Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
17493715000
|
heap
|
page read and write
|
||
|
1749373F000
|
heap
|
page read and write
|
||
|
1749371B000
|
heap
|
page read and write
|
||
|
17493729000
|
heap
|
page read and write
|
||
|
1749373A000
|
heap
|
page read and write
|
||
|
1749188F000
|
heap
|
page read and write
|
||
|
174938AE000
|
heap
|
page read and write
|
||
|
17491860000
|
heap
|
page read and write
|
||
|
1749371A000
|
heap
|
page read and write
|
||
|
17491770000
|
heap
|
page read and write
|
||
|
17493807000
|
heap
|
page read and write
|
||
|
17493729000
|
heap
|
page read and write
|
||
|
174931EA000
|
heap
|
page read and write
|
||
|
A31F47000
|
stack
|
page read and write
|
||
|
17493733000
|
heap
|
page read and write
|
||
|
174937F3000
|
heap
|
page read and write
|
||
|
17493871000
|
heap
|
page read and write
|
||
|
17493705000
|
heap
|
page read and write
|
||
|
174930F0000
|
heap
|
page read and write
|
||
|
1749373A000
|
heap
|
page read and write
|
||
|
1749372F000
|
heap
|
page read and write
|
||
|
17493814000
|
heap
|
page read and write
|
||
|
1749188F000
|
heap
|
page read and write
|
||
|
1749371E000
|
heap
|
page read and write
|
||
|
17493724000
|
heap
|
page read and write
|
||
|
1749370F000
|
heap
|
page read and write
|
||
|
174936F4000
|
heap
|
page read and write
|
||
|
174937EA000
|
heap
|
page read and write
|
||
|
1749372F000
|
heap
|
page read and write
|
||
|
1749371E000
|
heap
|
page read and write
|
||
|
17491878000
|
heap
|
page read and write
|
||
|
17496137000
|
heap
|
page read and write
|
||
|
17493814000
|
heap
|
page read and write
|
||
|
17491883000
|
heap
|
page read and write
|
||
|
174938B5000
|
heap
|
page read and write
|
||
|
17493889000
|
heap
|
page read and write
|
||
|
17493831000
|
heap
|
page read and write
|
||
|
174938A9000
|
heap
|
page read and write
|
||
|
174918B2000
|
heap
|
page read and write
|
||
|
1749388E000
|
heap
|
page read and write
|
||
|
17496138000
|
heap
|
page read and write
|
||
|
17491892000
|
heap
|
page read and write
|
||
|
17493729000
|
heap
|
page read and write
|
||
|
17491878000
|
heap
|
page read and write
|
||
|
17493883000
|
heap
|
page read and write
|
||
|
1749371A000
|
heap
|
page read and write
|
||
|
174918BD000
|
heap
|
page read and write
|
||
|
17493724000
|
heap
|
page read and write
|
||
|
17493871000
|
heap
|
page read and write
|
||
|
17493715000
|
heap
|
page read and write
|
||
|
17491888000
|
heap
|
page read and write
|
||
|
1749188D000
|
heap
|
page read and write
|
||
|
1749372F000
|
heap
|
page read and write
|
||
|
174936E0000
|
heap
|
page read and write
|
||
|
174938AC000
|
heap
|
page read and write
|
||
|
174938CC000
|
heap
|
page read and write
|
||
|
17493836000
|
heap
|
page read and write
|
||
|
17493724000
|
heap
|
page read and write
|
||
|
1749185D000
|
heap
|
page read and write
|
||
|
1749372F000
|
heap
|
page read and write
|
||
|
17496115000
|
heap
|
page read and write
|
||
|
174918BE000
|
heap
|
page read and write
|
||
|
17493060000
|
heap
|
page read and write
|
||
|
1749386A000
|
heap
|
page read and write
|
||
|
174936FB000
|
heap
|
page read and write
|
||
|
174936F0000
|
heap
|
page read and write
|
||
|
174937E2000
|
heap
|
page read and write
|
||
|
17493803000
|
heap
|
page read and write
|
||
|
17493721000
|
heap
|
page read and write
|
||
|
1749370F000
|
heap
|
page read and write
|
||
|
17491851000
|
heap
|
page read and write
|
||
|
A3237B000
|
stack
|
page read and write
|
||
|
17493724000
|
heap
|
page read and write
|
||
|
1749381C000
|
heap
|
page read and write
|
||
|
17493832000
|
heap
|
page read and write
|
||
|
17491894000
|
heap
|
page read and write
|
||
|
17491878000
|
heap
|
page read and write
|
||
|
A3277B000
|
stack
|
page read and write
|
||
|
A324FB000
|
stack
|
page read and write
|
||
|
