Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1B2E5FD2000
|
heap
|
page read and write
|
||
|
1B2E3F60000
|
heap
|
page read and write
|
||
|
1B2E5FD8000
|
heap
|
page read and write
|
||
|
1B2E5FE5000
|
heap
|
page read and write
|
||
|
1B2E40E0000
|
heap
|
page read and write
|
||
|
1B2E8200000
|
trusted library allocation
|
page read and write
|
||
|
1B2E40E5000
|
heap
|
page read and write
|
||
|
1B2E41F8000
|
heap
|
page read and write
|
||
|
1B2E5FE4000
|
heap
|
page read and write
|
||
|
1B2E4229000
|
heap
|
page read and write
|
||
|
1B2E422C000
|
heap
|
page read and write
|
||
|
1B2E41FC000
|
heap
|
page read and write
|
||
|
1B2E5FD7000
|
heap
|
page read and write
|
||
|
1B2E5FF7000
|
heap
|
page read and write
|
||
|
1B2E5FEE000
|
heap
|
page read and write
|
||
|
9A2B4FB000
|
stack
|
page read and write
|
||
|
1B2E5FF3000
|
heap
|
page read and write
|
||
|
1B2E5FFF000
|
heap
|
page read and write
|
||
|
9A2B5FF000
|
stack
|
page read and write
|
||
|
1B2E5FE8000
|
heap
|
page read and write
|
||
|
1B2E60D5000
|
heap
|
page read and write
|
||
|
1B2E41CA000
|
heap
|
page read and write
|
||
|
1B2E5FFF000
|
heap
|
page read and write
|
||
|
1B2E60E5000
|
heap
|
page read and write
|
||
|
1B2E6003000
|
heap
|
page read and write
|
||
|
1B2E5FDC000
|
heap
|
page read and write
|
||
|
1B2E5FD5000
|
heap
|
page read and write
|
||
|
1B2E600D000
|
heap
|
page read and write
|
||
|
1B2E41AA000
|
heap
|
page read and write
|
||
|
1B2E5FFB000
|
heap
|
page read and write
|
||
|
1B2E8812000
|
heap
|
page read and write
|
||
|
1B2E613B000
|
heap
|
page read and write
|
||
|
1B2E610B000
|
heap
|
page read and write
|
||
|
1B2E41FA000
|
heap
|
page read and write
|
||
|
1B2E41FA000
|
heap
|
page read and write
|
||
|
1B2E5FEE000
|
heap
|
page read and write
|
||
|
1B2E4228000
|
heap
|
page read and write
|
||
|
1B2E60F4000
|
heap
|
page read and write
|
||
|
1B2E41E1000
|
heap
|
page read and write
|
||
|
1B2E5FF7000
|
heap
|
page read and write
|
||
|
1B2E4040000
|
heap
|
page read and write
|
||
|
1B2E8805000
|
heap
|
page read and write
|
||
|
1B2E6007000
|
heap
|
page read and write
|
||
|
1B2E4139000
|
heap
|
page read and write
|
||
|
9A2B0FF000
|
stack
|
page read and write
|
||
|
1B2E60E5000
|
heap
|
page read and write
|
||
|
1B2E6007000
|
heap
|
page read and write
|
||
|
1B2E6191000
|
heap
|
page read and write
|
||
|
1B2E60D6000
|
heap
|
page read and write
|
||
|
1B2E882E000
|
heap
|
page read and write
|
||
|
1B2E60CB000
|
heap
|
page read and write
|
||
|
1B2E60DC000
|
heap
|
page read and write
|
||
|
1B2E6163000
|
heap
|
page read and write
|
||
|
1B2E60CE000
|
heap
|
page read and write
|
||
|
1B2E60D5000
|
heap
|
page read and write
|
||
|
1B2E6007000
|
heap
|
page read and write
|
||
|
1B2E5A70000
|
heap
|
page read and write
|
||
|
1B2E6157000
|
heap
|
page read and write
|
||
|
1B2E41FF000
|
heap
|
page read and write
|
||
|
1B2E5FCB000
|
heap
|
page read and write
|
||
|
1B2E5FDE000
|
heap
|
page read and write
|
||
|
1B2E8812000
|
heap
|
page read and write
|
||
|
1B2E6003000
|
heap
|
page read and write
|
||
|
1B2E5FC5000
|
heap
|
page read and write
|
||
|
1B2E41F4000
|
heap
|
page read and write
|
||
|
1B2E6181000
|
heap
|
page read and write
|
||
|
1B2E616E000
|
heap
|
page read and write
|
||
|
1B2E8E20000
|
heap
|
page read and write
|
||
|
1B2E60D8000
|
heap
|
page read and write
|
||
|
1B2E6156000
|
heap
|
page read and write
|
||
|
1B2E60DA000
|
heap
|
page read and write
|
||
|
1B2E41F0000
|
heap
|
page read and write
|
||
|
1B2E8809000
|
heap
|
page read and write
|
||
|
1B2E6158000
|
heap
|
page read and write
|
||
|
1B2E882A000
|
