We do not create malware here. However if it sort of evilpolarbear.exe feel free to post in password protected archive.
I don't have any script. If this API fails then look on GetLastError result value after failed call.
If VirtualAlloc params is what you supplied then it is invalid call due to Protect flag you set to 0. If you want to execute something it should be at least PAGE_EXECUTE_READWRITE assuming you will do Read/Write to that region next.
Read http://www.kernelmode.info/forum/viewto ... =20&t=1950 next time and use search viewtopic.php?f=16&t=4389&p=28676&hilit=W97M#p28676.
You have 0 contribution to this place. All your topics are requests.
I already mentioned here viewtopic.php?f=22&t=5419&p=32496#p32496
You seems do not understand. Ok, banned for 6 month.
Can we have this one? Just for fun and collection. https://darkwebs.ws/threads/54287/ https://fumik0.com/2019/05/03/lets-nuke-megumin-trojan/ d15e1bc9096810fb4c954e5487d5a54f8c743cfd36ed0639a0b4cb044e04339f e6c447c826ae810dec6059c797aa04474dd27f84e37e61b650158449b5229469 c70120ee9dd25640049fa2d08a76...