Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s-part-0032.t-0009.t-msedge.net
|
13.107.246.60
|
||
|
time.windows.com
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
255E8E1D000
|
heap
|
page read and write
|
||
|
255E8CD7000
|
heap
|
page read and write
|
||
|
255E8CB8000
|
heap
|
page read and write
|
||
|
255E6CB9000
|
heap
|
page read and write
|
||
|
255E8E44000
|
heap
|
page read and write
|
||
|
255E8E8B000
|
heap
|
page read and write
|
||
|
255E8E54000
|
heap
|
page read and write
|
||
|
255E8DDA000
|
heap
|
page read and write
|
||
|
255E8CE6000
|
heap
|
page read and write
|
||
|
255E8E6A000
|
heap
|
page read and write
|
||
|
255E6D0E000
|
heap
|
page read and write
|
||
|
255E6CE4000
|
heap
|
page read and write
|
||
|
255E6CEB000
|
heap
|
page read and write
|
||
|
255E8CDB000
|
heap
|
page read and write
|
||
|
255E6CC4000
|
heap
|
page read and write
|
||
|
255E8CC5000
|
heap
|
page read and write
|
||
|
255E8E53000
|
heap
|
page read and write
|
||
|
255E8E44000
|
heap
|
page read and write
|
||
|
255E8DDA000
|
heap
|
page read and write
|
||
|
255E87CC000
|
heap
|
page read and write
|
||
|
255E8CDB000
|
heap
|
page read and write
|
||
|
255E8C90000
|
heap
|
page read and write
|
||
|
255E8E38000
|
heap
|
page read and write
|
||
|
255E8E5A000
|
heap
|
page read and write
|
||
|
255E8E22000
|
heap
|
page read and write
|
||
|
255E8E56000
|
heap
|
page read and write
|
||
|
85537A8000
|
stack
|
page read and write
|
||
|
255E8E40000
|
heap
|
page read and write
|
||
|
255E6CB9000
|
heap
|
page read and write
|
||
|
255E8DBA000
|
heap
|
page read and write
|
||
|
255E6CBF000
|
heap
|
page read and write
|
||
|
255E8CD7000
|
heap
|
page read and write
|
||
|
255E6CEA000
|
heap
|
page read and write
|
||
|
255E8E57000
|
heap
|
page read and write
|
||
|
255E6D1E000
|
heap
|
page read and write
|
||
|
255E8CC3000
|
heap
|
page read and write
|
||
|
255E8CCD000
|
heap
|
page read and write
|
||
|
255E8CC9000
|
heap
|
page read and write
|
||
|
255E8E3B000
|
heap
|
page read and write
|
||
|
255E8CBE000
|
heap
|
page read and write
|
||
|
255E8DE5000
|
heap
|
page read and write
|
||
|
255E8E26000
|
heap
|
page read and write
|
||
|
255E8CB9000
|
heap
|
page read and write
|
||
|
255E8E0A000
|
heap
|
page read and write
|
||
|
255E8CBA000
|
heap
|
page read and write
|
||
|
255E8DA4000
|
heap
|
page read and write
|
||
|
255E8CCD000
|
heap
|
page read and write
|
||
|
255E8CEC000
|
heap
|
page read and write
|
||
|
255E6CD6000
|
heap
|
page read and write
|
||
|
255E8CD7000
|
heap
|
page read and write
|
||
|
255E8DD1000
|
heap
|
page read and write
|
||
|
255E8CA5000
|
heap
|
page read and write
|
||
|
255E8E40000
|
heap
|
page read and write
|
||
|
255E8CD7000
|
heap
|
page read and write
|
||
|
255E8CBF000
|
heap
|
page read and write
|
||
|
255E8E63000
|
heap
|
page read and write
|
||
|
255E8CE6000
|
heap
|
page read and write
|
||
|
255E8E7D000
|
heap
|
page read and write
|
||
|
255E6CC1000
|
heap
|
page read and write
|
||
|
255E6CEB000
|
heap
|
page read and write
|
||
|
255E85F0000
|
heap
|
page read and write
|
||
|
255E6CAF000
|
heap
|
page read and write
|
||
|
255E8CAB000
|
heap
|
page read and write
|
||
|
255E6CF7000
|
heap
|
page read and write
|
||
|
255E8E2E000
|
heap
|
page read and write
|
||
|
255E6CCD000
|
heap
|
page read and write
|
||
|
255E8CBE000
|
heap
|
page read and write
|
||
|
255E6CBC000
|
heap
|
page read and write
|
||
|
255E8DC0000
|
heap
|
page read and write
|
||
|
