Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1A14C060000
|
heap
|
page read and write
|
||
|
1A14A078000
|
heap
|
page read and write
|
||
|
1A14BFBF000
|
heap
|
page read and write
|
||
|
1A14C0F1000
|
heap
|
page read and write
|
||
|
1A14C0A9000
|
heap
|
page read and write
|
||
|
1A14BF8B000
|
heap
|
page read and write
|
||
|
1A14C15C000
|
heap
|
page read and write
|
||
|
1A14C130000
|
heap
|
page read and write
|
||
|
5755BFE000
|
stack
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14BF60000
|
heap
|
page read and write
|
||
|
1A14A0A3000
|
heap
|
page read and write
|
||
|
1A14BF9B000
|
heap
|
page read and write
|
||
|
1A14E7F1000
|
heap
|
page read and write
|
||
|
1A14A0A2000
|
heap
|
page read and write
|
||
|
1A14A039000
|
heap
|
page read and write
|
||
|
1A14BF93000
|
heap
|
page read and write
|
||
|
1A14C12B000
|
heap
|
page read and write
|
||
|
1A14C072000
|
heap
|
page read and write
|
||
|
1A14BF74000
|
heap
|
page read and write
|
||
|
1A14C0A9000
|
heap
|
page read and write
|
||
|
1A14C12C000
|
heap
|
page read and write
|
||
|
1A14BFAE000
|
heap
|
page read and write
|
||
|
1A14C0B1000
|
heap
|
page read and write
|
||
|
1A14A08A000
|
heap
|
page read and write
|
||
|
1A14BFA5000
|
heap
|
page read and write
|
||
|
1A14A0A1000
|
heap
|
page read and write
|
||
|
1A14BFBC000
|
heap
|
page read and write
|
||
|
1A14BFA5000
|
heap
|
page read and write
|
||
|
1A14BF8B000
|
heap
|
page read and write
|
||
|
575587E000
|
stack
|
page read and write
|
||
|
1A14BF8F000
|
heap
|
page read and write
|
||
|
1A14C131000
|
heap
|
page read and write
|
||
|
1A14C09A000
|
heap
|
page read and write
|
||
|
1A14A0E0000
|
heap
|
page read and write
|
||
|
1A14C0B1000
|
heap
|
page read and write
|
||
|
1A14E7EB000
|
heap
|
page read and write
|
||
|
1A14B8C0000
|
heap
|
page read and write
|
||
|
1A14A081000
|
heap
|
page read and write
|
||
|
1A14A07A000
|
heap
|
page read and write
|
||
|
1A14BFAE000
|
heap
|
page read and write
|
||
|
1A14E7B7000
|
heap
|
page read and write
|
||
|
1A14BF9E000
|
heap
|
page read and write
|
||
|
1A149FE0000
|
heap
|
page read and write
|
||
|
1A14BF7C000
|
heap
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14BF9E000
|
heap
|
page read and write
|
||
|
1A14C12B000
|
heap
|
page read and write
|
||
|
1A14A08A000
|
heap
|
page read and write
|
||
|
1A14C12B000
|
heap
|
page read and write
|
||
|
1A14BFA5000
|
heap
|
page read and write
|
||
|
1A14C150000
|
heap
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14C150000
|
heap
|
page read and write
|
||
|
1A14C11B000
|
heap
|
page read and write
|
||
|
1A14BF89000
|
heap
|
page read and write
|
||
|
1A14BFAE000
|
heap
|
page read and write
|
||
|
1A14C092000
|
heap
|
page read and write
|
||
|
1A14BF90000
|
heap
|
page read and write
|
||
|
5755AFB000
|
stack
|
page read and write
|
||
|
1A14A090000
|
heap
|
page read and write
|
||
|
1A14BF9E000
|
heap
|
page read and write
|
||
|
1A14C0B1000
|
heap
|
page read and write
|
||
|
1A14C109000
|
heap
|
page read and write
|
||
|
1A14A0A0000
|
heap
|
page read and write
|
||
|
1A14A072000
|
heap
|
page read and write
|
||
|
1A14BF9E000
|
heap
|
page read and write
|
||
|
1A14A08A000
|
heap
|
page read and write
|
||
|
1A14C09A000
|
heap
|
page read and write
|
||
|
1A14A08A000
|
heap
|
page read and write
|
||
|
1A14C0EE000
|
heap
|
page read and write
|
||
|
1A14A088000
|
heap
|
page read and write
|
||
|
1A14C136000
|
heap
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14BF9E000
|
heap
|
page read and write
|
||
|
1A14C10B000
|
heap
|
page read and write
|
||
|
