Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
na.elf
|
ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, stripped
|
initial sample
|
||
/var/log/wtmp
|
data
|
dropped
|
||
/home/saturnino/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-sink
|
ASCII text
|
dropped
|
||
/home/saturnino/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-source
|
ASCII text
|
dropped
|
||
/proc/6420/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/run/gdm3.pid
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0GPUoWn
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0g6cZ1o
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#1270Hfayl
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#1271i0FMn
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#1275gLxrn
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127TFsVWn
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127vyB9Wm
|
ASCII text
|
dropped
|
||
/run/user/1000/pulse/pid
|
ASCII text
|
dropped
|
||
/run/utmp
|
data
|
dropped
|
||
/tmp/qemu-open.Me2X6G (deleted)
|
data
|
dropped
|
||
/tmp/qemu-open.dpWAFd (deleted)
|
data
|
dropped
|
||
/var/lib/AccountsService/users/gdm.V5BHV2
|
ASCII text
|
dropped
|
||
/var/lib/ubuntu-drivers-common/last_gfx_boot
|
ASCII text
|
dropped
|
||
/var/log/auth.log
|
ASCII text
|
dropped
|
||
/var/log/gpu-manager.log
|
ASCII text
|
dropped
|
||
/var/log/kern.log
|
ASCII text
|
dropped
|
||
/var/log/syslog
|
ASCII text, with very long lines (317)
|
dropped
|
There are 13 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/tmp/na.elf
|
/tmp/na.elf
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/pulseaudio
|
/usr/bin/pulseaudio --daemonize=no --log-target=journal
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/rsyslogd
|
/usr/sbin/rsyslogd -n -iNONE
|
||
/usr/libexec/gvfsd-fuse
|
-
|
||
/bin/fusermount
|
fusermount -u -q -z -- /run/user/1000/gvfs
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-logind
|
/lib/systemd/systemd-logind
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/libexec/rtkit-daemon
|
/usr/libexec/rtkit-daemon
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/policykit-1/polkitd
|
/usr/lib/policykit-1/polkitd --no-debug
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/lib/systemd/systemd
|
-
|
||
/sbin/agetty
|
/sbin/agetty -o "-p -- \\u" --noclear tty2 linux
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/gpu-manager
|
/usr/bin/gpu-manager --log /var/log/gpu-manager.log
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/share/gdm/generate-config
|
/usr/share/gdm/generate-config
|
||
/usr/share/gdm/generate-config
|
-
|
||
/usr/bin/pkill
|
pkill --signal HUP --uid gdm dconf-service
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/gdm3/gdm-wait-for-drm
|
/usr/lib/gdm3/gdm-wait-for-drm
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/gdm3
|
/usr/sbin/gdm3
|
||
/usr/sbin/gdm3
|
-
|
||
/usr/bin/plymouth
|
plymouth --ping
|
||
/usr/sbin/gdm3
|
-
|
||
/usr/lib/gdm3/gdm-session-worker
|
"gdm-session-worker [pam/gdm-launch-environment]"
|
||
/usr/lib/gdm3/gdm-session-worker
|
-
|
||
/usr/lib/gdm3/gdm-wayland-session
|
/usr/lib/gdm3/gdm-wayland-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
|
||
/usr/lib/gdm3/gdm-wayland-session
|
-
|
||
/usr/bin/dbus-daemon
|
dbus-daemon --print-address 3 --session
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/lib/gdm3/gdm-wayland-session
|
-
|
||
/usr/bin/dbus-run-session
|
dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/bin/dbus-run-session
|
-
|
||
/usr/bin/dbus-daemon
|
dbus-daemon --nofork --print-address 4 --session
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/accountsservice/accounts-daemon
|
/usr/lib/accountsservice/accounts-daemon
|
||
/usr/lib/accountsservice/accounts-daemon
|
-
|
||
/usr/share/language-tools/language-validate
