Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
970Qh1XiFt.elf
|
ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, stripped
|
initial sample
|
 |
|
|
/var/log/wtmp
|
data
|
dropped
|
|
|
|
/home/saturnino/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-sink
|
ASCII text
|
dropped
|
||
|
/home/saturnino/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-source
|
ASCII text
|
dropped
|
||
|
/proc/6425/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
|
/run/gdm3.pid
|
ASCII text
|
dropped
|
||
|
/run/systemd/seats/.#seat05pQosW
|
ASCII text
|
dropped
|
||
|
/run/systemd/seats/.#seat0UbRk9Z
|
ASCII text
|
dropped
|
||
|
/run/systemd/users/.#1273EF4KY
|
ASCII text
|
dropped
|
||
|
/run/systemd/users/.#127NH6wUX
|
ASCII text
|
dropped
|
||
|
/run/systemd/users/.#127aVV9v0
|
ASCII text
|
dropped
|
||
|
/run/systemd/users/.#127bCbmkY
|
ASCII text
|
dropped
|
||
|
/run/systemd/users/.#127tyur3V
|
ASCII text
|
dropped
|
||
|
/run/user/1000/pulse/pid
|
ASCII text
|
dropped
|
||
|
/run/utmp
|
data
|
dropped
|
||
|
/tmp/qemu-open.KMYxW3 (deleted)
|
data
|
dropped
|
||
|
/tmp/qemu-open.LpSRJA (deleted)
|
data
|
dropped
|
||
|
/var/lib/AccountsService/users/gdm.I7TQV2
|
ASCII text
|
dropped
|
||
|
/var/lib/ubuntu-drivers-common/last_gfx_boot
|
ASCII text
|
dropped
|
||
|
/var/log/auth.log
|
ASCII text
|
dropped
|
||
|
/var/log/gpu-manager.log
|
ASCII text
|
dropped
|
||
|
/var/log/kern.log
|
ASCII text
|
dropped
|
||
|
/var/log/syslog
|
ASCII text, with very long lines (317)
|
dropped
|
There are 13 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/970Qh1XiFt.elf
|
/tmp/970Qh1XiFt.elf
|
||
|
/tmp/970Qh1XiFt.elf
|
-
|
||
|
/tmp/970Qh1XiFt.elf
|
-
|
||
|
/tmp/970Qh1XiFt.elf
|
-
|
||
|
/tmp/970Qh1XiFt.elf
|
-
|
||
|
/tmp/970Qh1XiFt.elf
|
-
|
||
|
/tmp/970Qh1XiFt.elf
|
-
|
||
|
/tmp/970Qh1XiFt.elf
|
-
|
||
|
/tmp/970Qh1XiFt.elf
|
-
|
||
|
/usr/sbin/gdm3
|
-
|
||
|
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/sbin/rsyslogd
|
/usr/sbin/rsyslogd -n -iNONE
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/bin/pulseaudio
|
/usr/bin/pulseaudio --daemonize=no --log-target=journal
|
||
|
/usr/sbin/gdm3
|
-
|
||
|
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
|
/usr/sbin/gdm3
|
-
|
||
|
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
|
/usr/libexec/gvfsd-fuse
|
-
|
||
|
/bin/fusermount
|
fusermount -u -q -z -- /run/user/1000/gvfs
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/libexec/rtkit-daemon
|
/usr/libexec/rtkit-daemon
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/lib/systemd/systemd-logind
|
/lib/systemd/systemd-logind
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/bin/gpu-manager
|
/usr/bin/gpu-manager --log /var/log/gpu-manager.log
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
|
/usr/bin/gpu-manager
|
-
|
||
|
/bin/sh
|
sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/lib/policykit-1/polkitd
|
/usr/lib/policykit-1/polkitd --no-debug
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/sbin/agetty
|
/sbin/agetty -o "-p -- \\u" --noclear tty2 linux
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/share/gdm/generate-config
|
/usr/share/gdm/generate-config
|
||
|
/usr/share/gdm/generate-config
|
-
|
||
|
/usr/bin/pkill
|
pkill --signal HUP --uid gdm dconf-service
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/lib/gdm3/gdm-wait-for-drm
