IOC Report
details.json

loading gif

Processes

Path
Cmdline
Malicious
C:\Windows\System32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding

URLs

Name
IP
Malicious
https://s3.eu-central-1.amazonaws.com/cylanceprod-optics-files-euc1/d36ec03cb3b74d6bba18806a2bf65b5b
unknown

Registry

Path
Value
Malicious
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\system32\mspaint.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\system32\mspaint.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
There are 8 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
16F5112C000
heap
page read and write
16F530CE000
heap
page read and write
16F51167000
heap
page read and write
16F530D3000
heap
page read and write
16F531AF000
heap
page read and write
16F530DB000
heap
page read and write
16F530CE000
heap
page read and write
16F5590C000
heap
page read and write
16F5323D000
heap
page read and write
16F530D3000
heap
page read and write
16F53094000
heap
page read and write
16F53241000
heap
page read and write
16F530CA000
heap
page read and write
7DF48A211000
trusted library allocation
page execute read
16F530D3000
heap
page read and write
16F52A10000
heap
page read and write
16F531E5000
heap
page read and write
16F53269000
heap
page read and write
16F530BF000
heap
page read and write
16F53180000
heap
page read and write
16F530B5000
heap
page read and write
16F558E2000
heap
page read and write
16F5111A000
heap
page read and write
16F51122000
heap
page read and write
16F530A0000
heap
page read and write
16F530C5000
heap
page read and write
16F530CA000
heap
page read and write
16F51117000
heap
page read and write
16F5325A000
heap
page read and write
16F55908000
heap
page read and write
16F530CE000
heap
page read and write
16F53238000
heap
page read and write
16F51146000
heap
page read and write
16F531A3000
heap
page read and write
16F531D7000
heap
page read and write
16F531CF000
heap
page read and write
16F530AF000
heap
page read and write
16F51129000
heap
page read and write
16F530CA000
heap
page read and write
16F5114C000
heap
page read and write
16F5323D000
heap
page read and write
16F530D9000
heap
page read and write
16F530C5000
heap
page read and write
16F530AF000
heap
page read and write
16F53096000
heap
page read and write
16F5114C000
heap
page read and write
16F530C2000
heap
page read and write
16F530BF000
heap
page read and write
16F53238000
heap
page read and write
16F52AD0000
heap
page read and write
16F51146000
heap
page read and write
16F51146000
heap
page read and write
16F51136000
heap
page read and write
16F53269000
heap
page read and write
16F530B5000
heap
page read and write
16F530BF000
heap
page read and write
16F530CE000
heap
page read and write
16F530B5000
heap
page read and write
16F530BF000
heap
page read and write
16F530C5000
heap
page read and write
16F558E5000
heap
page read and write
16F558ED000
heap
page read and write
16F52A1E000
heap
page read and write
6454D7C000
stack
page read and write
16F558E0000
heap
page read and write
16F53228000
heap
page read and write
16F531A7000
heap
page read and write
16F530BB000
heap
page read and write
16F53098000
heap
page read and write
16F55909000
heap
page read and write
16F530C5000
heap
page read and write
16F530D3000
heap
page read and write
16F5114C000
heap
page read and write
16F530DF000
heap
page read and write
16F52A15000
heap
page read and write
16F52A1D000
heap
page read and write
16F5112B000
heap
page read and write
16F53269000
heap
page read and write
16F52A1E000
heap
page read and write
16F558E2000
heap
page read and write
16F530C5000
heap
page read and write
16F5323D000
heap
page read and write
16F558CF000
heap
page read and write
16F530CE000
heap
page read and write
64549AE000
stack
page read and write
16F531AF000
heap
page read and write
16F531DB000
heap
page read and write
16F558F2000
heap
page read and write
16F53183000
heap
page read and write
16F530AA000
heap
page read and write
16F57BD0000
heap
page readonly
16F5309C000
heap
page read and write
16F531DB000
heap
page read and write
16F531C7000
heap
page read and write
16F531CF000
heap
page read and write
16F51131000
heap
page read and write
16F51127000
heap
page read and write
6454C7E000
stack
page read and write
16F531B1000
heap
page read and write
16F531B1000
heap
page read and write
16F51128000
heap
page read and write
16F530DA000
heap
page read and write
16F531E4000
heap
page read and write
16F530BF000
heap
page read and write
16F530CE000
heap
page read and write
16F530D9000
heap
page read and write
16F530BF000
heap
page read and write
16F5325C000
heap
page read and write
16F55909000
heap
page read and write
16F530C5000
heap
page read and write
16F558FA000
heap
page read and write
16F51129000
heap
page read and write
16F53269000
heap
page read and write
16F53241000
heap
page read and write
16F53266000
heap
page read and write
16F531F1000
heap
page read and write
16F53238000
heap
page read and write
16F530CE000
heap
page read and write
16F5323D000
heap
page read and write
16F530B5000
heap
page read and write
16F531A3000
heap
page read and write
16F530D3000
heap
page read and write
16F51127000
heap
page read and write
16F530AB000
heap
page read and write
16F53241000
heap
page read and write
16F531C7000
heap
page read and write
16F53241000
heap
page read and write
16F55903000
heap
page read and write
16F558E9000
heap
page read and write
6454E7D000
stack
page read and write
16F530DF000
heap
page read and write
16F530CE000
heap
page read and write
64548A6000
stack
page read and write
16F530C6000
heap
page read and write
16F530BB000
heap
page read and write
16F531CF000
heap
page read and write
16F530DF000
heap
page read and write
16F530A5000
heap
page read and write
16F531B1000
heap
page read and write
16F530BB000
heap
page read and write
16F55907000
heap
page read and write
16F530B5000
heap
page read and write
