-
-
Save maliciousgroup/8733bdcd7b423cce2acb192ef0cea9c0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ================================================================================ | |
| Output generated by mona.py v2.0, rev 613 - Immunity Debugger | |
| Corelan Team - https://www.corelan.be | |
| ================================================================================ | |
| OS : 7, release 6.1.7601 | |
| Process being debugged : KMFtp (pid 4576) | |
| Current mona arguments: seh | |
| ================================================================================ | |
| 2021-04-14 13:12:57 | |
| ================================================================================ | |
| ----------------------------------------------------------------------------------------------------------------------------------------- | |
| Module info : | |
| ----------------------------------------------------------------------------------------------------------------------------------------- | |
| Base | Top | Size | Rebase | SafeSEH | ASLR | NXCompat | OS Dll | Version, Modulename & Path | |
| ----------------------------------------------------------------------------------------------------------------------------------------- | |
| 0x72c30000 | 0x72c40000 | 0x00010000 | True | True | True | True | True | 6.1.7601.18685 [NLAapi.dll] (C:\Windows\system32\NLAapi.dll) | |
| 0x72870000 | 0x728b4000 | 0x00044000 | True | True | True | True | True | 6.1.7600.16385 [DNSAPI.dll] (C:\Windows\system32\DNSAPI.dll) | |
| 0x75730000 | 0x75840000 | 0x00110000 | True | True | True | True | True | 6.1.7601.18015 [kernel32.dll] (C:\Windows\syswow64\kernel32.dll) | |
| 0x747f0000 | 0x747f5000 | 0x00005000 | True | True | True | True | True | 6.1.7600.16385 [SHFOLDER.dll] (C:\Windows\system32\SHFOLDER.dll) | |
| 0x74840000 | 0x7484c000 | 0x0000c000 | True | True | True | True | True | 6.1.7601.23915 [CRYPTBASE.dll] (C:\Windows\syswow64\CRYPTBASE.dll) | |
| 0x72c10000 | 0x72c23000 | 0x00013000 | True | True | True | True | True | 6.1.7600.16385 [dwmapi.dll] (C:\Windows\system32\dwmapi.dll) | |
| 0x76fb0000 | 0x77130000 | 0x00180000 | True | True | True | True | True | 6.1.7600.16385 [ntdll.dll] (C:\Windows\SysWOW64\ntdll.dll) | |
| 0x74710000 | 0x74748000 | 0x00038000 | True | True | True | True | True | 6.1.7600.16385 [odbcint.dll] (C:\Windows\system32\odbcint.dll) | |
| 0x75490000 | 0x754a9000 | 0x00019000 | True | True | True | True | True | 6.1.7600.16385 [sechost.dll] (C:\Windows\SysWOW64\sechost.dll) | |
| 0x72920000 | 0x72932000 | 0x00012000 | True | True | True | True | True | 6.1.7600.16385 [pnrpnsp.dll] (C:\Windows\system32\pnrpnsp.dll) | |
| 0x76f80000 | 0x76f8a000 | 0x0000a000 | True | True | True | True | True | 6.1.7601.23930 [LPK.dll] (C:\Windows\syswow64\LPK.dll) | |
| 0x12200000 | 0x12236000 | 0x00036000 | False | False | False | False | False | 1.0.0.0 [KMFtpCM.dll] (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x74d50000 | 0x74ded000 | 0x0009d000 | True | True | True | True | True | 1.0626.7601.23894 [USP10.dll] (C:\Windows\syswow64\USP10.dll) | |
| 0x00030000 | 0x0003d000 | 0x0000d000 | True | False | False | False | False | 1.0.0.0 [KMFtpSN.dll] (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpSN.dll) | |
| 0x74770000 | 0x74777000 | 0x00007000 | True | True | True | True | True | 6.1.7600.16385 [WSOCK32.dll] (C:\Windows\system32\WSOCK32.dll) | |
| 0x74850000 | 0x748b0000 | 0x00060000 | True | True | True | True | True | 6.1.7601.23915 [SspiCli.dll] (C:\Windows\syswow64\SspiCli.dll) | |
| 0x74290000 | 0x743ac000 | 0x0011c000 | True | True | True | True | True | 6.06.8063.0 [MFC42.DLL] (C:\Windows\system32\MFC42.DLL) | |
| 0x74df0000 | 0x74f4d000 | 0x0015d000 | True | True | True | True | True | 6.1.7601.23889 [ole32.dll] (C:\Windows\syswow64\ole32.dll) | |
| 0x76b50000 | 0x76ba7000 | 0x00057000 | True | True | True | True | True | 6.1.7600.16385 [SHLWAPI.dll] (C:\Windows\syswow64\SHLWAPI.dll) | |
| 0x75310000 | 0x75410000 | 0x00100000 | True | True | True | True | True | 6.1.7601.17514 [USER32.dll] (C:\Windows\syswow64\USER32.dll) | |
| 0x00020000 | 0x0002d000 | 0x0000d000 | True | False | False | False | False | 1.0.0.0 [KMFtpVR.dll] (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpVR.dll) | |