heap
|
page read and write
|
||
|
1B2E5FE4000
|
heap
|
page read and write
|
||
|
1B2E60DE000
|
heap
|
page read and write
|
||
|
1B2E422D000
|
heap
|
page read and write
|
||
|
1B2E6145000
|
heap
|
page read and write
|
||
|
1B2E40ED000
|
heap
|
page read and write
|
||
|
1B2E600B000
|
heap
|
page read and write
|
||
|
1B2E60F4000
|
heap
|
page read and write
|
||
|
1B2E6167000
|
heap
|
page read and write
|
||
|
1B2E41FA000
|
heap
|
page read and write
|
||
|
1B2E6100000
|
heap
|
page read and write
|
||
|
1B2E41DE000
|
heap
|
page read and write
|
||
|
1B2E41CA000
|
heap
|
page read and write
|
||
|
1B2E4130000
|
heap
|
page read and write
|
||
|
1B2E5FF3000
|
heap
|
page read and write
|
||
|
1B2E6167000
|
heap
|
page read and write
|
||
|
1B2E41F2000
|
heap
|
page read and write
|
||
|
1B2E600B000
|
heap
|
page read and write
|
||
|
1B2E618D000
|
heap
|
page read and write
|
||
|
1B2E41E0000
|
heap
|
page read and write
|
||
|
1B2E5FC0000
|
heap
|
page read and write
|
||
|
1B2E6156000
|
heap
|
page read and write
|
||
|
1B2E41D5000
|
heap
|
page read and write
|
||
|
1B2E87F0000
|
heap
|
page read and write
|
||
|
1B2E61A5000
|
heap
|
page read and write
|
||
|
1B2E5FDA000
|
heap
|
page read and write
|
||
|
1B2E60ED000
|
heap
|
page read and write
|
||
|
1B2E5FC2000
|
heap
|
page read and write
|
||
|
1B2E422D000
|
heap
|
page read and write
|
||
|
1B2E41D3000
|
heap
|
page read and write
|
||
|
1B2E5FD4000
|
heap
|
page read and write
|
||
|
9A2B07E000
|
stack
|
page read and write
|
||
|
1B2E6163000
|
heap
|
page read and write
|
||
|
1B2E5FE4000
|
heap
|
page read and write
|
||
|
1B2E5FCB000
|
heap
|
page read and write
|
||
|
1B2E616E000
|
heap
|
page read and write
|
||
|
1B2E8809000
|
heap
|
page read and write
|
||
|
1B2E6003000
|
heap
|
page read and write
|
||
|
1B2E8800000
|
heap
|
page read and write
|
||
|
1B2E612D000
|
heap
|
page read and write
|
||
|
1B2E60FF000
|
heap
|
page read and write
|
||
|
1B2E5FEE000
|
heap
|
page read and write
|
||
|
1B2E41BF000
|
heap
|
page read and write
|
||
|
1B2E41C2000
|
heap
|
page read and write
|
||
|
1B2E61A5000
|
heap
|
page read and write
|
||
|
1B2E60E5000
|
heap
|
page read and write
|
||
|
1B2E4141000
|
heap
|
page read and write
|
||
|
1B2E6000000
|
heap
|
page read and write
|
||
|
1B2E5FE4000
|
heap
|
page read and write
|
||
|
1B2E41CB000
|
heap
|
page read and write
|
||
|
1B2E8835000
|
heap
|
page read and write
|
||
|
1B2E8828000
|
heap
|
page read and write
|
||
|
1B2E8801000
|
heap
|
page read and write
|
||
|
1B2E4080000
|
heap
|
page read and write
|
||
|
1B2E5FC7000
|
heap
|
page read and write
|
||
|
1B2E612E000
|
heap
|
page read and write
|
||
|
1B2E600B000
|
heap
|
page read and write
|
||
|
1B2E41C4000
|
heap
|
page read and write
|
||
|
1B2E6129000
|
heap
|
page read and write
|
||
|
1B2E612E000
|
heap
|
page read and write
|
||
|
1B2E600B000
|
heap
|
page read and write
|
||
|
1B2E600B000
|
heap
|
page read and write
|
||
|
1B2E610C000
|
heap
|
page read and write
|
||
|
1B2E8838000
|
heap
|
page read and write
|
||
|
1B2E5FEB000
|
heap
|
page read and write
|
||
|
9A2B47C000
|
stack
|
page read and write
|
||
|
1B2E5FB0000
|
heap
|
page read and write
|
||
|
1B2E6167000
|
heap
|
page read and write
|
||
|
1B2E41EF000
|
heap
|
page read and write
|
||
|
1B2E60DC000
|
heap
|
page read and write
|
||
|
1B2E5FFB000
|
heap
|
page read and write
|
||
|
1B2E41EE000
|
heap
|
page read and write
|
||
|
1B2E6145000
|
heap
|
page read and write
|
||
|
9A2B1FE000
|
stack
|
page read and write
|
||
|
1B2E600B000
|
heap
|
page read and write
|
||
|
1B2E6007000
|
heap
|
page read and write
|
||
|
1B2E41E1000
