Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
na.elf
|
ELF 32-bit LSB executable, ARM, version 1 (ARM), statically linked, stripped
|
initial sample
|
 |
|
|
/var/log/wtmp
|
data
|
dropped
|
|
|
|
/home/saturnino/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-sink
|
ASCII text
|
dropped
|
||
|
/home/saturnino/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-source
|
ASCII text
|
dropped
|
||
|
/proc/6410/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
|
/run/gdm3.pid
|
ASCII text
|
dropped
|
||
|
/run/systemd/seats/.#seat07zh839
|
ASCII text
|
dropped
|
||
|
/run/systemd/seats/.#seat0c3ql89
|
ASCII text
|
dropped
|
||
|
/run/systemd/users/.#12708cOZa
|
ASCII text
|
dropped
|
||
|
/run/systemd/users/.#1279p4457
|
ASCII text
|
dropped
|
||
|
/run/systemd/users/.#127AtRIY6
|
ASCII text
|
dropped
|
||
|
/run/systemd/users/.#127IZjWoa
|
ASCII text
|
dropped
|
||
|
/run/systemd/users/.#127VjpCA9
|
ASCII text
|
dropped
|
||
|
/run/systemd/users/.#127cemnFa
|
ASCII text
|
dropped
|
||
|
/run/user/1000/pulse/pid
|
ASCII text
|
dropped
|
||
|
/run/utmp
|
data
|
dropped
|
||
|
/tmp/qemu-open.lcJ6tc (deleted)
|
data
|
dropped
|
||
|
/var/lib/AccountsService/users/gdm.F6BOV2
|
ASCII text
|
dropped
|
||
|
/var/lib/ubuntu-drivers-common/last_gfx_boot
|
ASCII text
|
dropped
|
||
|
/var/log/auth.log
|
ASCII text
|
dropped
|
||
|
/var/log/gpu-manager.log
|
ASCII text
|
dropped
|
||
|
/var/log/kern.log
|
ASCII text
|
dropped
|
||
|
/var/log/syslog
|
ASCII text, with very long lines (317)
|
dropped
|
There are 13 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/na.elf
|
/tmp/na.elf
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/usr/sbin/gdm3
|
-
|
||
|
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
|
/usr/sbin/gdm3
|
-
|
||
|
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/bin/pulseaudio
|
/usr/bin/pulseaudio --daemonize=no --log-target=journal
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/sbin/rsyslogd
|
/usr/sbin/rsyslogd -n -iNONE
|
||
|
/usr/sbin/gdm3
|
-
|
||
|
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
|
/usr/libexec/gvfsd-fuse
|
-
|
||
|
/bin/fusermount
|
fusermount -u -q -z -- /run/user/1000/gvfs
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/lib/systemd/systemd-logind
|
/lib/systemd/systemd-logind
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/libexec/rtkit-daemon
|
/usr/libexec/rtkit-daemon
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/bin/gpu-manager
|
/usr/bin/gpu-manager --log /var/log/gpu-manager.log
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/lib/policykit-1/polkitd
|
/usr/lib/policykit-1/polkitd --no-debug
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/sbin/agetty
|
/sbin/agetty -o "-p -- \\u" --noclear tty2 linux
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/share/gdm/generate-config
|
/usr/share/gdm/generate-config
|
||
|
/usr/share/gdm/generate-config
|
-
|
||
|
/usr/bin/pkill
|
pkill --signal HUP --uid gdm dconf-service
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/lib/gdm3/gdm-wait-for-drm
|
/usr/lib/gdm3/gdm-wait-for-drm
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/sbin/gdm3
|
/usr/sbin/gdm3
|
||
|
/usr/sbin/gdm3
|
-
|
||
|
/usr/bin/plymouth
|
plymouth --ping
|
||
|
/usr/sbin/gdm3
|
-
|
||
|
