Windows 10 22H2: Phantom Images everywhere

Open avengerx opened this issue 1 year ago • 1 comments

The binary available in the release of the repo works great in a Windows Server 2012 R2. But when I put it for the run in a Windows 10, all loaded DLLs are reported as "phantom image":

It's probably just a tech/lib upgrade issue. But glad it worked in ol' win12. Helped a lot making sure what a malware was doing.

Nov 29 '24 21:11 avengerx

Oh, the process in question is just an IIS's w3wp.exe and, if it helps, this is the output of a similiar (but lilkely compromised) one:

Nov 29 '24 22:11 avengerx