDoVmy6YB-7CbHokIK_T3S44,13891
 dissect/target/plugins/os/windows/generic.py,sha256=BSvDPfB9faU0uquMj0guw5tnR_97Nn0XAEE4k05BFSQ,22273
-dissect/target/plugins/os/windows/lnk.py,sha256=6_ciURYTa-LpgpHJsixoFUqkfSATHkEbk0xKiIZDGPU,8148
+dissect/target/plugins/os/windows/lnk.py,sha256=On1k0PODYggQM1j514qFepBACCV2Z2u61Q4Ba6e3Y2c,8179
 dissect/target/plugins/os/windows/locale.py,sha256=yXVdclpUqss9h8Nq7N4kg3OHwWGDfjdfiLiUZR3wqv8,2324
 dissect/target/plugins/os/windows/notifications.py,sha256=64xHHueHwtJCc8RTAF70oa0RxvqfCu_DBPWRSZBnYZc,17386
-dissect/target/plugins/os/windows/prefetch.py,sha256=5hRxdIP9sIV5Q9TAScMjLbl_mImZ37abvdE_pAd6rh4,10398
-dissect/target/plugins/os/windows/recyclebin.py,sha256=4GSj0Q3YvONufnqANbnG0ffiMQyToCiL5s35Wmu4JOQ,4898
+dissect/target/plugins/os/windows/prefetch.py,sha256=bDoJOWRp6vIHe1lf9HXNuNg5iyh5YqVw9s0P562VfKo,10460
+dissect/target/plugins/os/windows/recyclebin.py,sha256=7UFjZg1NHWJyfjthhMBpQd3kGG8ZXe7H4Cu9U3QzjOs,4929
 dissect/target/plugins/os/windows/registry.py,sha256=EfqUkgbzaqTuq1kIPYNG1TfvJxhJE5X-TEjV3K_xsPU,12814
-dissect/target/plugins/os/windows/sam.py,sha256=ESQjaCIC17mKSU2y4GlLzkzJbsMJECPYlnVES36InQA,15447
-dissect/target/plugins/os/windows/services.py,sha256=_6YkuoZD8LUxk72R3n1p1bOBab3A1wszdB1NuPavIGM,6037
+dissect/target/plugins/os/windows/sam.py,sha256=NTL6dez30i_E3R0mNmnYXMYc62DHqICWvpXy9g_2RY0,15478
+dissect/target/plugins/os/windows/services.py,sha256=MoVPJ1GKpPaJrGd2DYtuHEmKqC2uOKRc5SZKB12goSs,6068
 dissect/target/plugins/os/windows/sru.py,sha256=sOM7CyMkW8XIXzI75GL69WoqUrSK2X99TFIfdQR2D64,17767
 dissect/target/plugins/os/windows/startupinfo.py,sha256=kl8Y7M4nVfmJ71I33VCegtbHj-ZOeEsYAdlNbgwtUOA,3406
 dissect/target/plugins/os/windows/syscache.py,sha256=WBDx6rixaVnCRsJHLLN_9YWoTDbzkKGbTnk3XmHSSUM,3443
 dissect/target/plugins/os/windows/tasks.py,sha256=8DRsIAuIJPaH_G18l8RYfnK_WkEqVx2xDJ1FnIc_i0g,5716
 dissect/target/plugins/os/windows/thumbcache.py,sha256=23YjOjTNoE7BYITmg8s9Zs8Wih2e73BkJJEaKlfotcI,4133
 dissect/target/plugins/os/windows/ual.py,sha256=TYF-R46klEa_HHb86UJd6mPrXwHlAMOUTzC0pZ8uiq0,9787
-dissect/target/plugins/os/windows/wer.py,sha256=1kwkBvgmEU1QRCLWVmUFNIWAqXEEGtAj2c8uj0iusOE,8625
+dissect/target/plugins/os/windows/wer.py,sha256=ogecvKYxAvDXLptQj4cn0JLn1FxaXjeSuJWs4JgkoZs,8656
 dissect/target/plugins/os/windows/dpapi/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/os/windows/dpapi/blob.py,sha256=oFhksgx2BAaeAbpPwOM-o0Dw5MKaMLGMF6ETdxIS708,5051
 dissect/target/plugins/os/windows/dpapi/crypto.py,sha256=_F1F2j1chQw-KLqfWvgL2mCkF3HSvdVnM78OZ0ph9hc,9337
@@ -289,30 +289,30 @@ dissect/target/plugins/os/windows/exchange/__init__.py,sha256=47DEQpj8HBSa-_TImW
 dissect/target/plugins/os/windows/exchange/exchange.py,sha256=ofoapuDQXefIX4sTzwNboyk5RztN2JEyw1OWl5cx-wo,1564
 dissect/target/plugins/os/windows/log/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/os/windows/log/amcache.py,sha256=TabtjNx9Ve-u-Fn0K95A0v_SLGzn2YeNPHrcQvjVKJc,5877
-dissect/target/plugins/os/windows/log/etl.py,sha256=Rau1zqPJ5LL91j59nC4Jg81KF2t1uuMx-oQp9JK0a00,7049
-dissect/target/plugins/os/windows/log/evt.py,sha256=vK9XHc-hOxf6BbLKMNzGNlbCRWN2nlksQoCLdHqPgnw,7049
-dissect/target/plugins/os/windows/log/evtx.py,sha256=C1JM64GW7z82qT9K9hIiyCv0EFxszFD9GVvtUZUHdL4,6096
