Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
http://nicklaussglen.buzz/011
|
URL
|
initial url
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\011[1].htm
|
HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C585FDE4-99CC-11EB-90E4-ECF4BB862DED}.dat
|
Microsoft Word Document
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C585FDE6-99CC-11EB-90E4-ECF4BB862DED}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C585FDE7-99CC-11EB-90E4-ECF4BB862DED}.dat
|
Microsoft Word Document
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\585b051251[1].js
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\css[1].css
|
ASCII text
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\jquery-3.1.1.min[1].js
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\jquery-3.2.1.slim.min[1].js
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\011[1]
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\8[1].jpg
|
[TIFF image data, big-endian, direntries=12, height=709, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1200],
baseline, precision 8, 1200x646, frames 3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\bootstrap.min[1].css
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\gmail[1].png
|
PNG image data, 1280 x 1280, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\jquery.min[1].js
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\adobe[1].jpg
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, frames
3
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\free-v4-shims.min[1].css
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\free.min[1].css
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\hover[1].css
|
ASCII text
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\outlook1[1].png
|
PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\011[1]
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\bootstrap.min[1].js
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\office3651[1].png
|
PNG image data, 187 x 188, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\other1[1].png
|
PNG image data, 190 x 187, 8-bit/color RGBA, non-interlaced
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\popper.min[1].js
|
ASCII text, with very long lines
|
downloaded
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DF3B2F4095378D9A2A.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DF4835BC9D9DDAD3A2.TMP
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\~DF4A49C1F6EF59D352.TMP
|
data
|
dropped
|
|
There are 17 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\internet explorer\iexplore.exe
|
'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:4600 CREDAT:17410 /prefetch:2
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://nicklaussglen.buzz/011/
|
|
||
|
https://nicklaussglen.buzz/011/
|
unknown
|
|
|
|
http://nicklaussglen.buzz/011
|
104.21.95.21
|
|
|
|
https://nicklaussglen.buzz/011/Root
|
unknown
|
|
|
|
http://nicklaussglen.buzz/011/
|
104.21.95.21
|
|
|
|
https://nicklaussglen.buzz/011/$Share
|
unknown
|
|
|
|
http://ianlunn.github.io/Hover/)
|
unknown
|
|
|
|
https://ka-f.fontawesome.com
|
unknown
|
|
|
|
https://code.jquery.com/jquery-3.2.1.slim.min.js
|
unknown
|
|
|
|
https://code.jquery.com/jquery-3.1.1.min.js
|
unknown
|
|
|
|
https://code.jquery.com/jquery-3.3.1.js
|
unknown
|
|
|
|
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
|
unknown
|
|
|
|
https://fontawesome.com/license/free
|
unknown
|
|
|
|
https://fontawesome.com
|
unknown
|
|
|
|
https://kit.fontawesome.com
|
unknown
|
|
|
|
https://github.com/twbs/bootstrap/graphs/contributors)
|
unknown
|
|
|
|
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
|
unknown
|
|
|
|
https://login.microsoftonline.com/common/login
|
unknown
|
|
|
|
https://getbootstrap.com)
|
unknown
|
|
|
|
http://ianlunn.co.uk/
|
unknown
|
|
|
|
https://github.com/twbs/bootstrap/blob/master/LICENSE)
|
unknown
|
|
|
|
https://github.com/IanLunn/Hover
|
unknown
|
|
|
|
http://opensource.org/licenses/MIT).
