Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
17A4AF6E000
|
heap
|
page read and write
|
||
|
17A4CE07000
|
heap
|
page read and write
|
||
|
17A4CE24000
|
heap
|
page read and write
|
||
|
17A4CE98000
|
heap
|
page read and write
|
||
|
17A4CE05000
|
heap
|
page read and write
|
||
|
17A4CD2A000
|
heap
|
page read and write
|
||
|
17A4F4F0000
|
heap
|
page read and write
|
||
|
17A4CE0B000
|
heap
|
page read and write
|
||
|
17A4AF04000
|
heap
|
page read and write
|
||
|
270ADEE000
|
stack
|
page read and write
|
||
|
17A4CE79000
|
heap
|
page read and write
|
||
|
17A4CD26000
|
heap
|
page read and write
|
||
|
17A4AF23000
|
heap
|
page read and write
|
||
|
17A4CD2E000
|
heap
|
page read and write
|
||
|
17A4AF0A000
|
heap
|
page read and write
|
||
|
17A4CD1E000
|
heap
|
page read and write
|
||
|
17A4AF04000
|
heap
|
page read and write
|
||
|
17A4CE7D000
|
heap
|
page read and write
|
||
|
17A4AD70000
|
heap
|
page read and write
|
||
|
17A4CE79000
|
heap
|
page read and write
|
||
|
17A4CD2E000
|
heap
|
page read and write
|
||
|
270B1FD000
|
stack
|
page read and write
|
||
|
17A4AF6E000
|
heap
|
page read and write
|
||
|
17A4CDE6000
|
heap
|
page read and write
|
||
|
17A4CD26000
|
heap
|
page read and write
|
||
|
17A4CD15000
|
heap
|
page read and write
|
||
|
17A4AF26000
|
heap
|
page read and write
|
||
|
17A4AF23000
|
heap
|
page read and write
|
||
|
17A4AE70000
|
heap
|
page read and write
|
||
|
17A4CDF2000
|
heap
|
page read and write
|
||
|
17A4CEB0000
|
heap
|
page read and write
|
||
|
17A4CCF8000
|
heap
|
page read and write
|
||
|
17A4AF2A000
|
heap
|
page read and write
|
||
|
270B07E000
|
stack
|
page read and write
|
||
|
17A4AEDE000
|
heap
|
page read and write
|
||
|
17A4CD2F000
|
heap
|
page read and write
|
||
|
17A4CDF8000
|
heap
|
page read and write
|
||
|
17A4AF2C000
|
heap
|
page read and write
|
||
|
17A4AF25000
|
heap
|
page read and write
|
||
|
17A4CD08000
|
heap
|
page read and write
|
||
|
17A4CCFB000
|
heap
|
page read and write
|
||
|
17A4CE91000
|
heap
|
page read and write
|
||
|
270B5FF000
|
stack
|
page read and write
|
||
|
17A4AF18000
|
heap
|
page read and write
|
||
|
17A4CE89000
|
heap
|
page read and write
|
||
|
270B17C000
|
stack
|
page read and write
|
||
|
270B4FB000
|
stack
|
page read and write
|
||
|
17A4CE31000
|
heap
|
page read and write
|
||
|
17A4CE24000
|
heap
|
page read and write
|
||
|
17A4CD33000
|
heap
|
page read and write
|
||
|
17A4CE31000
|
heap
|
page read and write
|
||
|
17A4F531000
|
heap
|
page read and write
|
||
|
17A4CED8000
|
heap
|
page read and write
|
||
|
270B47C000
|
stack
|
page read and write
|
||
|
17A4AF34000
|
heap
|
page read and write
|
||
|
17A4AF6A000
|
heap
|
page read and write
|
||
|
17A4CEC7000
|
heap
|
page read and write
|
||
|
17A4CD03000
|
heap
|
page read and write
|
||
|
17A4CD0B000
|
heap
|
page read and write
|
||
|
270B27B000
|