1A14BFAE000
|
heap
|
page read and write
|
||
|
1A14C0A1000
|
heap
|
page read and write
|
||
|
1A14C0E7000
|
heap
|
page read and write
|
||
|
1A14BF8F000
|
heap
|
page read and write
|
||
|
1A14C11B000
|
heap
|
page read and write
|
||
|
1A14C11D000
|
heap
|
page read and write
|
||
|
1A14C096000
|
heap
|
page read and write
|
||
|
1A14BFB3000
|
heap
|
page read and write
|
||
|
1A14A09E000
|
heap
|
page read and write
|
||
|
1A14BF93000
|
heap
|
page read and write
|
||
|
1A14BFAE000
|
heap
|
page read and write
|
||
|
1A14C086000
|
heap
|
page read and write
|
||
|
1A14E7B0000
|
heap
|
page read and write
|
||
|
1A14BFA5000
|
heap
|
page read and write
|
||
|
1A14C11B000
|
heap
|
page read and write
|
||
|
1A14BF7C000
|
heap
|
page read and write
|
||
|
1A14C12B000
|
heap
|
page read and write
|
||
|
1A14A0CE000
|
heap
|
page read and write
|
||
|
1A14BF99000
|
heap
|
page read and write
|
||
|
1A14C133000
|
heap
|
page read and write
|
||
|
1A14C109000
|
heap
|
page read and write
|
||
|
1A14BF70000
|
heap
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14C094000
|
heap
|
page read and write
|
||
|
1A14C102000
|
heap
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14BF99000
|
heap
|
page read and write
|
||
|
1A14BF93000
|
heap
|
page read and write
|
||
|
1A14C102000
|
heap
|
page read and write
|
||
|
1A14BF9E000
|
heap
|
page read and write
|
||
|
1A14BFA2000
|
heap
|
page read and write
|
||
|
1A14C0A1000
|
heap
|
page read and write
|
||
|
1A14C102000
|
heap
|
page read and write
|
||
|
1A14C092000
|
heap
|
page read and write
|
||
|
1A14BF90000
|
heap
|
page read and write
|
||
|
1A14BFAE000
|
heap
|
page read and write
|
||
|
1A14E7C0000
|
heap
|
page read and write
|
||
|
1A14C0FB000
|
heap
|
page read and write
|
||
|
1A14BFB3000
|
heap
|
page read and write
|
||
|
1A14C098000
|
heap
|
page read and write
|
||
|
1A14E7EC000
|
heap
|
page read and write
|
||
|
1A14C086000
|
heap
|
page read and write
|
||
|
1A14C09A000
|
heap
|
page read and write
|
||
|
1A14BFAE000
|
heap
|
page read and write
|
||
|
1A14C109000
|
heap
|
page read and write
|
||
|
1A14BA60000
|
heap
|
page read and write
|
||
|
1A14C072000
|
heap
|
page read and write
|
||
|
1A150AB0000
|
heap
|
page readonly
|
||
|
1A14BF99000
|
heap
|
page read and write
|
||
|
1A14C0FB000
|
heap
|
page read and write
|
||
|
575577E000
|
stack
|
page read and write
|
||
|
1A14BF8F000
|
heap
|
page read and write
|
||
|
1A14E1B0000
|
trusted library allocation
|
page read and write
|
||
|
1A14BF70000
|
heap
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14BFB3000
|
heap
|
page read and write
|
||
|
1A14BF8A000
|
heap
|
page read and write
|
||
|
1A14BF99000
|
heap
|
page read and write
|
||
|
1A14C0B1000
|
heap
|
page read and write
|
||
|
1A14C11B000
|
heap
|
page read and write
|
||
|
1A14A0B9000
|
heap
|
page read and write
|
||
|
1A14BF9E000
|
heap
|
page read and write
|
||
|
1A14A0AD000
|
heap
|
page read and write
|
||
|
1A14A081000
|
heap
|
page read and write
|
||
|
1A14A085000
|
heap
|
page read and write
|
||
|
1A14E7F9000
|
heap
|
page read and write
|
||
|
1A14C0A1000
|
heap
|
page read and write
|
||
|
57558FB000
|
stack
|
page read and write
|
||
|
1A14C0A9000
|
heap
|
page read and write
|
||
|
1A14A090000
|
heap
|
page read and write
|
||
|
1A14BF99000
|
heap
|
page read and write
|
||
|
1A14A078000
|
heap
|
page read and write
|
||
|
1A14C102000
|
heap
|
page read and write
|
||
|
1A14E7BB000
|
heap
|
page read and write
|
||
|
1A14A0A1000
|
heap
|
page read and write
|
||
|
575539E000
|
stack
|
page read and write
|
||
|
1A14C0A1000
