Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
228CE0ED000
|
heap
|
page read and write
|
||
|
228CE0FF000
|
heap
|
page read and write
|
||
|
228D0180000
|
heap
|
page read and write
|
||
|
228D024A000
|
heap
|
page read and write
|
||
|
228D01A3000
|
heap
|
page read and write
|
||
|
228D01F5000
|
heap
|
page read and write
|
||
|
228D008F000
|
heap
|
page read and write
|
||
|
228CE020000
|
heap
|
page read and write
|
||
|
228CE084000
|
heap
|
page read and write
|
||
|
228D008F000
|
heap
|
page read and write
|
||
|
228D007C000
|
heap
|
page read and write
|
||
|
228CE059000
|
heap
|
page read and write
|
||
|
228D2AC9000
|
heap
|
page read and write
|
||
|
228D008F000
|
heap
|
page read and write
|
||
|
228D0232000
|
heap
|
page read and write
|
||
|
228D22B0000
|
trusted library allocation
|
page read and write
|
||
|
228CE086000
|
heap
|
page read and write
|
||
|
228D2ACB000
|
heap
|
page read and write
|
||
|
228D01A3000
|
heap
|
page read and write
|
||
|
228D00B3000
|
heap
|
page read and write
|
||
|
228D01E8000
|
heap
|
page read and write
|
||
|
228CE050000
|
heap
|
page read and write
|
||
|
228D2AD4000
|
heap
|
page read and write
|
||
|
228D2AD9000
|
heap
|
page read and write
|
||
|
228CE104000
|
heap
|
page read and write
|
||
|
228D0092000
|
heap
|
page read and write
|
||
|
228D0095000
|
heap
|
page read and write
|
||
|
228D0227000
|
heap
|
page read and write
|
||
|
228D2AEB000
|
heap
|
page read and write
|
||
|
228CE0F2000
|
heap
|
page read and write
|
||
|
228D2AEA000
|
heap
|
page read and write
|
||
|
228CE010000
|
heap
|
page read and write
|
||
|
228D0079000
|
heap
|
page read and write
|
||
|
228D00AA000
|
heap
|
page read and write
|
||
|
228D00AE000
|
heap
|
page read and write
|
||
|
228D00AA000
|
heap
|
page read and write
|
||
|
937BCFE000
|
stack
|
page read and write
|
||
|
228D020D000
|
heap
|
page read and write
|
||
|
228D2AF5000
|
heap
|
page read and write
|
||
|
228CE103000
|
heap
|
page read and write
|
||
|
228D00AE000
|
heap
|
page read and write
|
||
|
228D008F000
|
heap
|
page read and write
|
||
|
228CE11C000
|
heap
|
page read and write
|
||
|
228D024A000
|
heap
|
page read and write
|
||
|
228D0216000
|
heap
|
page read and write
|
||
|
228CE107000
|
heap
|
page read and write
|
||
|
228D0095000
|
heap
|
page read and write
|
||
|
228D0226000
|
heap
|
page read and write
|
||
|
228D00A5000
|
heap
|
page read and write
|
||
|
228D009F000
|
heap
|
page read and write
|
||
|
228D0206000
|
heap
|
page read and write
|
||
|
228D0206000
|
heap
|
page read and write
|
||
|
228D00B3000
|
heap
|
page read and write
|
||
|
228D01B9000
|
heap
|
page read and write
|
||
|
228D00AA000
|
heap
|
page read and write
|
||
|
228D00AA000
|
heap
|
page read and write
|
||
|
228CFA75000
|
heap
|
page read and write
|
||
|
228D00A5000
|
heap
|
page read and write
|
||
|
228D2AD7000
|
heap
|
page read and write
|
||
|
228D020D000
|
heap
|
page read and write
|
||
|
228CE0FE000
|
heap
|
page read and write
|
||
|
228D00A5000
|
heap
|
page read and write
|
||
|
228D0216000
|
heap
|
page read and write
|
||
|
228D007C000
|
heap
|
page read and write
|
||
|
228D009A000
|
heap
|
page read and write
|
||
|
228D01BC000
|
heap
|
page read and write
|
||
|
228CE104000
|
heap
|
page read and write
|
||
|
228CE10D000
|
heap
|
page read and write
|
||
|
228D009F000
|
heap
|
page read and write
|
||
|
228D0095000
|
heap
|
page read and write
|
||
|
228CE0C0000
|
heap
|
page read and write
|
||
|
228CE123000
|
heap
|
page read and write
|
||
|
228D024A000
|
heap
|
page read and write
|
||
|
228D009F000
|
heap
|