|
/usr/lib/gdm3/gdm-wait-for-drm
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/sbin/gdm3
|
/usr/sbin/gdm3
|
||
|
/usr/sbin/gdm3
|
-
|
||
|
/usr/bin/plymouth
|
plymouth --ping
|
||
|
/usr/sbin/gdm3
|
-
|
||
|
/usr/lib/gdm3/gdm-session-worker
|
"gdm-session-worker [pam/gdm-launch-environment]"
|
||
|
/usr/lib/gdm3/gdm-session-worker
|
-
|
||
|
/usr/lib/gdm3/gdm-wayland-session
|
/usr/lib/gdm3/gdm-wayland-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
|
||
|
/usr/lib/gdm3/gdm-wayland-session
|
-
|
||
|
/usr/bin/dbus-daemon
|
dbus-daemon --print-address 3 --session
|
||
|
/usr/bin/dbus-daemon
|
-
|
||
|
/usr/bin/dbus-daemon
|
-
|
||
|
/bin/false
|
/bin/false
|
||
|
/usr/lib/gdm3/gdm-wayland-session
|
-
|
||
|
/usr/bin/dbus-run-session
|
dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
|
||
|
/usr/bin/dbus-run-session
|
-
|
||
|
/usr/bin/dbus-daemon
|
dbus-daemon --nofork --print-address 4 --session
|
||
|
/usr/sbin/gdm3
|
-
|
||
|
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
|
/usr/sbin/gdm3
|
-
|
||
|
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/lib/accountsservice/accounts-daemon
|
/usr/lib/accountsservice/accounts-daemon
|
||
|
/usr/lib/accountsservice/accounts-daemon
|
-
|
||
|
/usr/share/language-tools/language-validate
|
/usr/share/language-tools/language-validate en_US.UTF-8
|
||
|
/usr/share/language-tools/language-validate
|
-
|
||
|
/usr/share/language-tools/language-options
|
/usr/share/language-tools/language-options
|
||
|
/usr/share/language-tools/language-options
|
-
|
||
|
/bin/sh
|
sh -c "locale -a | grep -F .utf8 "
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/locale
|
locale -a
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/grep
|
grep -F .utf8
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/bin/pulseaudio
|
/usr/bin/pulseaudio --daemonize=no --log-target=journal
|
There are 98 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.rsyslog.com
|
unknown
|
||
|
https://daisy.ubuntu.com/9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9e
|
162.213.35.24
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
daisy.ubuntu.com
|
162.213.35.25
|
||
|
byte-mirai.kro.kr
|
154.216.20.119
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.30.4.241
|
unknown
|
United States
|
||
|
87.104.151.233
|
unknown
|
Denmark
|
||
|
147.75.86.18
|
unknown
|
Switzerland
|
||
|
99.216.182.109
|
unknown
|
Canada
|
||
|
171.132.210.232
|
unknown
|
United States
|
||
|
164.76.186.157
|
unknown
|
United States
|
||
|
46.179.175.101
|
unknown
|
Belgium
|
||
|
75.159.38.52
|
unknown
|
Canada
|
||
|
36.0.35.215
|
unknown
|
China
|
||
|
168.66.238.223
|
unknown
|
United States
|
||
|
45.21.146.144
|
unknown
|
United States
|
||
|
8.245.72.105
|
unknown
|
United States
|
||
|
104.50.111.136
|
unknown
|
United States
|
||
|
38.115.199.232
|
unknown
|
United States
|
||
|
144.61.7.231
|
unknown
|
United States
|
||
|
42.248.146.153
|
unknown
|
China
|
||
|
137.153.236.250
|
unknown
|
Japan
|
||
|
207.103.197.157
|
unknown
|
United States
|
||
|
18.69.253.62
|
unknown
|
United States
|
||
|
174.236.247.48
|
unknown
|
United States
|
||
|
44.194.145.170
|
unknown
|
United States
|
||
|
45.20.156.230
|
unknown
|
United States
|
||
|
117.20.188.196
|
unknown
|
Singapore
|
||
|
186.57.171.145
|
unknown
|
Argentina
|
||
|
129.130.18.235
|
unknown
|
United States
|