|
heap
|
page read and write
|
||
|
1A14C07F000
|
heap
|
page read and write
|
||
|
1A14A0AF000
|
heap
|
page read and write
|
||
|
1A14A03E000
|
heap
|
page read and write
|
||
|
1A14BFA5000
|
heap
|
page read and write
|
||
|
1A14C098000
|
heap
|
page read and write
|
||
|
1A14A0B3000
|
heap
|
page read and write
|
||
|
1A14BA65000
|
heap
|
page read and write
|
||
|
1A14BFAB000
|
heap
|
page read and write
|
||
|
1A14A08E000
|
heap
|
page read and write
|
||
|
57556FE000
|
stack
|
page read and write
|
||
|
1A14BFB3000
|
heap
|
page read and write
|
||
|
1A14A0AF000
|
heap
|
page read and write
|
||
|
1A14A083000
|
heap
|
page read and write
|
||
|
1A14C090000
|
heap
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14BF7A000
|
heap
|
page read and write
|
||
|
1A14C11D000
|
heap
|
page read and write
|
||
|
1A14A0A1000
|
heap
|
page read and write
|
||
|
1A14BF86000
|
heap
|
page read and write
|
||
|
1A14E7C6000
|
heap
|
page read and write
|
||
|
1A14BF99000
|
heap
|
page read and write
|
||
|
1A14BFAE000
|
heap
|
page read and write
|
||
|
1A14E7DA000
|
heap
|
page read and write
|
||
|
1A14A080000
|
heap
|
page read and write
|
||
|
1A14BFAE000
|
heap
|
page read and write
|
||
|
1A14EBD0000
|
trusted library allocation
|
page read and write
|
||
|
1A14BF9E000
|
heap
|
page read and write
|
||
|
1A14BF9E000
|
heap
|
page read and write
|
||
|
1A14C086000
|
heap
|
page read and write
|
||
|
1A14C120000
|
heap
|
page read and write
|
||
|
57557FB000
|
stack
|
page read and write
|
||
|
1A14BF9E000
|
heap
|
page read and write
|
||
|
1A14A072000
|
heap
|
page read and write
|
||
|
1A14C120000
|
heap
|
page read and write
|
||
|
1A14A0AE000
|
heap
|
page read and write
|
||
|
1A14BF8F000
|
heap
|
page read and write
|
||
|
1A14C0E9000
|
heap
|
page read and write
|
||
|
1A14C098000
|
heap
|
page read and write
|
||
|
1A14C0E5000
|
heap
|
page read and write
|
||
|
1A14C11D000
|
heap
|
page read and write
|
||
|
1A14A090000
|
heap
|
page read and write
|
||
|
1A14BFBB000
|
heap
|
page read and write
|
||
|
1A14E7B3000
|
heap
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14BFA5000
|
heap
|
page read and write
|
||
|
1A14BF9E000
|
heap
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14C12B000
|
heap
|
page read and write
|
||
|
1A14C086000
|
heap
|
page read and write
|
||
|
1A14C137000
|
heap
|
page read and write
|
||
|
1A14C102000
|
heap
|
page read and write
|
||
|
1A14C0FB000
|
heap
|
page read and write
|
||
|
1A14BF7C000
|
heap
|
page read and write
|
||
|
1A14C11B000
|
heap
|
page read and write
|
||
|
1A14BF95000
|
heap
|
page read and write
|
||
|
1A14BF8F000
|
heap
|
page read and write
|
||
|
1A14BF9A000
|
heap
|
page read and write
|
||
|
1A14BF94000
|
heap
|
page read and write
|
||
|
1A14BF93000
|
heap
|
page read and write
|
||
|
1A14C15D000
|
heap
|
page read and write
|
||
|
1A14BF7C000
|
heap
|
page read and write
|
||
|
1A14C150000
|
heap
|
page read and write
|
||
|
1A14BFA1000
|
heap
|
page read and write
|
||
|
1A14A03D000
|
heap
|
page read and write
|
||
|
1A14BF9E000
|
heap
|
page read and write
|
||
|
1A14C092000
|
heap
|
page read and write
|
||
|
1A14A081000
|
heap
|
page read and write
|
||
|
1A14A09A000
|
heap
|
page read and write
|
||
|
1A14B8E0000
|
heap
|
page read and write
|
||
|
1A14C109000
|
heap
|
page read and write
|
||
|
1A14BFAE000
|
heap
|
page read and write
|
||
|
1A14A0D6000
|
heap
|
page read and write
|
||
|
1A14BF78000
|
heap
|
page read and write
|
||
|
1A14A071000
|
heap
|
page read and write
|
||
|
1A14BFA5000
|
heap
|
page read and write
|
||
|
1A14BFB3000
|
heap