|
heap
|
page read and write
|
||
|
1B2E5FE0000
|
heap
|
page read and write
|
||
|
1B2E41DE000
|
heap
|
page read and write
|
||
|
1B2E60F4000
|
heap
|
page read and write
|
||
|
1B2E60DE000
|
heap
|
page read and write
|
||
|
1B2E5FEE000
|
heap
|
page read and write
|
||
|
1B2E60B0000
|
heap
|
page read and write
|
||
|
1B2E41CE000
|
heap
|
page read and write
|
||
|
1B2E60ED000
|
heap
|
page read and write
|
||
|
1B2E5FD9000
|
heap
|
page read and write
|
||
|
1B2E61A5000
|
heap
|
page read and write
|
||
|
1B2E41C2000
|
heap
|
page read and write
|
||
|
1B2E5FCB000
|
heap
|
page read and write
|
||
|
1B2E5FDE000
|
heap
|
page read and write
|
||
|
1B2E5FEE000
|
heap
|
page read and write
|
||
|
1B2E60DE000
|
heap
|
page read and write
|
||
|
1B2E6191000
|
heap
|
page read and write
|
||
|
1B2E613B000
|
heap
|
page read and write
|
||
|
1B2E41E1000
|
heap
|
page read and write
|
||
|
1B2E616E000
|
heap
|
page read and write
|
||
|
1B2E8805000
|
heap
|
page read and write
|
||
|
1B2E41CC000
|
heap
|
page read and write
|
||
|
1B2E6007000
|
heap
|
page read and write
|
||
|
1B2E6156000
|
heap
|
page read and write
|
||
|
1B2E60DC000
|
heap
|
page read and write
|
||
|
9A2B17B000
|
stack
|
page read and write
|
||
|
1B2E5FF3000
|
heap
|
page read and write
|
||
|
1B2E60E5000
|
heap
|
page read and write
|
||
|
1B2E618D000
|
heap
|
page read and write
|
||
|
1B2E4225000
|
heap
|
page read and write
|
||
|
1B2E6191000
|
heap
|
page read and write
|
||
|
1B2E5FCB000
|
heap
|
page read and write
|
||
|
1B2E60F4000
|
heap
|
page read and write
|
||
|
1B2E60D8000
|
heap
|
page read and write
|
||
|
1B2E41DE000
|
heap
|
page read and write
|
||
|
1B2E60ED000
|
heap
|
page read and write
|
||
|
1B2E5FD3000
|
heap
|
page read and write
|
||
|
1B2E5FFB000
|
heap
|
page read and write
|
||
|
1B2E5FC1000
|
heap
|
page read and write
|
||
|
1B2E618D000
|
heap
|
page read and write
|
||
|
1B2E6007000
|
heap
|
page read and write
|
||
|
1B2E60BA000
|
heap
|
page read and write
|
||
|
1B2E8835000
|
heap
|
page read and write
|
||
|
1B2E6181000
|
heap
|
page read and write
|
||
|
1B2E41E1000
|
heap
|
page read and write
|
||
|
1B2E5FFB000
|
heap
|
page read and write
|
||
|
1B2E5FD5000
|
heap
|
page read and write
|
||
|
1B2E5FC0000
|
heap
|
page read and write
|
||
|
1B2E41CA000
|
heap
|
page read and write
|
||
|
1B2E40EC000
|
heap
|
page read and write
|
||
|
1B2E422D000
|
heap
|
page read and write
|
||
|
1B2E600B000
|
heap
|
page read and write
|
||
|
1B2E613B000
|
heap
|
page read and write
|
||
|
1B2E4217000
|
heap
|
page read and write
|
||
|
1B2E6003000
|
heap
|
page read and write
|
||
|
1B2E60ED000
|
heap
|
page read and write
|
||
|
1B2E60C4000
|
heap
|
page read and write
|
||
|
1B2E41DD000
|
heap
|
page read and write
|
||
|
1B2E6145000
|
heap
|
page read and write
|
||
|
1B2E5FF7000
|
heap
|
page read and write
|
||
|
1B2E41C2000
|
heap
|
page read and write
|
||
|
1B2E41A1000
|
heap
|
page read and write
|
||
|
9A2AD26000
|
stack
|
page read and write
|
||
|
1B2E5FC2000
|
heap
|
page read and write
|
||
|
1B2E4226000
|
heap
|
page read and write
|
||
|
1B2E6181000
|
heap
|
page read and write
|
||
|
1B2E880E000
|
heap
|
page read and write
|
||
|
1B2E5FF7000
|
heap
|
page read and write
|
||
|
1B2E5FDD000
|
heap
|
page read and write
|
||
|
9A2B27B000
|
stack
|
page read and write
|
||
|
1B2E60DA000
|
heap
|
page read and write
|
||
|
1B2E880E000
|
heap
|
page read and write
|
||
|
1B2E60F4000
|
heap
|
page read and write
|
||
|
9A2ADAE000
|
stack
|
page read and write
|
||
|
1B2E6163000
|
heap
|
page read and write
|
There are 215 hidden memdumps, click here to show them.