page read and write
|
||
|
937BAFE000
|
stack
|
page read and write
|
||
|
228CE0EE000
|
heap
|
page read and write
|
||
|
228D0070000
|
heap
|
page read and write
|
||
|
937BD7B000
|
stack
|
page read and write
|
||
|
228D01F5000
|
heap
|
page read and write
|
||
|
228D0212000
|
heap
|
page read and write
|
||
|
228D0216000
|
heap
|
page read and write
|
||
|
228D009A000
|
heap
|
page read and write
|
||
|
228D0088000
|
heap
|
page read and write
|
||
|
228D0216000
|
heap
|
page read and write
|
||
|
228D0191000
|
heap
|
page read and write
|
||
|
228D009A000
|
heap
|
page read and write
|
||
|
228D0182000
|
heap
|
page read and write
|
||
|
937BC7E000
|
stack
|
page read and write
|
||
|
228D0184000
|
heap
|
page read and write
|
||
|
228D01AE000
|
heap
|
page read and write
|
||
|
228D0091000
|
heap
|
page read and write
|
||
|
228D0089000
|
heap
|
page read and write
|
||
|
228D008F000
|
heap
|
page read and write
|
||
|
228D0180000
|
heap
|
page read and write
|
||
|
228CE113000
|
heap
|
page read and write
|
||
|
228CE121000
|
heap
|
page read and write
|
||
|
228D00B3000
|
heap
|
page read and write
|
||
|
228D018A000
|
heap
|
page read and write
|
||
|
228D008F000
|
heap
|
page read and write
|
||
|
228D0212000
|
heap
|
page read and write
|
||
|
228CE114000
|
heap
|
page read and write
|
||
|
228D0160000
|
heap
|
page read and write
|
||
|
228D00A2000
|
heap
|
page read and write
|
||
|
228D0172000
|
heap
|
page read and write
|
||
|
228D0212000
|
heap
|
page read and write
|
||
|
937BBFB000
|
stack
|
page read and write
|
||
|
228D0182000
|
heap
|
page read and write
|
||
|
228D019A000
|
heap
|
page read and write
|
||
|
228CE0F6000
|
heap
|
page read and write
|
||
|
228D0076000
|
heap
|
page read and write
|
||
|
228D008B000
|
heap
|
page read and write
|
||
|
228D01B3000
|
heap
|
page read and write
|
||
|
228D00A6000
|
heap
|
page read and write
|
||
|
228D00AB000
|
heap
|
page read and write
|
||
|
228D01F5000
|
heap
|
page read and write
|
||
|
228D01AD000
|
heap
|
page read and write
|
||
|
228D00A5000
|
heap
|
page read and write
|
||
|
228D0095000
|
heap
|
page read and write
|
||
|
228D01E8000
|
heap
|
page read and write
|
||
|
228D00AA000
|
heap
|
page read and write
|
||
|
228CE0D7000
|
heap
|
page read and write
|
||
|
228D007C000
|
heap
|
page read and write
|
||
|
228D008A000
|
heap
|
page read and write
|
||
|
228CE13A000
|
heap
|
page read and write
|
||
|
228CE0E2000
|
heap
|
page read and write
|
||
|
228D0206000
|
heap
|
page read and write
|
||
|
228CE0F4000
|
heap
|
page read and write
|
||
|
228D017E000
|
heap
|
page read and write
|
||
|
228D00AE000
|
heap
|
page read and write
|
||
|
228CFA7E000
|
heap
|
page read and write
|
||
|
937C07F000
|
stack
|
page read and write
|
||
|
228D0226000
|
heap
|
page read and write
|
||
|
228D2AF8000
|
heap
|
page read and write
|
||
|
937BF7B000
|
stack
|
page read and write
|
||
|
228D022C000
|
heap
|
page read and write
|
||
|
228D00A5000
|
heap
|
page read and write
|
||
|
228D0097000
|
heap
|
page read and write
|
||
|
228D0078000
|
heap
|
page read and write
|
||
|
228D00AA000
|
heap
|
page read and write
|
||
|
228D01A3000
|
heap
|
page read and write
|
||
|
228D2AC0000
|
heap
|
page read and write
|
||
|
228D009A000
|
heap
|
page read and write
|
||
|
228D0188000
|
heap
|
page read and write
|
||
|
228D016A000
|
heap
|
page read and write
|
||
|
228D0191000
|
heap
|
page read and write
|
||
|
228D008B000
|
heap
|
page read and write
|
||
|
228D019A000
|
heap
|
page read and write
|
||
|
228CE0F1000
|
heap
|
page read and write
|
||
|
228D00A5000
|
heap
|
page read and write