|
unknown
|
|
|
|
https://kit.fontawesome.com/585b051251.js
|
unknown
|
|
|
|
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
|
unknown
|
|
There are 15 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
nicklaussglen.buzz
|
104.21.95.21
|
|
|
|
cdnjs.cloudflare.com
|
104.16.19.94
|
|
|
|
maxcdn.bootstrapcdn.com
|
104.18.11.207
|
|
|
|
ka-f.fontawesome.com
|
unknown
|
|
|
|
code.jquery.com
|
unknown
|
|
|
|
kit.fontawesome.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.95.21
|
nicklaussglen.buzz
|
United States
|
|
|
|
104.18.11.207
|
maxcdn.bootstrapcdn.com
|
United States
|
|
|
|
104.16.19.94
|
cdnjs.cloudflare.com
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\internet explorer\iexplore.exe
|
{C585FDE4-99CC-11EB-90E4-ECF4BB862DED}
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
AdminActive
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Blocked
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Count
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
Time
|
|
|
|
C:\Program Files\internet explorer\iexplore.exe
|
LoadTimeArray
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
@C:\Windows\System32\ieframe.dll,-912
|
|
|
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
@C:\Windows\System32\ieframe.dll,-904
|
|
There are 12 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF4FAA0D000
|
unkown
|
page readonly
|
|
|
|
7FF4FA9A0000
|
unkown
|
page readonly
|
|
|
|
27DAD8C4000
|
unkown
|
page read and write
|
|
|
|
7FF5933A0000
|
unkown
|
page readonly
|
|
|
|
27DAF802000
|
unkown
|
page read and write
|
|
|
|
7FF4F8C8D000
|
unkown
|
page readonly
|
|
|
|
7FF4FA954000
|
unkown
|
page readonly
|
|
|
|
7FF4FA9A2000
|
unkown
|
page readonly
|
|
|
|
7FF593418000
|
unkown
|
page readonly
|
|
|
|
18B76130000
|
heap default
|
page read and write
|
|
|
|
7FF4F8D29000
|
unkown
|
page readonly
|
|
|
|
C0FB8FF000
|
unkown
|
page read and write
|
|
|
|
4BAB07C000
|
unkown
|
page read and write
|
|
|
|
27DAF947000
|
unkown
|
page read and write
|
|
|
|
7FF593343000
|
unkown
|
page readonly
|
|
|
|
7FF593667000
|
unkown
|
page readonly
|
|
|
|
7FF5931E3000
|
unkown
|
page readonly
|
|
|
|
7FF593587000
|
unkown
|
page readonly
|
|
|
|
27DAD8DE000
|
unkown
|
page read and write
|
|
|
|
7FF59357A000
|
unkown
|
page readonly
|
|
|
|
1A587BAB000
|
heap default
|
page read and write
|
|
|
|
7FF4F8CA6000
|
unkown
|
page readonly
|
|
|
|
7FF5935AC000
|
unkown
|
page readonly
|
|
|
|
C0FB59F000
|
unkown
|
page read and write
|
|
|
|
46AD3FC000
|
unkown
|
page read and write
|
|
|
|
7FF593571000
|
unkown
|
page readonly
|
|
|
|
7FF4FAA16000
|
unkown
|
page readonly
|
|
|
|
7FF59360E000
|
unkown
|
page readonly
|
|
|
|
27DAF7A0000
|
unkown
|
page read and write
|
|
|
|
7FF59363D000
|
unkown
|
page readonly
|
|
|
|
7FF5934E7000
|
unkown
|
page readonly
|
|
|
|
1A589640000
|
