IOCReport

loading gif

Files

File Path
Type
Category
Malicious
http://www.fema.gov/disasters/coronavirus/economic/funeral-assistance
URL
initial url
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{7139B2BF-9EA1-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{7139B2C1-9EA1-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{779371BF-9EA1-11EB-90EB-ECF4BBEA1588}.dat
Microsoft Word Document
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\gee00pr\imagestore.dat
data
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7j[1].woff
Web Open Font Format, TrueType, length 20180, version 1.1
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdo[1].woff
Web Open Font Format, TrueType, length 20096, version 1.1
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdo[1].woff
Web Open Font Format, TrueType, length 19896, version 1.1
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\877b02039c[1].gif
GIF image data, version 89a, 1 x 1
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\877b02039c[1].js
ASCII text, with no line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\877b02039c[2].gif
GIF image data, version 89a, 1 x 1
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\877b02039c[2].js
ASCII text, with no line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\877b02039c[3].gif
GIF image data, version 89a, 1 x 1
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\877b02039c[3].js
ASCII text, with no line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\877b02039c[4].js
ASCII text, with no line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\877b02039c[5].js
ASCII text, with no line terminators
modified
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\Latin-Merriweather-BoldItalic[1].woff
Web Open Font Format, TrueType, length 24464, version 0.0
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\back_to_top[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\chosen.jquery.min[1].js
ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\chosen[1].js
ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\close-blue-60v-alt[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\drupal[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\fema-logo-blue[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\fema_tables[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\fema_uswds[1].js
UTF-8 Unicode text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\fema_vaccine_graphic[1].png
PNG image data, 2400 x 2400, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\funeral-assistance[1].htm
HTML document, UTF-8 Unicode text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\hp-search-arrow[1].png
PNG image data, 28 x 48, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\icon-dot-gov[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\icon-https[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\icon_disasters[1].png
PNG image data, 100 x 133, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\icon_factsheet[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\icon_webpage[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\illustration_featuredmini_covid_careers[1].png
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\illustration_featuredmini_covid_economic[1].png
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery.colorbox-min[1].js
ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\jquery.cookie[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\sourcesanspro-lightitalic-webfont[1].woff
Web Open Font Format, TrueType, length 20256, version 1.95
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\wcm_survey[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2WF3MMUU\world-icon[1].png
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\877b02039c[1].gif
GIF image data, version 89a, 1 x 1
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\877b02039c[1].js
ASCII text, with no line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\877b02039c[2].gif
GIF image data, version 89a, 1 x 1
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\877b02039c[2].js
ASCII text, with no line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\877b02039c[3].gif
GIF image data, version 89a, 1 x 1
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\877b02039c[3].js
ASCII text, with no line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Latin-Merriweather-Bold[1].woff
Web Open Font Format, TrueType, length 26892, version 0.0
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Latin-Merriweather-Italic[1].woff
Web Open Font Format, TrueType, length 24152, version 0.0
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Latin-Merriweather-LightItalic[1].woff
Web Open Font Format, TrueType, length 23808, version 0.0
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\Latin-Merriweather-Regular[1].woff
Web Open Font Format, TrueType, length 27512, version 0.0
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\analytics[1].js
ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\angle-arrow-down-primary[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\css_VNgLk2ESUyLAlwPrEIHYtOcUpYNm6tpdh_m6hGDFMzg[1].css
assembler source, ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\css_grh0buQF8qNvIccuqzcF5vMhz2awV1fMgFle-uW9IwA[1].css
assembler source, ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\drupal.init[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\drupalSettingsLoader[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\favicon[1].ico
MS Windows icon resource - 1 icon, 108x107, 32 bits/pixel
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\fema_saml[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\fema_stacktables[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\fr_gS3tHmI3ppuHDLOinbISzm3sUzwHeI0BWG1M1IE1h6M[1].js
ASCII text, with very long lines, with no line terminators
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\funeral-assistance[1].htm
HTML document, UTF-8 Unicode text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\ht_jsmTPvUkPo3P9JWlMIAn6G_o1cITWsWmpoeGs6kH6b8[1].js
ASCII text, with no line terminators
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\icon_release[1].png
PNG image data, 100 x 133, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\illustration_featured-mini_covid-19-report[1].png
PNG image data, 161 x 161, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\illustration_featured-mini_financial[1].png
PNG image data, 161 x 161, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\illustration_featuredmini_covid_workers[1].png
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\illustration_hero_disasters_corona_2[1].png
PNG image data, 1188 x 881, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\query_string.min[1].js
Pascal source, ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\sourcesanspro-bold-webfont[1].woff
Web Open Font Format, TrueType, length 26040, version 2.45
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\stacktable[1].js
HTML document, ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\twitter_white[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\u-440qyriQwlOrhSvowK_l5-fCZK[1].woff
Web Open Font Format, TrueType, length 23600, version 1.1
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\u-4n0qyriQwlOrhSvowK_l52xwNZWMf8[1].woff
Web Open Font Format, TrueType, length 23260, version 1.1
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\uswds.min[1].js
ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9026IKNJ\youtube_white[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\877b02039c[1].gif
GIF image data, version 89a, 1 x 1
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\877b02039c[1].js
ASCII text, with no line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\877b02039c[2].gif
GIF image data, version 89a, 1 x 1
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\877b02039c[3].gif
GIF image data, version 89a, 1 x 1
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\877b02039c[4].gif
GIF image data, version 89a, 1 x 1
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\covid_banner_option_04-14-2021[1].jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 2000x498, frames 3
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\css[1].css
ASCII text
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\css[2].css
ASCII text
