Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1F1B4E70000
|
heap
|
page read and write
|
||
|
1F1B6DBA000
|
heap
|
page read and write
|
||
|
1F1B6D9F000
|
heap
|
page read and write
|
||
|
1F1B6EF2000
|
heap
|
page read and write
|
||
|
1F1B6F44000
|
heap
|
page read and write
|
||
|
1F1B6DC2000
|
heap
|
page read and write
|
||
|
1F1B4E84000
|
heap
|
page read and write
|
||
|
1F1B6E92000
|
heap
|
page read and write
|
||
|
1F1B6EFA000
|
heap
|
page read and write
|
||
|
1F1B6F2C000
|
heap
|
page read and write
|
||
|
1F1B6D9D000
|
heap
|
page read and write
|
||
|
1F1B4E5B000
|
heap
|
page read and write
|
||
|
1F1B6F15000
|
heap
|
page read and write
|
||
|
1F1B4E63000
|
heap
|
page read and write
|
||
|
1F1B6F3F000
|
heap
|
page read and write
|
||
|
1F1B6DB2000
|
heap
|
page read and write
|
||
|
1F1B6D8B000
|
heap
|
page read and write
|
||
|
1F1B96EF000
|
heap
|
page read and write
|
||
|
1F1B6DA4000
|
heap
|
page read and write
|
||
|
1F1B4E83000
|
heap
|
page read and write
|
||
|
428BAFB000
|
stack
|
page read and write
|
||
|
1F1B6DC2000
|
heap
|
page read and write
|
||
|
1F1B96EB000
|
heap
|
page read and write
|
||
|
1F1B6EAF000
|
heap
|
page read and write
|
||
|
1F1B6EA8000
|
heap
|
page read and write
|
||
|
1F1B6F15000
|
heap
|
page read and write
|
||
|
1F1B6DC2000
|
heap
|
page read and write
|
||
|
1F1B96DD000
|
heap
|
page read and write
|
||
|
1F1BB8D0000
|
heap
|
page readonly
|
||
|
1F1B6DBA000
|
heap
|
page read and write
|
||
|
1F1B6DB6000
|
heap
|
page read and write
|
||
|
1F1B9710000
|
heap
|
page read and write
|
||
|
1F1B6DAE000
|
heap
|
page read and write
|
||
|
1F1B6EAB000
|
heap
|
page read and write
|
||
|
1F1B6D9D000
|
heap
|
page read and write
|
||
|
1F1B6DBA000
|
heap
|
page read and write
|
||
|
1F1B96DF000
|
heap
|
page read and write
|
||
|
1F1B4E63000
|
heap
|
page read and write
|
||
|
1F1B4E6E000
|
heap
|
page read and write
|
||
|
1F1B6E74000
|
heap
|
page read and write
|
||
|
1F1B6F0B000
|
heap
|
page read and write
|
||
|
1F1B6F3F000
|
heap
|
page read and write
|
||
|
1F1B96DB000
|
heap
|
page read and write
|
||
|
1F1B6DA0000
|
heap
|
page read and write
|
||
|
1F1B4DD0000
|
heap
|
page read and write
|
||
|
1F1B96DF000
|
heap
|
page read and write
|
||
|
1F1B6D85000
|
heap
|
page read and write
|
||
|
1F1B4E63000
|
heap
|
page read and write
|
||
|
1F1B4E6D000
|
heap
|
page read and write
|
||
|
1F1B9709000
|
heap
|
page read and write
|
||
|
1F1B6DBE000
|
heap
|
page read and write
|
||
|
1F1B6E90000
|
heap
|
page read and write
|
||
|
1F1B6DB6000
|
heap
|
page read and write
|
||
|
1F1B6F2C000
|
heap
|
page read and write
|
||
|
1F1B4EA1000
|
heap
|
page read and write
|
||
|
1F1B6DAE000
|
heap
|
page read and write
|
||
|
1F1B4E77000
|
heap
|
page read and write
|
||
|
1F1B6DB6000
|
heap
|
page read and write
|
||
|
428BCFD000
|
stack
|
page read and write
|
||
|
1F1B69F0000
|
heap
|
page read and write
|
||
|
1F1B6F2C000
|
heap
|
page read and write
|
||
|
1F1B6E94000
|
heap
|
page read and write
|
||
|
1F1B6DCC000
|
heap
|
page read and write
|
||
|
1F1B6D80000
|
heap
|
page read and write
|
||
|
7DF4C5821000
|
trusted library allocation
|
page execute read
|
||
|
1F1B6E98000
|
heap
|
page read and write
|
||
|
1F1B6DAE000
|
heap
|
page read and write
|
||
|
1F1B6DA4000
|
heap