/usr/lib/gdm3/gdm-session-worker
|
"gdm-session-worker [pam/gdm-launch-environment]"
|
||
|
/usr/lib/gdm3/gdm-session-worker
|
-
|
||
|
/usr/lib/gdm3/gdm-wayland-session
|
/usr/lib/gdm3/gdm-wayland-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
|
||
|
/usr/lib/gdm3/gdm-wayland-session
|
-
|
||
|
/usr/bin/dbus-daemon
|
dbus-daemon --print-address 3 --session
|
||
|
/usr/bin/dbus-daemon
|
-
|
||
|
/usr/bin/dbus-daemon
|
-
|
||
|
/bin/false
|
/bin/false
|
||
|
/usr/lib/gdm3/gdm-wayland-session
|
-
|
||
|
/usr/bin/dbus-run-session
|
dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
|
||
|
/usr/bin/dbus-run-session
|
-
|
||
|
/usr/bin/dbus-daemon
|
dbus-daemon --nofork --print-address 4 --session
|
||
|
/usr/sbin/gdm3
|
-
|
||
|
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
|
/usr/sbin/gdm3
|
-
|
||
|
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/lib/accountsservice/accounts-daemon
|
/usr/lib/accountsservice/accounts-daemon
|
||
|
/usr/lib/accountsservice/accounts-daemon
|
-
|
||
|
/usr/share/language-tools/language-validate
|
/usr/share/language-tools/language-validate en_US.UTF-8
|
||
|
/usr/share/language-tools/language-validate
|
-
|
||
|
/usr/share/language-tools/language-options
|
/usr/share/language-tools/language-options
|
||
|
/usr/share/language-tools/language-options
|
-
|
||
|
/bin/sh
|
sh -c "locale -a | grep -F .utf8 "
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/locale
|
locale -a
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -F .utf8
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/bin/pulseaudio
|
/usr/bin/pulseaudio --daemonize=no --log-target=journal
|
There are 98 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.rsyslog.com
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
daisy.ubuntu.com
|
162.213.35.24
|
||
|
byte-mirai.kro.kr
|
154.216.20.119
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
219.79.136.99
|
unknown
|
Hong Kong
|
||
|
129.180.63.187
|
unknown
|
Australia
|
||
|
141.111.14.59
|
unknown
|
United States
|
||
|
38.116.189.128
|
unknown
|
United States
|
||
|
155.217.182.170
|
unknown
|
United States
|
||
|
13.136.193.216
|
unknown
|
United States
|
||
|
221.118.125.57
|
unknown
|
Japan
|
||
|
70.247.162.220
|
unknown
|
United States
|
||
|
154.124.150.10
|
unknown
|
Senegal
|
||
|
12.30.116.237
|
unknown
|
United States
|
||
|
139.226.26.227
|
unknown
|
China
|
||
|
180.75.199.20
|
unknown
|
Malaysia
|
||
|
49.192.247.33
|
unknown
|
Australia
|
||
|
71.81.11.13
|
unknown
|
United States
|
||
|
177.157.224.102
|
unknown
|
Brazil
|
||
|
209.245.20.130
|
unknown
|
United States
|
||
|
99.72.10.249
|
unknown
|
United States
|
||
|
126.73.1.29
|
unknown
|
Japan
|
||
|
111.136.46.77
|
unknown
|
China
|
||
|
167.191.224.72
|
unknown
|
United States
|
||
|
194.130.117.252
|
unknown
|
United Kingdom
|
||
|
72.46.16.116
|
unknown
|
United States
|
||
|
93.250.231.172
|
unknown
|
Germany
|
||
|
78.227.72.220
|
unknown
|
France
|
||
|
14.98.128.115
|
unknown
|
India
|
||
|
216.134.200.59
|
unknown
|
United States
|
||
|
87.207.131.228
|
unknown
|
Poland
|
||
|
207.103.197.171
|
unknown
|
United States
|
||
|
221.51.132.94
|
unknown
|
Japan
|
||
|
144.130.17.101
|
unknown
|
Australia
|
||
|
211.34.175.178
|
unknown
|
Korea Republic of
|
||
|
83.30.248.255