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\css_0TyUDkYpGET7gQtMxzdX3_eiss7Sz8jKTVr_i5zSdPc[1].css
UTF-8 Unicode text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\css_wFl6wWXW8mkSBb9CnCjEnU5hRiydLO04gAYNaYjfXQI[1].css
assembler source, ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\disaster-responses[1].htm
HTML document, UTF-8 Unicode text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\effect-min[1].js
ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\extlink[1].js
ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\facebook_white[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\funeral-assistance[1].htm
HTML document, UTF-8 Unicode text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\funeral-assistance[2].htm
HTML document, UTF-8 Unicode text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\icon_pdf[1].png
PNG image data, 41 x 41, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\icon_release[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\illustration_featuredmini_covid_data[1].png
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\illustration_featuredmini_covid_help[1].png
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\illustration_featuredmini_covid_newsmedia[1].png
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\illustration_featuredmini_covid_rumor[1].png
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\illustration_mini-featured_needle[1].png
PNG image data, 160 x 160, 8-bit/color RGB, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\jquery.once.min[1].js
ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\json3.min[1].js
ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\ko_FnJm7Xd-wzIUQmVQOF0fwwxvNvX0stfDp-AY6VdzmoY[1].js
ASCII text, with very long lines, with no line terminators
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\leftarrow[1].png
PNG image data, 31 x 31, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\linkedin_white[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\luxon.min[1].js
UTF-8 Unicode text, with very long lines, with no line terminators
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\nr-1208.min[1].js
ASCII text, with very long lines, with no line terminators
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\sourcesanspro-bolditalic-webfont[1].woff
Web Open Font Format, TrueType, length 20164, version 1.95
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\sourcesanspro-italic-webfont[1].woff
Web Open Font Format, TrueType, length 20204, version 1.95
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\sourcesanspro-light-webfont[1].woff
Web Open Font Format, TrueType, length 25956, version 2.45
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\sourcesanspro-regular-webfont[1].woff
Web Open Font Format, TrueType, length 26140, version 2.45
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\us_flag_small[1].png
PNG image data, 16 x 11, 8-bit colormap, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\views_button_filters[1].js
ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\CS6IXJW6\views_data_export_auto_download[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdo[1].woff
Web Open Font Format, TrueType, length 19776, version 1.1
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\877b02039c[1].gif
GIF image data, version 89a, 1 x 1
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\877b02039c[1].js
ASCII text, with no line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\877b02039c[2].js
ASCII text, with no line terminators
dropped
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Latin-Merriweather-Light[1].woff
Web Open Font Format, TrueType, length 26988, version 0.0
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\SQ22SSVH.htm
HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\Universal-Federated-Analytics-Min[1].js
C source, ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\alert[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\angle-arrow-down-primary[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\angle-arrow-down-white[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\backtotop[1].png
PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\coronavirus[1].htm
HTML document, UTF-8 Unicode text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\datatables.min[1].js
UTF-8 Unicode text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\email_white[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\es_9wP8Aa6iROKfy4Ywqbavri3nVLdPLDRbQJXYiRamec4[1].js
ASCII text, with very long lines, with no line terminators
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\featured_mini_youtube_icon[1].png
PNG image data, 140 x 140, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\fema-seal-footer[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\fema_chosen_fix[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\fema_code_typography[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\fema_search[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\fema_search_filter[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\fema_sitewide[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\front-behavior-mapping[1].js
ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\funeral-assistance[1].htm
HTML document, UTF-8 Unicode text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\funeral-assistance[2].htm
HTML document, UTF-8 Unicode text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\funeral-assistance[3].htm
HTML document, UTF-8 Unicode text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\google_analytics[1].js
C source, ASCII text
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\gtm[1].js
ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\illustration_featured_disaster_search[1].png
PNG image data, 601 x 441, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\illustration_featuredmini_covid_bp[1].png
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\illustration_featuredmini_covid_state[1].png
PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\instagram_white[1].svg
SVG Scalable Vector Graphics image
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\jquery.min[1].js
ASCII text, with very long lines
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\vi_yYsqGQPcltu2Ce9OPn0-o0qdrJfSLf9FKBYMdqGU0nA[1].js
ASCII text, with very long lines, with no line terminators
downloaded
clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OR0WKIO1\zh-hans_r1SUzkYIDSP6Tj3vzNsZOo0Zw93Z4ICVZz41-7OY2-o[1].js
ASCII text, with very long lines, with no line terminators
downloaded
clean
C:\Users\user\AppData\Local\Temp\~DF47C29199E21B074B.TMP
data
dropped
clean
C:\Users\user\AppData\Local\Temp\~DF8C0B9062984F8D35.TMP
data
dropped
clean
C:\Users\user\AppData\Local\Temp\~DFEF6F7E374662853A.TMP
data
dropped
clean
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\RWSMTU05G13N9QV5MXK7.temp
data
dropped
clean
There are 150 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\internet explorer\iexplore.exe
'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5964 CREDAT:17410 /prefetch:2
clean

URLs

Name
IP
Malicious
https://github.com/harvesthq/chosen/issues/515
unknown
clean
https://www.fema.gov/disaster-responsesJCurrent
unknown
clean
https://www.fema.gov/o/disasters/coronavirus/economic/funeral-assistance
unknown
clean
https://www.drupal.org/node/2815083
unknown
clean
https://www.fema.gov/es/disasters/coronavirus/economic/funeral-assistance/faq#scams
unknown
clean
https://github.com/carhartl/jquery-cookie
unknown
clean
https://www.fema.gov/zh-hans/disasters/coronavirus/economic/funeral-assistance0COVID-19
unknown
clean
https://www.fema.isasters/coronavirus/economic/funeral-assistanceeanceRoot
unknown
clean
https://www.floodsmart.gov/
unknown
clean
https://www.fema.gov/profiles/femad8_gov/themes/fema_uswds/images/favicon.ico~
unknown
clean
http://johnpolacek.github.com/stacktable.js
unknown
clean
https://www.fema.gov/vi/node/613038
unknown
clean
https://edit.fema.gov/sites/default/files/documents/fema_policy_covid-19_funeral_assistance-updated.
unknown
clean
http://jqueryui.com
unknown
clean
https://usa.gov
unknown
clean
https://www.youtube.com/watch?v=DgvN_9m58Z0
unknown
clean
https://www.fema.gov/es/node/613038
unknown
clean
https://www.fema.gov/zh-hans/node/613038
unknown
clean
https://www.fema.gov/disasters/coronavirus
clean
https://www.fema.