|
page read and write
|
||
|
1F1B6DB2000
|
heap
|
page read and write
|
||
|
428BD7B000
|
stack
|
page read and write
|
||
|
1F1B6DA4000
|
heap
|
page read and write
|
||
|
1F1B6DBE000
|
heap
|
page read and write
|
||
|
1F1B6E80000
|
heap
|
page read and write
|
||
|
1F1B6F15000
|
heap
|
page read and write
|
||
|
1F1B6D9D000
|
heap
|
page read and write
|
||
|
1F1B6E7F000
|
heap
|
page read and write
|
||
|
1F1B96EF000
|
heap
|
page read and write
|
||
|
1F1B6F0B000
|
heap
|
page read and write
|
||
|
1F1B4E90000
|
heap
|
page read and write
|
||
|
1F1B6DB2000
|
heap
|
page read and write
|
||
|
1F1B6885000
|
heap
|
page read and write
|
||
|
1F1B96EE000
|
heap
|
page read and write
|
||
|
1F1B6D80000
|
heap
|
page read and write
|
||
|
1F1B96F3000
|
heap
|
page read and write
|
||
|
1F1B6E87000
|
heap
|
page read and write
|
||
|
1F1B4D30000
|
heap
|
page read and write
|
||
|
1F1B6DAE000
|
heap
|
page read and write
|
||
|
1F1B9AD0000
|
heap
|
page read and write
|
||
|
1F1B4E9A000
|
heap
|
page read and write
|
||
|
1F1B4E69000
|
heap
|
page read and write
|
||
|
1F1B6EEE000
|
heap
|
page read and write
|
||
|
1F1B6DAE000
|
heap
|
page read and write
|
||
|
1F1B6D8B000
|
heap
|
page read and write
|
||
|
1F1B6DBE000
|
heap
|
page read and write
|
||
|
1F1B4D70000
|
heap
|
page read and write
|
||
|
1F1B6EF2000
|
heap
|
page read and write
|
||
|
1F1B4ECE000
|
heap
|
page read and write
|
||
|
1F1B4E6E000
|
heap
|
page read and write
|
||
|
428B97E000
|
stack
|
page read and write
|
||
|
1F1B6DAA000
|
heap
|
page read and write
|
||
|
1F1B6DA8000
|
heap
|
page read and write
|
||
|
1F1B6DC6000
|
heap
|
page read and write
|
||
|
1F1B4EC6000
|
heap
|
page read and write
|
||
|
1F1B6EA8000
|
heap
|
page read and write
|
||
|
1F1B6D8B000
|
heap
|
page read and write
|
||
|
428B87E000
|
stack
|
page read and write
|
||
|
1F1B99F0000
|
trusted library allocation
|
page read and write
|
||
|
1F1B4E6B000
|
heap
|
page read and write
|
||
|
1F1B96D4000
|
heap
|
page read and write
|
||
|
1F1B4E9C000
|
heap
|
page read and write
|
||
|
1F1B4E71000
|
heap
|
page read and write
|
||
|
1F1B6DAE000
|
heap
|
page read and write
|
||
|
1F1B6DC6000
|
heap
|
page read and write
|
||
|
1F1B6DA4000
|
heap
|
page read and write
|
||
|
428BA7B000
|
stack
|
page read and write
|
||
|
1F1B6D8B000
|
heap
|
page read and write
|
||
|
1F1B6D92000
|
heap
|
page read and write
|
||
|
1F1B6D9D000
|
heap
|
page read and write
|
||
|
1F1B6DB6000
|
heap
|
page read and write
|
||
|
1F1B6D9D000
|
heap
|
page read and write
|
||
|
1F1B6DA4000
|
heap
|
page read and write
|
||
|
1F1B6DA4000
|
heap
|
page read and write
|
||
|
1F1B6D9D000
|
heap
|
page read and write
|
||
|
1F1B6DBE000
|
heap
|
page read and write
|
||
|
1F1B4E58000
|
heap
|
page read and write
|
||
|
1F1B6DBE000
|
heap
|
page read and write
|
||
|
1F1B4E92000
|
heap
|
page read and write
|
||
|
1F1B6DBB000
|
heap
|
page read and write
|
||
|
1F1B6E8D000
|
heap
|
page read and write
|
||
|
1F1B6EFA000
|
heap
|
page read and write
|
||
|
1F1B8FC0000
|
trusted library allocation
|
page read and write
|
||
|
1F1B6DBE000
|
heap
|
page read and write
|
||
|
1F1B6DA4000
|
heap
|
page read and write
|
||
|
1F1B6DAE000
|
heap
|
page read and write
|
||
|
1F1B9712000
|
heap
|
page read and write
|
||
|
1F1B4E5B000