stack
|
page read and write
|
||
|
17A4CE7B000
|
heap
|
page read and write
|
||
|
17A4CE8A000
|
heap
|
page read and write
|
||
|
17A4CD2C000
|
heap
|
page read and write
|
||
|
17A4CDF8000
|
heap
|
page read and write
|
||
|
17A4CCE0000
|
heap
|
page read and write
|
||
|
17A4CD1E000
|
heap
|
page read and write
|
||
|
17A4CE2C000
|
heap
|
page read and write
|
||
|
17A4AF2D000
|
heap
|
page read and write
|
||
|
17A4AF04000
|
heap
|
page read and write
|
||
|
17A4AF1B000
|
heap
|
page read and write
|
||
|
17A4CE9B000
|
heap
|
page read and write
|
||
|
17A4CEB0000
|
heap
|
page read and write
|
||
|
17A4AE78000
|
heap
|
page read and write
|
||
|
17A4CED8000
|
heap
|
page read and write
|
||
|
17A4AEFC000
|
heap
|
page read and write
|
||
|
17A4CD33000
|
heap
|
page read and write
|
||
|
17A4CD26000
|
heap
|
page read and write
|
||
|
17A4CD15000
|
heap
|
page read and write
|
||
|
17A4AEFD000
|
heap
|
page read and write
|
||
|
17A4CD07000
|
heap
|
page read and write
|
||
|
17A4CE24000
|
heap
|
page read and write
|
||
|
17A4CED8000
|
heap
|
page read and write
|
||
|
17A4CD3E000
|
heap
|
page read and write
|
||
|
17A4AF26000
|
heap
|
page read and write
|
||
|
17A4CE2C000
|
heap
|
page read and write
|
||
|
17A4CD15000
|
heap
|
page read and write
|
||
|
17A4AF23000
|
heap
|
page read and write
|
||
|
17A4CD2A000
|
heap
|
page read and write
|
||
|
17A4CDE0000
|
heap
|
page read and write
|
||
|
17A4CE05000
|
heap
|
page read and write
|
||
|
17A4CE3B000
|
heap
|
page read and write
|
||
|
17A4CE6D000
|
heap
|
page read and write
|
||
|
17A4AF3A000
|
heap
|
page read and write
|
||
|
17A4AF23000
|
heap
|
page read and write
|
||
|
17A4F9C0000
|
heap
|
page read and write
|
||
|
17A4CD0F000
|
heap
|
page read and write
|
||
|
17A4F504000
|
heap
|
page read and write
|
||
|
17A4AF37000
|
heap
|
page read and write
|
||
|
17A4CDE5000
|
heap
|
page read and write
|
||
|
17A4CE9B000
|
heap
|
page read and write
|
||
|
17A4CCFB000
|
heap
|
page read and write
|
||
|
17A4CEC7000
|
heap
|
page read and write
|
||
|
17A4F512000
|
heap
|
page read and write
|
||
|
17A4CD33000
|
heap
|
page read and write
|
||
|
17A4CD0F000
|
heap
|
page read and write
|
||
|
17A4CEB0000
|
heap
|
page read and write
|
||
|
17A4CD2A000
|
heap
|
page read and write
|
||
|
17A4CEA7000
|
heap
|
page read and write
|
||
|
17A4AF58000
|
heap
|
page read and write
|
||
|
17A4CEC7000
|
heap
|
page read and write
|
||
|
17A4CE48000
|
heap
|
page read and write
|
||
|
17A4CEB0000
|
heap
|
page read and write
|
||
|
17A4CD2A000
|
heap
|
page read and write
|
||
|
17A4F529000
|
heap
|
page read and write
|
||
|
17A4CD15000
|
heap
|
page read and write
|
||
|
17A4CDFE000
|
heap
|
page read and write
|
||
|
17A4AF6C000
|
heap
|
page read and write
|
||
|
17A4CE9B000
|
heap
|
page read and write
|
||
|
17A4AF1C000
|
heap
|
page read and write
|
||
|
17A4CDF1000
|
heap
|
page read and write