unknown
clean
https://www.fema.i/disasters/coronavirus/economic/funeral-assistanceanceRoot
unknown
clean
https://www.fema.o/disasters/coronavirus/economic/funeral-assistanceRoot
unknown
clean
https://www.fema.gov/disasters/coronavirus/economic/funeral-assistance#main-content
unknown
clean
https://www.youtube.com/iframe_api
unknown
clean
https://search.usa.gov/search
unknown
clean
https://www.fema.gov/disasters/coronavirus/economic/funeral-assistance#main-content
clean
https://www.fema.gov/disasters/coronavirusemad8_gov/themes/fema_uswds/images/favicon.ico
unknown
clean
https://www.fema.gov/es/disasters/coronavirus
unknown
clean
https://edit.fema.gov/disasters/coronavirus/economic/funeral-assistance
unknown
clean
https://www.fema.gov/ht/disasters/coronavirus/economic/funeral-assistance
unknown
clean
https://www.fema.gov/disasters/corRoot
unknown
clean
https://www.oig.dhs.gov/
unknown
clean
https://dhs.gov
unknown
clean
https://stats.g.doubleclick.net/j/collect
unknown
clean
http://www.datatables.net
unknown
clean
https://datatables.net/download
unknown
clean
https://www.drupal.org)
unknown
clean
http://www.reddit.com/
unknown
clean
https://www.fema.gov/es/disasters/coronavirus/funeral-assistance
unknown
clean
https://www.fema.gov/zh-hans/disasters/coronavirus/economic/funeral-assistance
unknown
clean
https://www.fema.gov/disasters/coronavirus/economic/funeral-assistance/faq
unknown
clean
https://www.fema.gov/node/575622
unknown
clean
https://www.fema.gov/ko/disasters/coronavirus/economic/funeral-assistance
clean
https://www.fema.Root
unknown
clean
https://www.instagram.com/fema
unknown
clean
https://datatables.net/tn/11
unknown
clean
https://www.fema.gov/zh-hans/disasters/coronavirus/economic/funeral-assistanceent
unknown
clean
https://www.fema.gov/d
unknown
clean
https://www.fema.gov/fRoot
unknown
clean
https://www.fema.gov/e
unknown
clean
https://www.fema.gov/pt-br/disasters/coronavirus/economic/funeral-assistance
unknown
clean
https://www.fema.gov/es/disasters/coronavirus/economic/funeral-assistance/faq
unknown
clean
https://www.fema.gov/h
unknown
clean
https://www.fema.gov/f
unknown
clean
https://www.fema.gov/disasters/coronavirusTCoronavirus
unknown
clean
https://www.youtube.com/watch?v=NGaWq_Hg87I
unknown
clean
https://www.fema.gov/k
unknown
clean
https://www.fema.gov/disasters/coronavirus/economic/funeral-assistanceeance
unknown
clean
https://www.fema.gov/about/newsletters
unknown
clean
http://opensource.org/licenses/GPL-2.0
unknown
clean
https://cct.google/taggy/agent.js
unknown
clean
https://www.fema.isasters/coronavirusRoot
unknown
clean
https://www.fema.gov/disasters/coronavirus/economic/funeral-assistance/faq#scams
unknown
clean
https://www.fema.r/disasters/coronavirus/economic/funeral-assistanceRoot
unknown
clean
https://www.fema.gov/ko/node/613038
unknown
clean
https://www.fema.gov/v
unknown
clean
https://www.fema.gov/ko/disasters/coronavirus/economic/funeral-assistance2COVID-19
unknown
clean
https://www.fema.gov/z
unknown
clean
https://www.fema.gov/ko/disasters/coronavirus/economic/funeral-assistance
unknown
clean
https://www.google.%/ads/ga-audiences
unknown
clean
http://stackoverflow.com/questions/2308134/trim-in-javascript-not-working-in-ie
unknown
clean
http://www.youtube.com/
unknown
clean
https://www.fema.gov/ht/disasters/coronavirus/economic/funeral-assistanceFAsistans
unknown
clean
https://www.fema.t/disasters/coronavirus/economic/funeral-assistanceRoot
unknown
clean
https://www.disasterassistance.gov/
unknown
clean
https://www.fema.gov/tl/disasters/coronavirus/economic/funeral-assistance
unknown
clean
http://w3.org/TR/2012/WD-url-20120524/#collect-url-parameters
unknown
clean
https://github.com/harvesthq/chosen/issues/515#issuecomment-33214050
unknown
clean
https://www.fema.gov/fr/disasters/coronavirus/economic/funeral-assistance
clean
https://www.fema.gov/es/disasters/coronavirus/funeral-assistance
clean
https://www.ready.gov/
unknown
clean
https://www.fema.gov/disasters/coronavirusv
unknown
clean
https://www.fema.gov/hi/disasters/coronavirus/economic/funeral-assistance
unknown
clean
https://www.fema.gov/zh-hans/disasters/coronavirus/eRoot
unknown
clean
https://www.youtube.com/fema
unknown
clean
https://mydomain.com/node/1
unknown
clean
https://www.fema.gov/ht/disasters/coronavirus/economic/funeral-assistance
clean
https://www.fema.gov/disaster-responses
unknown
clean
http://www.amazon.com/
unknown
clean
https://www.fema.gov/vi/disasters/coronavirus/economic/funeral-assistanceance
unknown
clean
https://www.fema.gov/disasters/coronavirus/economic/funeral-assistance
clean
http://www.twitter.com/
unknown
clean
https://www.fema.ttps://www.fema.gov/
unknown
clean
http://datatables.net/license
unknown
clean
https://www.fema.isasters/coronavirus/economic/funeral-assistance#main-contentRoot
unknown
clean
https://www.fema.gov/es/disaster-responses
unknown
clean
https://www.cdc.gov/coronavirus/2019-ncov/index.html
unknown
clean
https://www.fema.gov/vi/disasters/coronavirus/economic/funeral-assistance
clean
https://www.fema.gov/disaster-responsesvirus/economic/funeral-assistance
unknown
clean
https://www.fema.gov/sites/default/files/email_white.svg
unknown
clean
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
www.google.de
172.217.19.99
clean
stats.l.doubleclick.net
74.125.140.154
clean
d27f3qgc9anoq2.cloudfront.net
13.32.25.62
clean
bam.nr-data.net
162.247.242.19
clean
dap.digitalgov.gov
unknown
clean
www.fema.gov
unknown
clean
js-agent.newrelic.com
unknown
clean
stats.g.doubleclick.net
unknown
clean

IPs

IP
Domain
Country
Malicious
74.125.140.154
stats.l.doubleclick.net
United States
clean
162.247.242.19
bam.nr-data.net
United States
clean
13.32.25.62
d27f3qgc9anoq2.cloudfront.net
United States
clean

Registry

Path
Value
Malicious
C:\Program Files\internet explorer\iexplore.exe
{7139B2BF-9EA1-11EB-90EB-ECF4BBEA1588}
clean
C:\Program Files\internet explorer\iexplore.exe
MFV
clean
C:\Program Files\internet explorer\iexplore.exe
Count
clean
C:\Program Files\internet explorer\iexplore.exe
Time
clean
