Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2CB54A7E000
|
heap
|
page read and write
|
||
|
2CB56A8F000
|
heap
|
page read and write
|
||
|
2CB54A79000
|
heap
|
page read and write
|
||
|
2CB569E3000
|
heap
|
page read and write
|
||
|
2CB54980000
|
heap
|
page read and write
|
||
|
2CB56A85000
|
heap
|
page read and write
|
||
|
2CB56A90000
|
heap
|
page read and write
|
||
|
2CB56A9E000
|
heap
|
page read and write
|
||
|
2CB54910000
|
heap
|
page read and write
|
||
|
2CB56A95000
|
heap
|
page read and write
|
||
|
2CB56A3B000
|
heap
|
page read and write
|
||
|
2CB56A8F000
|
heap
|
page read and write
|
||
|
2CB56AA9000
|
heap
|
page read and write
|
||
|
2CB56AAB000
|
heap
|
page read and write
|
||
|
2CB56A9A000
|
heap
|
page read and write
|
||
|
2CB54A2D000
|
heap
|
page read and write
|
||
|
2CB54A79000
|
heap
|
page read and write
|
||
|
2CB56345000
|
heap
|
page read and write
|
||
|
2CB56A3D000
|
heap
|
page read and write
|
||
|
2CB54A1D000
|
heap
|
page read and write
|
||
|
2CB54A75000
|
heap
|
page read and write
|
||
|
2CB56ABF000
|
heap
|
page read and write
|
||
|
2CB56ABB000
|
heap
|
page read and write
|
||
|
2CB569ED000
|
heap
|
page read and write
|
||
|
2CB56AB0000
|
heap
|
page read and write
|
||
|
2CB56A74000
|
heap
|
page read and write
|
||
|
2CB54A2B000
|
heap
|
page read and write
|
||
|
2CB56A9A000
|
heap
|
page read and write
|
||
|
2CB56AB3000
|
heap
|
page read and write
|
||
|
2CB54A2B000
|
heap
|
page read and write
|
||
|
2CB54A49000
|
heap
|
page read and write
|
||
|
2CB56A92000
|
heap
|
page read and write
|
||
|
2CB569BE000
|
heap
|
page read and write
|
||
|
2CB56AA4000
|
heap
|
page read and write
|
||
|
2CB569B7000
|
heap
|
page read and write
|
||
|
2CB56A46000
|
heap
|
page read and write
|
||
|
2CB56A7B000
|
heap
|
page read and write
|
||
|
2CB56A8C000
|
heap
|
page read and write
|
||
|
2CB590A0000
|
heap
|
page read and write
|
||
|
2CB569C0000
|
heap
|
page read and write
|
||
|
2CB54A2A000
|
heap
|
page read and write
|
||
|
2CB56960000
|
heap
|
page read and write
|
||
|
2CB54A7B000
|
heap
|
page read and write
|
||
|
D34EA7E000
|
stack
|
page read and write
|
||
|
2CB56A9E000
|
heap
|
page read and write
|
||
|
2CB56A9E000
|
heap
|
page read and write
|
||
|
2CB54A79000
|
heap
|
page read and write
|
||
|
2CB569D0000
|
heap
|
page read and write
|
||
|
2CB56A82000
|
heap
|
page read and write
|
||
|
2CB56AA1000
|
heap
|
page read and write
|
||
|
2CB590CD000
|
heap
|
page read and write
|
||
|
2CB56A46000
|
heap
|
page read and write
|
||
|
2CB569D4000
|
heap
|
page read and write
|
||
|
2CB56A84000
|
heap
|
page read and write
|
||
|
2CB56A96000
|
heap
|
page read and write
|
||
|
2CB56A9A000
|
heap
|
page read and write
|
||
|
2CB590F1000
|
heap
|
page read and write
|
||
|
2CB56A9B000
|
heap
|
page read and write
|
||
|
2CB54A29000
|
heap
|
page read and write
|
||
|
2CB56A89000
|
heap
|
page read and write
|
||
|
2CB56A2D000
|
heap
|
page read and write
|
||
|
2CB56AA5000
|
heap
|
page read and write
|
||
|
2CB54A0C000
|
heap
|
page read and write
|
||
|
2CB54A53000
|
heap
|
page read and write
|
||
|
2CB56A9E000
|
heap
|
page read and write
|
||
|
2CB56AA6000
|
heap
|
page read and write
|
||
|
2CB569D2000
|
heap
|
