IOCReport

loading gif

Files

File Path
Type
Category
Malicious
https://05tns.csb.app/
URL
initial url
 malicious
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\E5F0NRSV\www.htmlprotection.kom[1].xml
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\URW0GA4Q\www.sabro[1].xml
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{518CDF09-7D3F-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{518CDF0B-7D3F-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{5A362815-7D3F-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\585b051251[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\9560678631816622811[1].png
PNG image data, 300 x 250, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\A0JQBACH.htm
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\XAV7EGKH.htm
exported SGML document, ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\ads[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\arrow_right[1].svg
SVG Scalable Vector Graphics image
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\bootstrap.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\cookie_push_onload[1].htm
HTML document, ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\cookie_push_onload[2].htm
HTML document, ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\element_main[1].js
HTML document, ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\f[1].txt
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\f[2].txt
ASCII text, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\favicon[1].png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\flags_0[1].png
PNG image data, 150 x 129, 8-bit/color RGB, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\googlelogo_color_42x16dp[1].png
PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\lng_en[1].png
PNG image data, 107 x 43, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\logomini[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 238x50, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\oBtBCMa[1].png
PNG image data, 16 x 12, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\portal-v2[1].htm
HTML document, ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\s[1].htm
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\s[2].htm
HTML document, ASCII text
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\sabro-diseno-de-paginas-web-guatemala[1].png
PNG image data, 240 x 180, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\sabro-portafolio-apps[1].png
PNG image data, 240 x 180, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\sabro-portafolio-websites[1].png
PNG image data, 240 x 180, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\top1[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1366x500, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\5cdcc6fcdc07bd0012082264[1].js
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\OqOE21UvWe3[1].png
PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\activeview[1].gif
GIF image data, version 89a, 1 x 1
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\ads[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\bootstrap.min[1].css
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\c[1].gif
GIF image data, version 89a, 1 x 1
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\counter[1].js
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\f[1].txt
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\f[2].txt
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\facebook[1].svg
SVG Scalable Vector Graphics image
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\favicon-8f211ea639[1].ico
MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\hbC1ovHPP4z[1].js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\jquery-3.2.1.slim.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\jquery.23.10__[1].js
Non-ISO extended-ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\like[1].htm
HTML document, UTF-8 Unicode text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\like[2].htm
HTML document, UTF-8 Unicode text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\main[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\pinterest[1].svg
SVG Scalable Vector Graphics image
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\r[1].gif
GIF image data, version 89a, 1 x 1
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\sabro-equipo-guatemala[1].png
PNG image data, 240 x 180, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\sabro-hosting-emails-guatemala[1].png
PNG image data, 240 x 180, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\sodar2[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\sombratop[1].png
PNG image data, 86 x 90, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\translate_24dp[1].png
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\translateelement[1].css
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\twitter[1].svg
SVG Scalable Vector Graphics image
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\webfunctions[1].js
ASCII text
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\3403299522302639435[1].png
PNG image data, 300 x 250, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\NBGQBKNS.htm
HTML document, ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\NbavSCgIibpGXIPgvdnCekV4Trd9FdFp1lnuZbQf9E0[1].js
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\Raleway-Regular[1].ttf
TrueType Font data, 17 tables, 1st "GPOS", 31 names, Macintosh, Copyright (c) 2010 - 2012, Matt McInerney (matt@pixelspread.com), Pablo Impallari(impallari@gma
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\a2[1].htm
HTML document, ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\ads[1].htm
HTML document, UTF-8 Unicode text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\arrow_left[1].svg
SVG Scalable Vector Graphics image
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\contador[1].htm
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\css[1].css
