Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\9e7eed51-bbcd-46fc-8633-7e5a77ce3744.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\08aac41a-66d0-4011-9b2a-dfb059d858c4.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1d85d7fe-893c-44f6-b300-54427c34a2d1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1e047116-7207-410e-adb4-bea3c976f2c2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6699a093-ab9b-4c7c-be39-7099f22548ef.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_coronavirus.app_0.indexeddb.leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_coronavirus.app_0.indexeddb.leveldb\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_coronavirus.app_0.indexeddb.leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_coronavirus.app_0.indexeddb.leveldb\MANIFEST-000001
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\MANIFEST-000001
|
PGP\011Secret Key -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index
|
ISO-8859 text, with no line terminators, with escape sequences
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\50a60833-b8e8-4875-a6d3-26ae9777c825.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a0b6c6dc-1149-4028-8ae4-71eced019ae6.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c2d5e802-eced-4b48-8cf9-8dae646a27f7.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c303e47f-0354-4e29-9207-bcbef35acdbe.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cd08325b-bce8-4a66-92d0-333e74c9a189.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\eee899ef-a8f1-4818-998d-78f5ebab86cb.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\f8eb1a5d-1194-44d7-a30f-c1c6ed774df2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\483fc9cc-59f1-414b-9b3d-9082409d7837.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\b0cbd0e2-4bf6-4007-a231-64a9f1501da3.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5260_1092485319\483fc9cc-59f1-414b-9b3d-9082409d7837.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5260_1092485319\CRX_INSTALL\_locales\bg\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5260_1092485319\CRX_INSTALL\_locales\ca\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5260_1092485319\CRX_INSTALL\_locales\cs\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5260_1092485319\CRX_INSTALL\_locales\da\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5260_1092485319\CRX_INSTALL\manifest.json
|
ASCII text
|
dropped
|
There are 42 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://coronavirus.app/map
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1600,4112005824756823223,7084380744987543912,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1964 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://coronavirus.app/map
|
|||
|
https://dns.google
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
|
104.17.24.14
|
||
|
https://progressier.com/client/resource-matching.js?v=lTQUwPOZMXaD
|
unknown
|
||
|
https://kbstt.github.io/cvd-crn-app/data/placelist.js?v=2022-05-24T01:39:09.410Z
|
185.199.109.153
|
||
|
https://progressier.com/client/sw.js?id=VAP1dMEmm5ag8v6vNcVya
|
unknown
|
||
|
https://coronavirus.app/map
|
|||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.185.110
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.184.205
|
||
|
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
|
104.17.24.14
|
||
|
https://kbstt.github.io/cvd-crn-app/js/app.js?v=356
|
185.199.109.153
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://coronavirus.app/map2
|
unknown
|
||
|
https://progressier.com/client/resource-matching.js?v=lTQUwPOZMXa
|
unknown
|
||
|
https://unpkg.com/shpjs@latest/dist/shp.js
|
104.16.124.175
|
||
|
https://unpkg.com/shpjs@4.0.2/dist/shp.js
|
104.16.124.175
|
||
|
https://kbstt.github.io/cvd-crn-app/flags/FR.svg
|
185.199.109.153
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://coronavirus.app/map
|
151.101.1.195
|
||
|
https://kbstt.github.io/cvd-crn-app/img/ripple.svg
|
185.199.109.153
|
||
|
https://www.google.com
|
unknown
|
||
|
https://kbstt.github.io/cvd-crn-app/js/charts.js
|
185.199.109.153
|
||
|
https://kbstt.github.io/cvd-crn-app/img/rolling.svg?v=5
|
185.199.109.153
|
||
|
https://kbstt.github.io/cvd-crn-app/data/checkpoints.js?v=2022-05-24T01:39:09.411Z