|
unknown
|
Poland
|
||
|
89.112.89.206
|
unknown
|
Russian Federation
|
||
|
24.45.250.96
|
unknown
|
United States
|
||
|
126.109.152.36
|
unknown
|
Japan
|
||
|
134.30.131.250
|
unknown
|
Germany
|
||
|
8.36.137.200
|
unknown
|
United States
|
||
|
176.43.246.45
|
unknown
|
Turkey
|
||
|
219.99.225.46
|
unknown
|
Japan
|
||
|
12.12.207.14
|
unknown
|
United States
|
||
|
19.140.7.0
|
unknown
|
United States
|
||
|
103.51.167.240
|
unknown
|
Indonesia
|
||
|
96.63.51.126
|
unknown
|
Canada
|
||
|
58.18.153.127
|
unknown
|
China
|
||
|
173.8.139.122
|
unknown
|
United States
|
||
|
32.239.56.182
|
unknown
|
United States
|
||
|
172.55.173.90
|
unknown
|
United States
|
||
|
122.252.125.90
|
unknown
|
Korea Republic of
|
||
|
69.122.34.189
|
unknown
|
United States
|
||
|
125.171.111.186
|
unknown
|
China
|
||
|
31.161.195.254
|
unknown
|
Netherlands
|
||
|
120.40.232.18
|
unknown
|
China
|
||
|
204.143.230.4
|
unknown
|
United States
|
||
|
193.92.124.126
|
unknown
|
Greece
|
||
|
96.182.203.127
|
unknown
|
United States
|
||
|
213.55.238.105
|
unknown
|
Switzerland
|
||
|
48.11.106.110
|
unknown
|
United States
|
||
|
141.230.57.114
|
unknown
|
United States
|
||
|
27.183.219.164
|
unknown
|
Korea Republic of
|
||
|
169.18.199.18
|
unknown
|
United States
|
||
|
194.100.17.92
|
unknown
|
Finland
|
||
|
36.114.86.34
|
unknown
|
China
|
||
|
196.211.115.235
|
unknown
|
South Africa
|
||
|
69.116.232.191
|
unknown
|
United States
|
||
|
74.210.203.191
|
unknown
|
Canada
|
||
|
146.34.18.131
|
unknown
|
United States
|
||
|
103.195.142.127
|
unknown
|
Indonesia
|
||
|
54.153.44.162
|
unknown
|
United States
|
||
|
77.220.130.244
|
unknown
|
Russian Federation
|
||
|
173.26.16.105
|
unknown
|
United States
|
||
|
116.16.66.194
|
unknown
|
China
|
||
|
96.216.161.9
|
unknown
|
United States
|
||
|
50.107.113.104
|
unknown
|
United States
|
||
|
97.134.194.242
|
unknown
|
United States
|
||
|
102.2.61.1
|
unknown
|
unknown
|
||
|
110.34.13.193
|
unknown
|
Nepal
|
||
|
164.195.195.110
|
unknown
|
United States
|
||
|
206.239.51.236
|
unknown
|
United States
|
||
|
120.129.72.148
|
unknown
|
China
|
||
|
193.245.155.26
|
unknown
|
Belgium
|
||
|
192.99.71.223
|
unknown
|
Canada
|
||
|
13.163.246.206
|
unknown
|
United States
|
||
|
63.99.220.139
|
unknown
|
United States
|
||
|
46.202.131.144
|
unknown
|
Ukraine
|
||
|
196.134.79.151
|
unknown
|
Egypt
|
||
|
208.212.73.220
|
unknown
|
United States
|
||
|
183.97.59.123
|
unknown
|
Korea Republic of
|
||
|
203.19.222.239
|
unknown
|
Australia
|
||
|
96.151.55.183
|
unknown
|
United States
|
||
|
171.136.141.205
|
unknown
|
United States
|
||
|
46.62.205.198
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
|
64.206.118.122
|
unknown
|
United States
|
||
|
160.78.112.114
|
unknown
|
Italy
|
||
|
140.46.69.239
|
unknown
|
United States
|
||
|
39.249.65.41
|
unknown
|
Indonesia
|
||
|
145.104.194.44
|
unknown
|
Netherlands
|
||
|
159.203.164.79
|
unknown
|
United States
|
||
|
49.7.70.79
|
unknown
|
China
|
||
|
146.150.169.141
|
unknown
|
United States
|
||
|
153.93.58.250
|
unknown
|
Germany
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7efb1c028000
|
page execute read
|
|
||
|
7efb1c028000
|
page execute read
|
|
||
|
7efb1c028000
|
page execute read
|
|
||
|
7efb1c028000