ASCII text
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\email[1].svg
SVG Scalable Vector Graphics image
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\hambur1[1].png
PNG image data, 46 x 46, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\hbC1ovHPP4z[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\jquery.23.10[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\pagosaceptados[1].png
PNG image data, 221 x 47, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\popper.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\protect-html-code[1].jpg
"LEAD Technologies Inc. V1.01", baseline, precision 8, 336x280, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\runner[1].htm
HTML document, ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\rx_lidar[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\sabro-contactar[1].png
PNG image data, 240 x 180, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\sabro-desarrollo-de-apps-guatemala[1].png
PNG image data, 240 x 180, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\sharethis[1].svg
SVG Scalable Vector Graphics image
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\translate_24dp[1].png
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\wpchat[1].png
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\466606[1].gif
GIF image data, version 89a, 1 x 1
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\6926156095005395524[1].png
PNG image data, 300 x 250, 8-bit colormap, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\7[1].js
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\IGI3DLXG.htm
HTML document, UTF-8 Unicode text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\activeview[1].gif
GIF image data, version 89a, 1 x 1
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\cavalry_endpoint[1].png
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\f[1].txt
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\f[2].txt
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\f[3].txt
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\f[4].txt
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\f[5].txt
ASCII text, with very long lines, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\free-v4-shims.min[1].css
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\free.min[1].css
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\hambur2[1].png
PNG image data, 46 x 46, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\jquery-3.1.1.min[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\lng_es[1].png
PNG image data, 107 x 43, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\menux[1].js
HTML document, ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\menux_[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\osd[1].js
ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\pixel[1].png
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\sabro-registro-de-dominios-guatemala[1].png
PNG image data, 240 x 180, 8-bit/color RGBA, non-interlaced
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\sd[1].gif
GIF image data, version 89a, 1 x 1
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\sharethis[1].js
UTF-8 Unicode text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\sms[1].svg
SVG Scalable Vector Graphics image
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\sync[1].gif
GIF image data, version 89a, 1 x 1
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\t[1].json
ASCII text, with no line terminators
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\testpsw[1].jpg
"LEAD Technologies Inc. V1.01", baseline, precision 8, 39x14, frames 3
downloaded
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\zrt_lookup[1].htm
HTML document, ASCII text, with very long lines
downloaded
 clean
C:\Users\user\AppData\Local\Temp\~DF13C60F53272BC38C.TMP
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DF3ED50B43E5B288EF.TMP
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DF4503A7332C97782D.TMP
data
dropped
 clean
There are 104 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\internet explorer\iexplore.exe
'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:6884 CREDAT:17410 /prefetch:2
 clean

URLs

Name
IP
Malicious
https://05tns.csb.app/
unknown
 malicious
https://05tns.csb.app/N
unknown
 malicious
https://05tns.csb.app/Root
unknown
 malicious
http://www.htmlprotection.kom.gt/
malicious
https://05tns.csb.app/
malicious
https://www.sabro.net/
malicious
https://05tns.csb.app/ion.kom.gt/Root
unknown
 malicious
https://05tns.csb.app/n.kom.gt/Root
unknown
 malicious
https://www.youtube.com/channel/UCScMHRHqDV8t6ioSd5rfGnw
unknown
 clean
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373591680915711&output=html&adk=181227
unknown
 clean
http://www.broofa.com
unknown
 clean
http://www.htmlprotection.kom.gt
unknown
 clean
https://blobs.officehome.msocdn.com/images/content/images/favicon-8f211ea639.ico
unknown
 clean
https://s11.flagcounter.com/count/GkpN/bg_111111/txt_777777/border_111111/columns_2/maxflags_10/view
unknown
 clean
https://api.whatsapp.com/send?phone=50250004770&text=Necesito
unknown
 clean
https://api.whatsapp.com/send?phone=50250004770&text=(sabro.net
unknown
 clean
http://jasm73.awardspace.com/
unknown
 clean
https://buttons-config.sharethis.com/js/
unknown
 clean
https://c.sharethis.mgr.consensu.org/is_eu
unknown
 clean
http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLRalewayCopyright
unknown
 clean
https://api.whatsapp.com/send?phone=50250004770&text=(chat
unknown
 clean
https://fontawesome.com
unknown
 clean
https://www.internalfb.com/intern/invariant/
unknown
 clean
http://www.phpprotection.kom.gt
unknown
 clean
https://github.com/twbs/bootstrap/graphs/contributors)
unknown
 clean
http://info.flagcounter.com/tsG8
unknown
 clean
https://www.linkedin.com/sharing/share-offsite/?url=http%3A%2F%2Fwww.sabro.net
unknown
 clean
http://www.youtube.com/embed/
unknown
 clean
https://sharethis.com/platform/share-buttons?