|
page read and write
|
||
|
1A14A0BB000
|
heap
|
page read and write
|
||
|
1A14BFA5000
|
heap
|
page read and write
|
||
|
1A14C12B000
|
heap
|
page read and write
|
||
|
1A14C11C000
|
heap
|
page read and write
|
||
|
1A14BF76000
|
heap
|
page read and write
|
||
|
1A14E7FB000
|
heap
|
page read and write
|
||
|
1A14A0B2000
|
heap
|
page read and write
|
||
|
1A14BFA5000
|
heap
|
page read and write
|
||
|
1A14C0FB000
|
heap
|
page read and write
|
||
|
1A14BFA5000
|
heap
|
page read and write
|
||
|
1A14BFAC000
|
heap
|
page read and write
|
||
|
1A14C094000
|
heap
|
page read and write
|
||
|
1A14C090000
|
heap
|
page read and write
|
||
|
1A14C094000
|
heap
|
page read and write
|
||
|
1A14A078000
|
heap
|
page read and write
|
||
|
1A14C109000
|
heap
|
page read and write
|
||
|
1A14BF93000
|
heap
|
page read and write
|
||
|
1A14A097000
|
heap
|
page read and write
|
||
|
1A14BF99000
|
heap
|
page read and write
|
||
|
1A14E7EB000
|
heap
|
page read and write
|
||
|
1A14C0A1000
|
heap
|
page read and write
|
||
|
1A14A086000
|
heap
|
page read and write
|
||
|
1A14C102000
|
heap
|
page read and write
|
||
|
1A14A090000
|
heap
|
page read and write
|
||
|
1A14BF83000
|
heap
|
page read and write
|
||
|
1A14C090000
|
heap
|
page read and write
|
||
|
1A14A078000
|
heap
|
page read and write
|
||
|
1A14BFA5000
|
heap
|
page read and write
|
||
|
1A14E7F3000
|
heap
|
page read and write
|
||
|
1A149F00000
|
heap
|
page read and write
|
||
|
1A14BFAB000
|
heap
|
page read and write
|
||
|
1A14C096000
|
heap
|
page read and write
|
||
|
1A14C11B000
|
heap
|
page read and write
|
||
|
1A14BFAE000
|
heap
|
page read and write
|
||
|
1A14C0FB000
|
heap
|
page read and write
|
||
|
1A14C0A1000
|
heap
|
page read and write
|
||
|
1A14C12B000
|
heap
|
page read and write
|
||
|
1A14BFB3000
|
heap
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14BFB3000
|
heap
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14C096000
|
heap
|
page read and write
|
||
|
1A14A094000
|
heap
|
page read and write
|
||
|
1A14BF99000
|
heap
|
page read and write
|
||
|
1A14C0A1000
|
heap
|
page read and write
|
||
|
1A14BFAE000
|
heap
|
page read and write
|
||
|
575567E000
|
stack
|
page read and write
|
||
|
1A14C11D000
|
heap
|
page read and write
|
||
|
7DF400FE1000
|
trusted library allocation
|
page execute read
|
||
|
1A14BFAE000
|
heap
|
page read and write
|
||
|
1A14C150000
|
heap
|
page read and write
|
||
|
1A14A090000
|
heap
|
page read and write
|
||
|
1A14C0EC000
|
heap
|
page read and write
|
||
|
1A14C150000
|
heap
|
page read and write
|
||
|
1A14BFA5000
|
heap
|
page read and write
|
||
|
1A14C11D000
|
heap
|
page read and write
|
||
|
1A14BFAE000
|
heap
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14BFAE000
|
heap
|
page read and write
|
||
|
1A14EDC0000
|
heap
|
page read and write
|
||
|
1A14C0E3000
|
heap
|
page read and write
|
||
|
1A14C133000
|
heap
|
page read and write
|
||
|
1A14C12D000
|
heap
|
page read and write
|
||
|
1A14BFB7000
|
heap
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14E7F1000
|
heap
|
page read and write
|
||
|
1A14A06D000
|
heap
|
page read and write
|
||
|
5755317000
|
stack
|
page read and write
|
||
|
1A14BFAA000
|
heap
|
page read and write
|
||
|
1A14BF84000
|
heap
|
page read and write
|
||
|
1A14BF96000
|
heap
|
page read and write
|
||
|
1A14BFA6000
|
heap
|
page read and write
|
||
|
1A14A0B8000
|
heap
|
page read and write
|
||
|
1A14C07A000
|
heap
|
page read and write
|
||
|
1A14A08F000
|
heap
|
page read and write
|
There are 295 hidden memdumps, click here to show them.