C:\Program Files\internet explorer\iexplore.exe
Blocked
clean
C:\Program Files\internet explorer\iexplore.exe
Count
clean
C:\Program Files\internet explorer\iexplore.exe
Time
clean
C:\Program Files\internet explorer\iexplore.exe
Count
clean
C:\Program Files\internet explorer\iexplore.exe
Time
clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
clean
C:\Program Files\internet explorer\iexplore.exe
Count
clean
C:\Program Files\internet explorer\iexplore.exe
Time
clean
C:\Program Files\internet explorer\iexplore.exe
Blocked
clean
C:\Program Files\internet explorer\iexplore.exe
Count
clean
C:\Program Files\internet explorer\iexplore.exe
Time
clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
clean
C:\Program Files\internet explorer\iexplore.exe
Count
clean
C:\Program Files\internet explorer\iexplore.exe
Time
clean
C:\Program Files\internet explorer\iexplore.exe
LoadTimeArray
clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
clean
C:\Program Files\internet explorer\iexplore.exe
CVListPingLastYMD
clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
clean
C:\Program Files\internet explorer\iexplore.exe
NextUpdateDate
clean
C:\Program Files\internet explorer\iexplore.exe
DecayDateQueue
clean
C:\Program Files\internet explorer\iexplore.exe
LastProcessed
clean
C:\Program Files\internet explorer\iexplore.exe
MFV
clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
@C:\Windows\System32\ieframe.dll,-912
clean
C:\Program Files (x86)\Internet Explorer\iexplore.exe
@C:\Windows\System32\ieframe.dll,-904
clean
There are 39 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
15ABCECD000
unkown
page read and write
clean
D339BF7000
unkown
page read and write
clean
7FF58D301000
unkown
page readonly
clean
212E3D30000
unkown
page readonly
clean
22BC0E00000
unkown
page readonly
clean
98BF975000
unkown
page read and write
clean
7FF4EB66B000
unkown
page readonly
clean
7FF4FBED1000
unkown
page readonly
clean
7FF5AD33C000
unkown
page readonly
clean
15ABECF0000
unkown
page read and write
clean
212E3F44000
unkown
page read and write
clean
15ABCE62000
unkown
page read and write
clean
7FF5E778E000
unkown
page readonly
clean
7FF5E7579000
unkown
page readonly
clean
7FF4EB6D1000
unkown
page readonly
clean
22BC0502000
unkown
page read and write
clean
22BC0446000
unkown
page read and write
clean
22BC02A0000
unkown
page readonly
clean
7FF5DED20000
unkown
page readonly
clean
15ABEE02000
unkown
page read and write
clean
15ABF040000
unkown
page read and write
clean
100387C000
unkown
page read and write
clean
15ABEF3A000
unkown
page read and write
clean
226210A0000
unkown
page readonly
clean
204B884A000
unkown
page read and write
clean
242BF456000
unkown
page read and write
clean
7FF4FB851000
unkown
page readonly
clean
11E708B000
unkown
page read and write
clean
7FF58D21B000
unkown
page readonly
clean
7FF4EB6C8000
unkown
page readonly
clean
2261F613000
unkown
page read and write
clean
7FF58D215000
unkown
page readonly
clean
7FF4EB665000
unkown
page readonly
clean
204B8852000
unkown
page read and write
clean
242BF600000
unkown
page readonly
clean
212E1DD0000
unkown
page readonly
clean
7FF4FC03A000
unkown
page readonly
clean
15ABECE0000
unkown
page readonly
clean
7FF58D289000
unkown
page readonly
clean
212E3CD0000
unkown
page readonly
clean
204B8740000
unkown
page readonly
clean
15ABCECD000
unkown
page read and write
clean
7FF5AD386000
unkown
page readonly
clean
6BDAE7F000
unkown
page read and write
clean
7FF4FBFFB000
unkown
page readonly
clean
7FF4EB660000
unkown
page readonly
clean
15ABD050000
unkown
page readonly
clean
1003AFB000
unkown
page read and write
clean
212E1F14000
unkown
page read and write
clean
2261F590000
unkown
page write copy
clean
2261F4C0000
unkown
page readonly
clean
7FF5AD090000
unkown
page readonly
clean
15ABCE00000
unkown
page read and write
clean
7FF4EB32F000
unkown
page readonly
clean
15ABEF76000
unkown
page read and write
clean
12902400000
unkown
page read and write
clean
12902500000
unkown
page read and write
clean
7FF4FBFEE000
unkown
page readonly
clean
7FF4EB32A000
unkown
page readonly
clean
22BC0413000
unkown
page read and write
clean
D339A7B000
unkown
page read and write
clean
212E1ED2000
unkown
page read and write
clean
7FF58D2FA000
unkown
page readonly
clean
15AC0410000
unkown
page read and write
clean
7FF5E7774000
unkown
page readonly
clean
7FF4FC058000
unkown
page readonly
clean
7FF4FC069000
unkown
page readonly
clean
7FF5DF0C4000
unkown
page readonly
clean
7FF5242E9000
unkown
page readonly
clean
1003FFC000
unkown
page read and write
clean
7FF5E7628000
unkown
page readonly
clean
204B884F000
unkown
page read and write
clean
22BC0485000
unkown
page read and write
clean
7FF58D23F000
unkown
page readonly
clean
12904340000
unkown
page read and write
clean
7FF5AD347000
unkown
page readonly
clean
56263FA000
unkown
page read and write
clean
562657A000
unkown
page read and write
clean
242BF508000
unkown
page read and write
clean
242BF502000
unkown
page read and write
clean
7FF5DF252000
unkown
page readonly
clean
7FF4EB485000
unkown
page readonly
clean
242BF44A000
unkown
page read and write
clean
1003C7B000
unkown
page read and write
clean
7FF4EB426000
unkown
page readonly
clean
5626679000
unkown
page read and write
clean
7FF4EB481000
unkown
page readonly
clean
1002FAB000
unkown
page read and write
clean
7FF5AD389000
unkown
page readonly
clean
7FF58CA71000
unkown
page readonly
clean
7FF4FBEF8000
unkown
page readonly
clean
7FF524256000
unkown
page readonly
clean
15ABEF34000
unkown
page read and write
clean
7FF5AD274000
unkown
page readonly
clean
15ABE910000
unkown
page readonly
clean
15ABF300000
unkown
page read and write
clean
7FF5E7623000
unkown
page readonly
clean
7FF5DF24A000
unkown
page readonly
clean
7FF4FBE49000
unkown
page readonly
clean
212E1EA5000
unkown
page read and write
clean
7FF5E73F7000
unkown
page readonly
clean
15ABEF8D000
unkown
page read and write
clean
212E1EC9000
unkown
page read and write
clean
6BDAFF5000
unkown
page read and write
clean
11E747F000
unkown
page read and write
clean
204B886D000
unkown
page read and write
clean