|
185.199.109.153
|
||
|
https://progressier.com/client/resource-matching.js?v=lTQUwPOZMX
|
unknown
|
||
|
https://kbstt.github.io/cvd-crn-app/css/styles.css?v=356
|
185.199.109.153
|
||
|
https://coronavirus.app/membership/retrieve
|
151.101.1.195
|
||
|
https://kbstt.github.io/cvd-crn-app/img/512.png
|
185.199.109.153
|
||
|
https://progressier.com/client/sw.js?id=VAP1dMEmm5ag8v6vNcVy
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://kbstt.github.io/cvd-crn-app/css/feather/fonts/feather.ttf?cuxgzj
|
185.199.109.153
|
||
|
https://progressier.com/client/get-app?version=1&id=VAP1dMEmm5ag8v6vNcVy
|
151.101.1.195
|
||
|
https://kbstt.github.io/cvd-crn-app/flags/CH.svg
|
185.199.109.153
|
||
|
https://unpkg.com/leaflet@1.6.0/dist/leaflet.css
|
104.16.124.175
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://kbstt.github.io/cvd-crn-app/css/feather/feather.css
|
185.199.109.153
|
||
|
https://unpkg.com/leaflet@1.6.0/dist/leaflet.js
|
104.16.124.175
|
||
|
https://progressier.com/client/script.js?id=VAP1dMEmm5ag8v6vNcVy
|
151.101.1.195
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://progressier.com
|
unknown
|
||
|
https://progressier.com/client/sw.js?id=VAP1dMEmm5ag8v6vNcVyaD
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://kbstt.github.io/cvd-crn-app/js/moment.min.js
|
185.199.109.153
|
||
|
https://kbstt.github.io/cvd-crn-app/img/hamburger.svg
|
185.199.109.153
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 36 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
142.250.184.227
|
||
|
accounts.google.com
|
142.250.184.205
|
||
|
www-google-analytics.l.google.com
|
142.250.185.238
|
||
|
stats.l.doubleclick.net
|
173.194.76.155
|
||
|
cdnjs.cloudflare.com
|
104.17.24.14
|
||
|
www-googletagmanager.l.google.com
|
142.250.186.168
|
||
|
kbstt.github.io
|
185.199.109.153
|
||
|
progressier.com
|
151.101.1.195
|
||
|
clients.l.google.com
|
142.250.185.110
|
||
|
unpkg.com
|
104.16.124.175
|
||
|
coronavirus.app
|
151.101.1.195
|
||
|
a.tile.openstreetmap.org
|
unknown
|
||
|
clients2.google.com
|
unknown
|
||
|
b.tile.openstreetmap.org
|
unknown
|
||
|
c.tile.openstreetmap.org
|
unknown
|
||
|
stats.g.doubleclick.net
|
unknown
|
There are 6 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
142.250.185.110
|
clients.l.google.com
|
United States
|
||
|
185.199.109.153
|
kbstt.github.io
|
Netherlands
|
||
|
151.101.1.195
|
progressier.com
|
United States
|
||
|
142.250.185.238
|
www-google-analytics.l.google.com
|
United States
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
104.16.124.175
|
unpkg.com
|
United States
|
||
|
142.250.184.205
|
accounts.google.com
|
United States
|
||
|
142.250.184.227
|
gstaticadssl.l.google.com
|
United States
|
||
|
142.250.186.168
|
www-googletagmanager.l.google.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
There are 3 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
There are 29 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2D004B93000
|
trusted library allocation
|
page read and write
|
||
|
F7A157F000
|
stack
|
page read and write
|
||
|
F7A11FE000
|
stack
|
page read and write
|
||
|
2D004BF0000
|
trusted library allocation
|
page read and write
|
||
|
2D004BF0000
|
trusted library allocation
|
page read and write
|
||
|
F7A137A000
|
stack
|
page read and write
|
||
|
2D000100000
|
trusted library section
|
page read and write
|
||
|
2D005050000
|
trusted library allocation
|
page read and write
|
||
|
2D004C9D000
|
heap
|
page read and write
|
||
|
2D0006A0000
|
trusted library allocation
|
page read and write
|
||
|
2D004F34000
|
trusted library allocation
|
page read and write
|
||
|
2D004B70000
|
trusted library allocation
|
page read and write
|
||
|
2D004CFA000
|
heap
|
page read and write
|
||
|
F7A16FD000
|
unkown
|
page read and write
|
||
|
F7A0F7F000
|
stack
|
page read and write
|
||
|
2D004F30000
|
trusted library allocation
|
page read and write
|
||
|
2D000780000
|
trusted library section
|
page readonly
|
||
|
E6F00FB000
|
stack
|
page read and write
|
||
|
2BD86202000
|
heap
|
page read and write
|
||
|
2BD86110000
|
trusted library allocation
|
page read and write
|
||
|
2D005050000
|
remote allocation
|
page read and write
|
||
|
2D000790000