page read and write
|
||
|
D34EF7D000
|
stack
|
page read and write
|
||
|
2CB56A2F000
|
heap
|
page read and write
|
||
|
2CB56A31000
|
heap
|
page read and write
|
||
|
2CB56A9E000
|
heap
|
page read and write
|
||
|
D34E787000
|
stack
|
page read and write
|
||
|
2CB569D2000
|
heap
|
page read and write
|
||
|
2CB590CC000
|
heap
|
page read and write
|
||
|
2CB54A19000
|
heap
|
page read and write
|
||
|
2CB56A5D000
|
heap
|
page read and write
|
||
|
2CB569A9000
|
heap
|
page read and write
|
||
|
2CB54A69000
|
heap
|
page read and write
|
||
|
2CB569D2000
|
heap
|
page read and write
|
||
|
2CB569DB000
|
heap
|
page read and write
|
||
|
2CB569ED000
|
heap
|
page read and write
|
||
|
2CB56AA9000
|
heap
|
page read and write
|
||
|
D34EAFE000
|
stack
|
page read and write
|
||
|
2CB56A9E000
|
heap
|
page read and write
|
||
|
2CB569C8000
|
heap
|
page read and write
|
||
|
2CB56A5D000
|
heap
|
page read and write
|
||
|
2CB56AA9000
|
heap
|
page read and write
|
||
|
2CB5634A000
|
heap
|
page read and write
|
||
|
2CB569C0000
|
heap
|
page read and write
|
||
|
2CB56AA9000
|
heap
|
page read and write
|
||
|
2CB569D4000
|
heap
|
page read and write
|
||
|
2CB54A09000
|
heap
|
page read and write
|
||
|
2CB569ED000
|
heap
|
page read and write
|
||
|
2CB56AAB000
|
heap
|
page read and write
|
||
|
2CB56A95000
|
heap
|
page read and write
|
||
|
2CB54A7D000
|
heap
|
page read and write
|
||
|
2CB569ED000
|
heap
|
page read and write
|
||
|
2CB56A46000
|
heap
|
page read and write
|
||
|
2CB56AAE000
|
heap
|
page read and write
|
||
|
2CB56A95000
|
heap
|
page read and write
|
||
|
2CB54A7E000
|
heap
|
page read and write
|
||
|
2CB56A46000
|
heap
|
page read and write
|
||
|
2CB56AAE000
|
heap
|
page read and write
|
||
|
2CB56A52000
|
heap
|
page read and write
|
||
|
2CB56A2D000
|
heap
|
page read and write
|
||
|
2CB56A2D000
|
heap
|
page read and write
|
||
|
D34EB7F000
|
stack
|
page read and write
|
||
|
2CB56A5D000
|
heap
|
page read and write
|
||
|
2CB54920000
|
heap
|
page read and write
|
||
|
D34EBFC000
|
stack
|
page read and write
|
||
|
2CB590AF000
|
heap
|
page read and write
|
||
|
2CB569E3000
|
heap
|
page read and write
|
||
|
2CB56A37000
|
heap
|
page read and write
|
||
|
2CB56AA9000
|
heap
|
page read and write
|
||
|
2CB54A79000
|
heap
|
page read and write
|
||
|
2CB54A39000
|
heap
|
page read and write
|
||
|
2CB569D0000
|
heap
|
page read and write
|
||
|
2CB5B470000
|
heap
|
page readonly
|
||
|
2CB54A7A000
|
heap
|
page read and write
|
||
|
2CB590E0000
|
heap
|
page read and write
|
||
|
2CB56A5D000
|
heap
|
page read and write
|
||
|
2CB56AA4000
|
heap
|
page read and write
|
||
|
2CB590FA000
|
heap
|
page read and write
|
||
|
2CB56AAE000
|
heap
|
page read and write
|
||
|
2CB569DB000
|
heap
|
page read and write
|
||
|
2CB56AB3000
|
heap
|
page read and write
|
||
|
2CB54A3A000
|
heap
|
page read and write
|
||
|
2CB56AA9000
|
heap
|
page read and write
|
||
|
2CB56A71000
|
heap
|
page read and write
|
||
|
2CB56AA4000
|
heap
|
page read and write
|
||
|
2CB54A3E000
|
heap
|
page read and write
|
||
|
2CB56A49000
|
heap
|
page read and write
|
||
|
2CB56AA5000
|
heap
|
page read and write
|
||
|
2CB56AA9000
|
heap
|
page read and write
|
||
|
2CB56AA9000