||
|
13.78.147.175
|
unknown
|
United States
|
||
|
59.17.126.5
|
unknown
|
Korea Republic of
|
||
|
131.158.42.19
|
unknown
|
United States
|
||
|
191.82.108.40
|
unknown
|
Argentina
|
||
|
170.50.144.235
|
unknown
|
United States
|
||
|
8.68.63.28
|
unknown
|
United States
|
||
|
121.147.231.39
|
unknown
|
Korea Republic of
|
||
|
187.145.90.119
|
unknown
|
Mexico
|
||
|
38.208.16.112
|
unknown
|
United States
|
||
|
113.20.32.113
|
unknown
|
New Caledonia
|
||
|
173.147.246.131
|
unknown
|
United States
|
||
|
25.19.156.155
|
unknown
|
United Kingdom
|
||
|
187.70.227.207
|
unknown
|
Brazil
|
||
|
145.142.180.251
|
unknown
|
Netherlands
|
||
|
86.209.52.137
|
unknown
|
France
|
||
|
115.247.172.142
|
unknown
|
India
|
||
|
207.165.106.205
|
unknown
|
United States
|
||
|
73.21.44.95
|
unknown
|
United States
|
||
|
209.99.175.15
|
unknown
|
United States
|
||
|
217.110.80.145
|
unknown
|
Germany
|
||
|
139.199.192.68
|
unknown
|
China
|
||
|
46.8.56.19
|
unknown
|
Russian Federation
|
||
|
48.8.237.234
|
unknown
|
United States
|
||
|
210.244.200.165
|
unknown
|
Taiwan; Republic of China (ROC)
|
||
|
203.37.178.10
|
unknown
|
Australia
|
||
|
124.177.69.164
|
unknown
|
Australia
|
||
|
207.16.235.160
|
unknown
|
United States
|
||
|
151.65.14.101
|
unknown
|
Italy
|
||
|
205.67.245.63
|
unknown
|
United States
|
||
|
180.114.97.188
|
unknown
|
China
|
||
|
66.233.31.204
|
unknown
|
United States
|
||
|
192.73.27.28
|
unknown
|
United States
|
||
|
146.125.160.42
|
unknown
|
United States
|
||
|
106.93.102.152
|
unknown
|
China
|
||
|
95.97.222.206
|
unknown
|
Netherlands
|
||
|
106.117.82.66
|
unknown
|
China
|
||
|
19.140.221.82
|
unknown
|
United States
|
||
|
54.169.184.45
|
unknown
|
United States
|
||
|
43.206.239.71
|
unknown
|
Japan
|
||
|
52.93.142.128
|
unknown
|
United States
|
||
|
65.230.125.174
|
unknown
|
United States
|
||
|
99.253.68.228
|
unknown
|
Canada
|
||
|
157.162.143.24
|
unknown
|
Germany
|
||
|
82.116.206.185
|
unknown
|
Cyprus
|
||
|
158.38.7.44
|
unknown
|
Norway
|
||
|
85.168.96.46
|
unknown
|
France
|
||
|
136.157.26.240
|
unknown
|
Germany
|
||
|
94.39.13.2
|
unknown
|
Italy
|
||
|
2.21.254.73
|
unknown
|
European Union
|
||
|
35.1.100.89
|
unknown
|
United States
|
||
|
93.197.53.161
|
unknown
|
Germany
|
||
|
96.182.203.115
|
unknown
|
United States
|
||
|
41.82.47.228
|
unknown
|
Senegal
|
||
|
95.178.221.18
|
unknown
|
Croatia (LOCAL Name: Hrvatska)
|
||
|
85.181.32.92
|
unknown
|
Germany
|
||
|
124.133.87.135
|
unknown
|
China
|
||
|
120.241.244.163
|
unknown
|
China
|
||
|
48.133.202.226
|
unknown
|
United States
|
||
|
190.250.243.68
|
unknown
|
Colombia
|
||
|
25.45.219.203
|
unknown
|
United Kingdom
|
||
|
172.140.18.194
|
unknown
|
United States
|
||
|
145.212.200.49
|
unknown
|
Netherlands
|
||
|
48.88.173.148
|
unknown
|
United States
|
||
|
58.52.69.6
|
unknown
|
China
|
||
|
157.29.34.12
|
unknown
|
Italy
|
||
|
32.79.142.76
|
unknown
|
United States
|
||
|
31.169.197.114
|
unknown
|
Czech Republic
|
||
|
102.20.106.92
|
unknown
|
unknown
|
||
|
181.48.255.110
|
unknown
|
Colombia
|
||
|
1.62.56.197
|
unknown
|
China
|
||
|
81.23.103.229
|
unknown
|
Russian Federation
|
||
|
123.149.29.145
|
unknown
|
China
|
||
|
34.44.37.101
|
unknown
|
United States
|
||
|
94.11.75.141
|
unknown
|
United Kingdom
|
||
|
195.142.237.61
|
unknown
|
Turkey