heap private
|
page read and write
|
|
|
|
1A5879C0000
|
unkown
|
page readonly
|
|
|
|
18B760F0000
|
unkown
|
page read and write
|
|
|
|
7FF593584000
|
unkown
|
page readonly
|
|
|
|
7FF4F8C65000
|
unkown
|
page readonly
|
|
|
|
18B75FA0000
|
unkown
|
page readonly
|
|
|
|
27DAF915000
|
unkown
|
page read and write
|
|
|
|
7FF4F8C9C000
|
unkown
|
page readonly
|
|
|
|
7FF59364C000
|
unkown
|
page readonly
|
|
|
|
4BAB37F000
|
unkown
|
page read and write
|
|
|
|
C0FBC7D000
|
unkown
|
page read and write
|
|
|
|
7FF4F8CAC000
|
unkown
|
page readonly
|
|
|
|
1A589A30000
|
heap private
|
page read and write
|
|
|
|
7FF593395000
|
unkown
|
page readonly
|
|
|
|
7FF4FA232000
|
unkown
|
page readonly
|
|
|
|
27DADAD0000
|
unkown
|
page write copy
|
|
|
|
27DAD7D0000
|
heap default
|
page read and write
|
|
|
|
27DAD902000
|
unkown
|
page read and write
|
|
|
|
27DAF989000
|
unkown
|
page read and write
|
|
|
|
27DAD8B1000
|
unkown
|
page read and write
|
|
|
|
46ACF8E000
|
unkown
|
page read and write
|
|
|
|
27DAF790000
|
unkown
|
page readonly
|
|
|
|
27DAD854000
|
unkown
|
page read and write
|
|
|
|
1A587A90000
|
unkown
|
page read and write
|
|
|
|
27DAF2C0000
|
unkown
|
page read and write
|
|
|
|
7FF593665000
|
unkown
|
page readonly
|
|
|
|
7FF4FAA2C000
|
unkown
|
page readonly
|
|
|
|
4BAB2FF000
|
unkown
|
page read and write
|
|
|
|
18B760D0000
|
unkown
|
page read and write
|
|
|
|
7FF4F8C96000
|
unkown
|
page readonly
|
|
|
|
7FF5934E3000
|
unkown
|
page readonly
|
|
|
|
1A587AE0000
|
unkown
|
page readonly
|
|
|
|
7FF4F8D29000
|
unkown
|
page readonly
|
|
|
|
7FF59342A000
|
unkown
|
page readonly
|
|
|
|
7FF5936D1000
|
unkown
|
page readonly
|
|
|
|
7FF5936CE000
|
unkown
|
page readonly
|
|
|
|
7FF593677000
|
unkown
|
page readonly
|
|
|
|
7FF4FAA47000
|
unkown
|
page readonly
|
|
|
|
C0FB9F9000
|
unkown
|
page read and write
|
|
|
|
7FF59354C000
|
unkown
|
page readonly
|
|
|
|
1A588030000
|
unkown
|
page readonly
|
|
|
|
27DAD813000
|
unkown
|
page read and write
|
|
|
|
7FF4FA6BC000
|
unkown
|
page readonly
|
|
|
|
1A587CA0000
|
unkown
|
page readonly
|
|
|
|
7FF4F8C5E000
|
unkown
|
page readonly
|
|
|
|
1A587960000
|
unkown
|
page readonly
|
|
|
|
7FF593347000
|
unkown
|
page readonly
|
|
|
|
4BAB3FE000
|
unkown
|
page read and write
|
|
|
|
7FF4FA9B6000
|
unkown
|
page readonly
|
|
|
|
7FF4F8CB5000
|
unkown
|
page readonly
|
|
|
|
7FF4F8C3A000
|
unkown
|
page readonly
|
|
|
|
7FF4FAA40000
|
unkown
|
page readonly
|
|
|
|
7FF593387000
|
unkown
|
page readonly
|
|
|
|
7FF4F8C38000
|
unkown
|
page readonly
|
|
|
|
18B7613B000
|
heap default
|
page read and write
|
|
|
|
7FF4FAA52000
|
unkown
|
page readonly
|
|
|
|
7FF4FAA44000
|
unkown
|
page readonly
|
|
|
|
27DADB20000
|
unkown
|
page readonly
|
|
|
|
27DAF740000
|
heap private
|
page read and write
|
|
|
|
1A587B30000
|
unkown
|
page readonly