242BFC02000
unkown
page read and write
clean
7FF524509000
unkown
page readonly
clean
7FF5E6F7D000
unkown
page readonly
clean
7FF5E74DB000
unkown
page readonly
clean
7FF52446F000
unkown
page readonly
clean
7FF4EB31C000
unkown
page readonly
clean
15ABCE7C000
unkown
page read and write
clean
7FF4FC04E000
unkown
page readonly
clean
7FF5AD1B3000
unkown
page readonly
clean
7FF58D227000
unkown
page readonly
clean
7FF5E73DC000
unkown
page readonly
clean
7FF5AD3F4000
unkown
page readonly
clean
12902440000
unkown
page read and write
clean
12902429000
unkown
page read and write
clean
7FF5AD310000
unkown
page readonly
clean
22BC0447000
unkown
page read and write
clean
15ABCE13000
unkown
page read and write
clean
15AC0010000
unkown
page read and write
clean
7FF4FBFBB000
unkown
page readonly
clean
7FF5AD35A000
unkown
page readonly
clean
242BFE00000
unkown
page readonly
clean
1003A7B000
unkown
page read and write
clean
7FF5DF251000
unkown
page readonly
clean
7FF5DF003000
unkown
page readonly
clean
7FF5243DD000
unkown
page readonly
clean
7FF4FBCAC000
unkown
page readonly
clean
6BDB0FB000
unkown
page read and write
clean
7FF58D061000
unkown
page readonly
clean
7FF4EB74A000
unkown
page readonly
clean
15ABF035000
unkown
page read and write
clean
7FF58D0B3000
unkown
page readonly
clean
7FF5AD2FC000
unkown
page readonly
clean
7FF5E6F81000
unkown
page readonly
clean
212E1F02000
unkown
page read and write
clean
12903EE0000
unkown
page read and write
clean
22BC0459000
unkown
page read and write
clean
212E3F84000
unkown
page read and write
clean
7FF4FC01C000
unkown
page readonly
clean
22BC043C000
unkown
page read and write
clean
15ABED10000
unkown
page readonly
clean
7FF4FBBC9000
unkown
page readonly
clean
38B02FF000
unkown
page read and write
clean
212E1EF7000
unkown
page read and write
clean
7FF4EB4B9000
unkown
page readonly
clean
7FF5E761B000
unkown
page readonly
clean
2261F641000
unkown
page read and write
clean
2261F629000
unkown
page read and write
clean
7FF5AD20E000
unkown
page readonly
clean
204B8863000
unkown
page read and write
clean
7FF4EB6D6000
unkown
page readonly
clean
7FF5DF14A000
unkown
page readonly
clean
7FF4EB337000
unkown
page readonly
clean
7FF58D174000
unkown
page readonly
clean
22BC0230000
heap private
page read and write
clean
15ABEFD9000
unkown
page read and write
clean
10037FB000
unkown
page read and write
clean
22BC0380000
unkown
page readonly
clean
7FF5AD27C000
unkown
page readonly
clean
7FF52438B000
unkown
page readonly
clean
15AC0000000
unkown
page read and write
clean
7FF5AD263000
unkown
page readonly
clean
7FF4FC034000
unkown
page readonly
clean
1003B7A000
unkown
page read and write
clean
2261F61F000
unkown
page read and write
clean
22BC0455000
unkown
page read and write
clean
7FF5AD364000
unkown
page readonly
clean
1003DFD000
unkown
page read and write
clean
212E1E81000
unkown
page read and write
clean
15ABCEC6000
unkown
page read and write
clean
7FF5E73EF000
unkown
page readonly
clean
7FF5244DA000
unkown
page readonly
clean
7FF5E771E000
unkown
page readonly
clean
15ABEFDF000
unkown
page read and write
clean
212E3F00000
unkown
page read and write
clean
15ABF000000
unkown
page read and write
clean
7FF52445F000
unkown
page readonly
clean
7FF4FBFF0000
unkown
page readonly
clean
212E1D70000
heap default
page read and write
clean
7FF4EB744000
unkown
page readonly
clean
7FF4EB6D9000
unkown
page readonly
clean
129026D0000
unkown
page write copy
clean
7FF52447A000
unkown
page readonly
clean
204B9002000
unkown
page read and write
clean
100357A000
unkown
page read and write
clean
15ABCED9000
unkown
page read and write
clean
15ABCFA0000
unkown
page read and write
clean
10034FA000
unkown
page read and write
clean
7FF4FC01F000
unkown
page readonly
clean
15ABEF1F000
unkown
page read and write
clean
22BC0290000
heap default
page read and write
clean
7FF524069000
unkown
page readonly
clean
6BDB1F7000
unkown
page read and write
clean
7FF4EB602000
unkown
page readonly
clean
7FF52449B000
unkown
page readonly
clean
22BC0A60000
unkown
page readonly
clean
22BC0400000
unkown
page read and write
clean
7FF4FC044000
unkown
page readonly
clean
204B8888000
unkown
page read and write
clean
7FF5DF05E000
unkown
page readonly
clean
242BF488000
unkown
page read and write
clean
129023F0000
heap default
page read and write
clean
7FF4FBFBF000
unkown
page readonly
clean
15ABCF02000
unkown
page read and write
clean
7FF5243D6000
unkown
page readonly
clean
7FF524398000
unkown
page readonly
clean
15ABCE3F000
unkown
page read and write
clean
7FF58D25A000
unkown
page readonly
clean
7FF5242C6000
unkown
page readonly
clean
22BC0452000
unkown
page read and write
clean
7FF5AD3FA000
unkown
page readonly
clean
2261F600000
unkown
page read and write
clean
12902502000
unkown
page read and write
clean
7FF5244C7000
unkown
page readonly
clean
562637F000
unkown
page read and write
clean
15ABCEC6000
unkown
page read and write
clean
98BF5FE000
unkown
page read and write
clean
7FF5E771A000
unkown
page readonly
clean
7FF5AD2FA000
unkown
page readonly
clean
D33959E000
unkown
page read and write
clean
15ABEFA6000
unkown
page read and write
clean
212E3D40000
unkown
page read and write
clean
1003779000
unkown
page read and write
clean
242BF400000
unkown
page read and write
clean
7FF4FC027000
unkown
page readonly
clean
7FF5E7811000
unkown
page readonly
clean
2261F602000
unkown
page read and write
clean
7FF4FC0E2000
unkown
page readonly
clean
7FF5DF05B000
unkown
page readonly
clean
D33987E000
unkown
page read and write
clean
7FF5E7799000
unkown
page readonly
clean
15ABECF0000
unkown
page read and write
clean
15ABEC70000
unkown
page read and write
clean
100327F000
unkown
page read and write
clean
56266FD000
unkown
page read and write
clean
7FF5AD161000
unkown
page readonly
clean
15ABEF60000
unkown
page read and write
clean
7FF52442C000
unkown
page readonly
clean
7FF5E76E3000
unkown
page readonly
clean
7FF58D20A000
unkown
page readonly
clean
212E3D40000
unkown
page read and write
clean
212E3F02000
unkown
page read and write
clean
242BF3C0000
unkown
page readonly
clean
7FF4FBF82000
unkown
page readonly
