Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
There are 8 hidden registries, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
1D7B6EB6000
|
heap
|
page read and write
|
||
1D7B8CD0000
|
heap
|
page read and write
|
||
1D7B6EEB000
|
heap
|
page read and write
|
||
1D7B8EA3000
|
heap
|
page read and write
|
||
1D7B8E71000
|
heap
|
page read and write
|
||
1D7B8E83000
|
heap
|
page read and write
|
||
1D7B8D1A000
|
heap
|
page read and write
|
||
1D7B8CEF000
|
heap
|
page read and write
|
||
1D7B8CE8000
|
heap
|
page read and write
|
||
1D7B8CD6000
|
heap
|
page read and write
|
||
1D7B8CFF000
|
heap
|
page read and write
|
||
1D7B8E63000
|
heap
|
page read and write
|
||
5C2B8FF000
|
stack
|
page read and write
|
||
1D7B8D0E000
|
heap
|
page read and write
|
||
1D7B8D13000
|
heap
|
page read and write
|
||
1D7B8CEF000
|
heap
|
page read and write
|
||
1D7B6EC5000
|
heap
|
page read and write
|
||
1D7B6EE4000
|
heap
|
page read and write
|
||
1D7B8E83000
|
heap
|
page read and write
|
||
1D7BB633000
|
heap
|
page read and write
|
||
1D7B8CD8000
|
heap
|
page read and write
|
||
1D7B8E41000
|
heap
|
page read and write
|
||
1D7BB631000
|
heap
|
page read and write
|
||
1D7B8D0A000
|
heap
|
page read and write
|
||
1D7B8CF0000
|
heap
|
page read and write
|
||
1D7B8DE9000
|
heap
|
page read and write
|
||
1D7B6F14000
|
heap
|
page read and write
|
||
1D7B8EBB000
|
heap
|
page read and write
|
||
1D7B6EF4000
|
heap
|
page read and write
|
||
1D7BB62F000
|
heap
|
page read and write
|
||
1D7B8755000
|
heap
|
page read and write
|
||
1D7B8EBB000
|
heap
|
page read and write
|
||
5C2B9FE000
|
stack
|
page read and write
|
||
1D7B6EDA000
|
heap
|
page read and write
|
||
1D7B8D1A000
|
heap
|
page read and write
|
||
1D7B8CFF000
|
heap
|
page read and write
|
||
1D7BD810000
|
heap
|
page readonly
|
||
1D7B8E71000
|
heap
|
page read and write
|
||
1D7B6EB6000
|
heap
|
page read and write
|
||
1D7B6D90000
|
heap
|
page read and write
|
||
1D7B8D0E000
|
heap
|
page read and write
|
||
1D7B8DD3000
|
heap
|
page read and write
|
||
1D7B8CEF000
|
heap
|
page read and write
|
||
1D7B8E89000
|
heap
|
page read and write
|
||
1D7B8E52000
|
heap
|
page read and write
|
||
1D7B8DC0000
|
heap
|
page read and write
|
||
1D7B8CFA000
|
heap
|
page read and write
|
||
1D7B6D50000
|
heap
|
page read and write
|
||
1D7B8DDF000
|
heap
|
page read and write
|
||
1D7B8CEF000
|
heap
|
page read and write
|
||
1D7B8CEA000
|
heap
|
page read and write
|
||
5C2BC7B000
|
stack
|
page read and write
|
||
1D7B6E20000
|
heap
|
page read and write
|
||
1D7B8DD8000
|
heap
|
page read and write
|
||
1D7B8CD9000
|
heap
|
page read and write
|
||
1D7B8D0A000
|
heap
|
page read and write
|
||
1D7B8E83000
|
heap
|
page read and write
|
||
1D7B8CEB000
|
heap
|
page read and write
|
||
1D7B6EC4000
|
heap
|
page read and write
|
||
1D7B8E87000
|
heap
|
page read and write
|
||
1D7BAF10000