-dissect/target/plugins/os/windows/log/pfro.py,sha256=BCjg3OZzkIP4-HzRa1b1dPkDv_B4sbd78fl40obUVkM,2706
-dissect/target/plugins/os/windows/log/schedlgu.py,sha256=vzMOcCSrGRTMNQUZzvyQorZzbTNgs1UJiPe0zeOOupQ,5515
+dissect/target/plugins/os/windows/log/etl.py,sha256=PWMTpgKWAtYNtmQfyoos4TtgH8gnbQN19Jw1GCEeHy0,7142
+dissect/target/plugins/os/windows/log/evt.py,sha256=LsM9IgidOtAeGrtztO3ng2DAPmCMVydX3bqYz12dQ_4,7080
+dissect/target/plugins/os/windows/log/evtx.py,sha256=P_hQT3ZFelqhXTH_8pbnSnCwEeSxJr8hiX0F3tK-4W4,6127
+dissect/target/plugins/os/windows/log/pfro.py,sha256=qqXXQ7hY8CHVdYEibmAnJrIy9Szesvr7Re19Nj_GYPg,2737
+dissect/target/plugins/os/windows/log/schedlgu.py,sha256=JaP8H8eTEypWXhx2aFSR_IMam6rQiksbLKhMr_U4fz8,5570
 dissect/target/plugins/os/windows/regf/7zip.py,sha256=Vc336zhS6R8W98GGlLtPJ_OR0vEP014QnBtYwbx_HUo,3217
 dissect/target/plugins/os/windows/regf/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-dissect/target/plugins/os/windows/regf/appxdebugkeys.py,sha256=2GlbBZITBDhu3JKHgsGCd_6umHFgDw6OQA4g4rHg63E,3935
+dissect/target/plugins/os/windows/regf/appxdebugkeys.py,sha256=X8MYLcD76pIZoIWwS_DgUp6q6pi2WO7jhZeoc4uGLak,3966
 dissect/target/plugins/os/windows/regf/auditpol.py,sha256=62WMlZwSzBb-99ujaeGkkOBui5qHOkvMHfACsqCmC0A,5140
-dissect/target/plugins/os/windows/regf/bam.py,sha256=W46KjD2bQC52qSajc2lNX36lkjzylKzH7xulnhEKrL8,2053
+dissect/target/plugins/os/windows/regf/bam.py,sha256=iELyDeA-tdT6eXMZ5HHIVSAjH6vDvmS47D2xr4iX7Y8,2084
 dissect/target/plugins/os/windows/regf/cit.py,sha256=vErcoGfslyuZsaZiGbSGm6KxnJmUjobMwoy03jb6774,38244
-dissect/target/plugins/os/windows/regf/clsid.py,sha256=OvvA7Rwm29c1wXarXWXOMkqspA44oOQrQ_0rAJGYAU0,3601
-dissect/target/plugins/os/windows/regf/firewall.py,sha256=cDUj-dY6myWtPenI4Vrzp1u_1ndq0EtGDs78RoqSA0Y,3141
+dissect/target/plugins/os/windows/regf/clsid.py,sha256=M121yHQgRDSGtXeShiB-RUuk_toHOFHLYwbHAP9SS8U,3632
+dissect/target/plugins/os/windows/regf/firewall.py,sha256=-RUFjY4D-ua72vyvOTJyg-MpUbk9Syfo4TfgA7bV7Us,3172
 dissect/target/plugins/os/windows/regf/mru.py,sha256=HYg4UnbsjvzZKS9qcqxkocUeIGQieMLXPjkjgZ1qbTY,13560
-dissect/target/plugins/os/windows/regf/muicache.py,sha256=qoA7S8SiZakIreQqxc_QH1av6Lnlprf5SGr4s55b-8E,3707
+dissect/target/plugins/os/windows/regf/muicache.py,sha256=-1IYfNpFjjk4WYyFUBJGLl7ahEGeUKqlaI1QwPNnfjA,3738
 dissect/target/plugins/os/windows/regf/nethist.py,sha256=QHbG9fmZNmjSVhrgqMvMo12YBaQedzeToS7ZD9eIJ28,3111
-dissect/target/plugins/os/windows/regf/recentfilecache.py,sha256=Wr6u7SajA9BtUiypztak9ASJZuimOtWfQUAlfvskjMg,1838
-dissect/target/plugins/os/windows/regf/regf.py,sha256=IbLnOurtlprXAo12iYRdw6fv5J45SuMAqt-mXVYaZi4,3357
-dissect/target/plugins/os/windows/regf/runkeys.py,sha256=f10jOPTJlUVDEhSiH9JSltKQ-V7zfa8iPX0nKl1gBXo,4247
+dissect/target/plugins/os/windows/regf/recentfilecache.py,sha256=5JheHDmYc7udH-ZF7PwVTm0HfRY43diW0pmyyfHWZK0,1869
+dissect/target/plugins/os/windows/regf/regf.py,sha256=D1GrljF-sV8cWIjWJ3zH7k52i1OWD8poEC_PIeZMEis,3419
+dissect/target/plugins/os/windows/regf/runkeys.py,sha256=-2HcdnVytzCt1xwgAI8rHDnwk8kwLPWURumvhrGnIHU,4278
 dissect/target/plugins/os/windows/regf/shellbags.py,sha256=EKBWBjxvSfxc7WFKmICZs8QUJnjhsCKesjl_NHEnSUo,25621
-dissect/target/plugins/os/windows/regf/shimcache.py,sha256=4SHtwh-ajhgcyR2-vsBbjnsyBtEVPwlgk5j8e1TQkWM,9972