clean
7FF4FBCC7000
unkown
page readonly
clean
15ABCF1B000
unkown
page read and write
clean
204B8813000
unkown
page read and write
clean
7FF4FBF8C000
unkown
page readonly
clean
22BC0470000
unkown
page read and write
clean
15ABCD20000
heap default
page read and write
clean
7FF52426F000
unkown
page readonly
clean
7FF524506000
unkown
page readonly
clean
15ABEF82000
unkown
page read and write
clean
7FF5E7720000
unkown
page readonly
clean
7FF5DF0AD000
unkown
page readonly
clean
7FF5DF15E000
unkown
page readonly
clean
7FF52414C000
unkown
page readonly
clean
7FF4FBE15000
unkown
page readonly
clean
7FF5DF1D9000
unkown
page readonly
clean
242BF48C000
unkown
page read and write
clean
11E710F000
unkown
page read and write
clean
2261F450000
heap private
page read and write
clean
204B882A000
unkown
page read and write
clean
7FF4EB541000
unkown
page readonly
clean
15ABEFD0000
unkown
page read and write
clean
204B8800000
unkown
page read and write
clean
11E7189000
unkown
page read and write
clean
15ABEC80000
unkown
page readonly
clean
242BF2E0000
heap default
page read and write
clean
7FF5E7764000
unkown
page readonly
clean
7FF5AD31B000
unkown
page readonly
clean
7FF5242D1000
unkown
page readonly
clean
22BC0370000
unkown
page readonly
clean
7FF5E7804000
unkown
page readonly
clean
1003BF9000
unkown
page read and write
clean
7FF5ACEE5000
unkown
page readonly
clean
7FF58D28D000
unkown
page readonly
clean
22BC044F000
unkown
page read and write
clean
242BF3E0000
unkown
page read and write
clean
7FF5244A7000
unkown
page readonly
clean
7FF5E780A000
unkown
page readonly
clean
7FF524495000
unkown
page readonly
clean
1003EFB000
unkown
page read and write
clean
242BF46F000
unkown
page read and write
clean
7FF4FC05E000
unkown
page readonly
clean
242BFA90000
unkown
page readonly
clean
10036F9000
unkown
page read and write
clean
15ABE810000
unkown
page read and write
clean
7FF4EB751000
unkown
page readonly
clean
7FF4FBDAB000
unkown
page readonly
clean
7FF5DF16B000
unkown
page readonly
clean
7FF4FBF3D000
unkown
page readonly
clean
7FF4FBFB3000
unkown
page readonly
clean
98BFCFF000
unkown
page read and write
clean
7FF524430000
unkown
page readonly
clean
6BDB2FF000
unkown
page read and write
clean
212E1D80000
unkown
page write copy
clean
7FF524490000
unkown
page readonly
clean
D339CFF000
unkown
page read and write
clean
7FF4FBF92000
unkown
page readonly
clean
7FF4FB8F1000
unkown
page readonly
clean
7FF58D1FC000
unkown
page readonly
clean
7FF5AD087000
unkown
page readonly
clean
22BC0390000
unkown
page read and write
clean
38B017F000
unkown
page read and write
clean
7FF5DF197000
unkown
page readonly
clean
7FF5AD401000
unkown
page readonly
clean
5626479000
unkown
page read and write
clean
212E1E00000
unkown
page read and write
clean
7FF4FBFCF000
unkown
page readonly
clean
7FF4FBFDC000
unkown
page readonly
clean
212E1F13000
unkown
page read and write
clean
15ABCEC7000
unkown
page read and write
clean
7FF5E779D000
unkown
page readonly
clean
7FF5E7737000
unkown
page readonly
clean
7FF5DED26000
unkown
page readonly
clean
212E1EDA000
unkown
page read and write
clean
7FF5DF14C000
unkown
page readonly
clean
12902390000
heap private
page read and write
clean
22BC0457000
unkown
page read and write
clean
562627B000
unkown
page read and write
clean
242BF450000
unkown
page read and write
clean
7FF58D23C000
unkown
page readonly
clean
7FF4EB6AA000
unkown
page readonly
clean
7FF4FBFDA000
unkown
page readonly
clean
15ABEFCD000
unkown
page read and write
clean
7FF4FC0D4000
unkown
page readonly
clean
15ABCE66000
unkown
page read and write
clean
6BDAB9B000
unkown
page read and write
clean
15ABCE5F000
unkown
page read and write
clean
15ABCECF000
unkown
page read and write
clean
7FF4FBCBA000
unkown
page readonly
clean
7FF5E776A000
unkown
page readonly
clean
12902413000
unkown
page read and write
clean
7FF5244FE000
unkown
page readonly
clean
7FF5E7791000
unkown
page readonly
clean
7FF5AD378000
unkown
page readonly
clean
7FF4FBFF5000
unkown
page readonly
clean
7FF5E7601000
unkown
page readonly
clean
7FF4EB41B000
unkown
page readonly
clean
7FF524371000
unkown
page readonly
clean
7FF4FBCBF000
unkown
page readonly
clean
15ABEF37000
unkown
page read and write
clean
7FF4EB698000
unkown
page readonly
clean
7FF58CDD6000
unkown
page readonly
clean
12902455000
unkown
page read and write
clean
6BDAEFF000
unkown
page read and write
clean
D339DFF000
unkown
page read and write
clean
212E3F44000
unkown
page read and write
clean
212E4010000
unkown
page read and write
clean
22BC0500000
unkown
page read and write
clean
7FF5ACED0000
unkown
page readonly
clean
7FF5AD354000
unkown
page readonly
clean
7FF5E777E000
unkown
page readonly
clean
6BDB4FF000
unkown
page read and write
clean
212E1EED000
unkown
page read and write
clean
15ABCECE000
unkown
page read and write
clean
7FF58D302000
unkown
page readonly
clean
7FF4FBDC8000
unkown
page readonly
clean
204B9200000
unkown
page readonly
clean
2261F702000
unkown
page read and write
clean
242BF44E000
unkown
page read and write
clean
15ABEF65000
unkown
page read and write
clean
15AC0310000
unkown
page read and write
clean
7FF4FBB52000
unkown
page readonly
clean
7FF5DF1BF000
unkown
page readonly
clean
22BC0508000
unkown
page read and write
clean
242BF43C000
unkown
page read and write
clean
212E1E74000
unkown
page read and write
clean
56264FF000
unkown
page read and write
clean
212E3D40000
unkown
page read and write
clean
22BC0513000
unkown
page read and write
clean
7FF5AD37E000
unkown
page readonly
clean
15ABF03B000
unkown
page read and write
clean
22BC0450000
unkown
page read and write
clean
11E74FA000
unkown
page read and write
clean
15ABEFB4000
unkown
page read and write
clean
15ABCECF000
unkown
page read and write
clean
212E3CC0000
unkown
page read and write
clean
212E3D70000
unkown
page readonly
clean
7FF52447C000
unkown
page readonly
clean
15ABEC90000
heap private
page read and write
clean
212E2000000
unkown
page readonly
clean
1003E7E000
unkown
page read and write
clean
204B8750000
unkown
page read and write
clean
12902920000
unkown
page readonly
clean
7FF5DF244000