|
trusted library allocation
|
page read and write
|
||
1D7B8CDC000
|
heap
|
page read and write
|
||
1D7B8E63000
|
heap
|
page read and write
|
||
1D7B8D0E000
|
heap
|
page read and write
|
||
1D7B8E63000
|
heap
|
page read and write
|
||
1D7B6EC8000
|
heap
|
page read and write
|
||
1D7B8EB9000
|
heap
|
page read and write
|
||
1D7B6F0C000
|
heap
|
page read and write
|
||
1D7B8D13000
|
heap
|
page read and write
|
||
1D7B6EC5000
|
heap
|
page read and write
|
||
1D7B6EC7000
|
heap
|
page read and write
|
||
1D7B8E68000
|
heap
|
page read and write
|
||
1D7B8E71000
|
heap
|
page read and write
|
||
1D7B8EB9000
|
heap
|
page read and write
|
||
1D7B8DE1000
|
heap
|
page read and write
|
||
1D7B6EDE000
|
heap
|
page read and write
|
||
1D7B6EAB000
|
heap
|
page read and write
|
||
1D7B6C70000
|
heap
|
page read and write
|
||
1D7B6EAF000
|
heap
|
page read and write
|
||
1D7BB613000
|
heap
|
page read and write
|
||
1D7B8CE7000
|
heap
|
page read and write
|
||
1D7B8D0A000
|
heap
|
page read and write
|
||
1D7B8CFF000
|
heap
|
page read and write
|
||
1D7B8CDC000
|
heap
|
page read and write
|
||
1D7B8E83000
|
heap
|
page read and write
|
||
1D7B8E48000
|
heap
|
page read and write
|
||
1D7B8CFA000
|
heap
|
page read and write
|
||
1D7BB616000
|
heap
|
page read and write
|
||
1D7B8CFF000
|
heap
|
page read and write
|
||
1D7B6EC8000
|
heap
|
page read and write
|
||
1D7B8D05000
|
heap
|
page read and write
|
||
1D7B8DE9000
|
heap
|
page read and write
|
||
1D7B8CC0000
|
heap
|
page read and write
|
||
1D7B8E85000
|
heap
|
page read and write
|
||
1D7B8D0B000
|
heap
|
page read and write
|
||
1D7B8CD0000
|
heap
|
page read and write
|
||
1D7B6EED000
|
heap
|
page read and write
|
||
1D7BB62B000
|
heap
|
page read and write
|
||
5C2B527000
|
stack
|
page read and write
|
||
1D7B8D05000
|
heap
|
page read and write
|
||
1D7B8CF5000
|
heap
|
page read and write
|
||
1D7B8E68000
|
heap
|
page read and write
|
||
1D7B6EDE000
|
heap
|
page read and write
|
||
1D7B8DFF000
|
heap
|
page read and write
|
||
1D7B8CF7000
|
heap
|
page read and write
|
||
1D7BB611000
|
heap
|
page read and write
|
||
1D7B8CF5000
|
heap
|
page read and write
|
||
1D7B8EBB000
|
heap
|
page read and write
|
||
1D7B6EC8000
|
heap
|
page read and write
|
||
1D7BB610000
|
heap
|
page read and write
|
||
1D7B8EA3000
|
heap
|
page read and write
|
||
1D7B8E48000
|
heap
|
page read and write
|
||
1D7B8DFF000
|
heap
|
page read and write
|
||
5C2BD7F000
|
stack
|
page read and write
|
||
1D7B8CEF000
|
heap
|
page read and write
|
||
1D7B6E92000
|
heap
|
page read and write
|
||
1D7B8E68000
|
heap
|
page read and write
|
||
1D7B8E52000
|
heap
|
page read and write
|
||
1D7B6EF0000
|
heap
|
page read and write
|
||
1D7B8DF2000
|
heap
|
page read and write
|
||
1D7B6EB6000
|
heap
|
page read and write
|
||
1D7B8CFA000
|
heap
|
page read and write
|
||
1D7B8D0A000
|
heap
|
page read and write
