Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1B25F740000
|
heap
|
page read and write
|
||
|
1B2616AF000
|
heap
|
page read and write
|
||
|
7DF4ACD21000
|
trusted library allocation
|
page execute read
|
||
|
A3E56FE000
|
stack
|
page read and write
|
||
|
1B26155E000
|
heap
|
page read and write
|
||
|
1B261521000
|
heap
|
page read and write
|
||
|
1B261638000
|
heap
|
page read and write
|
||
|
1B25F4C0000
|
heap
|
page read and write
|
||
|
1B261636000
|
heap
|
page read and write
|
||
|
1B261649000
|
heap
|
page read and write
|
||
|
1B26169C000
|
heap
|
page read and write
|
||
|
1B26153F000
|
heap
|
page read and write
|
||
|
1B261630000
|
heap
|
page read and write
|
||
|
1B261539000
|
heap
|
page read and write
|
||
|
1B261657000
|
heap
|
page read and write
|
||
|
A3E567F000
|
stack
|
page read and write
|
||
|
1B263760000
|
trusted library allocation
|
page read and write
|
||
|
1B261544000
|
heap
|
page read and write
|
||
|
1B26154D000
|
heap
|
page read and write
|
||
|
1B261548000
|
heap
|
page read and write
|
||
|
1B261556000
|
heap
|
page read and write
|
||
|
1B26155A000
|
heap
|
page read and write
|
||
|
1B25F767000
|
heap
|
page read and write
|
||
|
1B2616F0000
|
heap
|
page read and write
|
||
|
A3E59FB000
|
stack
|
page read and write
|
||
|
1B26169C000
|
heap
|
page read and write
|
||
|
1B26155E000
|
heap
|
page read and write
|
||
|
1B25F720000
|
heap
|
page read and write
|
||
|
1B25F71A000
|
heap
|
page read and write
|
||
|
1B2616B6000
|
heap
|
page read and write
|
||
|
1B26169F000
|
heap
|
page read and write
|
||
|
1B261556000
|
heap
|
page read and write
|
||
|
1B263E7C000
|
heap
|
page read and write
|
||
|
1B261556000
|
heap
|
page read and write
|
||
|
1B266070000
|
heap
|
page readonly
|
||
|
1B26152B000
|
heap
|
page read and write
|
||
|
1B26155A000
|
heap
|
page read and write
|
||
|
1B261562000
|
heap
|
page read and write
|
||
|
1B261641000
|
heap
|
page read and write
|
||
|
1B2616F0000
|
heap
|
page read and write
|
||
|
1B26162E000
|
heap
|
page read and write
|
||
|
A3E57FB000
|
stack
|
page read and write
|
||
|
1B26169C000
|
heap
|
page read and write
|
||
|
1B25F725000
|
heap
|
page read and write
|
||
|
1B25F724000
|
heap
|
page read and write
|
||
|
1B261552000
|
heap
|
page read and write
|
||
|
1B261610000
|
heap
|
page read and write
|
||
|
1B2616CC000
|
heap
|
page read and write
|
||
|
1B261529000
|
heap
|
page read and write
|
||
|
1B261535000
|
heap
|
page read and write
|
||
|
1B25F737000
|
heap
|
page read and write
|
||
|
1B261622000
|
heap
|
page read and write
|
||
|
1B261552000
|
heap
|
page read and write
|
||
|
1B25F747000
|
heap
|
page read and write
|
||
|
1B2616F0000
|
heap
|
page read and write
|
||
|
1B26154E000
|
heap
|
page read and write
|
||
|
1B26153A000
|
heap
|
page read and write
|
||
|
1B2616F0000
|
heap
|
page read and write
|
||
|
1B263E80000
|
heap
|
page read and write
|
||
|
1B26169F000
|
heap
|
page read and write
|
||
|
1B2610D5000
|
heap
|
page read and write
|
||
|
1B25F713000
|
heap
|
page read and write
|
||
|
1B261632000
|
heap
|
page read and write
|
||
|
1B261658000
|
heap
|
page read and write
|
||
|
1B261544000
|
heap
|
page read and write
|
||
|
1B26154D000
|
heap
|
page read and write
|
||
|
1B2616F0000
|
heap
|
page read and write
|
||
|
1B25F5E0000
|
heap
|
page read and write
|
||
|
1B261562000
|
heap
|
page read and write
|
||
|
1B2616B6000
|
heap
|