255E6CC5000
|
heap
|
page read and write
|
||
|
255E8E3B000
|
heap
|
page read and write
|
||
|
255E8CC9000
|
heap
|
page read and write
|
||
|
255E8CC0000
|
heap
|
page read and write
|
||
|
255E8E7D000
|
heap
|
page read and write
|
||
|
255E8CDB000
|
heap
|
page read and write
|
||
|
255E8CCD000
|
heap
|
page read and write
|
||
|
255E8CC9000
|
heap
|
page read and write
|
||
|
255E8CC3000
|
heap
|
page read and write
|
||
|
255E8CDB000
|
heap
|
page read and write
|
||
|
255E8CE6000
|
heap
|
page read and write
|
||
|
255E8CE2000
|
heap
|
page read and write
|
||
|
255E8CD2000
|
heap
|
page read and write
|
||
|
255E8E26000
|
heap
|
page read and write
|
||
|
255E8D91000
|
heap
|
page read and write
|
||
|
8553C7E000
|
stack
|
page read and write
|
||
|
255E8CD2000
|
heap
|
page read and write
|
||
|
255E8E27000
|
heap
|
page read and write
|
||
|
8553CFB000
|
stack
|
page read and write
|
||
|
255E8E3B000
|
heap
|
page read and write
|
||
|
255E8E58000
|
heap
|
page read and write
|
||
|
255E8E6A000
|
heap
|
page read and write
|
||
|
255E6CB3000
|
heap
|
page read and write
|
||
|
255E8E7D000
|
heap
|
page read and write
|
||
|
255E8CCD000
|
heap
|
page read and write
|
||
|
255E8E6A000
|
heap
|
page read and write
|
||
|
255E8E58000
|
heap
|
page read and write
|
||
|
255E8CA0000
|
heap
|
page read and write
|
||
|
8553FFE000
|
stack
|
page read and write
|
||
|
255E8CC4000
|
heap
|
page read and write
|
||
|
255E8E63000
|
heap
|
page read and write
|
||
|
255E8CB7000
|
heap
|
page read and write
|
||
|
255E8E38000
|
heap
|
page read and write
|
||
|
255E8CE2000
|
heap
|
page read and write
|
||
|
255E8E40000
|
heap
|
page read and write
|
||
|
255E8CCE000
|
heap
|
page read and write
|
||
|
8553BFB000
|
stack
|
page read and write
|
||
|
255E8E63000
|
heap
|
page read and write
|
||
|
255E6CE0000
|
heap
|
page read and write
|
||
|
255E8E8B000
|
heap
|
page read and write
|
||
|
255E8CC9000
|
heap
|
page read and write
|
||
|
255E8CBB000
|
heap
|
page read and write
|
||
|
255E8CD2000
|
heap
|
page read and write
|
||
|
255E6CF2000
|
heap
|
page read and write
|
||
|
255E6CE2000
|
heap
|
page read and write
|
||
|
255E8E63000
|
heap
|
page read and write
|
||
|
255E8E22000
|
heap
|
page read and write
|
||
|
255E8E8B000
|
heap
|
page read and write
|
||
|
255E8E3B000
|
heap
|
page read and write
|
||
|
255E87C0000
|
heap
|
page read and write
|
||
|
255E8E22000
|
heap
|
page read and write
|
||
|
255E8CD8000
|
heap
|
page read and write
|
||
|
255E8DBC000
|
heap
|
page read and write
|
||
|
255E8E38000
|
heap
|
page read and write
|
||
|
255E6CE5000
|
heap
|
page read and write
|
||
|
255E8CD2000
|
heap
|
page read and write
|
||
|
255E8CBE000
|
heap
|
page read and write
|
||
|
255E8CC3000
|
heap
|
page read and write
|
||
|
255E8CD7000
|
heap
|
page read and write
|
||
|
255E8CCD000
|
heap
|
page read and write
|
||
|
255E6C9A000
|
heap
|
page read and write
|
||
|
255E8DE0000
|
heap
|
page read and write
|
||
|
255E8DC9000
|
heap
|
page read and write
|
||
|
255E8CE2000
|
heap
|
page read and write
|
||
|
255E8DD1000
|
heap
|
page read and write
|
||
|
255E8CE3000
|
heap
|
page read and write
|
||
|
255E6CB3000
|
heap
|
page read and write
|
||
|
255EB529000
|
heap
|
page read and write
|
||
|
255E6CBC000
|
heap
|
page read and write
|
||
|
255EB50A000
|
heap
|
page read and write
|
||
|
255E6CB3000
|
heap
|
page read and write
|
||
|
255E8CC3000
|
heap
|
page read and write
|
||
|
8553B7F000
|
stack
|
page read and write
|