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f84ac414000
|
page execute read
|
|
||
|
7f84ac414000
|
page execute read
|
|
||
|
7f84ac414000
|
page execute read
|
|
||
|
7f84ac414000
|
page execute read
|
|
||
|
7f84ac414000
|
page execute read
|
|
||
|
7f84ac414000
|
page execute read
|
|
||
|
7f852c021000
|
page read and write
|
|||
|
560d7f4f0000
|
page read and write
|
|||
|
7f8534210000
|
page read and write
|
|||
|
7f85334e9000
|
page read and write
|
|||
|
560d82137000
|
page read and write
|
|||
|
7f8533b48000
|
page read and write
|
|||
|
7f85334f7000
|
page read and write
|
|||
|
7f853409a000
|
page read and write
|
|||
|
7f8534210000
|
page read and write
|
|||
|
7f84ac455000
|
page read and write
|
|||
|
560d7f4f0000
|
page read and write
|
|||
|
560d81505000
|
page read and write
|
|||
|
7f85337a7000
|
page read and write
|
|||
|
560d7f25e000
|
page execute read
|
|||
|
560d814ee000
|
page execute and read and write
|
|||
|
7f8533b88000
|
page read and write
|
|||
|
7f8534210000
|
page read and write
|
|||
|
7fff198ee000
|
page read and write
|
|||
|
7f84ac458000
|
page read and write
|
|||
|
560d82137000
|
page read and write
|
|||
|
7f853409a000
|
page read and write
|
|||
|
7f84ac458000
|
page read and write
|
|||
|
7fff199e6000
|
page execute read
|
|||
|
7f8532ce1000
|
page read and write
|
|||
|
7f852c000000
|
page read and write
|
|||
|
7f85341cb000
|
page read and write
|
|||
|
7f85341c3000
|
page read and write
|
|||
|
7f84ac45a000
|
page read and write
|
|||
|
7f85337a7000
|
page read and write
|
|||
|
7fff199e6000
|
page execute read
|
|||
|
7f8533eb9000
|
page read and write
|
|||
|
560d7f4e6000
|
page read and write
|
|||
|
7f8534210000
|
page read and write
|
|||
|
7f85334e9000
|
page read and write
|
|||
|
560d7f25e000
|
page execute read
|
|||
|
560d7f4f0000
|
page read and write
|
|||
|
7f8533b88000
|
page read and write
|
|||
|
560d814ee000
|
page execute and read and write
|
|||
|
7f8533eb9000
|
page read and write
|
|||
|
7fff199e6000
|
page execute read
|
|||
|
560d82137000
|
page read and write
|
|||
|
7f852c000000
|
page read and write
|
|||
|
560d7f25e000
|
page execute read
|
|||
|
7f8533b6b000
|
page read and write
|
|||
|
7fff199e6000
|
page execute read
|
|||
|
7f84ac455000
|
page read and write
|
|||
|
7f852c000000
|
page read and write
|
|||
|
7f8533eb9000
|
page read and write
|
|||
|
7f853409a000
|
page read and write
|
|||
|
7f85334f7000
|
page read and write
|
|||
|
7f853409a000
|
page read and write
|
|||
|
7f8534210000
|
page read and write
|
|||
|
7f852c000000
|
page read and write
|
|||
|
560d7f25e000
|
page execute read
|
|||
|
7f8533b88000
|
page read and write
|
|||
|
7f852c021000
|
page read and write
|
|||
|
560d7f4e6000
|
page read and write
|
|||
|
560d82137000
|
page read and write
|
|||
|
7fff198ee000
|
page read and write
|
|||
|
7f84ac458000
|
page read and write
|
|||
|
7f85337a7000
|
page read and write
|
|||
|
7f8533b6b000
|
page read and write
|
|||
|
7f8533b48000
|
page read and write
|
|||
|
7f85341c3000
|
page read and write
|
|||
|
560d7f4e6000
|
page read and write
|
|||
|
560d81505000
|
page read and write
|
|||
|
7f8533b88000
|
page read and write
|
|||
|
7f8533eb9000
|
page read and write
|
|||
|
7f84ac455000
|
page read and write
|
|||
|
7f85334f7000
|
page read and write
|
|||
|
560d7f4e6000
|
page read and write
|
|||
|
7f8533b48000
|
page read and write