page read and write
|
||
|
1B25F753000
|
heap
|
page read and write
|
||
|
1B2616AC000
|
heap
|
page read and write
|
||
|
1B261532000
|
heap
|
page read and write
|
||
|
1B261649000
|
heap
|
page read and write
|
||
|
1B25F742000
|
heap
|
page read and write
|
||
|
1B25F736000
|
heap
|
page read and write
|
||
|
1B261567000
|
heap
|
page read and write
|
||
|
1B261527000
|
heap
|
page read and write
|
||
|
1B26155B000
|
heap
|
page read and write
|
||
|
1B2616CC000
|
heap
|
page read and write
|
||
|
1B261651000
|
heap
|
page read and write
|
||
|
1B261556000
|
heap
|
page read and write
|
||
|
1B261510000
|
heap
|
page read and write
|
||
|
1B26161A000
|
heap
|
page read and write
|
||
|
1B25F743000
|
heap
|
page read and write
|
||
|
1B26155B000
|
heap
|
page read and write
|
||
|
1B25F72F000
|
heap
|
page read and write
|
||
|
1B26153B000
|
heap
|
page read and write
|
||
|
1B2616AF000
|
heap
|
page read and write
|
||
|
1B2616B6000
|
heap
|
page read and write
|
||
|
1B2616AC000
|
heap
|
page read and write
|
||
|
1B26168A000
|
heap
|
page read and write
|
||
|
1B261541000
|
heap
|
page read and write
|
||
|
1B25F730000
|
heap
|
page read and write
|
||
|
1B25F706000
|
heap
|
page read and write
|
||
|
1B26155A000
|
heap
|
page read and write
|
||
|
1B25F750000
|
heap
|
page read and write
|
||
|
1B261538000
|
heap
|
page read and write
|
||
|
1B26154E000
|
heap
|
page read and write
|
||
|
1B25F763000
|
heap
|
page read and write
|
||
|
1B26169F000
|
heap
|
page read and write
|
||
|
1B26153B000
|
heap
|
page read and write
|
||
|
1B263E83000
|
heap
|
page read and write
|
||
|
1B25F72A000
|
heap
|
page read and write
|
||
|
1B26155A000
|
heap
|
page read and write
|
||
|
1B263E70000
|
heap
|
page read and write
|
||
|
1B263E79000
|
heap
|
page read and write
|
||
|
1B2616AF000
|
heap
|
page read and write
|
||
|
1B261636000
|
heap
|
page read and write
|
||
|
1B261556000
|
heap
|
page read and write
|
||
|
1B261641000
|
heap
|
page read and write
|
||
|
1B26154A000
|
heap
|
page read and write
|
||
|
A3E52F7000
|
stack
|
page read and write
|
||
|
1B25F738000
|
heap
|
page read and write
|
||
|
1B261540000
|
heap
|
page read and write
|
||
|
1B25F713000
|
heap
|
page read and write
|
||
|
1B26155E000
|
heap
|
page read and write
|
||
|
1B26153F000
|
heap
|
page read and write
|
||
|
1B26169C000
|
heap
|
page read and write
|
||
|
1B261556000
|
heap
|
page read and write
|
||
|
1B25F743000
|
heap
|
page read and write
|
||
|
1B261562000
|
heap
|
page read and write
|
||
|
1B261651000
|
heap
|
page read and write
|
||
|
1B261638000
|
heap
|
page read and write
|
||
|
1B2616DA000
|
heap
|
page read and write
|
||
|
1B26169F000
|
heap
|
page read and write
|
||
|
1B2610D0000
|
heap
|
page read and write
|
||
|
1B261627000
|
heap
|
page read and write
|
||
|
1B261537000
|
heap
|
page read and write
|
||
|
1B25F713000
|
heap
|
page read and write
|
||
|
1B261533000
|
heap
|
page read and write
|
||
|
1B25F77C000
|
heap
|
page read and write
|
||
|
1B261651000
|
heap
|
page read and write
|
||
|
1B261544000
|
heap
|
page read and write
|
||
|
1B261634000
|
heap
|
page read and write
|
||
|
1B2616CC000
|
heap
|
page read and write
|
||
|
1B263E95000
|
heap
|
page read and write
|
||
|
1B261641000
|
heap
|
page read and write
|
||
|
1B2616AC000
|
heap
|
page read and write
|
||
|
1B263EA4000
|
heap
|
page read and write
|
||
|
1B261562000
|
heap
|
page read and write
|
||
|