|
||
|
17A4CE07000
|
heap
|
page read and write
|
||
|
17A4F517000
|
heap
|
page read and write
|
||
|
17A4CEA5000
|
heap
|
page read and write
|
||
|
17A4CD22000
|
heap
|
page read and write
|
||
|
17A4AEF8000
|
heap
|
page read and write
|
||
|
17A4CE9D000
|
heap
|
page read and write
|
||
|
17A4AF3A000
|
heap
|
page read and write
|
||
|
17A4CDFD000
|
heap
|
page read and write
|
||
|
17A4CD2E000
|
heap
|
page read and write
|
||
|
17A4CE79000
|
heap
|
page read and write
|
||
|
17A4CE7D000
|
heap
|
page read and write
|
||
|
17A4CD2A000
|
heap
|
page read and write
|
||
|
17A4AF2D000
|
heap
|
page read and write
|
||
|
17A4CD1A000
|
heap
|
page read and write
|
||
|
17A4C8B5000
|
heap
|
page read and write
|
||
|
17A4CE31000
|
heap
|
page read and write
|
||
|
17A4CD32000
|
heap
|
page read and write
|
||
|
17A4AF22000
|
heap
|
page read and write
|
||
|
17A4CD10000
|
heap
|
page read and write
|
||
|
17A4AF31000
|
heap
|
page read and write
|
||
|
17A4AF29000
|
heap
|
page read and write
|
||
|
17A4CD15000
|
heap
|
page read and write
|
||
|
17A4AF65000
|
heap
|
page read and write
|
||
|
17A4CD22000
|
heap
|
page read and write
|
||
|
17A4CE90000
|
heap
|
page read and write
|
||
|
17A4CCF9000
|
heap
|
page read and write
|
||
|
17A4AF0B000
|
heap
|
page read and write
|
||
|
17A4AEFC000
|
heap
|
page read and write
|
||
|
17A4CDFD000
|
heap
|
page read and write
|
||
|
17A4CE0B000
|
heap
|
page read and write
|
||
|
17A4EF30000
|
trusted library allocation
|
page read and write
|
||
|
17A4CD26000
|
heap
|
page read and write
|
||
|
17A4AF2D000
|
heap
|
page read and write
|
||
|
17A4CD2A000
|
heap
|
page read and write
|
||
|
17A4CE7D000
|
heap
|
page read and write
|
||
|
17A4CEC7000
|
heap
|
page read and write
|
||
|
17A4CED8000
|
heap
|
page read and write
|
||
|
17A4AF26000
|
heap
|
page read and write
|
||
|
17A4CD2A000
|
heap
|
page read and write
|
||
|
17A4CCF1000
|
heap
|
page read and write
|
||
|
17A4F536000
|
heap
|
page read and write
|
||
|
17A4CD1E000
|
heap
|
page read and write
|
||
|
17A4CD1E000
|
heap
|
page read and write
|
||
|
17A4CE24000
|
heap
|
page read and write
|
||
|
17A4CD05000
|
heap
|
page read and write
|
||
|
17A4CD0B000
|
heap
|
page read and write
|
||
|
17A4CD22000
|
heap
|
page read and write
|
||
|
17A4CEB0000
|
heap
|
page read and write
|
||
|
17A4CCF5000
|
heap
|
page read and write
|
||
|
17A4CED8000
|
heap
|
page read and write
|
||
|
17A4CD15000
|
heap
|
page read and write
|
||
|
17A4CE07000
|
heap
|
page read and write
|
||
|
17A4F501000
|
heap
|
page read and write
|
||
|
17A4CE70000
|
heap
|
page read and write
|
||
|
17A4CD38000
|
heap
|
page read and write
|
||
|
17A4CCF0000
|
heap
|
page read and write
|
||
|
17A4CD38000
|
heap
|
page read and write
|
||
|
17A4CD15000
|
heap
|
page read and write
|
||
|
17A4AF2A000
|
heap
|
page read and write
|
||
|
17A4AF23000
|
heap
|