|
||
|
228CE0DA000
|
heap
|
page read and write
|
||
|
228D0060000
|
heap
|
page read and write
|
||
|
228D009F000
|
heap
|
page read and write
|
||
|
228D2AEE000
|
heap
|
page read and write
|
||
|
937B7A6000
|
stack
|
page read and write
|
||
|
228D018A000
|
heap
|
page read and write
|
||
|
228D00B3000
|
heap
|
page read and write
|
||
|
228D01E8000
|
heap
|
page read and write
|
||
|
228D024A000
|
heap
|
page read and write
|
||
|
228CFC70000
|
heap
|
page read and write
|
||
|
228D022F000
|
heap
|
page read and write
|
||
|
228CFA7E000
|
heap
|
page read and write
|
||
|
228CE0E2000
|
heap
|
page read and write
|
||
|
228D0226000
|
heap
|
page read and write
|
||
|
228D01E8000
|
heap
|
page read and write
|
||
|
228D017E000
|
heap
|
page read and write
|
||
|
228D2A90000
|
heap
|
page read and write
|
||
|
228D0206000
|
heap
|
page read and write
|
||
|
228CE0DA000
|
heap
|
page read and write
|
||
|
228D00AE000
|
heap
|
page read and write
|
||
|
228D009F000
|
heap
|
page read and write
|
||
|
7DF4EB541000
|
trusted library allocation
|
page execute read
|
||
|
937BA7E000
|
stack
|
page read and write
|
||
|
228D4BC0000
|
heap
|
page readonly
|
||
|
228D2AEE000
|
heap
|
page read and write
|
||
|
228D024A000
|
heap
|
page read and write
|
||
|
228D00A5000
|
heap
|
page read and write
|
||
|
228D2AF6000
|
heap
|
page read and write
|
||
|
228CFA7D000
|
heap
|
page read and write
|
||
|
228D0191000
|
heap
|
page read and write
|
||
|
228D01B2000
|
heap
|
page read and write
|
||
|
228D0212000
|
heap
|
page read and write
|
||
|
228CF9D0000
|
heap
|
page read and write
|
||
|
228D00AA000
|
heap
|
page read and write
|
||
|
228D022B000
|
heap
|
page read and write
|
||
|
228D008F000
|
heap
|
page read and write
|
||
|
228D007C000
|
heap
|
page read and write
|
||
|
228D024A000
|
heap
|
page read and write
|
||
|
228D0191000
|
heap
|
page read and write
|
||
|
228CE0E2000
|
heap
|
page read and write
|
||
|
228D0228000
|
heap
|
page read and write
|
||
|
228D01F5000
|
heap
|
page read and write
|
||
|
228D0177000
|
heap
|
page read and write
|
||
|
228D00BB000
|
heap
|
page read and write
|
||
|
228CFA70000
|
heap
|
page read and write
|
||
|
228D00AE000
|
heap
|
page read and write
|
||
|
228D0095000
|
heap
|
page read and write
|
||
|
228CE110000
|
heap
|
page read and write
|
||
|
228D0226000
|
heap
|
page read and write
|
||
|
228D0088000
|
heap
|
page read and write
|
||
|
228D0188000
|
heap
|
page read and write
|
||
|
228D009A000
|
heap
|
page read and write
|
||
|
228D0087000
|
heap
|
page read and write
|
||
|
228CE108000
|
heap
|
page read and write
|
||
|
937BB7F000
|
stack
|
page read and write
|
||
|
228D009F000
|
heap
|
page read and write
|
||
|
228D0090000
|
heap
|
page read and write
|
||
|
228D00AE000
|
heap
|
page read and write
|
||
|
228D00A5000
|
heap
|
page read and write
|
||
|
228D0070000
|
heap
|
page read and write
|
||
|
228D009F000
|
heap
|
page read and write
|
||
|
228D016A000
|
heap
|
page read and write
|
||
|
228D00AE000
|
heap
|
page read and write
|
||
|
228D01B0000
|
heap
|
page read and write
|
||
|
228CE102000
|
heap
|
page read and write
|
||
|
228D29E0000
|
trusted library allocation
|
page read and write
|
||
|
228D0095000
|
heap
|
page read and write
|
||
|
228D020D000
|
heap
|
page read and write
|
||
|
228D00AA000
|
heap
|
page read and write
|
||
|
228D009F000
|
heap
|
page read and write
|
||
|
228D0184000
|
heap
|
page read and write
|
||
|
228D008F000
|
heap
|
page read and write
|
||
|
228D020D000
|
heap
|
page read and write
|
There are 212 hidden memdumps, click here to show them.