A3E537E000
|
stack
|
page read and write
|
||
|
1B261649000
|
heap
|
page read and write
|
||
|
1B25F72B000
|
heap
|
page read and write
|
||
|
1B2616D8000
|
heap
|
page read and write
|
||
|
1B25F724000
|
heap
|
page read and write
|
||
|
1B261689000
|
heap
|
page read and write
|
||
|
1B25F749000
|
heap
|
page read and write
|
||
|
1B261541000
|
heap
|
page read and write
|
||
|
1B26155F000
|
heap
|
page read and write
|
||
|
1B2616F0000
|
heap
|
page read and write
|
||
|
1B2616B6000
|
heap
|
page read and write
|
||
|
1B263E74000
|
heap
|
page read and write
|
||
|
1B26155E000
|
heap
|
page read and write
|
||
|
1B261641000
|
heap
|
page read and write
|
||
|
1B261651000
|
heap
|
page read and write
|
||
|
1B26154D000
|
heap
|
page read and write
|
||
|
1B25F680000
|
heap
|
page read and write
|
||
|
1B25F5A0000
|
heap
|
page read and write
|
||
|
1B25F72C000
|
heap
|
page read and write
|
||
|
1B26154E000
|
heap
|
page read and write
|
||
|
1B2616AF000
|
heap
|
page read and write
|
||
|
1B25F706000
|
heap
|
page read and write
|
||
|
1B2616AC000
|
heap
|
page read and write
|
||
|
1B2616D2000
|
heap
|
page read and write
|
||
|
1B26155A000
|
heap
|
page read and write
|
||
|
1B25F73F000
|
heap
|
page read and write
|
||
|
1B26163A000
|
heap
|
page read and write
|
||
|
1B2616DA000
|
heap
|
page read and write
|
||
|
1B25F640000
|
heap
|
page read and write
|
||
|
1B261562000
|
heap
|
page read and write
|
||
|
1B261562000
|
heap
|
page read and write
|
||
|
A3E53FE000
|
stack
|
page read and write
|
||
|
1B25F6EE000
|
heap
|
page read and write
|
||
|
1B264190000
|
trusted library allocation
|
page read and write
|
||
|
1B25F725000
|
heap
|
page read and write
|
||
|
1B261544000
|
heap
|
page read and write
|
||
|
1B261552000
|
heap
|
page read and write
|
||
|
1B261630000
|
heap
|
page read and write
|
||
|
1B26156B000
|
heap
|
page read and write
|
||
|
1B261525000
|
heap
|
page read and write
|
||
|
1B26154E000
|
heap
|
page read and write
|
||
|
1B26163A000
|
heap
|
page read and write
|
||
|
1B264240000
|
heap
|
page read and write
|
||
|
1B25F77D000
|
heap
|
page read and write
|
||
|
1B2616D1000
|
heap
|
page read and write
|
||
|
1B25F744000
|
heap
|
page read and write
|
||
|
1B263E9A000
|
heap
|
page read and write
|
||
|
1B25F74D000
|
heap
|
page read and write
|
||
|
1B261520000
|
heap
|
page read and write
|
||
|
1B25F736000
|
heap
|
page read and write
|
||
|
1B261540000
|
heap
|
page read and write
|
||
|
1B26153F000
|
heap
|
page read and write
|
||
|
1B261632000
|
heap
|
page read and write
|
||
|
1B25F709000
|
heap
|
page read and write
|
||
|
1B261545000
|
heap
|
page read and write
|
||
|
1B2616D7000
|
heap
|
page read and write
|
||
|
1B261552000
|
heap
|
page read and write
|
||
|
1B26155A000
|
heap
|
page read and write
|
||
|
1B25F72D000
|
heap
|
page read and write
|
||
|
1B26155E000
|
heap
|
page read and write
|
||
|
1B25F722000
|
heap
|
page read and write
|
||
|
1B26153F000
|
heap
|
page read and write
|
||
|
1B25F73D000
|
heap
|
page read and write
|
||
|
1B2616CC000
|
heap
|
page read and write
|
||
|
1B261552000
|
heap
|
page read and write
|
||
|
1B261562000
|
heap
|
page read and write
|
||
|
1B26162E000
|
heap
|
page read and write
|
||
|
1B26155E000
|
heap
|
page read and write
|
||
|
1B25F719000
|
heap
|
page read and write
|
||
|
A3E577C000
|
stack
|
page read and write
|
There are 201 hidden memdumps, click here to show them.