Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
22C2BB54000
|
heap
|
page read and write
|
||
|
22C29CA2000
|
heap
|
page read and write
|
||
|
22C2BC32000
|
heap
|
page read and write
|
||
|
22C2BC3D000
|
heap
|
page read and write
|
||
|
22C2BB59000
|
heap
|
page read and write
|
||
|
22C2BCF1000
|
heap
|
page read and write
|
||
|
22C29CA1000
|
heap
|
page read and write
|
||
|
22C2BB37000
|
heap
|
page read and write
|
||
|
DCD287C000
|
stack
|
page read and write
|
||
|
22C29D0E000
|
heap
|
page read and write
|
||
|
22C29C18000
|
heap
|
page read and write
|
||
|
22C2BCBC000
|
heap
|
page read and write
|
||
|
22C2BC30000
|
heap
|
page read and write
|
||
|
22C2BB3F000
|
heap
|
page read and write
|
||
|
22C2BB45000
|
heap
|
page read and write
|
||
|
22C29CA9000
|
heap
|
page read and write
|
||
|
22C2BB3A000
|
heap
|
page read and write
|
||
|
DCD24FF000
|
stack
|
page read and write
|
||
|
22C2BC89000
|
heap
|
page read and write
|
||
|
22C2BB59000
|
heap
|
page read and write
|
||
|
22C2BC5F000
|
heap
|
page read and write
|
||
|
22C2BB51000
|
heap
|
page read and write
|
||
|
22C2BCAF000
|
heap
|
page read and write
|
||
|
22C29CE2000
|
heap
|
page read and write
|
||
|
22C2BC9C000
|
heap
|
page read and write
|
||
|
22C2BB5D000
|
heap
|
page read and write
|
||
|
22C2BB5A000
|
heap
|
page read and write
|
||
|
22C2BC32000
|
heap
|
page read and write
|
||
|
22C2BCD1000
|
heap
|
page read and write
|
||
|
22C2BB6E000
|
heap
|
page read and write
|
||
|
22C2BB5D000
|
heap
|
page read and write
|
||
|
22C29BE0000
|
heap
|
page read and write
|
||
|
22C2BCD1000
|
heap
|
page read and write
|
||
|
22C2BC36000
|
heap
|
page read and write
|
||
|
22C2BB5A000
|
heap
|
page read and write
|
||
|
22C29CBA000
|
heap
|
page read and write
|
||
|
22C2BC4C000
|
heap
|
page read and write
|
||
|
22C2BC4C000
|
heap
|
page read and write
|
||
|
22C2BB68000
|
heap
|
page read and write
|
||
|
22C2BCBB000
|
heap
|
page read and write
|
||
|
22C2BB54000
|
heap
|
page read and write
|
||
|
22C2BB3B000
|
heap
|
page read and write
|
||
|
22C2BC2C000
|
heap
|
page read and write
|
||
|
22C2BB54000
|
heap
|
page read and write
|
||
|
22C2BB25000
|
heap
|
page read and write
|
||
|
22C2BC9A000
|
heap
|
page read and write
|
||
|
DCD29FE000
|
stack
|
page read and write
|
||
|
22C2BC2A000
|
heap
|
page read and write
|
||
|
22C2BB40000
|
heap
|
page read and write
|
||
|
22C2BB4A000
|
heap
|
page read and write
|
||
|
22C2BB10000
|
heap
|
page read and write
|
||
|
22C2BB4E000
|
heap
|
page read and write
|
||
|
22C2E55A000
|
heap
|
page read and write
|
||
|
22C2BB59000
|
heap
|
page read and write
|
||
|
22C2BB5E000
|
heap
|
page read and write
|
||
|
22C2BB5D000
|
heap
|
page read and write
|
||
|
22C2BB5D000
|
heap
|
page read and write
|
||
|
22C2BB46000
|
heap
|
page read and write
|
||
|
22C2BC32000
|
heap
|
page read and write
|
||
|
22C2B535000
|
heap
|
page read and write
|
||
|
22C29CC7000
|
heap
|
page read and write
|
||
|
22C29CB1000
|
heap
|
page read and write
|
||
|
22C2B5F0000
|
heap
|
page read and write
|
||
|
22C2BC3D000
|
heap
|
page read and write
|
||
|
22C2BC36000
|
heap
|
page read and write
|
||
|
22C29CAD000
|
heap
|
page read and write
|
||
|
22C2BB4B000