unknown
 clean
https://statcounter.com/p4123447/visitor/
unknown
 clean
http://hospitalesprivadospsiquiatricosdeguatemala.com
unknown
 clean
https://cdn.ampproject.org/amp4ads-host-v0.js
unknown
 clean
http://opensource.org/licenses/MIT).
unknown
 clean
http://scripts.sil.org/OFLhttp://scripts.sil.org/OFL
unknown
 clean
https://s11.flagcounter.com/count/FxTm/bg_171717/txt_ffffff/border_171717/columns_3/maxflags_12/view
unknown
 clean
https://www.sabro.net/favicon.pngv
unknown
 clean
https://www.sabro.net/
unknown
 clean
http://www.cayville.com/
unknown
 clean
http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLRaleway
unknown
 clean
http://medicosdeguatemala.com/neurologos.htm
unknown
 clean
https://platform-cdn.sharethis.com
unknown
 clean
https://i.imgur.com/oBtBCMa.png
unknown
 clean
https://twitter.com/monge_eddy?s=03
unknown
 clean
http://www.htmlprotection.kom.gt/testpsw.jpg
107.161.189.250
 clean
https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
unknown
 clean
https://platform-api.sharethis.com/powr.js?platform=sharethis
unknown
 clean
https://www.instagram.com/retiro_de_maria__/
unknown
 clean
http://sanatorioretirodemaria.com
unknown
 clean
https://www.googletagservices.com/activeview/js/current/osd.js
unknown
 clean
https://c.sharethis.mgr.consensu.org/cmp.js
unknown
 clean
http://s11.flagcounter.com/count/tsG8/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_12/viewers_0/labels_0/pageviews_0/flags_0/
45.58.124.226
 clean
http://s1.smartaddon.com/s13.png
unknown
 clean
http://www.hacepaginas.com/plantillas/plantilla7/index.htm
unknown
 clean
https://c.sharethis.mgr.consensu.org/cmp-v2.js
unknown
 clean
https://googleads.g.doubleclick.net/pagead/drt/si
unknown
 clean
https://www.sabro.net/n.kom.gt/
unknown
 clean
https://github.com/twbs/bootstrap/blob/master/LICENSE)
unknown
 clean
http://googleads.g.doubleclick.net
unknown
 clean
https://www.sabro.net/n.kom.gt/tton_count&show_faces=false&width=150&action=like&font=verdana&colors
unknown
 clean
http://www.caxardelavega.es/
unknown
 clean
http://www.smartaddon.com/?share
unknown
 clean
http://www.protegerphp.com
unknown
 clean
http://www.sabro.net
unknown
 clean
https://ka-f.fontawesome.com
unknown
 clean
http://s1.smartaddon.com/share_addon.js
unknown
 clean
http://hospitalesantialcoholicosydrogadictosdeguatemala.com
unknown
 clean
http://com.net.gt/pagar.cgi?hash=239876sfdg8734lkjsap93um5cp9w358gqwtc9q23lk4sunf8632bc87359nsdgcgni
unknown
 clean
https://statcounter.com/
unknown
 clean
http://www.protegerjavascript.com
unknown
 clean
http://www.htmlprotection.kom.gt/favicon.ico
107.161.189.250
 clean
https://www.linkedin.com/in/dr-eddy-monge-019030135/
unknown
 clean
https://www.sabro.net/bysabro2.png
unknown
 clean
https://fontawesome.com/license/free
unknown
 clean
http://s11.flagcounter.com/count/tsG8/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_12/viewe
unknown
 clean
https://platform-cdn.sharethis.com/img/share-this-logo%402x.png
unknown
 clean
https://attestation.android.com
unknown
 clean
http://hospitalespsiquiatricosguatemala.com
unknown
 clean
https://blobs.officehome.msocdn.com/images/content/images/favicon-8f211ea639.ico~
unknown
 clean
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373591680915711&output=html&h=250&slot
unknown
 clean
http://dreddymongue.com
unknown
 clean
http://www.ofuscarphp.com
unknown
 clean
https://www.statcounter.com/counter/counter.js
unknown
 clean
http://www.sabro.net/
107.161.189.250
 clean
http://www.javascriptprotection.kom.gt
unknown
 clean
http://www.apache.org/licenses/LICENSE-2.0
unknown
 clean
https://fburl.com/debugjs.