17493724000
|
heap
|
page read and write
|
||
|
1749371E000
|
heap
|
page read and write
|
||
|
17493878000
|
heap
|
page read and write
|
||
|
1749185D000
|
heap
|
page read and write
|
||
|
17496110000
|
heap
|
page read and write
|
||
|
174936F8000
|
heap
|
page read and write
|
||
|
174937E0000
|
heap
|
page read and write
|
||
|
17493715000
|
heap
|
page read and write
|
||
|
174936F1000
|
heap
|
page read and write
|
||
|
17493836000
|
heap
|
page read and write
|
||
|
17491883000
|
heap
|
page read and write
|
||
|
174917C0000
|
heap
|
page read and write
|
||
|
174931EB000
|
heap
|
page read and write
|
||
|
17493820000
|
heap
|
page read and write
|
||
|
17496129000
|
heap
|
page read and write
|
||
|
1749187C000
|
heap
|
page read and write
|
||
|
17493705000
|
heap
|
page read and write
|
||
|
17493724000
|
heap
|
page read and write
|
||
|
1749612F000
|
heap
|
page read and write
|
||
|
17491897000
|
heap
|
page read and write
|
||
|
17493715000
|
heap
|
page read and write
|
||
|
174937EB000
|
heap
|
page read and write
|
||
|
17493828000
|
heap
|
page read and write
|
||
|
17491874000
|
heap
|
page read and write
|
||
|
A323FD000
|
stack
|
page read and write
|
||
|
17493726000
|
heap
|
page read and write
|
||
|
1749371A000
|
heap
|
page read and write
|
||
|
17491889000
|
heap
|
page read and write
|
||
|
17493712000
|
heap
|
page read and write
|
||
|
1749370F000
|
heap
|
page read and write
|
||
|
1749386A000
|
heap
|
page read and write
|
||
|
17493729000
|
heap
|
page read and write
|
||
|
1749371E000
|
heap
|
page read and write
|
||
|
1749371A000
|
heap
|
page read and write
|
||
|
17491874000
|
heap
|
page read and write
|
||
|
17491856000
|
heap
|
page read and write
|
||
|
17491868000
|
heap
|
page read and write
|
||
|
17493801000
|
heap
|
page read and write
|
||
|
17493712000
|
heap
|
page read and write
|
||
|
1749370F000
|
heap
|
page read and write
|
||
|
17491690000
|
heap
|
page read and write
|
||
|
17493733000
|
heap
|
page read and write
|
||
|
1749371E000
|
heap
|
page read and write
|
||
|
174938A9000
|
heap
|
page read and write
|
||
|
17493729000
|
heap
|
page read and write
|
||
|
1749371E000
|
heap
|
page read and write
|
||
|
1749373C000
|
heap
|
page read and write
|
||
|
A322FE000
|
stack
|
page read and write
|
||
|
A326FD000
|
stack
|
page read and write
|
||
|
174938B5000
|
heap
|
page read and write
|
||
|
17491878000
|
heap
|
page read and write
|
||
|
1749371A000
|
heap
|
page read and write
|
||
|
17493704000
|
heap
|
page read and write
|
||
|
17493729000
|
heap
|
page read and write
|
||
|
17493724000
|
heap
|
page read and write
|
||
|
1749612D000
|
heap
|
page read and write
|
||
|
17493878000
|
heap
|
page read and write
|
||
|
174931E0000
|
heap
|
page read and write
|
||
|
17493710000
|
heap
|
page read and write
|
||
|
17493878000
|
heap
|
page read and write
|
||
|
17493729000
|
heap
|
page read and write
|
||
|
174938A9000
|
heap
|
page read and write
|
||
|
1749371E000
|
heap
|
page read and write
|
||
|
17493820000
|
heap
|
page read and write
|
||
|
17493895000
|
heap
|
page read and write
|
||
|
17493878000
|
heap
|
page read and write
|
||
|
17493729000
|
heap
|
page read and write
|
||
|
1749370C000
|
heap
|
page read and write
|
||
|
17493736000
|
heap
|
page read and write
|
||
|
1749613A000
|
heap
|
page read and write
|
||
|
17493879000
|
heap
|
page read and write
|
||
|
17493733000
|
heap
|
page read and write
|
||
|
17493733000
|
heap
|
page read and write
|
||
|
17496132000
|
heap
|
page read and write
|
||
|
17493871000
|
heap
|
page read and write
|
||
|
17493814000
|
heap
|
page read and write
|
||
|
17493740000
|
heap
|
page read and write
|
||
|
174938A9000
|
heap
|
page read and write
|
||
|
1749370B000
|
heap
|
page read and write
|
||
|
17493895000
|
heap
|
page read and write
|
||
|
1749371E000
|