||
|
255E8D90000
|
heap
|
page read and write
|
||
|
255E6CEB000
|
heap
|
page read and write
|
||
|
255E6CCE000
|
heap
|
page read and write
|
||
|
8553A7E000
|
stack
|
page read and write
|
||
|
255E8CDB000
|
heap
|
page read and write
|
||
|
255E6CAF000
|
heap
|
page read and write
|
||
|
255E8E2E000
|
heap
|
page read and write
|
||
|
255E6D30000
|
heap
|
page read and write
|
||
|
255E6E10000
|
heap
|
page read and write
|
||
|
255E8CC0000
|
heap
|
page read and write
|
||
|
255E8CD7000
|
heap
|
page read and write
|
||
|
255E8CE2000
|
heap
|
page read and write
|
||
|
255E8E7D000
|
heap
|
page read and write
|
||
|
255E8CC3000
|
heap
|
page read and write
|
||
|
255E8CCD000
|
heap
|
page read and write
|
||
|
255E6C99000
|
heap
|
page read and write
|
||
|
255E8E2E000
|
heap
|
page read and write
|
||
|
255E8E4E000
|
heap
|
page read and write
|
||
|
255E8E63000
|
heap
|
page read and write
|
||
|
255E8DBE000
|
heap
|
page read and write
|
||
|
255E8CD2000
|
heap
|
page read and write
|
||
|
255E8E26000
|
heap
|
page read and write
|
||
|
255E6CDF000
|
heap
|
page read and write
|
||
|
255E6CDD000
|
heap
|
page read and write
|
||
|
255E6D1C000
|
heap
|
page read and write
|
||
|
255E8CC9000
|
heap
|
page read and write
|
||
|
255E8CD2000
|
heap
|
page read and write
|
||
|
255E8CD2000
|
heap
|
page read and write
|
||
|
255E8CE7000
|
heap
|
page read and write
|
||
|
255E8E54000
|
heap
|
page read and write
|
||
|
255E8E2E000
|
heap
|
page read and write
|
||
|
255E8DB7000
|
heap
|
page read and write
|
||
|
255E8E3D000
|
heap
|
page read and write
|
||
|
255E8E6A000
|
heap
|
page read and write
|
||
|
255E8DE3000
|
heap
|
page read and write
|
||
|
8553AFD000
|
stack
|
page read and write
|
||
|
255E8E54000
|
heap
|
page read and write
|
||
|
255E8CDB000
|
heap
|
page read and write
|
||
|
255E8E54000
|
heap
|
page read and write
|
||
|
255E8CD3000
|
heap
|
page read and write
|
||
|
255E8E26000
|
heap
|
page read and write
|
||
|
255E8CAB000
|
heap
|
page read and write
|
||
|
255E8E8B000
|
heap
|
page read and write
|
||
|
255E8CE6000
|
heap
|
page read and write
|
||
|
255E8E26000
|
heap
|
page read and write
|
||
|
255E8D9A000
|
heap
|
page read and write
|
||
|
255E8CE6000
|
heap
|
page read and write
|
||
|
255E8CE2000
|
heap
|
page read and write
|
||
|
255E8E63000
|
heap
|
page read and write
|
||
|
255E8E8B000
|
heap
|
page read and write
|
||
|
255EB52B000
|
heap
|
page read and write
|
||
|
255E8E6A000
|
heap
|
page read and write
|
||
|
255E8CDB000
|
heap
|
page read and write
|
||
|
255E8E22000
|
heap
|
page read and write
|
||
|
255E87C5000
|
heap
|
page read and write
|
||
|
255E6CB3000
|
heap
|
page read and write
|
||
|
255E8CCA000
|
heap
|
page read and write
|
||
|
255E6C79000
|
heap
|
page read and write
|
||
|
255E8DC9000
|
heap
|
page read and write
|
||
|
255E8CAB000
|
heap
|
page read and write
|
||
|
255E8CCD000
|
heap
|
page read and write
|
||
|
255E6C29000
|
heap
|
page read and write
|
||
|
255E6CA0000
|
heap
|
page read and write
|
||
|
255E8CC3000
|
heap
|
page read and write
|
||
|
255E8CC3000
|
heap
|
page read and write
|
||
|
255E8E22000
|
heap
|
page read and write
|
||
|
255E6CC8000
|
heap
|
page read and write
|
||
|
255E6CA1000
|
heap
|
page read and write
|
||
|
255E6CED000
|
heap
|
page read and write
|
||
|
255E8DE1000
|
heap
|
page read and write
|
||
|
255E6CE4000
|
heap
|
page read and write
|
||
|
255E8DE4000
|
heap
|
page read and write
|
||
|
255E6C20000
|
heap
|
page read and write