|
page execute read
|
|
||
|
7efb1c028000
|
page execute read
|
|
||
|
7efb1c028000
|
page execute read
|
|
||
|
7efc23c5c000
|
page read and write
|
|||
|
563b74fb6000
|
page read and write
|
|||
|
7efc1bfff000
|
page read and write
|
|||
|
7efc23faa000
|
page read and write
|
|||
|
7ffc05afc000
|
page read and write
|
|||
|
7efc1c021000
|
page read and write
|
|||
|
563b74f9f000
|
page execute and read and write
|
|||
|
7efb1c034000
|
page read and write
|
|||
|
7ffc05b2d000
|
page execute read
|
|||
|
7efc22dd2000
|
page read and write
|
|||
|
7efc235da000
|
page read and write
|
|||
|
7ffc05afc000
|
page read and write
|
|||
|
7efc22dd2000
|
page read and write
|
|||
|
563b72d47000
|
page execute read
|
|||
|
7efc23dc8000
|
page read and write
|
|||
|
7efb1c031000
|
page read and write
|
|||
|
563b74fb6000
|
page read and write
|
|||
|
7efc23c5c000
|
page read and write
|
|||
|
563b72d47000
|
page execute read
|
|||
|
7efc2418b000
|
page read and write
|
|||
|
7ffc05afc000
|
page read and write
|
|||
|
7efb1c034000
|
page read and write
|
|||
|
7ffc05b2d000
|
page execute read
|
|||
|
7efc23faa000
|
page read and write
|
|||
|
563b7627d000
|
page read and write
|
|||
|
7efb1c031000
|
page read and write
|
|||
|
7efc242b4000
|
page read and write
|
|||
|
7efb1c036000
|
page read and write
|
|||
|
7efb1c034000
|
page read and write
|
|||
|
7ffc05afc000
|
page read and write
|
|||
|
7efc242d8000
|
page read and write
|
|||
|
7efc23faa000
|
page read and write
|
|||
|
563b72d47000
|
page execute read
|
|||
|
563b72f98000
|
page read and write
|
|||
|
7efb1c031000
|
page read and write
|
|||
|
563b72fa1000
|
page read and write
|
|||
|
563b74f9f000
|
page execute and read and write
|
|||
|
7efc22dd2000
|
page read and write
|
|||
|
7efc2431d000
|
page read and write
|
|||
|
7efc23dc8000
|
page read and write
|
|||
|
7efc23c5c000
|
page read and write
|
|||
|
7efc1c021000
|
page read and write
|
|||
|
563b72fa1000
|
page read and write
|
|||
|
7efc23dc8000
|
page read and write
|
|||
|
563b7627d000
|
page read and write
|
|||
|
7efc22dd2000
|
page read and write
|
|||
|
7efc239ce000
|
page read and write
|
|||
|
7efb1c031000
|
page read and write
|
|||
|
563b74fb6000
|
page read and write
|
|||
|
7efc242b4000
|
page read and write
|
|||
|
7efc22dd2000
|
page read and write
|
|||
|
563b7629e000
|
page read and write
|
|||
|
7efc1c021000
|
page read and write
|
|||
|
563b72d47000
|
page execute read
|
|||
|
7efc23c39000
|
page read and write
|
|||
|
563b72fa1000
|
page read and write
|
|||
|
7efc239ce000
|
page read and write
|
|||
|
7efc239ce000
|
page read and write
|
|||
|
7efc2431d000
|
page read and write
|
|||
|
7efc23c5c000
|
page read and write
|
|||
|
7efc242d8000
|
page read and write
|
|||
|
7efc2418b000
|
page read and write
|
|||
|
7efc23faa000
|
page read and write
|
|||
|
7efc2366c000
|
page read and write
|
|||
|
7efc235da000
|
page read and write
|
|||
|
7efc23c39000
|
page read and write
|
|||
|
563b74f9f000
|
page execute and read and write
|
|||
|
7efc239ce000
|
page read and write
|
|||
|
7efc2418b000
|
page read and write
|
|||
|
563b74fb6000
|
page read and write
|
|||
|
7efc235da000
|
page read and write
|
|||
|
7ffc05b2d000
|
page execute read
|
|||
|
7efc23dc8000
|
page read and write
|
|||
|
7efc23c39000