|
heap
|
page read and write
|
||
|
1F1B6E96000
|
heap
|
page read and write
|
||
|
428B8FE000
|
stack
|
page read and write
|
||
|
1F1B96D0000
|
heap
|
page read and write
|
||
|
1F1B6DAE000
|
heap
|
page read and write
|
||
|
1F1B6880000
|
heap
|
page read and write
|
||
|
1F1B4E3C000
|
heap
|
page read and write
|
||
|
1F1B4E6E000
|
heap
|
page read and write
|
||
|
1F1B6DB2000
|
heap
|
page read and write
|
||
|
1F1B6DBA000
|
heap
|
page read and write
|
||
|
1F1B4D20000
|
heap
|
page read and write
|
||
|
428B536000
|
stack
|
page read and write
|
||
|
1F1B6DC2000
|
heap
|
page read and write
|
||
|
1F1B6D93000
|
heap
|
page read and write
|
||
|
1F1B6DC3000
|
heap
|
page read and write
|
||
|
1F1B4E6E000
|
heap
|
page read and write
|
||
|
1F1B6DBE000
|
heap
|
page read and write
|
||
|
1F1B96E1000
|
heap
|
page read and write
|
||
|
1F1B6D9D000
|
heap
|
page read and write
|
||
|
1F1B6D9D000
|
heap
|
page read and write
|
||
|
1F1B6EAF000
|
heap
|
page read and write
|
||
|
1F1B4E78000
|
heap
|
page read and write
|
||
|
1F1B4E94000
|
heap
|
page read and write
|
||
|
1F1B6D70000
|
heap
|
page read and write
|
||
|
1F1B6DA9000
|
heap
|
page read and write
|
||
|
1F1B96E1000
|
heap
|
page read and write
|
||
|
1F1B6E82000
|
heap
|
page read and write
|
||
|
1F1B9718000
|
heap
|
page read and write
|
||
|
1F1B4E96000
|
heap
|
page read and write
|
||
|
1F1B6DBA000
|
heap
|
page read and write
|
||
|
1F1B6D9A000
|
heap
|
page read and write
|
||
|
1F1B6DBA000
|
heap
|
page read and write
|
||
|
1F1B6E85000
|
heap
|
page read and write
|
||
|
1F1B6E70000
|
heap
|
page read and write
|
||
|
1F1B6D98000
|
heap
|
page read and write
|
||
|
1F1B6D9A000
|
heap
|
page read and write
|
||
|
1F1B4DE1000
|
heap
|
page read and write
|
||
|
1F1B6DBF000
|
heap
|
page read and write
|
||
|
1F1B6EFA000
|
heap
|
page read and write
|
||
|
1F1B6F44000
|
heap
|
page read and write
|
||
|
1F1B970A000
|
heap
|
page read and write
|
||
|
1F1B6DB6000
|
heap
|
page read and write
|
||
|
1F1B6DC6000
|
heap
|
page read and write
|
||
|
1F1B6F3C000
|
heap
|
page read and write
|
||
|
1F1B4ECE000
|
heap
|
page read and write
|
||
|
1F1B6EA0000
|
heap
|
page read and write
|
||
|
1F1B4EB8000
|
heap
|
page read and write
|
||
|
1F1B6F44000
|
heap
|
page read and write
|
||
|
1F1B6DC6000
|
heap
|
page read and write
|
||
|
1F1B6EF2000
|
heap
|
page read and write
|
||
|
1F1B4E6E000
|
heap
|
page read and write
|
||
|
1F1B6EA0000
|
heap
|
page read and write
|
||
|
1F1B4ECD000
|
heap
|
page read and write
|
||
|
1F1B96EB000
|
heap
|
page read and write
|
||
|
428BE7F000
|
stack
|
page read and write
|
||
|
1F1B6DB6000
|
heap
|
page read and write
|
||
|
428B9FD000
|
stack
|
page read and write
|
||
|
1F1B6EAF000
|
heap
|
page read and write
|
||
|
1F1B6F39000
|
heap
|
page read and write
|
||
|
1F1B6EEE000
|
heap
|
page read and write
|
||
|
1F1B4E6C000
|
heap
|
page read and write
|
||
|
428B5BE000
|
stack
|
page read and write
|
||
|
1F1B6DBE000
|
heap
|
page read and write
|
||
|
1F1B6F0B000
|
heap
|
page read and write
|
||
|
1F1B6EEE000
|
heap
|
page read and write
|
||
|
1F1B6EA0000
|
heap
|
page read and write
|
||
|
1F1B6DB2000
|
heap
|
page read and write
|
||
|
1F1B6F3F000
|
heap
|
page read and write
|
There are 193 hidden memdumps, click here to show them.