!mona pattern_create 1000     # Generate a unique 1000 byte buffer
!mona pattern_offset 37694136    # Identify the offset of the buffer with EIP address
!mona modules -o     # This shows the modules used by the program, -o ignores OS modules
!mona jmp -r est -m Configuration.dll     # Select one of the DLLs not participating in ASLR to find static address