|
|
|
|
7FF5935AA000
|
unkown
|
page readonly
|
|
|
|
18B76345000
|
heap private
|
page read and write
|
|
|
|
7FF593545000
|
unkown
|
page readonly
|
|
|
|
1A587AD0000
|
unkown
|
page readonly
|
|
|
|
7FF5935E6000
|
unkown
|
page readonly
|
|
|
|
27DAD89C000
|
unkown
|
page read and write
|
|
|
|
1A587AB0000
|
unkown
|
page read and write
|
|
|
|
7FF593591000
|
unkown
|
page readonly
|
|
|
|
46AD47E000
|
unkown
|
page read and write
|
|
|
|
1A58983F000
|
heap private
|
page read and write
|
|
|
|
27DAD8A6000
|
unkown
|
page read and write
|
|
|
|
1A587B60000
|
heap private
|
page read and write
|
|
|
|
7FF4FA9B8000
|
unkown
|
page readonly
|
|
|
|
7FF4FAAA9000
|
unkown
|
page readonly
|
|
|
|
27DADA00000
|
unkown
|
page readonly
|
|
|
|
7FF592D95000
|
unkown
|
page readonly
|
|
|
|
18B76340000
|
heap private
|
page read and write
|
|
|
|
46ACF0E000
|
unkown
|
page read and write
|
|
|
|
7FF4FAA35000
|
unkown
|
page readonly
|
|
|
|
1A587B95000
|
heap private
|
page read and write
|
|
|
|
C0FB51B000
|
unkown
|
page read and write
|
|
|
|
1A587BA0000
|
heap default
|
page read and write
|
|
|
|
7FF4FAA1C000
|
unkown
|
page readonly
|
|
|
|
27DAD8E0000
|
unkown
|
page read and write
|
|
|
|
C0FBBFB000
|
unkown
|
page read and write
|
|
|
|
27DB0010000
|
unkown
|
page read and write
|
|
|
|
7FF4FA9E5000
|
unkown
|
page readonly
|
|
|
|
7FF59345F000
|
unkown
|
page readonly
|
|
|
|
27DAD8CC000
|
unkown
|
page read and write
|
|
|
|
C0FBB7C000
|
unkown
|
page read and write
|
|
|
|
27DAD913000
|
unkown
|
page read and write
|
|
|
|
4BAB1FE000
|
unkown
|
page read and write
|
|
|
|
7FF5935FA000
|
unkown
|
page readonly
|
|
|
|
18B76350000
|
unkown
|
page readonly
|
|
|
|
27DAF900000
|
unkown
|
page read and write
|
|
|
|
7FF4F8C79000
|
unkown
|
page readonly
|
|
|
|
7FF4FA9DE000
|
unkown
|
page readonly
|
|
|
|
7FF5936D9000
|
unkown
|
page readonly
|
|
|
|
7FF5935E8000
|
unkown
|
page readonly
|
|
|
|
46AD37E000
|
unkown
|
page read and write
|
|
|
|
27DADEB0000
|
unkown
|
page readonly
|
|
|
|
1A589440000
|
unkown
|
page readonly
|
|
|
|
7FF4FA94E000
|
unkown
|
page readonly
|
|
|
|
27DAF720000
|
unkown
|
page read and write
|
|
|
|
C0FBA7E000
|
unkown
|
page read and write
|
|
|
|
7FF4F8CC2000
|
unkown
|
page readonly
|
|
|
|
7FF4FAA9E000
|
unkown
|
page readonly
|
|
|
|
1A587B20000
|
unkown
|
page readonly
|
|
|
|
7FF5935BC000
|
unkown
|
page readonly
|
|
|
|
7FF5936D9000
|
unkown
|
page readonly
|
|
|
|
7FF4FAAA1000
|
unkown
|
page readonly
|
|
|
|
18B7615F000
|
heap default
|
page read and write
|
|
|
|
7FF593656000
|
unkown
|
page readonly
|
|
|
|
27DAD856000
|
unkown
|
page read and write
|
|
|
|
C0FBAFA000
|
unkown
|
page read and write
|
|
|
|
7FF59335C000
|
unkown
|
page readonly
|
|
|
|
27DAD893000
|
unkown
|
page read and write
|
|
|
|
7FF593629000
|
unkown
|
page readonly
|
|
|
|
7FF4FA723000