|
|||
|
7f85341cb000
|
page read and write
|
|||
|
7f85341cb000
|
page read and write
|
|||
|
7f853409a000
|
page read and write
|
|||
|
7f84ac45a000
|
page read and write
|
|||
|
7f852c021000
|
page read and write
|
|||
|
7f8534210000
|
page read and write
|
|||
|
7f85337a7000
|
page read and write
|
|||
|
560d7f4f0000
|
page read and write
|
|||
|
7f85334e9000
|
page read and write
|
|||
|
560d81505000
|
page read and write
|
|||
|
7fff199e6000
|
page execute read
|
|||
|
7fff198ee000
|
page read and write
|
|||
|
7f84ac455000
|
page read and write
|
|||
|
7f8532ce1000
|
page read and write
|
|||
|
7f85337a7000
|
page read and write
|
|||
|
7f85334f7000
|
page read and write
|
|||
|
7f85341c3000
|
page read and write
|
|||
|
560d7f4f0000
|
page read and write
|
|||
|
7f8533b88000
|
page read and write
|
|||
|
560d82137000
|
page read and write
|
|||
|
7f8533b48000
|
page read and write
|
|||
|
7f85334f7000
|
page read and write
|
|||
|
560d82157000
|
page read and write
|
|||
|
7f85337a7000
|
page read and write
|
|||
|
7f8533b6b000
|
page read and write
|
|||
|
7f85334e9000
|
page read and write
|
|||
|
7f8533b88000
|
page read and write
|
|||
|
560d7f25e000
|
page execute read
|
|||
|
560d814ee000
|
page execute and read and write
|
|||
|
7f8532ce1000
|
page read and write
|
|||
|
7f84ac458000
|
page read and write
|
|||
|
7f853409a000
|
page read and write
|
|||
|
7fff198ee000
|
page read and write
|
|||
|
7f852c021000
|
page read and write
|
|||
|
560d82137000
|
page read and write
|
|||
|
7fff199e6000
|
page execute read
|
|||
|
7f85334f7000
|
page read and write
|
|||
|
560d814ee000
|
page execute and read and write
|
|||
|
7f8533b6b000
|
page read and write
|
|||
|
7f8533b6b000
|
page read and write
|
|||
|
7f85341c3000
|
page read and write
|
|||
|
7f84ac458000
|
page read and write
|
|||
|
560d814ee000
|
page execute and read and write
|
|||
|
7f85341c3000
|
page read and write
|
|||
|
560d7f4e6000
|
page read and write
|
|||
|
560d82157000
|
page read and write
|
|||
|
560d7f4e6000
|
page read and write
|
|||
|
7f85341c3000
|
page read and write
|
|||
|
560d814ee000
|
page execute and read and write
|
|||
|
560d81505000
|
page read and write
|
|||
|
560d7f25e000
|
page execute read
|
|||
|
7f8533b6b000
|
page read and write
|
|||
|
7f85334e9000
|
page read and write
|
|||
|
7f85334e9000
|
page read and write
|
|||
|
560d81505000
|
page read and write
|
|||
|
7f8532ce1000
|
page read and write
|
|||
|
7f8533b48000
|
page read and write
|
|||
|
7f85341cb000
|
page read and write
|
|||
|
7fff198ee000
|
page read and write
|
|||
|
560d81505000
|
page read and write
|
|||
|
7f852c021000
|
page read and write
|
|||
|
7f8533eb9000
|
page read and write
|
|||
|
7f85341cb000
|
page read and write
|
|||
|
7f8533eb9000
|
page read and write
|
|||
|
7f852c021000
|
page read and write
|
|||
|
7f852c000000
|
page read and write
|
|||
|
7f85341cb000
|
page read and write
|
|||
|
560d7f4f0000
|
page read and write
|
|||
|
7f8532ce1000
|
page read and write
|
|||
|
7f8533b48000
|
page read and write
|
|||
|
7fff198ee000
|
page read and write
|
|||
|
7f84ac455000
|
page read and write
|
|||
|
7f84ac458000
|
page read and write
|
|||
|
7f852c000000
|
page read and write
|
|||
|
7f84ac455000
|
page read and write
|
|||
|
7f8532ce1000
|
page read and write
|
There are 144 hidden memdumps, click here to show them.