|
heap
|
page read and write
|
||
|
22C29CB1000
|
heap
|
page read and write
|
||
|
22C2BC22000
|
heap
|
page read and write
|
||
|
22C29CDF000
|
heap
|
page read and write
|
||
|
22C2BCEE000
|
heap
|
page read and write
|
||
|
22C2E830000
|
heap
|
page read and write
|
||
|
22C2BCCA000
|
heap
|
page read and write
|
||
|
22C29CC8000
|
heap
|
page read and write
|
||
|
22C2BC34000
|
heap
|
page read and write
|
||
|
22C2BC9C000
|
heap
|
page read and write
|
||
|
22C2BB59000
|
heap
|
page read and write
|
||
|
22C2BB4E000
|
heap
|
page read and write
|
||
|
22C2BB4A000
|
heap
|
page read and write
|
||
|
22C2E55C000
|
heap
|
page read and write
|
||
|
22C2BB45000
|
heap
|
page read and write
|
||
|
22C2BCD8000
|
heap
|
page read and write
|
||
|
22C2BCAB000
|
heap
|
page read and write
|
||
|
22C2BC9C000
|
heap
|
page read and write
|
||
|
22C29CD5000
|
heap
|
page read and write
|
||
|
22C2BB4E000
|
heap
|
page read and write
|
||
|
22C2BB21000
|
heap
|
page read and write
|
||
|
22C2BCF1000
|
heap
|
page read and write
|
||
|
22C2BCF1000
|
heap
|
page read and write
|
||
|
22C30620000
|
heap
|
page readonly
|
||
|
22C2BC4C000
|
heap
|
page read and write
|
||
|
22C2BB45000
|
heap
|
page read and write
|
||
|
22C2BC86000
|
heap
|
page read and write
|
||
|
22C2BCB9000
|
heap
|
page read and write
|
||
|
22C2BB40000
|
heap
|
page read and write
|
||
|
22C29C80000
|
heap
|
page read and write
|
||
|
22C2BCBA000
|
heap
|
page read and write
|
||
|
22C2E55F000
|
heap
|
page read and write
|
||
|
22C2BB68000
|
heap
|
page read and write
|
||
|
22C2BC16000
|
heap
|
page read and write
|
||
|
22C2BB62000
|
heap
|
page read and write
|
||
|
22C2BCD1000
|
heap
|
page read and write
|
||
|
22C2BCCA000
|
heap
|
page read and write
|
||
|
22C2BC2C000
|
heap
|
page read and write
|
||
|
22C2BC34000
|
heap
|
page read and write
|
||
|
22C2BCBC000
|
heap
|
page read and write
|
||
|
22C2BB5D000
|
heap
|
page read and write
|
||
|
22C2BC9E000
|
heap
|
page read and write
|
||
|
22C2BB54000
|
heap
|
page read and write
|
||
|
22C2BCED000
|
heap
|
page read and write
|
||
|
22C2BC62000
|
heap
|
page read and write
|
||
|
22C2BB54000
|
heap
|
page read and write
|
||
|
22C2BCEB000
|
heap
|
page read and write
|
||
|
22C2BCF1000
|
heap
|
page read and write
|
||
|
22C2BB55000
|
heap
|
page read and write
|
||
|
22C2E740000
|
trusted library allocation
|
page read and write
|
||
|
22C2BC9A000
|
heap
|
page read and write
|
||
|
22C2BC9C000
|
heap
|
page read and write
|
||
|
22C2BC1F000
|
heap
|
page read and write
|
||
|
22C2BB59000
|
heap
|
page read and write
|
||
|
22C2BB33000
|
heap
|
page read and write
|
||
|
22C2BB3F000
|
heap
|
page read and write
|
||
|
22C2BB2B000
|
heap
|
page read and write
|
||
|
22C2BB45000
|
heap
|
page read and write
|
||
|
22C2BC46000
|
heap
|
page read and write
|
||
|
22C2BCE8000
|
heap
|
page read and write
|
||
|
22C2BC46000
|
heap
|
page read and write
|
||
|
22C2BCD8000
|
heap
|
page read and write
|
||
|
22C29CBC000
|
heap
|
page read and write
|
||
|
22C2BB59000
|
heap
|
page read and write
|
||
|
DCD28FB000
|
stack
|
page read and write
|
||
|
22C2BB29000
|
heap
|
page read and write
|
||
|
22C2BCD8000
|
heap
|
page read and write
|
||
|
22C29CBC000