unknown
 clean
https://s05.flagcounter.com/count2/AMuf/bg_171717/txt_ffffff/border_171717/columns_3/maxflags_12/vie
unknown
 clean
http://sanatoriospsiquiatricosdeguatemala.com
unknown
 clean
http://s1.smartaddon.com/s8.png
unknown
 clean
https://cdn.ampproject.org/rtv/%
unknown
 clean
https://googleads.g.doubleclick.net
unknown
 clean
http://www.youtube.com/v/ZO2YrkezStQ&hl=es_ES&fs=1&autoplay=1
unknown
 clean
http://www.htmlprotection.kom.gt/protect-html-code.jpg
107.161.189.250
 clean
https://kit.fontawesome.com
unknown
 clean
http://www.htmlprotection.kom.gt/
107.161.189.250
 clean
http://neuropsiquiatrasdeguatemala.com
unknown
 clean
https://getbootstrap.com)
unknown
 clean
https://c.statcounter.com/4123447/0/7ac0b739/1/
unknown
 clean
https://www.youtube.com/user/dreddymonge/videos
unknown
 clean
http://www.protegerhtml.com
unknown
 clean
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
www.googletagservices.com
172.217.22.194
 clean
c.statcounter.com
172.67.38.97
 clean
rf.revolvermaps.com
185.44.104.99
 clean
httplogserver-lb.global.unified-prod.sharethis.net
52.29.155.194
 clean
www.htmlprotection.kom.gt
107.161.189.250
 clean
tagr-gcp-odr-euw4.mookie1.com
34.98.67.61
 clean
cdnjs.cloudflare.com
104.16.18.94
 clean
cm.g.doubleclick.net
172.217.20.226
 clean
www.statcounter.com
104.22.53.65
 clean
id.rlcdn.com
34.120.207.148
 clean
ipv4.imgur.map.fastly.net
151.101.112.193
 clean
star-mini.c10r.facebook.com
185.60.216.35
 clean
pagead46.l.doubleclick.net
172.217.22.194
 clean
d2znr2yi078d75.cloudfront.net
13.224.193.72
 clean
us-u.openx.net
35.244.159.8
 clean
tag-terraform-elb-1705565586.eu-central-1.elb.amazonaws.com
3.123.210.158
 clean
sabro.net
107.161.189.250
 clean
s11.flagcounter.com
45.58.124.226
 clean
partnerad.l.doubleclick.net
142.250.186.34
 clean
dlaj66hdiarg7.cloudfront.net
143.204.90.102
 clean
googleads.g.doubleclick.net
172.217.23.34
 clean
pugm-lhr.pubmatic.com
185.64.190.78
 clean
d3oiwf0xhhk8m1.cloudfront.net
143.204.90.122
 clean
05tns.csb.app
104.18.26.114
 clean
d1r0ldx4ccoewq.cloudfront.net
143.204.90.62
 clean
blobs.officehome.msocdn.com
unknown
 clean
www.sabro.net
unknown
 clean
ka-f.fontawesome.com
unknown
 clean
buttons-config.sharethis.com
unknown
 clean
image6.pubmatic.com
unknown
 clean
d.agkn.com
unknown
 clean
adservice.google.co.uk
unknown
 clean
platform-cdn.sharethis.com
unknown
 clean
code.jquery.com
unknown
 clean
token.rubiconproject.com
unknown
 clean
platform-api.sharethis.com
unknown
 clean
s1.smartaddon.com
unknown
 clean
www.facebook.com
unknown
 clean
odr.mookie1.com
unknown
 clean
kit.fontawesome.com
unknown
 clean
maxcdn.bootstrapcdn.com
unknown
 clean
l.sharethis.com
unknown
 clean
i.imgur.com
unknown
 clean
c.sharethis.mgr.consensu.org
unknown
 clean
There are 34 hidden domains, click here to show them.