16F510F4000
heap
page read and write
16F51088000
heap
page read and write
16F52A1E000
heap
page read and write
16F5116B000
heap
page read and write
16F558B9000
heap
page read and write
16F558D1000
heap
page read and write
16F558B0000
heap
page read and write
16F5110B000
heap
page read and write
16F530CA000
heap
page read and write
16F51126000
heap
page read and write
16F530CA000
heap
page read and write
16F530D9000
heap
page read and write
16F531AF000
heap
page read and write
16F51093000
heap
page read and write
16F530A0000
heap
page read and write
16F531A7000
heap
page read and write
16F5117A000
heap
page read and write
16F53090000
heap
page read and write
16F530B2000
heap
page read and write
16F53095000
heap
page read and write
16F5590A000
heap
page read and write
16F530B1000
heap
page read and write
16F51127000
heap
page read and write
16F5318F000
heap
page read and write
16F5117E000
heap
page read and write
16F530CB000
heap
page read and write
16F530D9000
heap
page read and write
16F531DB000
heap
page read and write
16F53080000
heap
page read and write
16F530CA000
heap
page read and write
16F558E0000
heap
page read and write
645492E000
stack
page read and write
16F51129000
heap
page read and write
16F51145000
heap
page read and write
16F558CE000
heap
page read and write
16F55909000
heap
page read and write
16F5117D000
heap
page read and write
16F530BF000
heap
page read and write
16F530BB000
heap
page read and write
16F51119000
heap
page read and write
16F529F0000
heap
page read and write
16F53228000
heap
page read and write
16F530AF000
heap
page read and write
16F530CE000
heap
page read and write
16F531C7000
heap
page read and write
16F55CF0000
trusted library allocation
page read and write
16F530D3000
heap
page read and write
16F558D1000
heap
page read and write
16F51127000
heap
page read and write
16F530C5000
heap
page read and write
16F530C5000
heap
page read and write
16F53090000
heap
page read and write
16F530BB000
heap
page read and write
16F530AF000
heap
page read and write
16F530BF000
heap
page read and write
16F53197000
heap
page read and write
16F530CE000
heap
page read and write
16F5114F000
heap
page read and write
16F530BF000
heap
page read and write
16F55903000
heap
page read and write
16F530CE000
heap
page read and write
16F558ED000
heap
page read and write
16F51122000
heap
page read and write
16F530CA000
heap
page read and write
16F51040000
heap
page read and write
16F51129000
heap
page read and write
16F51121000
heap
page read and write
16F55D20000
heap
page read and write
16F530B2000
heap
page read and write
16F530BF000
heap
page read and write
16F53239000
heap
page read and write
16F5325A000
heap
page read and write
16F53228000
heap
page read and write
16F530CA000
heap
page read and write
16F51133000
heap
page read and write
6454CFF000
stack
page read and write
16F531DB000
heap
page read and write
16F53228000
heap
page read and write
16F5319B000
heap
page read and write
16F51149000
heap
page read and write
16F5326E000
heap
page read and write
16F530AF000
heap
page read and write
16F53090000
heap
page read and write
6454DFD000
stack
page read and write
16F530AB000
heap
page read and write
16F51115000
heap
page read and write
16F530BF000
heap
page read and write
16F530B5000
heap
page read and write
16F5318E000
heap
page read and write
16F530AF000
heap
page read and write
16F530C5000
heap
page read and write
16F530AF000
heap
page read and write
16F530C5000
heap
page read and write
16F51030000
heap
page read and write
16F531A7000
heap
page read and write
16F530CA000
heap
page read and write
16F558FE000
heap
page read and write
16F531D7000
heap
page read and write
16F530A8000
heap
page read and write
16F531CF000
heap
page read and write
16F530B0000
heap
page read and write
16F530D3000
heap
page read and write
16F55903000
heap
page read and write
16F530B6000
heap
page read and write
16F5113E000
heap
page read and write
16F5325A000
heap
page read and write
16F530A8000
heap
page read and write
16F530BB000
heap
page read and write
16F558ED000
heap
page read and write
16F51138000
heap
page read and write
16F558D9000
heap
page read and write
16F530D9000
heap
page read and write
16F530C5000
heap
page read and write
16F530BF000
heap
page read and write
16F5117C000
heap
page read and write
16F5309A000
heap
page read and write
16F530B5000
heap
page read and write
16F530AF000
heap
page read and write
16F5114A000
heap
page read and write
16F530BB000
heap
page read and write
16F53092000
heap
page read and write
16F51140000
heap
page read and write
16F51122000
heap
page read and write
16F5325A000
heap
page read and write
16F531D7000
heap
page read and write
64550FB000
stack
page read and write
16F530C5000
heap
page read and write
16F53238000
heap
page read and write
16F558D9000
heap
page read and write
16F530CE000
heap
page read and write
16F530BF000
heap
page read and write
16F5325B000
heap
page read and write
16F530BB000
heap
page read and write
16F530CA000
heap
page read and write
16F530B5000
heap
page read and write
16F51122000
heap
page read and write
16F530B5000
heap
page read and write
6454EFB000
stack
page read and write
16F558E6000
heap
page read and write
16F530A2000
heap
page read and write
16F530D6000
heap
page read and write
16F5323A000
heap
page read and write
16F51080000
heap
page read and write
16F51115000
heap
page read and write
16F552D0000
trusted library allocation
page read and write
16F530D3000
heap
page read and write
16F51115000
heap
page read and write
16F530A9000
heap
page read and write
16F558E9000
heap
page read and write
16F531EE000
heap
page read and write
16F530AF000
heap
page read and write
16F530CA000
heap
page read and write
16F530B5000
heap
page read and write
16F51129000
heap
page read and write
16F53182000
heap
page read and write
There are 287 hidden memdumps, click here to show them.