heap
|
page read and write
|
||
|
17493805000
|
heap
|
page read and write
|
||
|
17491872000
|
heap
|
page read and write
|
||
|
174918AA000
|
heap
|
page read and write
|
||
|
1749613F000
|
heap
|
page read and write
|
||
|
17491882000
|
heap
|
page read and write
|
||
|
17495930000
|
trusted library allocation
|
page read and write
|
||
|
1749183A000
|
heap
|
page read and write
|
||
|
1749372B000
|
heap
|
page read and write
|
||
|
1749380D000
|
heap
|
page read and write
|
||
|
17493878000
|
heap
|
page read and write
|
||
|
17493733000
|
heap
|
page read and write
|
||
|
17493895000
|
heap
|
page read and write
|
||
|
174917C8000
|
heap
|
page read and write
|
||
|
17491877000
|
heap
|
page read and write
|
||
|
17493809000
|
heap
|
page read and write
|
||
|
17491856000
|
heap
|
page read and write
|
||
|
17493827000
|
heap
|
page read and write
|
||
|
17493871000
|
heap
|
page read and write
|
||
|
17493702000
|
heap
|
page read and write
|
||
|
1749371E000
|
heap
|
page read and write
|
||
|
1749188F000
|
heap
|
page read and write
|
||
|
17493897000
|
heap
|
page read and write
|
||
|
17493871000
|
heap
|
page read and write
|
||
|
1749370A000
|
heap
|
page read and write
|
||
|
17493733000
|
heap
|
page read and write
|
||
|
1749371E000
|
heap
|
page read and write
|
||
|
17493709000
|
heap
|
page read and write
|
||
|
1749380B000
|
heap
|
page read and write
|
||
|
17496360000
|
heap
|
page read and write
|
||
|
17491867000
|
heap
|
page read and write
|
||
|
174936F5000
|
heap
|
page read and write
|
||
|
1749380C000
|
heap
|
page read and write
|
||
|
174918B2000
|
heap
|
page read and write
|
||
|
17493715000
|
heap
|
page read and write
|
||
|
17491856000
|
heap
|
page read and write
|
||
|
17493729000
|
heap
|
page read and write
|
||
|
17491875000
|
heap
|
page read and write
|
||
|
17493705000
|
heap
|
page read and write
|
||
|
1749381B000
|
heap
|
page read and write
|
||
|
A3227E000
|
stack
|
page read and write
|
||
|
17493730000
|
heap
|
page read and write
|
||
|
174918AF000
|
heap
|
page read and write
|
||
|
17493729000
|
heap
|
page read and write
|
||
|
17493820000
|
heap
|
page read and write
|
||
|
17493724000
|
heap
|
page read and write
|
||
|
17493724000
|
heap
|
page read and write
|
||
|
17493884000
|
heap
|
page read and write
|
||
|
1749372F000
|
heap
|
page read and write
|
||
|
A3247E000
|
stack
|
page read and write
|
||
|
17496132000
|
heap
|
page read and write
|
||
|
1749372F000
|
heap
|
page read and write
|
||
|
17493708000
|
heap
|
page read and write
|
||
|
1749188D000
|
heap
|
page read and write
|
||
|
17496132000
|
heap
|
page read and write
|
||
|
17493724000
|
heap
|
page read and write
|
||
|
17493878000
|
heap
|
page read and write
|
||
|
174937F7000
|
heap
|
page read and write
|
||
|
174938B2000
|
heap
|
page read and write
|
||
|
17496120000
|
heap
|
page read and write
|
||
|
17493712000
|
heap
|
page read and write
|
||
|
A31FCE000
|
stack
|
page read and write
|
||
|
174937FF000
|
heap
|
page read and write
|
||
|
174936FB000
|
heap
|
page read and write
|
||
|
1749372F000
|
heap
|
page read and write
|
||
|
17493715000
|
heap
|
page read and write
|
||
|
174931E5000
|
heap
|
page read and write
|
||
|
17493715000
|
heap
|
page read and write
|
||
|
17491874000
|
heap
|
page read and write
|
||
|
174936FB000
|
heap
|
page read and write
|
||
|
1749371E000
|
heap
|
page read and write
|
||
|
1749386B000
|
heap
|
page read and write
|
||
|
17491878000
|
heap
|
page read and write
|
||
|
17493871000
|
heap
|
page read and write
|
||
|
1749371E000
|
heap
|
page read and write
|
||
|
17493729000
|
heap
|
page read and write
|
||
|
1749187B000
|
heap
|
page read and write
|
||
|
1749371A000
|
heap
|
page read and write
|
||
|
1749185D000
|
heap
|
page read and write
|
There are 228 hidden memdumps, click here to show them.