IPs

IP
Domain
Country
Active
Malicious
143.204.90.102
dlaj66hdiarg7.cloudfront.net
United States
unknown
 clean
52.29.155.194
httplogserver-lb.global.unified-prod.sharethis.net
United States
unknown
 clean
143.204.90.62
d1r0ldx4ccoewq.cloudfront.net
United States
unknown
 clean
143.204.90.122
d3oiwf0xhhk8m1.cloudfront.net
United States
unknown
 clean
45.58.124.226
s11.flagcounter.com
United States
unknown
 clean
3.123.210.158
tag-terraform-elb-1705565586.eu-central-1.elb.amazonaws.com
United States
unknown
 clean
107.161.189.250
www.htmlprotection.kom.gt
United States
unknown
 clean
35.244.159.8
us-u.openx.net
United States
unknown
 clean
172.217.23.34
googleads.g.doubleclick.net
United States
unknown
 clean
172.67.38.97
c.statcounter.com
United States
unknown
 clean
151.101.112.193
ipv4.imgur.map.fastly.net
United States
unknown
 clean
104.16.18.94
cdnjs.cloudflare.com
United States
unknown
 clean
13.224.193.72
d2znr2yi078d75.cloudfront.net
United States
unknown
 clean
172.217.20.226
cm.g.doubleclick.net
United States
unknown
 clean
142.250.186.34
partnerad.l.doubleclick.net
United States
unknown
 clean
185.64.190.78
pugm-lhr.pubmatic.com
United Kingdom
unknown
 clean
34.120.207.148
id.rlcdn.com
United States
unknown
 clean
172.217.22.194
www.googletagservices.com
United States
unknown
 clean
185.60.216.35
star-mini.c10r.facebook.com
Ireland
unknown
 clean
104.22.53.65
www.statcounter.com
United States
unknown
 clean
104.18.26.114
05tns.csb.app
United States
unknown
 clean
34.98.67.61
tagr-gcp-odr-euw4.mookie1.com
United States
unknown
 clean
185.44.104.99
rf.revolvermaps.com
Germany
unknown
 clean
There are 13 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
C:\Program Files\internet explorer\iexplore.exe
{518CDF09-7D3F-11EB-90EB-ECF4BBEA1588}
 clean
C:\Program Files\internet explorer\iexplore.exe
Type
 clean
C:\Program Files\internet explorer\iexplore.exe
Flags
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
Blocked
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
 clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
Blocked
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
 clean
C:\Program Files\internet explorer\iexplore.exe
Count
 clean
C:\Program Files\internet explorer\iexplore.exe
Time
 clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files\internet explorer\iexplore.exe
CVListPingLastYMD
 clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
 clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
@C:\Windows\System32\ieframe.dll,-912
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
@C:\Windows\System32\ieframe.dll,-904
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NumberOfSubdomains
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NumberOfSubdomains
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
NULL
 clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
Total
 clean
There are 70 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7FF50EF1F000
unkown
page readonly
 clean
25466613000
unkown
page read and write
 clean
7FF5B1AA2000
unkown
page readonly
 clean
7FF5B1A94000
unkown
page readonly
 clean
2FFBEFF000
unkown
page read and write
 clean
CDD617D000
