Updates: VMMap v3.1, RAMMap v1.11, Handle v3.46, Process Explorer v14.12 and Mark’s Blog: Analyzing a Stuxnet Infection with the Sysinternals Tools, Part 3
?
VMMap v3.1: VMMap, a process virtual and physical memory analyzer, now shows the ASLR status of images and reports “unusable” virtual memory regions.
RAMMap v1.11: This update to RAMMap, a system memory usage analyzer, adds command-line options for loading files and exporting scans, creates a file association and fixes several bugs.
Handle v3.46: This update has Handle use the same helper driver as Process Explorer.
Process Explorer v14.12: This update fixes a bug that prevents removal of tray icons under certain conditions.
Mark’s Blog: Analyzing a Stuxnet Infection with the Sysinternals Tools, Part 3: Mark wraps up his three-part series that shows how Process Monitor, Process Explorer, Autoruns and VMMap provide a comprehensive overview of the infection steps and operation of the infamous Stuxnet virus.