|
||
1D7B8D0E000
|
heap
|
page read and write
|
||
1D7B8E71000
|
heap
|
page read and write
|
||
1D7B6EDE000
|
heap
|
page read and write
|
||
1D7B6F14000
|
heap
|
page read and write
|
||
1D7B6EB0000
|
heap
|
page read and write
|
||
1D7B8E3E000
|
heap
|
page read and write
|
||
1D7BB61E000
|
heap
|
page read and write
|
||
1D7BB62C000
|
heap
|
page read and write
|
||
1D7BB646000
|
heap
|
page read and write
|
||
1D7B8CE8000
|
heap
|
page read and write
|
||
1D7B8CFF000
|
heap
|
page read and write
|
||
1D7B8E2C000
|
heap
|
page read and write
|
||
1D7BB62F000
|
heap
|
page read and write
|
||
1D7B6EB8000
|
heap
|
page read and write
|
||
1D7B8DFF000
|
heap
|
page read and write
|
||
1D7B8DEB000
|
heap
|
page read and write
|
||
1D7B6EC8000
|
heap
|
page read and write
|
||
1D7B6F14000
|
heap
|
page read and write
|
||
1D7B6F1D000
|
heap
|
page read and write
|
||
1D7BB62F000
|
heap
|
page read and write
|
||
1D7B8E68000
|
heap
|
page read and write
|
||
1D7B8DEB000
|
heap
|
page read and write
|
||
1D7B8E63000
|
heap
|
page read and write
|
||
1D7B6EE3000
|
heap
|
page read and write
|
||
1D7B875E000
|
heap
|
page read and write
|
||
1D7B8750000
|
heap
|
page read and write
|
||
1D7BB644000
|
heap
|
page read and write
|
||
1D7B6EC5000
|
heap
|
page read and write
|
||
1D7B8DFF000
|
heap
|
page read and write
|
||
1D7B6E00000
|
heap
|
page read and write
|
||
1D7B8CEB000
|
heap
|
page read and write
|
||
1D7B6EBC000
|
heap
|
page read and write
|
||
5C2B5AE000
|
stack
|
page read and write
|
||
1D7B6EC5000
|
heap
|
page read and write
|
||
1D7BB61D000
|
heap
|
page read and write
|
||
1D7B8D13000
|
heap
|
page read and write
|
||
1D7B8EBB000
|
heap
|
page read and write
|
||
1D7B8D0E000
|
heap
|
page read and write
|
||
1D7B8CF5000
|
heap
|
page read and write
|
||
1D7B8CFA000
|
heap
|
page read and write
|
||
1D7B8D0A000
|
heap
|
page read and write
|
||
1D7B8D05000
|
heap
|
page read and write
|
||
1D7B8D0E000
|
heap
|
page read and write
|
||
1D7B8E2E000
|
heap
|
page read and write
|
||
1D7B8CDC000
|
heap
|
page read and write
|
||
1D7B8D0F000
|
heap
|
page read and write
|
||
1D7B8D05000
|
heap
|
page read and write
|
||
1D7B8E48000
|
heap
|
page read and write
|
||
5C2B97C000
|
stack
|
page read and write
|
||
1D7B8D1A000
|
heap
|
page read and write
|
||
1D7B8CF5000
|
heap
|
page read and write
|
||
1D7B8E0A000
|
heap
|
page read and write
|
||
1D7B8CF2000
|
heap
|
page read and write
|
||
1D7B875D000
|
heap
|
page read and write
|
||
1D7B6EB6000
|
heap
|
page read and write
|
||
1D7B8E71000
|
heap
|
page read and write
|
||
1D7BB637000
|
heap
|
page read and write
|
||
1D7B8CF5000
|
heap
|
page read and write
|
||
1D7B8D05000
|
heap
|
page read and write
|
||
1D7B8EB9000
|
heap
|
page read and write
|
||
1D7B6E28000
|
heap
|
page read and write
|
||
1D7B8CFA000
|
heap
|
page read and write
|
||
5C2BA7B000
|
stack
|
page read and write
|