unkown
page read and write
 clean
23CB0650000
unkown
page read and write
 clean
CDD5C7D000
unkown
page read and write
 clean
7FF50EF58000
unkown
page readonly
 clean
1B647500000
unkown
page read and write
 clean
7FF50EFDA000
unkown
page readonly
 clean
23CB0670000
unkown
page read and write
 clean
25467140000
unkown
page readonly
 clean
7FF50ED93000
unkown
page readonly
 clean
7FF5BA703000
unkown
page readonly
 clean
25466700000
unkown
page read and write
 clean
7FF50EF69000
unkown
page readonly
 clean
7FF5BA7DF000
unkown
page readonly
 clean
23CB0700000
unkown
page read and write
 clean
7FF5B199A000
unkown
page readonly
 clean
7FF5B19BB000
unkown
page readonly
 clean
23CB066E000
unkown
page read and write
 clean
7FF5B1A9A000
unkown
page readonly
 clean
60424FE000
unkown
page read and write
 clean
7FF5B19DC000
unkown
page readonly
 clean
23CB0685000
unkown
page read and write
 clean
7FF5BA804000
unkown
page readonly
 clean
7FF50EF4F000
unkown
page readonly
 clean
1B647468000
unkown
page read and write
 clean
23CB0600000
unkown
page read and write
 clean
7FF5B18AE000
unkown
page readonly
 clean
25466800000
unkown
page readonly
 clean
254665F0000
unkown
page read and write
 clean
7FF5B9EC1000
unkown
page readonly
 clean
2FFBCFF000
unkown
page read and write
 clean
7FF50EE3D000
unkown
page readonly
 clean
7FF5BA894000
unkown
page readonly
 clean
7FF50EEEA000
unkown
page readonly
 clean
7FF50EEF0000
unkown
page readonly
 clean
7FF5BA7B0000
unkown
page readonly
 clean
7FF5BA6AB000
unkown
page readonly
 clean
1B647502000
unkown
page read and write
 clean
7FF5BA7BB000
unkown
page readonly
 clean
7FF5B18FD000
unkown
page readonly
 clean
7FF5BA82D000
unkown
page readonly
 clean
23CB1000000
unkown
page readonly
 clean
7FF50EF44000
unkown
page readonly
 clean
7FF50EEFB000
unkown
page readonly
 clean
1B647220000
heap default
page read and write
 clean
7FF5BA826000
unkown
page readonly
 clean
23CB0613000
unkown
page read and write
 clean
7FF5B1853000
unkown
page readonly
 clean
CDD5CFE000
unkown
page read and write
 clean
254663C0000
heap private
page read and write
 clean
1B647451000
unkown
page read and write
 clean
7FF5B191C000
unkown
page readonly
 clean
7FF5BA7AE000
unkown
page readonly
 clean
1B647413000
unkown
page read and write
 clean
23CB0E02000
unkown
page read and write
 clean
23CB04B0000
unkown
page readonly
 clean
25466713000
unkown
page read and write
 clean
1B647230000
unkown
page readonly
 clean
7FF5B1A18000
unkown
page readonly
 clean
7FF5BA7B5000
unkown
page readonly
 clean
25466686000
unkown
page read and write
 clean
CDD5F7E000
unkown
page read and write
 clean
23CB0C60000
unkown
page readonly
 clean
7FF5BA71C000
unkown
page readonly
 clean
7FF5B19B5000
unkown
page readonly
 clean
7FF5B19FA000
unkown
page readonly
 clean
7FF5BA7E7000
unkown
page readonly
 clean
7FF50EEDA000
unkown
page readonly
 clean
7FF5B1891000
unkown
page readonly
 clean
7FF5BA385000
unkown
page readonly
 clean
25466420000
heap default
page read and write
 clean
7FF50EF5E000
unkown
page readonly
 clean
6041B8B000
unkown
page read and write
 clean
23CB0702000
unkown
page read and write
 clean
2546663C000
unkown
page read and write
 clean