unkown
page readonly
clean
15ABEF52000
unkown
page read and write
clean
12902720000
unkown
page readonly
clean
15ABEF3E000
unkown
page read and write
clean
212E1EF3000
unkown
page read and write
clean
38AFD9B000
unkown
page read and write
clean
22BC0454000
unkown
page read and write
clean
100397B000
unkown
page read and write
clean
7FF52424B000
unkown
page readonly
clean
7FF524432000
unkown
page readonly
clean
7FF4FBFEA000
unkown
page readonly
clean
15ABEFA1000
unkown
page read and write
clean
7FF58D264000
unkown
page readonly
clean
212E3970000
unkown
page readonly
clean
7FF4FBDCF000
unkown
page readonly
clean
15ABCD30000
unkown
page readonly
clean
D339AFF000
unkown
page read and write
clean
7FF4FBEEB000
unkown
page readonly
clean
7FF52415F000
unkown
page readonly
clean
7FF524501000
unkown
page readonly
clean
7FF4EAEBD000
unkown
page readonly
clean
7FF5ACB14000
unkown
page readonly
clean
15ABEF00000
unkown
page read and write
clean
1003F7D000
unkown
page read and write
clean
7FF4EB6A4000
unkown
page readonly
clean
7FF4FC0DA000
unkown
page readonly
clean
22BC0600000
unkown
page readonly
clean
2261F800000
unkown
page readonly
clean
7FF58CDE5000
unkown
page readonly
clean
212E20D0000
unkown
page readonly
clean
212E1E13000
unkown
page read and write
clean
15ABCCC0000
heap private
page read and write
clean
212E1E54000
unkown
page read and write
clean
7FF5E74E6000
unkown
page readonly
clean
242BF500000
unkown
page read and write
clean
22BC0481000
unkown
page read and write
clean
212E3D40000
unkown
page read and write
clean
7FF5DF1DD000
unkown
page readonly
clean
204B8650000
heap default
page read and write
clean
7FF5DF165000
unkown
page readonly
clean
562677F000
unkown
page read and write
clean
7FF4EB6DD000
unkown
page readonly
clean
7FF4FBFC4000
unkown
page readonly
clean
1003CFB000
unkown
page read and write
clean
7FF4EB65A000
unkown
page readonly
clean
242BF513000
unkown
page read and write
clean
204B8913000
unkown
page read and write
clean
7FF5DF18F000
unkown
page readonly
clean
7FF58D26F000
unkown
page readonly
clean
7FF58D247000
unkown
page readonly
clean
7FF5E7812000
unkown
page readonly
clean
7FF4EB6B4000
unkown
page readonly
clean
7FF4EB752000
unkown
page readonly
clean
15ABEF3E000
unkown
page read and write
clean
7FF58D163000
unkown
page readonly
clean
98BF87E000
unkown
page read and write
clean
10038FC000
unkown
page read and write
clean
212E1D10000
heap private
page read and write
clean
7FF5DEED7000
unkown
page readonly
clean
15ABEF46000
unkown
page read and write
clean
7FF5E774F000
unkown
page readonly
clean
7FF4EAEC1000
unkown
page readonly
clean
22BC0458000
unkown
page read and write
clean
212E3F84000
unkown
page read and write
clean
7FF4FC007000
unkown
page readonly
clean
98BF57B000
unkown
page read and write
clean
7FF5DF1A4000
unkown
page readonly
clean
7FF5DF18C000
unkown
page readonly
clean
38B007E000
unkown
page read and write
clean
7FF524581000
unkown
page readonly
clean
242BF2F0000
unkown
page readonly
clean
7FF5AD38D000
unkown
page readonly
clean
7FF52448A000
unkown
page readonly
clean
7FF5244EE000
unkown
page readonly
clean
7FF5DF0CC000
unkown
page readonly
clean
7FF4FC061000
unkown
page readonly
clean
242BF3D0000
unkown
page readonly
clean
15ABCEC5000
unkown
page read and write
clean
7FF58CF87000
unkown
page readonly
clean
38B01F9000
unkown
page read and write
clean
7FF5DF1CE000
unkown
page readonly
clean
7FF5DF1C8000
unkown
page readonly
clean
7FF4FBE31000
unkown
page readonly
clean
212E1E29000
unkown
page read and write
clean
D33951C000
unkown
page read and write
clean
7FF5E76C2000
unkown
page readonly
clean
204B8849000
unkown
page read and write
clean
15ABCF60000
unkown
page read and write
clean
7FF4EB563000
unkown
page readonly
clean
7FF52457A000
unkown
page readonly
clean
15ABCED3000
unkown
page read and write
clean
15AC0110000
unkown
page read and write
clean
204B884B000
unkown
page read and write
clean
15ABF400000
unkown
page read and write
clean
38B027F000
unkown
page read and write
clean
15ABD3F0000
unkown
page readonly
clean
7FF58D0F1000
unkown
page readonly
clean
212E3F47000
unkown
page read and write
clean
10032FE000
unkown
page read and write
clean
11E757F000
unkown
page read and write
clean
7FF5244BC000
unkown
page readonly
clean
7FF5E7545000
unkown
page readonly
clean
204B8908000
unkown
page read and write
clean
15ABCECD000
unkown
page read and write
clean
7FF4EB600000
unkown
page readonly
clean
38B00FA000
unkown
page read and write
clean
7FF5DF177000
unkown
page readonly
clean
15ABECF0000
unkown
page read and write
clean
7FF58D10E000
unkown
page readonly
clean
7FF523CED000
unkown
page readonly
clean
1003D7A000
unkown
page read and write
clean
7FF4EB677000
unkown
page readonly
clean
15ABCE55000
unkown
page read and write
clean
10039FB000
unkown
page read and write
clean
22BC048F000
unkown
page read and write
clean
12902600000
unkown
page readonly
clean
7FF5244E4000
unkown
page readonly
clean
7FF4EB568000
unkown
page readonly
clean
242BF413000
unkown
page read and write
clean
204B8863000
unkown
page read and write
clean
212E3F13000
unkown
page read and write
clean
7FF52448E000
unkown
page readonly
clean
15ABECF0000
unkown
page readonly
clean
15ABF100000
unkown
page read and write
clean
15ABEFE5000
unkown
page read and write
clean
15ABEF7A000
unkown
page read and write
clean
7FF52445B000
unkown
page readonly
clean
15ABF013000
unkown
page read and write
clean
7FF524167000
unkown
page readonly
clean
98BFBF7000
unkown
page read and write
clean
12903FE0000
unkown
page readonly
clean
7FF58D286000
unkown
page readonly
clean
98BFDFD000
unkown
page read and write
clean
7FF58D2F4000
unkown
page readonly
clean
204B85F0000
heap private
page read and write
clean
212E3E02000
unkown
page read and write
clean
15ABCEF6000
unkown
page read and write
clean
7FF5AD33F000
unkown
page readonly
clean
212E3D50000
unkown
page readonly
clean
2261F5E0000
unkown
page readonly
clean
2261F659000
unkown
page read and write
clean
15ABEF78000
unkown
page read and write
clean
242BF280000
heap private
page read and write
clean
242BF42A000