page read and write
|
||
|
17A4AC90000
|
heap
|
page read and write
|
||
|
17A4AF05000
|
heap
|
page read and write
|
||
|
17A4AF2D000
|
heap
|
page read and write
|
||
|
17A4AEFC000
|
heap
|
page read and write
|
||
|
17A4CD18000
|
heap
|
page read and write
|
||
|
17A4AEBF000
|
heap
|
page read and write
|
||
|
17A4CE0B000
|
heap
|
page read and write
|
||
|
17A4CD26000
|
heap
|
page read and write
|
||
|
17A4CD0F000
|
heap
|
page read and write
|
||
|
17A4CE7A000
|
heap
|
page read and write
|
||
|
17A4CD35000
|
heap
|
page read and write
|
||
|
17A4CE9B000
|
heap
|
page read and write
|
||
|
270B0FF000
|
stack
|
page read and write
|
||
|
17A4CD15000
|
heap
|
page read and write
|
||
|
17A4AEDE000
|
heap
|
page read and write
|
||
|
17A4CD2A000
|
heap
|
page read and write
|
||
|
17A4CD0A000
|
heap
|
page read and write
|
||
|
17A4CD3F000
|
heap
|
page read and write
|
||
|
17A4CD0F000
|
heap
|
page read and write
|
||
|
17A4CD1E000
|
heap
|
page read and write
|
||
|
17A4CE8C000
|
heap
|
page read and write
|
||
|
17A4CD39000
|
heap
|
page read and write
|
||
|
17A4AF3D000
|
heap
|
page read and write
|
||
|
17A4C880000
|
heap
|
page read and write
|
||
|
17A4F526000
|
heap
|
page read and write
|
||
|
17A4AF19000
|
heap
|
page read and write
|
||
|
17A4AF2A000
|
heap
|
page read and write
|
||
|
17A4AF23000
|
heap
|
page read and write
|
||
|
17A4ADB0000
|
heap
|
page read and write
|
||
|
17A4CD1E000
|
heap
|
page read and write
|
||
|
17A4CD2E000
|
heap
|
page read and write
|
||
|
17A4CE45000
|
heap
|
page read and write
|
||
|
17A4CD2B000
|
heap
|
page read and write
|
||
|
17A4CD1E000
|
heap
|
page read and write
|
||
|
17A4AF26000
|
heap
|
page read and write
|
||
|
17A4CE05000
|
heap
|
page read and write
|
||
|
17A4CD0F000
|
heap
|
page read and write
|
||
|
17A4CEC7000
|
heap
|
page read and write
|
||
|
17A4AEC0000
|
heap
|
page read and write
|
||
|
17A4CE3D000
|
heap
|
page read and write
|
||
|
17A4CD2E000
|
heap
|
page read and write
|
||
|
17A4CDF5000
|
heap
|
page read and write
|
||
|
17A4CD26000
|
heap
|
page read and write
|
||
|
17A4CE79000
|
heap
|
page read and write
|
||
|
17A4CD02000
|
heap
|
page read and write
|
||
|
17A4C8B0000
|
heap
|
page read and write
|
||
|
17A4CE76000
|
heap
|
page read and write
|
||
|
17A4CE85000
|
heap
|
page read and write
|
||
|
17A4CD2E000
|
heap
|
page read and write
|
||
|
17A4CE91000
|
heap
|
page read and write
|
||
|
17A4CDF5000
|
heap
|
page read and write
|
||
|
17A4AF04000
|
heap
|
page read and write
|
||
|
17A4CD22000
|
heap
|
page read and write
|
||
|
17A4CD2E000
|
heap
|
page read and write
|
||
|
17A4CEA6000
|
heap
|
page read and write
|
||
|
17A4CD22000
|
heap
|
page read and write
|
||
|
17A4CDF2000
|
heap
|
page read and write
|
||
|
17A4CE9B000
|
heap
|
page read and write
|
||
|
270AD67000
|
stack
|
page read and write
|
There are 229 hidden memdumps, click here to show them.