7FF5B19B0000
unkown
page readonly
 clean
7FF5B1727000
unkown
page readonly
 clean
7FF50ED41000
unkown
page readonly
 clean
7FF5B19F4000
unkown
page readonly
 clean
7FF5B18AB000
unkown
page readonly
 clean
23CB0800000
unkown
page readonly
 clean
7FF5B19DF000
unkown
page readonly
 clean
7FF5B199C000
unkown
page readonly
 clean
25466C02000
unkown
page read and write
 clean
1B64744F000
unkown
page read and write
 clean
254665E0000
unkown
page readonly
 clean
60423FF000
unkown
page read and write
 clean
7FF50EF07000
unkown
page readonly
 clean
25466600000
unkown
page read and write
 clean
7FF5BA81E000
unkown
page readonly
 clean
7FF5BA79A000
unkown
page readonly
 clean
60422FF000
unkown
page read and write
 clean
25466629000
unkown
page read and write
 clean
7FF50EF6D000
unkown
page readonly
 clean
7FF5B1AA1000
unkown
page readonly
 clean
2FFBBF7000
unkown
page read and write
 clean
7FF5BA527000
unkown
page readonly
 clean
7FF5B1570000
unkown
page readonly
 clean
7FF50EF27000
unkown
page readonly
 clean
7FF5BA79C000
unkown
page readonly
 clean
CDD6077000
unkown
page read and write
 clean
7FF50EFD4000
unkown
page readonly
 clean
7FF50EF34000
unkown
page readonly
 clean
25466E00000
unkown
page readonly
 clean
25466500000
unkown
page readonly
 clean
1B647A02000
unkown
page read and write
 clean
7FF5BA691000
unkown
page readonly
 clean
7FF5B1A2D000
unkown
page readonly
 clean
23CB0713000
unkown
page read and write
 clean
25466679000
unkown
page read and write
 clean
7FF50EE5C000
unkown
page readonly
 clean
7FF50EAB0000
unkown
page readonly
 clean
1B6473F0000
unkown
page read and write
 clean
7FF5BA7DC000
unkown
page readonly
 clean
7FF5B1A29000
unkown
page readonly
 clean
CDD598B000
unkown
page read and write
 clean
7FF50EFE2000
unkown
page readonly
 clean
7FF50EDEE000
unkown
page readonly
 clean
25466430000
unkown
page readonly
 clean
2546666A000
unkown
page read and write
 clean
23CB0629000
unkown
page read and write
 clean
2546664C000
unkown
page read and write
 clean
1B647600000
unkown
page readonly
 clean
7FF5B19AE000
unkown
page readonly
 clean
1B6471C0000
heap private
page read and write
 clean
7FF50EF66000
unkown
page readonly
 clean
7FF5B1A04000
unkown
page readonly
 clean
7FF5B1730000
unkown
page readonly
 clean
23CB05A0000
unkown
page read and write
 clean
23CB063C000
unkown
page read and write
 clean
1B647402000
unkown
page read and write
 clean
1B647400000
unkown
page read and write
 clean
1B647468000
unkown
page read and write
 clean
25466690000
unkown
page read and write
 clean
1B647C00000
unkown
page readonly
 clean
23CB0655000
unkown
page read and write
 clean
25466679000
unkown
page read and write
 clean
2FFB5AB000
unkown
page read and write
 clean
2546668E000
unkown
page read and write
 clean
7FF5BA7AA000
unkown
page readonly
 clean
7FF5BA7F4000
unkown
page readonly
 clean
7FF50EFE1000
unkown
page readonly
 clean
23CB0580000
unkown
page readonly
 clean
23CB04A0000
heap default
page read and write
 clean
7FF50EDD1000
unkown
page readonly
 clean
CDD627E000
unkown
page read and write
 clean
7FF5BA601000
unkown
page readonly
 clean
23CB0590000
unkown
page readonly
 clean
7FF50EAB6000
unkown
page readonly
 clean
