Windows 10 x86/wow64 Userland heap | Corelan Cybersecurity Research
Tags
| attack-pattern: | Data |
Common Information
| Type | Value |
|---|---|
| UUID | b1396d72-324d-4d03-a6b7-66b7c90c2b8a |
| Fingerprint | c9917c00f41085f5 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | July 5, 2016, 9:59 p.m. |
| Added to db | Jan. 18, 2023, 10:59 p.m. |
| Last updated | Nov. 18, 2024, 2:35 a.m. |
| Headline | Corelan Cybersecurity Research |
| Title | Windows 10 x86/wow64 Userland heap | Corelan Cybersecurity Research |
| Detected Hints/Tags/Attributes | 30/1/25 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 64 | go.microsoft.com |
|
| Details | Domain | 29 | msdl.microsoft.com |
|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 330 | facebook.com |
|
| Details | Domain | 318 | bit.ly |
|
| Details | File | 533 | ntdll.dll |
|
| Details | File | 1 | bea_alloc1.exe |
|
| Details | File | 1 | bea_alloc2.exe |
|
| Details | File | 1 | bea_alloc3.exe |
|
| Details | File | 1 | bea_alloc4.exe |
|
| Details | File | 1 | lfh_alloc1.exe |
|
| Details | File | 1 | lfh_alloc2.exe |
|
| Details | File | 1 | lfh_alloc3.exe |
|
| Details | File | 1 | lfh_takeback2.exe |
|
| Details | File | 1 | large_alloc1.exe |
|
| Details | File | 1 | large_alloc2.exe |
|
| Details | File | 1 | precise_spray.exe |
|
| Details | Github username | 3 | corelan |
|
| Details | Url | 1 | https://go.microsoft.com/fwlink/?linkid=691984&clcid=0x409 |
|
| Details | Url | 1 | https://go.microsoft.com/fwlink/p/?linkid=536682 |
|
| Details | Url | 6 | http://msdl.microsoft.com/download/symbols |
|
| Details | Url | 1 | https://github.com/corelan/win10_heap |
|
| Details | Url | 1 | https://facebook.com/demandglobalchange |
|
| Details | Url | 1 | https://bit.ly/demandglobalchange_full |
|
| Details | Url | 1 | https://bit.ly/demandglobalchange |