|
/usr/share/language-tools/language-validate en_US.UTF-8
|
||
/usr/share/language-tools/language-validate
|
-
|
||
/usr/share/language-tools/language-options
|
/usr/share/language-tools/language-options
|
||
/usr/share/language-tools/language-options
|
-
|
||
/bin/sh
|
sh -c "locale -a | grep -F .utf8 "
|
||
/bin/sh
|
-
|
||
/usr/bin/locale
|
locale -a
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -F .utf8
|
There are 96 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://www.rsyslog.com
|
unknown
|
||
https://daisy.ubuntu.com/9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9e
|
162.213.35.24
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
daisy.ubuntu.com
|
162.213.35.25
|
||
byte-mirai.kro.kr
|
154.216.20.119
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
102.35.210.164
|
unknown
|
Reunion
|
||
41.122.213.9
|
unknown
|
South Africa
|
||
167.105.5.51
|
unknown
|
Singapore
|
||
129.57.255.182
|
unknown
|
United States
|
||
43.227.143.22
|
unknown
|
China
|
||
53.188.22.61
|
unknown
|
Germany
|
||
218.247.179.203
|
unknown
|
China
|
||
96.129.174.172
|
unknown
|
United States
|
||
172.150.130.142
|
unknown
|
United States
|
||
25.62.198.172
|
unknown
|
United Kingdom
|
||
54.150.59.210
|
unknown
|
United States
|
||
178.26.2.97
|
unknown
|
Germany
|
||
131.125.176.103
|
unknown
|
United States
|
||
44.197.226.146
|
unknown
|
United States
|
||
17.103.165.149
|
unknown
|
United States
|
||
14.33.95.141
|
unknown
|
Korea Republic of
|
||
134.204.245.241
|
unknown
|
United States
|
||
37.207.56.35
|
unknown
|
Italy
|
||
124.224.22.89
|
unknown
|
China
|
||
39.144.167.223
|
unknown
|
China
|
||
84.182.42.90
|
unknown
|
Germany
|
||
52.73.241.35
|
unknown
|
United States
|
||
14.52.153.242
|
unknown
|
Korea Republic of
|
||
185.246.165.74
|
unknown
|
Greece
|
||
73.114.184.219
|
unknown
|
United States
|
||
203.31.156.255
|
unknown
|
Australia
|
||
36.163.21.42
|
unknown
|
China
|
||
126.180.202.112
|
unknown
|
Japan
|
||
126.26.24.77
|
unknown
|
Japan
|
||
100.60.146.131
|
unknown
|
United States
|
||
19.201.169.59
|
unknown
|
United States
|
||
129.136.35.25
|
unknown
|
Japan
|
||
37.198.247.123
|
unknown
|
Sweden
|
||
114.210.130.83
|
unknown
|
China
|
||
185.65.168.44
|
unknown
|
Switzerland
|
||
130.146.219.135
|
unknown
|
Netherlands
|
||
130.209.174.9
|
unknown
|
United Kingdom
|
||
48.139.41.131
|
unknown
|
United States
|
||
34.148.46.205
|
unknown
|
United States
|
||
58.94.183.113
|
unknown
|
Japan
|
||
190.140.175.59
|
unknown
|
Panama
|
||
81.211.56.21
|
unknown
|
Russian Federation
|
||
89.14.72.100
|
unknown
|
Germany
|
||
53.224.198.237
|
unknown
|
Germany
|
||
138.249.57.194
|
unknown
|
Finland
|
||
187.220.187.86
|
unknown
|
Mexico
|
||
52.219.178.167
|
unknown
|
United States
|
||
51.32.246.180
|
unknown
|
United Kingdom
|
||
150.98.41.127
|
unknown
|
Japan
|
||
51.174.247.90
|
unknown
|
Norway
|
||
64.32.32.150
|
unknown
|
Reserved
|
||
170.103.242.221
|
unknown
|
United States
|
||
108.29.44.50
|
unknown
|
United States
|
||
137.254.125.117
|
unknown
|
United States
|
||
133.187.254.232
|
unknown
|
Japan
|
||
77.47.23.50
|
unknown
|
Germany
|
||
208.105.199.236
|
unknown
|
United States
|
||
183.124.88.69
|
unknown
|
Korea Republic of
|
||
103.169.22.72
|
unknown
|
unknown
|
||
160.211.254.169
|
unknown
|
Germany
|
||
207.95.123.144
|
unknown
|
United States
|
||
198.136.11.122
|
unknown
|
United States
|
||
82.231.143.73
|
unknown
|
France
|
||
100.7.169.102
|
unknown
|
United States
|
||
150.255.2.86
|
unknown
|
China
|
||
53.187.32.119
|
unknown
|
Germany
|
||
80.178.27.68
|
unknown
|
Israel
|
||
147.151.0.123
|
unknown
|
United Kingdom
|
||
32.186.243.54
|
unknown
|
United States
|
||
81.227.51.155
|
unknown
|
Sweden
|
||
81.43.163.139
|
unknown
|
Spain
|
||
72.17.245.38
|
unknown
|
United States
|
||
190.72.15.55
|
unknown
|
Venezuela
|
||
93.202.30.189
|
unknown
|
Germany
|
||
213.200.224.21
|
unknown
|
Switzerland
|
||
60.163.74.154
|
unknown
|
China
|
||
52.68.87.217
|
unknown
|
United States
|
||
37.222.252.37
|
unknown
|
Spain
|
||
32.152.190.253
|
unknown
|
United States
|
||
204.156.18.61
|
unknown
|
United States
|
||
89.156.171.170
|
unknown
|
France
|
||
199.143.21.102
|
unknown
|
United States
|
||
116.196.205.226
|
unknown
|
China
|
||
112.220.203.109
|
unknown
|
Korea Republic of
|
||
176.79.251.64
|
unknown
|
Portugal
|
||
93.172.136.114
|
unknown
|
Israel
|
||
204.219.74.140
|
unknown
|
United States
|
||
20.17.17.212
|
unknown
|
United States
|
||
64.184.117.203
|
unknown
|
United States
|
||
163.71.17.56
|
unknown
|
France
|
||
194.75.109.229
|
unknown
|
United Kingdom
|
||
27.168.204.124
|
unknown
|
Korea Republic of
|
||
78.29.96.45
|
unknown
|
Russian Federation
|
||
193.76.218.181
|
unknown
|
Italy
|
||
135.143.94.3
|
unknown
|
United States
|
||
157.177.232.97
|
unknown
|
Austria
|
||
193.129.90.161
|
unknown
|
United Kingdom
|
||
179.34.40.206
|
unknown
|
Brazil
|
||
115.29.223.212
|
unknown
|
China
|
||
145.117.234.245
|
unknown
|
Netherlands
|
There are 90 hidden IPs, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
7f8020414000
|
page execute read
|
|||
7f8020414000
|
page execute read
|
|||
7f8020414000
|
page execute read
|
|||
7f8020414000
|
page execute read
|
|||
7f8020414000
|
page execute read
|
|||
7f8020414000
|
page execute read
|
|||
56291b7ae000
|
page execute and read and write
|
|||
7f80a66ad000
|
page read and write
|
|||
7f80a59d9000
|
page read and write
|
|||
7f80a66a5000
|
page read and write
|
|||
7ffc551d4000
|
page execute read
|
|||
7f80a59cb000
|
page read and write
|
|||
56291951e000
|
page execute read
|
|||
7f80a604d000
|
page read and write
|
|||
7f80a604d000
|
page read and write
|
|||
7f80a602a000
|
page read and write
|
|||
7f80a0000000
|
page read and write
|
|||
7f80a604d000
|
page read and write
|
|||
7f8020455000
|
page read and write
|
|||
56291b7c5000
|
page read and write
|
|||
7f80a51c3000
|
page read and write
|
|||
7f80a66a5000
|
page read and write
|
|||
7f80a66a5000
|
page read and write
|
|||
7ffc551ab000
|
page read and write
|
|||
7f80a639b000
|
page read and write
|
|||
7f80a0000000
|
page read and write
|
|||
5629197b0000
|
page read and write
|
|||
7f80a604d000
|
page read and write
|
|||
7f80a59cb000
|
page read and write
|
|||
7f8020455000
|
page read and write
|
|||
7f80a59d9000
|
page read and write
|
|||
7ffc551d4000
|
page execute read
|
|||
5629197a6000
|
page read and write
|
|||
56291b7ae000
|
page execute and read and write
|
|||
7f80a66f2000
|
page read and write
|
|||
7f80a66f2000
|
page read and write
|
|||
7f80a0021000
|
page read and write
|
|||
5629197a6000
|
page read and write
|
|||
56291951e000
|
page execute read
|
|||
7f80a0021000
|
page read and write
|
|||
56291951e000
|
page execute read
|
|||
7f80a606a000
|
page read and write
|
|||
56291d70b000
|
page read and write
|
|||
7f80a657c000
|
page read and write
|
|||
7f80a606a000
|
page read and write
|
|||
7f80a66a5000
|
page read and write
|
|||
56291b7c5000
|
page read and write
|
|||
7f80a51c3000
|
page read and write
|
|||
5629197b0000
|
page read and write
|
|||
7f80a0000000
|
page read and write
|
|||
56291b7ae000
|
page execute and read and write
|
|||
7f8020458000
|
page read and write
|
|||
7f8020458000
|
page read and write
|
|||
56291b7c5000
|
page read and write
|
|||
7f80a602a000
|
page read and write
|
|||
7f80a59d9000
|
page read and write
|
|||
7f8020455000
|
page read and write
|
|||
7f80a0000000
|
page read and write
|
|||
7ffc551ab000
|
page read and write
|
|||
7f80a606a000
|
page read and write
|
|||
56291d72b000
|
page read and write
|
|||
7f80a5c89000
|
page read and write
|
|||
7f80a66f2000
|
page read and write
|
|||
56291951e000
|
page execute read
|
|||
7f80a657c000
|
page read and write
|
|||
7f80a0000000
|
page read and write
|
|||
7f80a66a5000
|
page read and write
|
|||
7f80a0021000
|
page read and write
|
|||
7f80a59cb000
|
page read and write
|
|||
7f80a602a000
|
page read and write
|
|||
5629197a6000
|
page read and write
|
|||
5629197b0000
|
page read and write
|
|||
7f80a51c3000
|
page read and write
|
|||
7f8020458000
|
page read and write
|
|||
7f80a0021000
|
page read and write
|
|||
7f8020458000
|
page read and write
|
|||
7f80a0021000
|
page read and write
|
|||
7f80a639b000
|
page read and write
|
|||
7f80a66a5000
|
page read and write
|
|||
7f80a606a000
|
page read and write
|
|||
7ffc551d4000
|
page execute read
|
|||
7f80a59cb000
|
page read and write
|
|||
7ffc551d4000
|
page execute read
|
|||
7f80a66ad000
|
page read and write
|
|||
56291b7ae000
|
page execute and read and write
|
|||
7f80a0000000
|
page read and write
|
|||
5629197a6000
|
page read and write
|
|||
56291951e000
|
page execute read
|
|||
5629197b0000
|
page read and write
|
|||
7f80a59cb000
|
page read and write
|
|||
7f80a602a000
|
page read and write
|
|||
7f80a5c89000
|
page read and write
|
|||
56291b7c5000
|
page read and write
|
|||
7f80a657c000
|
page read and write
|
|||
7f8020455000
|
page read and write
|
|||
7f80a5c89000
|
page read and write
|
|||
7f8020458000
|
page read and write
|
|||
7f80a657c000
|
page read and write
|
|||
56291b7ae000
|
page execute and read and write
|
|||
7ffc551ab000
|
page read and write
|
|||
7f80a66ad000
|
page read and write
|
|||
56291b7c5000
|
page read and write
|
|||
56291d70b000
|
page read and write
|
|||
7f80a66f2000
|
page read and write
|
|||
7f80a59cb000
|
page read and write
|
|||
5629197b0000
|
page read and write
|
|||
7f80a5c89000
|
page read and write
|
|||
7f80a66ad000
|
page read and write
|
|||
7f80a606a000
|
page read and write
|
|||
7f80a5c89000
|
page read and write
|
|||
56291b7c5000
|
page read and write
|
|||
7ffc551ab000
|
page read and write
|
|||
7ffc551d4000
|
page execute read
|
|||
7f80a51c3000
|
page read and write
|
|||
7f80a0021000
|
page read and write
|
|||
7f80a66ad000
|
page read and write
|
|||
7f8020458000
|
page read and write
|
|||
7f80a59d9000
|
page read and write
|
|||
7f802045a000
|
page read and write
|
|||
5629197a6000
|
page read and write
|
|||
7f80a639b000
|
page read and write
|
|||
7f8020455000
|
page read and write
|
|||
7f80a639b000
|
page read and write
|
|||
7f80a66f2000
|
page read and write
|
|||
7f80a602a000
|
page read and write
|
|||
7f80a606a000
|
page read and write
|
|||
56291951e000
|
page execute read
|
|||
5629197a6000
|
page read and write
|
|||
7f80a5c89000
|
page read and write
|
|||
7f8020455000
|
page read and write
|
|||
7f80a66f2000
|
page read and write
|
|||
7f80a51c3000
|
page read and write
|
|||
7f80a51c3000
|
page read and write
|
|||
7f802045a000
|
page read and write
|
|||
7f80a639b000
|
page read and write
|
|||
7f80a66ad000
|
page read and write
|
|||
7f80a657c000
|
page read and write
|
|||
7f80a639b000
|
page read and write
|
|||
7f80a604d000
|
page read and write
|
|||
7f80a602a000
|
page read and write
|
|||
56291d70b000
|
page read and write
|
|||
7ffc551d4000
|
page execute read
|
|||
56291d70b000
|
page read and write
|
|||
7ffc551ab000
|
page read and write
|
|||
5629197b0000
|
page read and write
|
|||
56291d70b000
|
page read and write
|
|||
56291b7ae000
|
page execute and read and write
|
|||
56291d70b000
|
page read and write
|
|||
7f80a59d9000
|
page read and write
|
|||
7ffc551ab000
|
page read and write
|
|||
7f80a59d9000
|
page read and write
|
|||
7f80a604d000
|
page read and write
|
|||
7f80a657c000
|
page read and write
|
|||
56291d72b000
|
page read and write
|
There are 144 hidden memdumps, click here to show them.