| 0x743e0000 | 0x7446c000 | 0x0008c000 | True | True | True | True | True | 6.1.7601.17514 [ODBC32.dll] (C:\Windows\system32\ODBC32.dll) | |
| 0x729b0000 | 0x729c0000 | 0x00010000 | True | True | True | True | True | 6.1.7600.16385 [napinsp.dll] (C:\Windows\system32\napinsp.dll) | |
| 0x72c40000 | 0x72cc0000 | 0x00080000 | True | True | True | True | True | 6.1.7600.16385 [uxtheme.dll] (C:\Windows\system32\uxtheme.dll) | |
| 0x74a60000 | 0x74af1000 | 0x00091000 | True | True | True | True | True | 6.1.7601.23775 [OLEAUT32.dll] (C:\Windows\syswow64\OLEAUT32.dll) | |
| 0x75990000 | 0x765dc000 | 0x00c4c000 | True | True | True | True | True | 6.1.7601.17514 [SHELL32.dll] (C:\Windows\syswow64\SHELL32.dll) | |
| 0x769c0000 | 0x76ab0000 | 0x000f0000 | True | True | True | True | True | 6.1.7600.16385 [RPCRT4.dll] (C:\Windows\syswow64\RPCRT4.dll) | |
| 0x76960000 | 0x769c0000 | 0x00060000 | True | True | True | True | True | 6.1.7601.17514 [IMM32.DLL] (C:\Windows\system32\IMM32.DLL) | |
| 0x72810000 | 0x72818000 | 0x00008000 | True | True | True | True | True | 6.1.7600.16385 [winrnr.dll] (C:\Windows\System32\winrnr.dll) | |
| 0x72d00000 | 0x72d84000 | 0x00084000 | True | True | True | True | True | 5.82 [COMCTL32.dll] (C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\COMCTL32.dll) | |
| 0x74c80000 | 0x74d4d000 | 0x000cd000 | True | True | True | True | True | 6.1.7600.16385 [MSCTF.dll] (C:\Windows\syswow64\MSCTF.dll) | |
| 0x756c0000 | 0x75707000 | 0x00047000 | True | True | True | True | True | 6.1.7601.18015 [KERNELBASE.dll] (C:\Windows\syswow64\KERNELBASE.dll) | |
| 0x10000000 | 0x1000f000 | 0x0000f000 | False | False | False | False | False | 1.0.0.0 [KMFtpEV.dll] (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpEV.dll) | |
| 0x00400000 | 0x00419000 | 0x00019000 | False | False | False | False | False | 1.0.0.0 [KMFtp.exe] (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe) | |
| 0x74bf0000 | 0x74c80000 | 0x00090000 | True | True | True | True | True | 6.1.7601.23914 [GDI32.dll] (C:\Windows\syswow64\GDI32.dll) | |
| 0x75570000 | 0x7561c000 | 0x000ac000 | True | True | True | True | True | 7.0.7601.17744 [msvcrt.dll] (C:\Windows\syswow64\msvcrt.dll) | |
| 0x754c0000 | 0x75561000 | 0x000a1000 | True | True | True | True | True | 6.1.7601.23915 [ADVAPI32.dll] (C:\Windows\syswow64\ADVAPI32.dll) | |
| 0x00220000 | 0x00227000 | 0x00007000 | True | False | False | False | False | 1.0.0.0 [KMFTPReg.dll] (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFTPReg.dll) | |
| 0x75000000 | 0x75006000 | 0x00006000 | True | True | True | True | True | 6.1.7601.23889 [NSI.dll] (C:\Windows\syswow64\NSI.dll) | |
| 0x76b00000 | 0x76b35000 | 0x00035000 | True | True | True | True | True | 6.1.7600.16385 [WS2_32.dll] (C:\Windows\syswow64\WS2_32.dll) | |
| 0x728e0000 | 0x7291c000 | 0x0003c000 | True | True | True | True | True | 6.1.7600.16385 [mswsock.dll] (C:\Windows\System32\mswsock.dll) | |
| 0x72ef0000 | 0x7308e000 | 0x0019e000 | True | True | True | True | True | 6.10 [comctl32.DLL] (C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.DLL) | |
| ----------------------------------------------------------------------------------------------------------------------------------------- | |
| 0x1220401e : pop ecx # pop esi # ret | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12207b4f : pop ecx # pop esi # ret | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122063b0 : pop esi # pop edi # ret | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12206223 : pop ecx # pop ecx # ret 0x08 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12201571 : pop edi # pop esi # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122015a2 : pop edi # pop esi # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122015bc : pop edi # pop esi # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12201730 : pop edi # pop esi # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220177f : pop edi # pop esi # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122034d2 : pop edi # pop esi # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12206683 : pop edi # pop esi # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122066bf : pop edi # pop esi # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122066f7 : pop