||
1D7B8E52000
|
heap
|
page read and write
|
||
1D7B8CEF000
|
heap
|
page read and write
|
||
1D7BB622000
|
heap
|
page read and write
|
||
1D7B8D05000
|
heap
|
page read and write
|
||
1D7B8EA3000
|
heap
|
page read and write
|
||
1D7B8D05000
|
heap
|
page read and write
|
||
1D7B8D0A000
|
heap
|
page read and write
|
||
1D7B6EE2000
|
heap
|
page read and write
|
||
1D7B8E52000
|
heap
|
page read and write
|
||
1D7B875E000
|
heap
|
page read and write
|
||
1D7B8CEF000
|
heap
|
page read and write
|
||
1D7B8CDC000
|
heap
|
page read and write
|
||
1D7B8D06000
|
heap
|
page read and write
|
||
1D7B8CE9000
|
heap
|
page read and write
|
||
1D7BB930000
|
trusted library allocation
|
page read and write
|
||
1D7B8CEF000
|
heap
|
page read and write
|
||
7DF452D01000
|
trusted library allocation
|
page execute read
|
||
1D7B8D0A000
|
heap
|
page read and write
|
||
1D7B6EC8000
|
heap
|
page read and write
|
||
1D7B8E83000
|
heap
|
page read and write
|
||
1D7B6EF0000
|
heap
|
page read and write
|
||
1D7B8D05000
|
heap
|
page read and write
|
||
1D7B8E48000
|
heap
|
page read and write
|
||
1D7B8E8C000
|
heap
|
page read and write
|
||
1D7B8D0E000
|
heap
|
page read and write
|
||
1D7B6F1D000
|
heap
|
page read and write
|
||
1D7BB638000
|
heap
|
page read and write
|
||
1D7B6EDD000
|
heap
|
page read and write
|
||
1D7B6EDA000
|
heap
|
page read and write
|
||
1D7B8CF1000
|
heap
|
page read and write
|
||
1D7B6EB0000
|
heap
|
page read and write
|
||
1D7B8E68000
|
heap
|
page read and write
|
||
1D7B8E52000
|
heap
|
page read and write
|
||
1D7B8CFF000
|
heap
|
page read and write
|
||
1D7B8DF2000
|
heap
|
page read and write
|
||
5C2B87E000
|
stack
|
page read and write
|
||
1D7BB616000
|
heap
|
page read and write
|
||
1D7B8CFF000
|
heap
|
page read and write
|
||
1D7B6ED7000
|
heap
|
page read and write
|
||
1D7BB613000
|
heap
|
page read and write
|
||
1D7B8E48000
|
heap
|
page read and write
|
||
1D7B6EC8000
|
heap
|
page read and write
|
||
1D7B8E09000
|
heap
|
page read and write
|
||
1D7B8D1A000
|
heap
|
page read and write
|
||
1D7B8DF2000
|
heap
|
page read and write
|
||
1D7B8CF5000
|
heap
|
page read and write
|
||
1D7B8EB9000
|
heap
|
page read and write
|
||
1D7B8D13000
|
heap
|
page read and write
|
||
1D7B8DE7000
|
heap
|
page read and write
|
||
1D7B8E63000
|
heap
|
page read and write
|
||
1D7B6EC5000
|
heap
|
page read and write
|
||
1D7B8EA3000
|
heap
|
page read and write
|
||
1D7B8DF2000
|
heap
|
page read and write
|
||
1D7B8D0A000
|
heap
|
page read and write
|
||
1D7BBA30000
|
heap
|
page read and write
|
||
1D7B8DC9000
|
heap
|
page read and write
|
||
1D7B6F14000
|
heap
|
page read and write
|
||
1D7B8DDF000
|
heap
|
page read and write
|
||
1D7B8CFF000
|
heap
|
page read and write
|
||
1D7B8D1C000
|
heap
|
page read and write
|
||
1D7B6F07000
|
heap
|
page read and write
|
There are 237 hidden memdumps, click here to show them.