|
heap
|
page read and write
|
||
|
22C29CBC000
|
heap
|
page read and write
|
||
|
22C2BC17000
|
heap
|
page read and write
|
||
|
DCD247E000
|
stack
|
page read and write
|
||
|
22C2BB68000
|
heap
|
page read and write
|
||
|
22C2BCBE000
|
heap
|
page read and write
|
||
|
22C2BB68000
|
heap
|
page read and write
|
||
|
22C29CDF000
|
heap
|
page read and write
|
||
|
22C2BCCA000
|
heap
|
page read and write
|
||
|
22C2BC3D000
|
heap
|
page read and write
|
||
|
22C29CBB000
|
heap
|
page read and write
|
||
|
22C2BCED000
|
heap
|
page read and write
|
||
|
22C2BC9C000
|
heap
|
page read and write
|
||
|
22C2BCBC000
|
heap
|
page read and write
|
||
|
22C29CAA000
|
heap
|
page read and write
|
||
|
DCD25FC000
|
stack
|
page read and write
|
||
|
22C2BC2A000
|
heap
|
page read and write
|
||
|
22C2BC9A000
|
heap
|
page read and write
|
||
|
22C2E540000
|
heap
|
page read and write
|
||
|
22C29D0E000
|
heap
|
page read and write
|
||
|
22C2BB62000
|
heap
|
page read and write
|
||
|
22C29CDA000
|
heap
|
page read and write
|
||
|
22C2BCBC000
|
heap
|
page read and write
|
||
|
22C2BB59000
|
heap
|
page read and write
|
||
|
22C2BC4C000
|
heap
|
page read and write
|
||
|
22C2BB4E000
|
heap
|
page read and write
|
||
|
22C29AC0000
|
heap
|
page read and write
|
||
|
22C2BB4E000
|
heap
|
page read and write
|
||
|
22C2BC9A000
|
heap
|
page read and write
|
||
|
22C2BB54000
|
heap
|
page read and write
|
||
|
22C29CB9000
|
heap
|
page read and write
|
||
|
DCD2137000
|
stack
|
page read and write
|
||
|
22C2BB4A000
|
heap
|
page read and write
|
||
|
22C29CFA000
|
heap
|
page read and write
|
||
|
22C2BB59000
|
heap
|
page read and write
|
||
|
22C29D04000
|
heap
|
page read and write
|
||
|
22C2BCBE000
|
heap
|
page read and write
|
||
|
22C2BB28000
|
heap
|
page read and write
|
||
|
22C29BA0000
|
heap
|
page read and write
|
||
|
22C2E556000
|
heap
|
page read and write
|
||
|
22C2BB62000
|
heap
|
page read and write
|
||
|
22C2BCEB000
|
heap
|
page read and write
|
||
|
22C2BCD8000
|
heap
|
page read and write
|
||
|
22C29CB1000
|
heap
|
page read and write
|
||
|
22C2BCD1000
|
heap
|
page read and write
|
||
|
22C2BB62000
|
heap
|
page read and write
|
||
|
22C29CB0000
|
heap
|
page read and write
|
||
|
22C2BCCA000
|
heap
|
page read and write
|
||
|
22C2B530000
|
heap
|
page read and write
|
||
|
22C2BB4E000
|
heap
|
page read and write
|
||
|
22C29CFD000
|
heap
|
page read and write
|
||
|
22C2BCB2000
|
heap
|
page read and write
|
||
|
22C2BCD1000
|
heap
|
page read and write
|
||
|
22C29CC2000
|
heap
|
page read and write
|
||
|
22C2BC46000
|
heap
|
page read and write
|
||
|
22C29CAF000
|
heap
|
page read and write
|
||
|
22C2BB38000
|
heap
|
page read and write
|
||
|
22C29CBD000
|
heap
|
page read and write
|
||
|
22C29CDF000
|
heap
|
page read and write
|
||
|
22C29CA9000
|
heap
|
page read and write
|
||
|
22C2BCED000
|
heap
|
page read and write
|
||
|
22C29CA9000
|
heap
|
page read and write
|
||
|
22C2BB62000
|
heap
|
page read and write
|
||
|
22C2BB5D000
|
heap
|
page read and write
|
||
|
22C2BCCA000
|
heap
|
page read and write
|
||
|
22C2BC3D000
|
heap
|
page read and write
|
||
|
22C2BC9A000
|
heap
|
page read and write
|
||
|
22C2BB68000
|
heap
|