|
||
|
255E8E2E000
|
heap
|
page read and write
|
||
|
255E8CB5000
|
heap
|
page read and write
|
||
|
255E8E38000
|
heap
|
page read and write
|
||
|
255E8DC2000
|
heap
|
page read and write
|
||
|
255E8DC9000
|
heap
|
page read and write
|
||
|
255E8CE6000
|
heap
|
page read and write
|
||
|
255E6CCA000
|
heap
|
page read and write
|
||
|
255E8CD7000
|
heap
|
page read and write
|
||
|
255E8E38000
|
heap
|
page read and write
|
||
|
255E8CB2000
|
heap
|
page read and write
|
||
|
255E8CD7000
|
heap
|
page read and write
|
||
|
255E8CBE000
|
heap
|
page read and write
|
||
|
255E8E2E000
|
heap
|
page read and write
|
||
|
255E87CD000
|
heap
|
page read and write
|
||
|
255E8E58000
|
heap
|
page read and write
|
||
|
255E8E40000
|
heap
|
page read and write
|
||
|
255E8CE2000
|
heap
|
page read and write
|
||
|
255E8E19000
|
heap
|
page read and write
|
||
|
255E8E1C000
|
heap
|
page read and write
|
||
|
255E8CDE000
|
heap
|
page read and write
|
||
|
255E8E0D000
|
heap
|
page read and write
|
||
|
255E8700000
|
heap
|
page read and write
|
||
|
255E8CE6000
|
heap
|
page read and write
|
||
|
255E8CB9000
|
heap
|
page read and write
|
||
|
255E8E1C000
|
heap
|
page read and write
|
||
|
255E8E2E000
|
heap
|
page read and write
|
||
|
255E6CC7000
|
heap
|
page read and write
|
||
|
255E6CC7000
|
heap
|
page read and write
|
||
|
255E8CD7000
|
heap
|
page read and write
|
||
|
255E8CE2000
|
heap
|
page read and write
|
||
|
255E8E6A000
|
heap
|
page read and write
|
||
|
255E8CDB000
|
heap
|
page read and write
|
||
|
255E8CA0000
|
heap
|
page read and write
|
||
|
255E6CF2000
|
heap
|
page read and write
|
||
|
255E8DDA000
|
heap
|
page read and write
|
||
|
255EB9E0000
|
heap
|
page read and write
|
||
|
255E8E38000
|
heap
|
page read and write
|
||
|
255E6CCB000
|
heap
|
page read and write
|
||
|
255E8CDB000
|
heap
|
page read and write
|
||
|
255EAEE0000
|
trusted library allocation
|
page read and write
|
||
|
255E8CD7000
|
heap
|
page read and write
|
||
|
255E6CE2000
|
heap
|
page read and write
|
||
|
255E6CE7000
|
heap
|
page read and write
|
||
|
255E8CBA000
|
heap
|
page read and write
|
||
|
255E8CD2000
|
heap
|
page read and write
|
||
|
255E6CB9000
|
heap
|
page read and write
|
||
|
255E8E7D000
|
heap
|
page read and write
|
||
|
255EB4F0000
|
heap
|
page read and write
|
||
|
255E8CA0000
|
heap
|
page read and write
|
||
|
255E8CE2000
|
heap
|
page read and write
|
||
|
8553EFB000
|
stack
|
page read and write
|
||
|
255E8E8B000
|
heap
|
page read and write
|
||
|
255E8CD7000
|
heap
|
page read and write
|
||
|
255E8E38000
|
heap
|
page read and write
|
||
|
255E8CB3000
|
heap
|
page read and write
|
||
|
255E8E41000
|
heap
|
page read and write
|
||
|
255E8E26000
|
heap
|
page read and write
|
||
|
255E8CE6000
|
heap
|
page read and write
|
||
|
255E6CB9000
|
heap
|
page read and write
|
||
|
255E8DB0000
|
heap
|
page read and write
|
||
|
255E8D98000
|
heap
|
page read and write
|
||
|
255E8E59000
|
heap
|
page read and write
|
||
|
255E6CCD000
|
heap
|
page read and write
|
||
|
255E8CC6000
|
heap
|
page read and write
|
||
|
255E6C31000
|
heap
|
page read and write
|
||
|
255E6CEB000
|
heap
|
page read and write
|
||
|
255E8CEC000
|
heap
|
page read and write
|
||
|
255EB51D000
|
heap
|
page read and write
|
||
|
255E8E7D000
|
heap
|
page read and write
|
||
|
255E8DAB000
|
heap
|
page read and write
|
||
|
255E8E22000
|
heap
|
page read and write
|
There are 276 hidden memdumps, click here to show them.