23CB0708000
unkown
page read and write
 clean
7FF50EC67000
unkown
page readonly
 clean
7FF5BA6AE000
unkown
page readonly
 clean
7FF50EF3A000
unkown
page readonly
 clean
7FF5BA6FD000
unkown
page readonly
 clean
60421F7000
unkown
page read and write
 clean
25466708000
unkown
page read and write
 clean
2FFBDFD000
unkown
page read and write
 clean
1B6473E0000
unkown
page readonly
 clean
7FF5BA8A1000
unkown
page readonly
 clean
7FF5BA376000
unkown
page readonly
 clean
7FF5B1801000
unkown
page readonly
 clean
1B64744C000
unkown
page read and write
 clean
CDD5EFC000
unkown
page read and write
 clean
23CB064D000
unkown
page read and write
 clean
7FF5B107F000
unkown
page readonly
 clean
2FFB9F5000
unkown
page read and write
 clean
7FF5BA80F000
unkown
page readonly
 clean
2FFB87E000
unkown
page read and write
 clean
7FF50EEEE000
unkown
page readonly
 clean
6041EFF000
unkown
page read and write
 clean
1B647489000
unkown
page read and write
 clean
23CB064A000
unkown
page read and write
 clean
CDD5DF5000
unkown
page read and write
 clean
7FF5B1A1E000
unkown
page readonly
 clean
2FFBAFB000
unkown
page read and write
 clean
7FF5B1585000
unkown
page readonly
 clean
2FFB8FF000
unkown
page read and write
 clean
25466665000
unkown
page read and write
 clean
60420FB000
unkown
page read and write
 clean
7FF5B19AA000
unkown
page readonly
 clean
7FF5BA8A2000
unkown
page readonly
 clean
7FF5B1A0F000
unkown
page readonly
 clean
1B647300000
unkown
page readonly
 clean
7FF5BA89A000
unkown
page readonly
 clean
7FF5B19E7000
unkown
page readonly
 clean
7FF50EC70000
unkown
page readonly
 clean
7FF50EE43000
unkown
page readonly
 clean
1B64746F000
unkown
page read and write
 clean
7FF50EE54000
unkown
page readonly
 clean
7FF5BA714000
unkown
page readonly
 clean
7FF5B1903000
unkown
page readonly
 clean
25466702000
unkown
page read and write
 clean
7FF50EEF5000
unkown
page readonly
 clean
1B64743C000
unkown
page read and write
 clean
1B64744A000
unkown
page read and write
 clean
7FF5BA7FA000
unkown
page readonly
 clean
7FF50EAC5000
unkown
page readonly
 clean
6041E7F000
unkown
page read and write
 clean
7FF5B1914000
unkown
page readonly
 clean
7FF5BA829000
unkown
page readonly
 clean
1B647F40000
unkown
page readonly
 clean
7FF5BA653000
unkown
page readonly
 clean
7FF5B19C7000
unkown
page readonly
 clean
7FF50EF1C000
unkown
page readonly
 clean
7FF50EEDC000
unkown
page readonly
 clean
7FF50EDEB000
unkown
page readonly
 clean
1B647429000
unkown
page read and write
 clean
7FF5B1576000
unkown
page readonly
 clean
7FF5BA370000
unkown
page readonly
 clean
6041FF5000
unkown
page read and write
 clean
7FF5BA7C7000
unkown
page readonly
 clean
23CB0440000
heap private
page read and write
 clean
1B647508000
unkown
page read and write
 clean
23CB066E000
unkown
page read and write
 clean
7FF5B1A26000
unkown
page readonly
 clean
2546664F000
unkown
page read and write
 clean
7FF50E5BF000
unkown
page readonly
 clean
7FF5BA818000
unkown
page readonly
 clean
1B647513000
unkown
page read and write
 clean
There are 213 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://05tns.csb.app/
 malicious
https://www.sabro.net/
 clean
http://www.htmlprotection.kom.gt/
 clean