|
heap
|
page read and write
|
||
|
2CB56A95000
|
heap
|
page read and write
|
||
|
2CB569E3000
|
heap
|
page read and write
|
||
|
2CB56AB3000
|
heap
|
page read and write
|
||
|
2CB56520000
|
heap
|
page read and write
|
||
|
D34ECFE000
|
stack
|
page read and write
|
||
|
2CB569E5000
|
heap
|
page read and write
|
||
|
2CB569A3000
|
heap
|
page read and write
|
||
|
2CB54A58000
|
heap
|
page read and write
|
||
|
2CB56A52000
|
heap
|
page read and write
|
||
|
2CB54A2D000
|
heap
|
page read and write
|
||
|
2CB56A8F000
|
heap
|
page read and write
|
||
|
2CB590EA000
|
heap
|
page read and write
|
||
|
2CB56A75000
|
heap
|
page read and write
|
||
|
2CB569E3000
|
heap
|
page read and write
|
||
|
2CB54A4B000
|
heap
|
page read and write
|
||
|
2CB54A29000
|
heap
|
page read and write
|
||
|
2CB56A9E000
|
heap
|
page read and write
|
||
|
2CB54A11000
|
heap
|
page read and write
|
||
|
2CB56A85000
|
heap
|
page read and write
|
||
|
2CB56AA5000
|
heap
|
page read and write
|
||
|
2CB56A9E000
|
heap
|
page read and write
|
||
|
2CB56A88000
|
heap
|
page read and write
|
||
|
2CB590FC000
|
heap
|
page read and write
|
||
|
2CB56A92000
|
heap
|
page read and write
|
||
|
2CB56A95000
|
heap
|
page read and write
|
||
|
2CB569BE000
|
heap
|
page read and write
|
||
|
2CB56A7B000
|
heap
|
page read and write
|
||
|
2CB56A8F000
|
heap
|
page read and write
|
||
|
2CB56AB6000
|
heap
|
page read and write
|
||
|
D34EC7E000
|
stack
|
page read and write
|
||
|
2CB54A49000
|
heap
|
page read and write
|
||
|
2CB56A8B000
|
heap
|
page read and write
|
||
|
2CB56A95000
|
heap
|
page read and write
|
||
|
2CB54A5A000
|
heap
|
page read and write
|
||
|
2CB56A85000
|
heap
|
page read and write
|
||
|
2CB569DB000
|
heap
|
page read and write
|
||
|
2CB56ABA000
|
heap
|
page read and write
|
||
|
2CB56A22000
|
heap
|
page read and write
|
||
|
2CB54A2B000
|
heap
|
page read and write
|
||
|
7DF4B50D1000
|
trusted library allocation
|
page execute read
|
||
|
2CB590E7000
|
heap
|
page read and write
|
||
|
2CB56A3D000
|
heap
|
page read and write
|
||
|
2CB56A34000
|
heap
|
page read and write
|
||
|
2CB56A95000
|
heap
|
page read and write
|
||
|
2CB569ED000
|
heap
|
page read and write
|
||
|
2CB54A19000
|
heap
|
page read and write
|
||
|
2CB56AA9000
|
heap
|
page read and write
|
||
|
2CB56A8A000
|
heap
|
page read and write
|
||
|
2CB56AAF000
|
heap
|
page read and write
|
||
|
2CB56A60000
|
heap
|
page read and write
|
||
|
2CB56A33000
|
heap
|
page read and write
|
||
|
2CB56A8F000
|
heap
|
page read and write
|
||
|
2CB569D0000
|
heap
|
page read and write
|
||
|
2CB56AB3000
|
heap
|
page read and write
|
||
|
2CB549F2000
|
heap
|
page read and write
|
||
|
2CB569E5000
|
heap
|
page read and write
|
||
|
2CB54A2C000
|
heap
|
page read and write
|
||
|
2CB54A7E000
|
heap
|
page read and write
|
||
|
2CB590A2000
|
heap
|
page read and write
|
||
|
2CB54A11000
|
heap
|
page read and write
|
||
|
2CB569E5000
|
heap
|
page read and write
|
||
|
D34ED7B000
|
stack
|
page read and write
|
||
|
2CB54A09000
|
heap
|
page read and write
|
||
|
2CB56A9E000
|
heap
|
page read and write
|
||
|
2CB569B5000
|
heap
|
page read and write
|
||
|
2CB56A70000
|
heap
|
page read and write
|
||
|
2CB56A9A000
|
heap