page read and write
|
||
|
22C2BB32000
|
heap
|
page read and write
|
||
|
22C29CFD000
|
heap
|
page read and write
|
||
|
22C2BB68000
|
heap
|
page read and write
|
||
|
22C29CF5000
|
heap
|
page read and write
|
||
|
DCD21BE000
|
stack
|
page read and write
|
||
|
22C2E553000
|
heap
|
page read and write
|
||
|
DCD257E000
|
stack
|
page read and write
|
||
|
22C2BCEB000
|
heap
|
page read and write
|
||
|
22C2BB54000
|
heap
|
page read and write
|
||
|
22C2BC30000
|
heap
|
page read and write
|
||
|
22C2BCD8000
|
heap
|
page read and write
|
||
|
22C2BB69000
|
heap
|
page read and write
|
||
|
22C2BCE8000
|
heap
|
page read and write
|
||
|
22C2BCF1000
|
heap
|
page read and write
|
||
|
22C2BB35000
|
heap
|
page read and write
|
||
|
22C2BB62000
|
heap
|
page read and write
|
||
|
22C2E530000
|
heap
|
page read and write
|
||
|
22C2BB3F000
|
heap
|
page read and write
|
||
|
22C2BC2E000
|
heap
|
page read and write
|
||
|
22C2BC36000
|
heap
|
page read and write
|
||
|
22C29CC3000
|
heap
|
page read and write
|
||
|
22C2BC34000
|
heap
|
page read and write
|
||
|
22C2BC10000
|
heap
|
page read and write
|
||
|
22C2BB62000
|
heap
|
page read and write
|
||
|
22C2BCBE000
|
heap
|
page read and write
|
||
|
22C2BC15000
|
heap
|
page read and write
|
||
|
22C29CB1000
|
heap
|
page read and write
|
||
|
22C29CCC000
|
heap
|
page read and write
|
||
|
22C2BCE8000
|
heap
|
page read and write
|
||
|
22C2BCB9000
|
heap
|
page read and write
|
||
|
22C2BB59000
|
heap
|
page read and write
|
||
|
22C2BB45000
|
heap
|
page read and write
|
||
|
22C2BB4E000
|
heap
|
page read and write
|
||
|
22C2BC2E000
|
heap
|
page read and write
|
||
|
22C2BB2B000
|
heap
|
page read and write
|
||
|
22C2BCB2000
|
heap
|
page read and write
|
||
|
22C2BB59000
|
heap
|
page read and write
|
||
|
22C2E551000
|
heap
|
page read and write
|
||
|
22C2BCED000
|
heap
|
page read and write
|
||
|
22C2E534000
|
heap
|
page read and write
|
||
|
22C2BB3B000
|
heap
|
page read and write
|
||
|
22C2BCE8000
|
heap
|
page read and write
|
||
|
7DF4B93F1000
|
trusted library allocation
|
page execute read
|
||
|
22C2BB3F000
|
heap
|
page read and write
|
||
|
22C29CD4000
|
heap
|
page read and write
|
||
|
22C2BC30000
|
heap
|
page read and write
|
||
|
22C29CD8000
|
heap
|
page read and write
|
||
|
22C2BCE8000
|
heap
|
page read and write
|
||
|
22C29CA1000
|
heap
|
page read and write
|
||
|
22C2DD60000
|
trusted library allocation
|
page read and write
|
||
|
22C2BD0C000
|
heap
|
page read and write
|
||
|
22C29C10000
|
heap
|
page read and write
|
||
|
22C29CC6000
|
heap
|
page read and write
|
||
|
22C2BCBE000
|
heap
|
page read and write
|
||
|
22C2BCA9000
|
heap
|
page read and write
|
||
|
DCD267B000
|
stack
|
page read and write
|
||
|
22C29C9D000
|
heap
|
page read and write
|
||
|
22C2BB20000
|
heap
|
page read and write
|
||
|
22C2BCEB000
|
heap
|
page read and write
|
||
|
22C2BC99000
|
heap
|
page read and write
|
||
|
22C29CB1000
|
heap
|
page read and write
|
||
|
22C29CA1000
|
heap
|
page read and write
|
||
|
22C2BB65000
|
heap
|
page read and write
|
||
|
22C2BB68000
|
heap
|
page read and write
|
||
|
22C2BB4A000
|
heap
|
page read and write
|
There are 256 hidden memdumps, click here to show them.