unkown
page read and write
clean
12902402000
unkown
page read and write
clean
15ABCECF000
unkown
page read and write
clean
7FF5E76C0000
unkown
page readonly
clean
98BFAFF000
unkown
page read and write
clean
7FF5E7541000
unkown
page readonly
clean
15ABCF13000
unkown
page read and write
clean
7FF5DEEE0000
unkown
page readonly
clean
7FF5E7758000
unkown
page readonly
clean
7FF5DF1D6000
unkown
page readonly
clean
7FF4FC0E1000
unkown
page readonly
clean
7FF5242B5000
unkown
page readonly
clean
7FF4EB68F000
unkown
page readonly
clean
204B8850000
unkown
page read and write
clean
7FF5E7725000
unkown
page readonly
clean
6BDB3FD000
unkown
page read and write
clean
204B8A00000
unkown
page readonly
clean
204B884C000
unkown
page read and write
clean
7FF4EB623000
unkown
page readonly
clean
7FF58C8E0000
unkown
page readonly
clean
15ABCEA1000
unkown
page read and write
clean
7FF5AD20B000
unkown
page readonly
clean
10035FA000
unkown
page read and write
clean
7FF5AD25D000
unkown
page readonly
clean
7FF4EB6BE000
unkown
page readonly
clean
7FF5E774C000
unkown
page readonly
clean
204B8660000
unkown
page readonly
clean
22BC044D000
unkown
page read and write
clean
7FF5242C4000
unkown
page readonly
clean
7FF4FBEF3000
unkown
page readonly
clean
7FF4FBF36000
unkown
page readonly
clean
7FF58D278000
unkown
page readonly
clean
7FF5DF1B4000
unkown
page readonly
clean
7FF5244D4000
unkown
page readonly
clean
7FF5AD315000
unkown
page readonly
clean
7FF4FB84D000
unkown
page readonly
clean
7FF524422000
unkown
page readonly
clean
15ABF200000
unkown
page read and write
clean
7FF5DF15A000
unkown
page readonly
clean
212E5000000
unkown
page readonly
clean
204B8902000
unkown
page read and write
clean
7FF5DF0B3000
unkown
page readonly
clean
15ABF600000
unkown
page readonly
clean
15ABCECD000
unkown
page read and write
clean
7FF4FBDB6000
unkown
page readonly
clean
204B883C000
unkown
page read and write
clean
7FF524574000
unkown
page readonly
clean
7FF5ACED6000
unkown
page readonly
clean
15ABD250000
unkown
page readonly
clean
7FF5E7788000
unkown
page readonly
clean
7FF5242E1000
unkown
page readonly
clean
7FF523D91000
unkown
page readonly
clean
10033FA000
unkown
page read and write
clean
204B8900000
unkown
page read and write
clean
7FF58D17C000
unkown
page readonly
clean
7FF5DF160000
unkown
page readonly
clean
7FF4FBE24000
unkown
page readonly
clean
7FF5E7796000
unkown
page readonly
clean
7FF5E772B000
unkown
page readonly
clean
22BC0429000
unkown
page read and write
clean
7FF58D27E000
unkown
page readonly
clean
7FF524268000
unkown
page readonly
clean
7FF523FF2000
unkown
page readonly
clean
22BC0C02000
unkown
page read and write
clean
7FF523CF1000
unkown
page readonly
clean
204B8730000
unkown
page readonly
clean
7FF4FBE41000
unkown
page readonly
clean
204B884E000
unkown
page read and write
clean
7FF5DEFB1000
unkown
page readonly
clean
7FF524393000
unkown
page readonly
clean
7FF5AD30A000
unkown
page readonly
clean
7FF5244BF000
unkown
page readonly
clean
7FF5E73EA000
unkown
page readonly
clean
98BFA7B000
unkown
page read and write
clean
7FF4EB55B000
unkown
page readonly
clean
7FF5AD402000
unkown
page readonly
clean
7FF58D20E000
unkown
page readonly
clean
7FF52415A000
unkown
page readonly
clean
7FF58D210000
unkown
page readonly
clean
7FF4EB65E000
unkown
page readonly
clean
7FF5AD30E000
unkown
page readonly
clean
7FF5AD1F1000
unkown
page readonly
clean
56265FB000
unkown
page read and write
clean
7FF58D254000
unkown
page readonly
clean
7FF4EB68C000
unkown
page readonly
clean
7FF4FBE26000
unkown
page readonly
clean
15ABCE5A000
unkown
page read and write
clean
22BC044C000
unkown
page read and write
clean
7FF4FBF90000
unkown
page readonly
clean
7FF5DED35000
unkown
page readonly
clean
56262FF000
unkown
page read and write
clean
100347F000
unkown
page read and write
clean
7FF58D15D000
unkown
page readonly
clean
7FF5AD327000
unkown
page readonly
clean
7FF5DF1AA000
unkown
page readonly
clean
7FF4EB6CE000
unkown
page readonly
clean
12902513000
unkown
page read and write
clean
22620FA0000
unkown
page read and write
clean
212E3870000
unkown
page read and write
clean
7FF4FBE11000
unkown
page readonly
clean
15ABCE29000
unkown
page read and write
clean
212E3CE0000
heap private
page read and write
clean
212E1E3F000
unkown
page read and write
clean
2261F4B0000
heap default
page read and write
clean
100337B000
unkown
page read and write
clean
7FF524464000
unkown
page readonly
clean
22BC044B000
unkown
page read and write
clean
7FF5242B1000
unkown
page readonly
clean
15AC0210000
unkown
page read and write
clean
212E1E52000
unkown
page read and write
clean
7FF524453000
unkown
page readonly
clean
7FF58CDD0000
unkown
page readonly
clean
15ABD000000
unkown
page write copy
clean
7FF58D10B000
unkown
page readonly
clean
7FF5DE964000
unkown
page readonly
clean
204B8E60000
unkown
page readonly
clean
7FF524582000
unkown
page readonly
clean
100367B000
unkown
page read and write
clean
7FF5DF041000
unkown
page readonly
clean
7FF5AD36F000
unkown
page readonly
clean
7FF5244F8000
unkown
page readonly
clean
7FF58D1FA000
unkown
page readonly
clean
7FF4FC066000
unkown
page readonly
clean
There are 647 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://www.fema.gov/
clean
https://www.fema.gov/ht/disasters/coronavirus/economic/funeral-assistance
clean
https://www.fema.gov/disasters/coronavirus/economic/funeral-assistance#main-content
clean
https://www.fema.gov/vi/disasters/coronavirus/economic/funeral-assistance
clean
https://www.fema.gov/ko/disasters/coronavirus/economic/funeral-assistance
clean
https://www.fema.gov/es/disasters/coronavirus/funeral-assistance
clean
https://www.fema.gov/zh-hans/disasters/coronavirus/economic/funeral-assistance
clean
https://www.fema.gov/fr/disasters/coronavirus/economic/funeral-assistance
clean
https://www.fema.gov/disasters/coronavirus
clean
https://www.fema.gov/disasters/coronavirus/economic/funeral-assistance
clean
https://www.fema.gov/disasters/coronavirus/economic/funeral-assistance
clean
https://www.fema.gov/disasters/coronavirus
clean
There are 2 hidden doms, click here to show them.