|
trusted library section
|
page readonly
|
||
|
2BD85FA0000
|
heap
|
page read and write
|
||
|
E6F01FB000
|
stack
|
page read and write
|
||
|
2D07FF18000
|
heap
|
page read and write
|
||
|
2BD85FB0000
|
heap
|
page read and write
|
||
|
F7A0DFA000
|
stack
|
page read and write
|
||
|
2BD86240000
|
heap
|
page read and write
|
||
|
2D004C00000
|
heap
|
page read and write
|
||
|
2D004F00000
|
trusted library allocation
|
page read and write
|
||
|
2D0007D0000
|
trusted library section
|
page readonly
|
||
|
2D004C5C000
|
heap
|
page read and write
|
||
|
2D004F00000
|
trusted library allocation
|
page read and write
|
||
|
2D004FC0000
|
trusted library allocation
|
page read and write
|
||
|
F7A0BFA000
|
stack
|
page read and write
|
||
|
2BD86010000
|
heap
|
page read and write
|
||
|
2D004CF0000
|
heap
|
page read and write
|
||
|
2BD86A02000
|
trusted library allocation
|
page read and write
|
||
|
2BD86213000
|
heap
|
page read and write
|
||
|
2D004C3B000
|
heap
|
page read and write
|
||
|
2D000B21000
|
trusted library allocation
|
page read and write
|
||
|
2D004C48000
|
heap
|
page read and write
|
||
|
F7A0CFE000
|
stack
|
page read and write
|
||
|
2D004B90000
|
trusted library allocation
|
page read and write
|
||
|
2D004F21000
|
trusted library allocation
|
page read and write
|
||
|
2D000B40000
|
trusted library allocation
|
page read and write
|
||
|
2D07FF18000
|
heap
|
page read and write
|
||
|
2D004C20000
|
heap
|
page read and write
|
||
|
F7A127F000
|
stack
|
page read and write
|
||
|
2BD86200000
|
heap
|
page read and write
|
||
|
2D004C60000
|
heap
|
page read and write
|
||
|
2D000440000
|
trusted library allocation
|
page read and write
|
||
|
2D0007B0000
|
trusted library section
|
page readonly
|
||
|
2D004F08000
|
trusted library allocation
|
page read and write
|
||
|
2D004F24000
|
trusted library allocation
|
page read and write
|
||
|
2D004CAA000
|
heap
|
page read and write
|
||
|
F7A10FE000
|
stack
|
page read and write
|
||
|
2D000B43000
|
trusted library allocation
|
page read and write
|
||
|
2D004C11000
|
heap
|
page read and write
|
||
|
2D004F20000
|
trusted library allocation
|
page read and write
|
||
|
2D004BD0000
|
trusted library allocation
|
page read and write
|
||
|
2BD86252000
|
heap
|
page read and write
|
||
|
E6F02FB000
|
stack
|
page read and write
|
||
|
F7A0EFB000
|
stack
|
page read and write
|
||
|
2BD86302000
|
heap
|
page read and write
|
||
|
2D004C2D000
|
heap
|
page read and write
|
||
|
2D004B60000
|
trusted library allocation
|
page read and write
|
||
|
2BD86300000
|
heap
|
page read and write
|
||
|
2D005050000
|
remote allocation
|
page read and write
|
||
|
2D000130000
|
trusted library allocation
|
page read and write
|
||
|
F7A117F000
|
stack
|
page read and write
|
||
|
2D07FF58000
|
heap
|
page read and write
|
||
|
2D004CFE000
|
heap
|
page read and write
|
||
|
2D07FF59000
|
heap
|
page read and write
|
||
|
2D005050000
|
remote allocation
|
page read and write
|
||
|
2D0007A0000
|
trusted library section
|
page readonly
|
||
|
2BD86313000
|
heap
|
page read and write
|
||
|
2BD86228000
|
heap
|
page read and write
|
||
|
2D004CA0000
|
heap
|
page read and write
|
||
|
2D004CDD000
|
heap
|
page read and write
|
||
|
2BD8627A000
|
heap
|
page read and write
|
||
|
E6EFBDB000
|
stack
|
page read and write
|
||
|
2D0007C0000
|
trusted library section
|
page readonly
|
||
|
2D004B50000
|
trusted library allocation
|
page read and write
|
||
|
F7A05EB000
|
stack
|
page read and write
|
||
|
2D004CE1000
|
heap
|
page read and write
|
||
|
F7A107E000
|
stack
|
page read and write
|
||
|
2D004F0E000
|
trusted library allocation
|
page read and write
|
||
|
F7A09F7000
|
stack
|
page read and write
|
||
|
2D004CFA000
|
heap
|
page read and write
|
||
|
F7A0AF9000
|
stack
|
page read and write
|
||
|
2D000B50000
|
trusted library allocation
|
page read and write
|
||
|
2D004BE0000
|
trusted library allocation
|
page read and write
|
||
|
E6F03FF000
|
stack
|
page read and write
|
||
|
F7A147C000
|
stack
|
page read and write
|
||
|
F7A0FFF000
|
stack
|
page read and write
|
||
|
2D004CF2000
|
heap
|
page read and write
|
There are 87 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://coronavirus.app/map
|