|
unkown
|
page readonly
|
|
|
|
7FF593674000
|
unkown
|
page readonly
|
|
|
|
7FF4FAA26000
|
unkown
|
page readonly
|
|
|
|
C0FB879000
|
unkown
|
page read and write
|
|
|
|
7FF5935C8000
|
unkown
|
page readonly
|
|
|
|
7FF5935B7000
|
unkown
|
page readonly
|
|
|
|
7FF59338E000
|
unkown
|
page readonly
|
|
|
|
7FF59358A000
|
unkown
|
page readonly
|
|
|
|
7FF593334000
|
unkown
|
page readonly
|
|
|
|
27DAF902000
|
unkown
|
page read and write
|
|
|
|
7FF4FAAA9000
|
unkown
|
page readonly
|
|
|
|
7FF5935E2000
|
unkown
|
page readonly
|
|
|
|
7FF5935D2000
|
unkown
|
page readonly
|
|
|
|
7FF4FA94A000
|
unkown
|
page readonly
|
|
|
|
1A587BDA000
|
heap default
|
page read and write
|
|
|
|
7FF4FA9F9000
|
unkown
|
page readonly
|
|
|
|
7FF4FA9BA000
|
unkown
|
page readonly
|
|
|
|
7FF4FA9CA000
|
unkown
|
page readonly
|
|
|
|
27DAD842000
|
unkown
|
page read and write
|
|
|
|
7FF4F8D1E000
|
unkown
|
page readonly
|
|
|
|
18B7614F000
|
heap default
|
page read and write
|
|
|
|
7FF593646000
|
unkown
|
page readonly
|
|
|
|
7FF4FAA11000
|
unkown
|
page readonly
|
|
|
|
7FF4F8D21000
|
unkown
|
page readonly
|
|
|
|
7FF59343E000
|
unkown
|
page readonly
|
|
|
|
27DAF7B0000
|
unkown
|
page readonly
|
|
|
|
7FF593641000
|
unkown
|
page readonly
|
|
|
|
7FF593440000
|
unkown
|
page readonly
|
|
|
|
7FF5933FB000
|
unkown
|
page readonly
|
|
|
|
27DAD800000
|
unkown
|
page read and write
|
|
|
|
7FF5934C8000
|
unkown
|
page readonly
|
|
|
|
4BAB17F000
|
unkown
|
page read and write
|
|
|
|
C0FB97F000
|
unkown
|
page read and write
|
|
|
|
27DAD885000
|
unkown
|
page read and write
|
|
|
|
7FF4FA72C000
|
unkown
|
page readonly
|
|
|
|
7FF59365C000
|
unkown
|
page readonly
|
|
|
|
7FF5935B3000
|
unkown
|
page readonly
|
|
|
|
7FF5935D0000
|
unkown
|
page readonly
|
|
|
|
1A587B40000
|
unkown
|
page readonly
|
|
|
|
7FF59361F000
|
unkown
|
page readonly
|
|
|
|
46AD27D000
|
unkown
|
page read and write
|
|
|
|
4BAB0FE000
|
unkown
|
page read and write
|
|
|
|
27DAD829000
|
unkown
|
page read and write
|
|
|
|
1A587B90000
|
heap private
|
page read and write
|
|
|
|
1A589740000
|
heap private
|
page read and write
|
|
|
|
7FF593615000
|
unkown
|
page readonly
|
|
|
|
7FF59320D000
|
unkown
|
page readonly
|
|
|
|
46ACE8C000
|
unkown
|
page read and write
|
|
|
|
27DAD7E0000
|
unkown
|
page readonly
|
|
|
|
27DAF730000
|
unkown
|
page readonly
|
|
|
|
27DAF3C0000
|
unkown
|
page readonly
|
|
|
|
7FF59340C000
|
unkown
|
page readonly
|
|
|
|
7FF593670000
|
unkown
|
page readonly
|
|
|
|
27DAD770000
|
heap private
|
page read and write
|
|
|
|
7FF4FAA4D000
|
unkown
|
page readonly
|
|
|
|
18B76110000
|
unkown
|
page readonly
|
|
|
|
18B76000000
|
unkown
|
page readonly
|
|
|
|
27DAF7D0000
|
unkown
|
page readonly
|
|
There are 197 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://nicklaussglen.buzz/011/
|
|