|
page read and write
|
||
|
2CB54A19000
|
heap
|
page read and write
|
||
|
2CB54A28000
|
heap
|
page read and write
|
||
|
2CB58BB0000
|
trusted library allocation
|
page read and write
|
||
|
2CB56A43000
|
heap
|
page read and write
|
||
|
2CB569C8000
|
heap
|
page read and write
|
||
|
2CB56A8F000
|
heap
|
page read and write
|
||
|
2CB56A50000
|
heap
|
page read and write
|
||
|
2CB56A9A000
|
heap
|
page read and write
|
||
|
2CB590EF000
|
heap
|
page read and write
|
||
|
2CB56A7B000
|
heap
|
page read and write
|
||
|
2CB56A95000
|
heap
|
page read and write
|
||
|
2CB54A47000
|
heap
|
page read and write
|
||
|
2CB59590000
|
trusted library allocation
|
page read and write
|
||
|
2CB56AA4000
|
heap
|
page read and write
|
||
|
2CB54A3A000
|
heap
|
page read and write
|
||
|
2CB56A2D000
|
heap
|
page read and write
|
||
|
2CB56A90000
|
heap
|
page read and write
|
||
|
2CB56A43000
|
heap
|
page read and write
|
||
|
2CB56AB3000
|
heap
|
page read and write
|
||
|
2CB56A92000
|
heap
|
page read and write
|
||
|
2CB56AA4000
|
heap
|
page read and write
|
||
|
2CB54A39000
|
heap
|
page read and write
|
||
|
2CB569D4000
|
heap
|
page read and write
|
||
|
2CB590EC000
|
heap
|
page read and write
|
||
|
2CB56ABF000
|
heap
|
page read and write
|
||
|
2CB56A01000
|
heap
|
page read and write
|
||
|
2CB56AAE000
|
heap
|
page read and write
|
||
|
2CB56A04000
|
heap
|
page read and write
|
||
|
2CB54A3D000
|
heap
|
page read and write
|
||
|
2CB56A91000
|
heap
|
page read and write
|
||
|
2CB569B2000
|
heap
|
page read and write
|
||
|
2CB5634B000
|
heap
|
page read and write
|
||
|
2CB54A1E000
|
heap
|
page read and write
|
||
|
2CB54A2E000
|
heap
|
page read and write
|
||
|
2CB56340000
|
heap
|
page read and write
|
||
|
2CB569DB000
|
heap
|
page read and write
|
||
|
2CB569C8000
|
heap
|
page read and write
|
||
|
2CB569A2000
|
heap
|
page read and write
|
||
|
2CB569AD000
|
heap
|
page read and write
|
||
|
D34EFFB000
|
stack
|
page read and write
|
||
|
2CB56A46000
|
heap
|
page read and write
|
||
|
2CB590D5000
|
heap
|
page read and write
|
||
|
2CB56A9A000
|
heap
|
page read and write
|
||
|
2CB56AA5000
|
heap
|
page read and write
|
||
|
2CB54A43000
|
heap
|
page read and write
|
||
|
2CB54A58000
|
heap
|
page read and write
|
||
|
2CB56AAE000
|
heap
|
page read and write
|
||
|
2CB56AA9000
|
heap
|
page read and write
|
||
|
2CB56AA9000
|
heap
|
page read and write
|
||
|
2CB54A3F000
|
heap
|
page read and write
|
||
|
2CB54960000
|
heap
|
page read and write
|
||
|
2CB56AB3000
|
heap
|
page read and write
|
||
|
2CB56AA4000
|
heap
|
page read and write
|
||
|
2CB56AA9000
|
heap
|
page read and write
|
||
|
2CB54A4E000
|
heap
|
page read and write
|
||
|
2CB54A57000
|
heap
|
page read and write
|
||
|
2CB56A78000
|
heap
|
page read and write
|
||
|
2CB590C0000
|
heap
|
page read and write
|
||
|
2CB56A30000
|
heap
|
page read and write
|
||
|
2CB56A8F000
|
heap
|
page read and write
|
||
|
2CB596F0000
|
heap
|
page read and write
|
||
|
2CB56A97000
|
heap
|
page read and write
|
||
|
2CB56AAF000
|
heap
|
page read and write
|
||
|
2CB56A2D000
|
heap
|
page read and write
|
||
|
2CB56A5D000
|
heap
|
page read and write
|
There are 257 hidden memdumps, click here to show them.