edi # pop esi # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12206772 : pop edi # pop esi # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12206911 : pop edi # pop esi # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12206a80 : pop edi # pop esi # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12206f78 : pop edi # pop esi # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12206ff1 : pop edi # pop esi # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12208bc0 : pop edi # pop esi # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12209225 : pop edi # pop esi # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220937d : pop edi # pop esi # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122096e6 : pop edi # pop esi # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220a803 : pop edi # pop esi # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x10001154 : pop edi # pop esi # ret 0x04 | null {PAGE_EXECUTE_READ} [KMFtpEV.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpEV.dll) | |
| 0x004020c3 : pop edi # pop esi # ret 0x04 | startnull {PAGE_EXECUTE_READ} [KMFtp.exe] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe) | |
| 0x00402a99 : pop edi # pop esi # ret 0x04 | startnull {PAGE_EXECUTE_READ} [KMFtp.exe] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe) | |
| 0x004043a9 : pop edi # pop esi # ret 0x04 | startnull {PAGE_EXECUTE_READ} [KMFtp.exe] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe) | |
| 0x1220117f : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12201468 : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12201652 : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12201895 : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220195b : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122019c8 : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12201a21 : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12201a70 : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12201ea2 : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12202212 : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12202669 : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12202ac7 : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12202c5e : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12202ce6 : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12202de1 : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12203052 : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12203142 : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220325d : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122058b0 : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12205b68 : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12205bfb : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122060ca : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122061cc : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220628e : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220630c : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12206c2b : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12206f25 : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122077ce : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12207c6e : pop esi # pop ebx # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12208b6e : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12209114 : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122091f3 : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12209303 : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12209642 : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12209c92 : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220a090 : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220a62e : pop esi # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x10001193 : pop esi # pop ebx # ret 0x04 | null {PAGE_EXECUTE_READ} [KMFtpEV.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpEV.dll) | |
| 0x100011af : pop esi # pop ebx # ret 0x04 | null {PAGE_EXECUTE_READ} [KMFtpEV.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpEV.dll) | |
| 0x00407b30 : pop ebx # pop ecx # ret | startnull,asciiprint,ascii {PAGE_EXECUTE_READ} [KMFtp.exe] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe) | |