|
page read and write
|
|||
|
7efc2418b000
|
page read and write
|
|||
|
7efc239ce000
|
page read and write
|
|||
|
563b72f98000
|
page read and write
|
|||
|
7efc1bfff000
|
page read and write
|
|||
|
563b7627d000
|
page read and write
|
|||
|
7efb1c031000
|
page read and write
|
|||
|
7efc2431d000
|
page read and write
|
|||
|
7efc1bfff000
|
page read and write
|
|||
|
563b74f9f000
|
page execute and read and write
|
|||
|
563b7627d000
|
page read and write
|
|||
|
7efc2366c000
|
page read and write
|
|||
|
7efb1c034000
|
page read and write
|
|||
|
7efc235da000
|
page read and write
|
|||
|
563b72fa1000
|
page read and write
|
|||
|
7efc242d8000
|
page read and write
|
|||
|
7efc23faa000
|
page read and write
|
|||
|
7efc1bfff000
|
page read and write
|
|||
|
7efc242b4000
|
page read and write
|
|||
|
7efc242b4000
|
page read and write
|
|||
|
7efc2418b000
|
page read and write
|
|||
|
7efb1c034000
|
page read and write
|
|||
|
563b72f98000
|
page read and write
|
|||
|
7efc1bfff000
|
page read and write
|
|||
|
7efc2366c000
|
page read and write
|
|||
|
563b72fa1000
|
page read and write
|
|||
|
7efc23dc8000
|
page read and write
|
|||
|
7efc2366c000
|
page read and write
|
|||
|
7efc23c39000
|
page read and write
|
|||
|
563b7627d000
|
page read and write
|
|||
|
563b72f98000
|
page read and write
|
|||
|
7efc23faa000
|
page read and write
|
|||
|
7efc2431d000
|
page read and write
|
|||
|
7ffc05afc000
|
page read and write
|
|||
|
7efc23c39000
|
page read and write
|
|||
|
7efc23c5c000
|
page read and write
|
|||
|
7efc2431d000
|
page read and write
|
|||
|
7efc22dd2000
|
page read and write
|
|||
|
563b74fb6000
|
page read and write
|
|||
|
563b72f98000
|
page read and write
|
|||
|
563b72d47000
|
page execute read
|
|||
|
563b74f9f000
|
page execute and read and write
|
|||
|
7ffc05b2d000
|
page execute read
|
|||
|
563b72d47000
|
page execute read
|
|||
|
7efc23c39000
|
page read and write
|
|||
|
7efc2366c000
|
page read and write
|
|||
|
7efc242d8000
|
page read and write
|
|||
|
7efc1c021000
|
page read and write
|
|||
|
7efc242b4000
|
page read and write
|
|||
|
7efc23c5c000
|
page read and write
|
|||
|
7efc1c021000
|
page read and write
|
|||
|
7efb1c034000
|
page read and write
|
|||
|
7efc1c021000
|
page read and write
|
|||
|
7efc23dc8000
|
page read and write
|
|||
|
7efc242d8000
|
page read and write
|
|||
|
7efc239ce000
|
page read and write
|
|||
|
563b74f9f000
|
page execute and read and write
|
|||
|
7efc242d8000
|
page read and write
|
|||
|
563b72f98000
|
page read and write
|
|||
|
7efc2366c000
|
page read and write
|
|||
|
7efc1bfff000
|
page read and write
|
|||
|
7efb1c031000
|
page read and write
|
|||
|
7efc235da000
|
page read and write
|
|||
|
7efc2418b000
|
page read and write
|
|||
|
7efb1c036000
|
page read and write
|
|||
|
7efc235da000
|
page read and write
|
|||
|
7ffc05b2d000
|
page execute read
|
|||
|
7efc2431d000
|
page read and write
|
|||
|
7ffc05b2d000
|
page execute read
|
|||
|
7efc242b4000
|
page read and write
|
|||
|
563b74fb6000
|
page read and write
|
|||
|
563b7627d000
|
page read and write
|
|||
|
563b72fa1000
|
page read and write
|
|||
|
563b7629e000
|
page read and write
|
|||
|
7ffc05afc000
|
page read and write
|
There are 144 hidden memdumps, click here to show them.