-dissect/target/plugins/os/windows/regf/trusteddocs.py,sha256=4g4m1FYljOpYqGG-7NGyj738Tfnz0uEaN2is2YzkMgg,3669
-dissect/target/plugins/os/windows/regf/usb.py,sha256=mfMQPKUct7fqpxJgquySrorPf5KWBzwWCLVKa9qSatc,7182
-dissect/target/plugins/os/windows/regf/userassist.py,sha256=kEthM9oDDBA6UbGxunbyTfXX320Z_2YlTMYoUQyxZyY,5469
+dissect/target/plugins/os/windows/regf/shimcache.py,sha256=0THEJQtMHACAI70jrThMCrxAVgQv5XxqkRD1MY03VpE,10003
+dissect/target/plugins/os/windows/regf/trusteddocs.py,sha256=3yvpBDM-Asg0rvGN2TwALGRm9DYogG6TxRau9D6FBbw,3700
+dissect/target/plugins/os/windows/regf/usb.py,sha256=hR5fnqy_sint1YyWgm1-AMhGQ4MxJOH_Wz0vbYzr9p4,7213
+dissect/target/plugins/os/windows/regf/userassist.py,sha256=36uI_tSGUx-lOUZ1Io_2ofHTLHzriFA3F6XMR61H0wc,5500
 dissect/target/plugins/os/windows/task_helpers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/os/windows/task_helpers/tasks_job.py,sha256=-dCkJnyEiWG9nCK378-GswM5EXelrA_g3zDHLhSQMu0,21199
 dissect/target/plugins/os/windows/task_helpers/tasks_records.py,sha256=vpCyKqLQSzI5ymD1h5P6RncLEE47YtmjDFwKA16dVZ4,4046
@@ -340,10 +340,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
 dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
 dissect/target/volumes/md.py,sha256=j1K1iKmspl0C_OJFc7-Q1BMWN2OCC5EVANIgVlJ_fIE,1673
 dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
-dissect.target-3.17.dev37.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
-dissect.target-3.17.dev37.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
-dissect.target-3.17.dev37.dist-info/METADATA,sha256=lG1EhM84cgxqVPODtlB_Ruvy2WmoUgjrea3a9pSWu20,11300
-dissect.target-3.17.dev37.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
-dissect.target-3.17.dev37.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
-dissect.target-3.17.dev37.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
-dissect.target-3.17.dev37.dist-info/RECORD,,
+dissect.target-3.18.dev2.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
+dissect.target-3.18.dev2.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+dissect.target-3.18.dev2.dist-info/METADATA,sha256=CQlktWeUyWCrkDq9WKqNFR3gxHwKVUZ-9KDPop4n6s8,11299
+dissect.target-3.18.dev2.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
+dissect.target-3.18.dev2.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
+dissect.target-3.18.dev2.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
+dissect.target-3.18.dev2.dist-info/RECORD,,

{dissect.target-3.17.dev37.dist-info → dissect.target-3.18.dev2.dist-info}/COPYRIGHT RENAMED Viewed

File without changes

{dissect.target-3.17.dev37.dist-info → dissect.target-3.18.dev2.dist-info}/LICENSE RENAMED Viewed

File without changes

{dissect.target-3.17.dev37.dist-info → dissect.target-3.18.dev2.dist-info}/WHEEL RENAMED Viewed

File without changes

{dissect.target-3.17.dev37.dist-info → dissect.target-3.18.dev2.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{dissect.target-3.17.dev37.dist-info → dissect.target-3.18.dev2.dist-info}/top_level.txt RENAMED Viewed

File without changes

dissect.target 3.17.dev37__py3-none-any.whl → 3.18.dev2__py3-none-any.whl

dissect.target 3.17.dev37py3-none-any.whl → 3.18.dev2py3-none-any.whl