| 0x00407b3e : pop ebx # pop ecx # ret | startnull,asciiprint,ascii {PAGE_EXECUTE_READ} [KMFtp.exe] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe) | |
| 0x00407b76 : pop ebx # pop ecx # ret | startnull,asciiprint,ascii {PAGE_EXECUTE_READ} [KMFtp.exe] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe) | |
| 0x00407b8d : pop ebx # pop ecx # ret | startnull {PAGE_EXECUTE_READ} [KMFtp.exe] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe) | |
| 0x0040c83f : pop ecx # pop ecx # ret | startnull {PAGE_EXECUTE_READ} [KMFtp.exe] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe) | |
| 0x0040c875 : pop ecx # pop ecx # ret | startnull {PAGE_EXECUTE_READ} [KMFtp.exe] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe) | |
| 0x12206053 : pop edi # pop esi # ret 0x08 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122069f8 : pop edi # pop esi # ret 0x08 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12206b3f : pop edi # pop esi # ret 0x08 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220b581 : pop edi # pop esi # ret 0x08 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x004043d0 : pop edi # pop esi # ret 0x08 | startnull {PAGE_EXECUTE_READ} [KMFtp.exe] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe) | |
| 0x12203eb7 : pop eax # pop ebp # ret | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12203f26 : pop eax # pop ebp # ret | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12204adb : pop eax # pop ebp # ret | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220b525 : pop ebp # pop ebx # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12203fd4 : pop edi # pop esi # ret | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12207109 : pop edi # pop esi # ret | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122071eb : pop edi # pop esi # ret | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122075b1 : pop edi # pop esi # ret | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220a23b : pop edi # pop esi # ret | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220a5e5 : pop edi # pop esi # ret | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x0040c074 : pop edi # pop esi # ret | startnull {PAGE_EXECUTE_READ} [KMFtp.exe] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe) | |
| 0x100041d2 : pop esi # pop ebx # ret 0x0c | null {PAGE_EXECUTE_READ} [KMFtpEV.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpEV.dll) | |
| 0x10005714 : call dword ptr ss:[ebp-18] | null {PAGE_EXECUTE_READ} [KMFtpEV.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpEV.dll) | |
| 0x10007357 : pop esi # pop ecx # ret 0x1C | null {PAGE_EXECUTE_READ} [KMFtpEV.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpEV.dll) | |
| 0x12202246 : pop esi # pop ebp # ret 0x08 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220788a : pop esi # pop ebp # ret 0x08 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12206d9d : pop eax # pop esi # ret | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12207e10 : pop eax # pop esi # ret | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12208a2f : pop eax # pop esi # ret | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220673c : pop edi # pop esi # ret 0x0c | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x0040151c : pop esi # pop ecx # ret | startnull,asciiprint,ascii {PAGE_EXECUTE_READ} [KMFtp.exe] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtp.exe) | |
| 0x1220b447 : pop ebx # pop ebp # ret 0x0c | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x10007747 : pop ebx # pop ebp # ret 0x0c | null {PAGE_EXECUTE_READ} [KMFtpEV.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpEV.dll) | |
| 0x12201ed6 : pop esi # pop ebp # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122036f2 : pop esi # pop ebp # ret 0x04 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x12206841 : pop esi # pop ebp # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x1220784f : pop esi # pop ebp # ret 0x04 | ascii {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) | |
| 0x122010eb : pop esi # pop ebp # ret 0x10 | {PAGE_EXECUTE_READ} [KMFtpCM.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v1.0.0.0 (C:\Program Files (x86)\KONICA MINOLTA\FTP Utility\KMFtpCM.dll) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment