Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
241A742A000
|
heap
|
page read and write
|
||
|
241A7402000
|
heap
|
page read and write
|
||
|
241A7436000
|
heap
|
page read and write
|
||
|
241A75A8000
|
heap
|
page read and write
|
||
|
241A75A8000
|
heap
|
page read and write
|
||
|
79AA17E000
|
stack
|
page read and write
|
||
|
241A7426000
|
heap
|
page read and write
|
||
|
241A7578000
|
heap
|
page read and write
|
||
|
241A6D40000
|
heap
|
page read and write
|
||
|
241A5441000
|
heap
|
page read and write
|
||
|
241A7436000
|
heap
|
page read and write
|
||
|
241A741D000
|
heap
|
page read and write
|
||
|
241A742E000
|
heap
|
page read and write
|
||
|
241A742A000
|
heap
|
page read and write
|
||
|
241A9D7A000
|
heap
|
page read and write
|
||
|
241A543B000
|
heap
|
page read and write
|
||
|
241A9D7B000
|
heap
|
page read and write
|
||
|
241A5419000
|
heap
|
page read and write
|
||
|
241A7405000
|
heap
|
page read and write
|
||
|
241A741A000
|
heap
|
page read and write
|
||
|
241A742E000
|
heap
|
page read and write
|
||
|
241A742E000
|
heap
|
page read and write
|
||
|
241A74F9000
|
heap
|
page read and write
|
||
|
241A750C000
|
heap
|
page read and write
|
||
|
241A73F0000
|
heap
|
page read and write
|
||
|
241A75B4000
|
heap
|
page read and write
|
||
|
241A544A000
|
heap
|
page read and write
|
||
|
241A7504000
|
heap
|
page read and write
|
||
|
241A740E000
|
heap
|
page read and write
|
||
|
241A75AF000
|
heap
|
page read and write
|
||
|
241A75A8000
|
heap
|
page read and write
|
||
|
241A7436000
|
heap
|
page read and write
|
||
|
241A7426000
|
heap
|
page read and write
|
||
|
79A9FFD000
|
stack
|
page read and write
|
||
|
241A743C000
|
heap
|
page read and write
|
||
|
79A99BE000
|
stack
|
page read and write
|
||
|
241A750C000
|
heap
|
page read and write
|
||
|
241A742A000
|
heap
|
page read and write
|
||
|
241A73F0000
|
heap
|
page read and write
|
||
|
241A5439000
|
heap
|
page read and write
|
||
|
241A9D71000
|
heap
|
page read and write
|
||
|
241A750A000
|
heap
|
page read and write
|
||
|
241A7422000
|
heap
|
page read and write
|
||
|
241A7433000
|
heap
|
page read and write
|
||
|
241A743C000
|
heap
|
page read and write
|
||
|
241A741D000
|
heap
|
page read and write
|
||
|
241A7433000
|
heap
|
page read and write
|
||
|
241A7413000
|
heap
|
page read and write
|
||
|
241A543C000
|
heap
|
page read and write
|
||
|
241A7414000
|
heap
|
page read and write
|
||
|
241A7588000
|
heap
|
page read and write
|
||
|
241A7522000
|
heap
|
page read and write
|
||
|
241A7432000
|
heap
|
page read and write
|
||
|
241A740E000
|
heap
|
page read and write
|
||
|
241A742A000
|
heap
|
page read and write
|
||
|
241A7426000
|
heap
|
page read and write
|
||
|
241A73E0000
|
heap
|
page read and write
|
||
|
241A741D000
|
heap
|
page read and write
|
||
|
241AA090000
|
heap
|
page read and write
|
||
|
241A7578000
|
heap
|
page read and write
|
||
|
241A7522000
|
heap
|
page read and write
|
||
|
241A7436000
|
heap
|
page read and write
|
||
|
241A75B4000
|
heap
|
page read and write
|
||
|
241A9D4C000
|
heap
|
page read and write
|
||
|
241A9D4C000
|
heap
|
page read and write
|
||
|
241A5423000
|
heap
|
page read and write
|
||
|
241A5380000
|
heap
|
page read and write
|
||
|
241A758B000
|
heap
|
page read and write
|
||
|
7DF4F8C41000
|
trusted library allocation
|
page execute read
|
||
|
241A742E000
|
heap
|
page read and write
|
||
|
241A743C000
|
heap
|
page read and write
|
||
|
241A544E000
|
heap
|
page read and write
|
||
|
241A7522000
|
heap
|
page read and write
|
||
|
241A74FC000
|
heap
|
page read and write
|
||
|
241A544A000
|
heap
|
page read and write
|
||
|
79A9C7E000
|
stack
|
page read and write
|
||
|
241A7517000
|
heap
|
page read and write
|
||
|
241A7407000
|
heap
|
page read and write
|
||
|
241A7433000
|
heap
|
page read and write
|
||
|
241A7588000
|
heap
|
page read and write
|
||
|
241A544A000
|
heap
|
page read and write
|
||
|
241A758B000
|
heap
|
page read and write
|
||
|
241A75AF000
|
heap
|
page read and write
|
||
|
241A5419000
|
heap
|
page read and write
|
||
|
241A7422000
|
heap
|
page read and write
|
||
|
241A7418000
|
heap
|
page read and write
|
||
|
241A6FC0000
|
heap
|
page read and write
|
||
|
241A7517000
|
heap
|
page read and write
|
||
|
241A9D6C000
|
heap
|
page read and write
|
||
|
79A9DFB000
|
stack
|
page read and write
|
||
|
241A74F1000
|
heap
|
page read and write
|
||
|
241A9630000
|
trusted library allocation
|
page read and write
|
||
|
241A758B000
|
heap
|
page read and write
|
||
|
241A7508000
|
heap
|
page read and write
|
||
|
241A758B000
|
heap
|
page read and write
|
||
|
241A7426000
|
heap
|
page read and write
|
||
|
241A9D57000
|
heap
|
page read and write
|
||
|
241A740A000
|
heap
|
page read and write
|
||
|
241A7517000
|
heap
|
page read and write
|
||
|
241A5458000
|
heap
|
page read and write
|
||
|
79A98B8000
|
stack
|
page read and write
|
||
|
241A7436000
|
heap
|
page read and write
|
||
|
241A7588000
|
heap
|
page read and write
|
||
|
241A541A000
|
heap
|
page read and write
|
||
|
241A9D7B000
|
heap
|
page read and write
|
||
|
79A9CFE000
|
stack
|
page read and write
|
||
|
241A751F000
|
heap
|
page read and write
|
||
|
241A7404000
|
heap
|
page read and write
|
||
|
241A741D000
|
heap
|
page read and write
|
||
|
241A5389000
|
heap
|
page read and write
|
||
|
241A74E0000
|
heap
|
page read and write
|
||
|
241A5448000
|
heap
|
page read and write
|
||
|
241A7564000
|
heap
|
page read and write
|
||
|
241A741A000
|
heap
|
page read and write
|
||
|
241A7506000
|
heap
|
page read and write
|
||
|
79A9D7C000
|
stack
|
page read and write
|
||
|
241A7506000
|
heap
|
page read and write
|
||
|
241A742A000
|
heap
|
page read and write
|
||
|
241A5426000
|
heap
|
page read and write
|
||
|
241A750E000
|
heap
|
page read and write
|
||
|
241ABF40000
|
heap
|
page readonly
|
||
|
241A740E000
|
heap
|
page read and write
|
||
|
241A542E000
|
heap
|
page read and write
|
||
|
241A9D7F000
|
heap
|
page read and write
|
||
|
241A742E000
|
heap
|
page read and write
|
||
|
241A75AF000
|
heap
|
page read and write
|
||
|
241A7578000
|
heap
|
page read and write
|
||
|
241A750E000
|
heap
|
page read and write
|
||
|
241A7422000
|
heap
|
page read and write
|
||
|
241A5426000
|
heap
|
page read and write
|
||
|
241A742E000
|
heap
|
page read and write
|
||
|
241A742A000
|
heap
|
page read and write
|
||
|
241A741D000
|
heap
|
page read and write
|
||
|
241A75C4000
|
heap
|
page read and write
|
||
|
241A759A000
|
heap
|
page read and write
|
||
|
241A741D000
|
heap
|
page read and write
|
||
|
241A7510000
|
heap
|
page read and write
|
||
|
241A7426000
|
heap
|
page read and write
|
||
|
241A9D57000
|
heap
|
page read and write
|
||
|
241A543C000
|
heap
|
page read and write
|
||
|
241A7522000
|
heap
|
page read and write
|
||
|
241A751F000
|
heap
|
page read and write
|
||
|
241A759A000
|
heap
|
page read and write
|
||
|
241A753D000
|
heap
|
page read and write
|
||
|
241A741A000
|
heap
|
page read and write
|
||
|
241A7578000
|
heap
|
page read and write
|
||
|
241A9D64000
|
heap
|
page read and write
|
||
|
241A740A000
|
heap
|
page read and write
|
||
|
241A7422000
|
heap
|
page read and write
|
||
|
241A7578000
|
heap
|
page read and write
|
||
|
241A5480000
|
heap
|
page read and write
|
||
|
241A5444000
|
heap
|
page read and write
|
||
|
241A5560000
|
heap
|
page read and write
|
||
|
241A753C000
|
heap
|
page read and write
|
||
|
241A5442000
|
heap
|
page read and write
|
||
|
241A73FB000
|
heap
|
page read and write
|
||
|
241A7413000
|
heap
|
page read and write
|
||
|
241A6E60000
|
heap
|
page read and write
|
||
|
241A5419000
|
heap
|
page read and write
|
||
|
241A74E6000
|
heap
|
page read and write
|
||
|
241A75C4000
|
heap
|
page read and write
|
||
|
241A9D64000
|
heap
|
page read and write
|
||
|
241A9D7A000
|
heap
|
page read and write
|
||
|
241A75A8000
|
heap
|
page read and write
|
||
|
241A751F000
|
heap
|
page read and write
|
||
|
241A9D40000
|
heap
|
page read and write
|
||
|
241A742E000
|
heap
|
page read and write
|
||
|
241A5426000
|
heap
|
page read and write
|
||
|
241A9D75000
|
heap
|
page read and write
|
||
|
241A757C000
|
heap
|
page read and write
|
||
|
241AA060000
|
trusted library allocation
|
page read and write
|
||
|
241A7436000
|
heap
|
page read and write
|
||
|
241A7426000
|
heap
|
page read and write
|
||
|
241A757D000
|
heap
|
page read and write
|
||
|
241A7432000
|
heap
|
page read and write
|
||
|
241A740F000
|
heap
|
page read and write
|
||
|
241A6E65000
|
heap
|
page read and write
|
||
|
241A7508000
|
heap
|
page read and write
|
||
|
241A7410000
|
heap
|
page read and write
|
||
|
241A7504000
|
heap
|
page read and write
|
||
|
241A542A000
|
heap
|
page read and write
|
||
|
241A7500000
|
heap
|
page read and write
|
||
|
241A5455000
|
heap
|
page read and write
|
||
|
241A743C000
|
heap
|
page read and write
|
||
|
241A7413000
|
heap
|
page read and write
|
||
|
241A750A000
|
heap
|
page read and write
|
||
|
241A7413000
|
heap
|
page read and write
|
||
|
241A9D6B000
|
heap
|
page read and write
|
||
|
241A75AF000
|
heap
|
page read and write
|
||
|
241A5391000
|
heap
|
page read and write
|
||
|
241A752C000
|
heap
|
page read and write
|
||
|
241A752B000
|
heap
|
page read and write
|
||
|
241A543C000
|
heap
|
page read and write
|
||
|
241A741D000
|
heap
|
page read and write
|
||
|
241A546F000
|
heap
|
page read and write
|
||
|
241A7588000
|
heap
|
page read and write
|
||
|
241A7432000
|
heap
|
page read and write
|
||
|
241A75B4000
|
heap
|
page read and write
|
||
|
241A759A000
|
heap
|
page read and write
|
||
|
241A9D47000
|
heap
|
page read and write
|
||
|
241A75C4000
|
heap
|
page read and write
|
||
|
241A53DD000
|
heap
|
page read and write
|
||
|
241A542D000
|
heap
|
page read and write
|
||
|
241A7413000
|
heap
|
page read and write
|
||
|
79A993E000
|
stack
|
page read and write
|
||
|
241A542C000
|
heap
|
page read and write
|
||
|
79AA07B000
|
stack
|
page read and write
|
||
|
241A759A000
|
heap
|
page read and write
|
||
|
241A9D48000
|
heap
|
page read and write
|
||
|
241A9D7B000
|
heap
|
page read and write
|
||
|
241A75C4000
|
heap
|
page read and write
|
||
|
241A7403000
|
heap
|
page read and write
|
||
|
241A73F5000
|
heap
|
page read and write
|
||
|
241A7422000
|
heap
|
page read and write
|
||
|
241A740E000
|
heap
|
page read and write
|
||
|
241A7419000
|
heap
|
page read and write
|
||
|
241A7510000
|
heap
|
page read and write
|
||
|
241A9D73000
|
heap
|
page read and write
|
||
|
241A5430000
|
heap
|
page read and write
|
||
|
241A7517000
|
heap
|
page read and write
|
||
|
241A742E000
|
heap
|
page read and write
|
||
|
241A5424000
|
heap
|
page read and write
|
||
|
241A7436000
|
heap
|
page read and write
|
||
|
241A7433000
|
heap
|
page read and write
|
||
|
241A5426000
|
heap
|
page read and write
|
||
|
241A7561000
|
heap
|
page read and write
|
||
|
241A7436000
|
heap
|
page read and write
|
||
|
241A5410000
|
heap
|
page read and write
|
||
|
241A75B4000
|
heap
|
page read and write
|
There are 219 hidden memdumps, click here to show them.