Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://we.tl/t-nsdjwtsB1E?utm_campaign=TRN_TDL_05&utm_source=sendgrid&utm_medium=email&
|
unknown
|
||
|
https://aka.ms/LearnAboutSenderIdentification
|
unknown
|
||
|
https://we.tl/t-nsdjwtsB1E
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1BC03817000
|
heap
|
page read and write
|
||
|
1BC057A6000
|
heap
|
page read and write
|
||
|
1BC0381B000
|
heap
|
page read and write
|
||
|
1BC057AA000
|
heap
|
page read and write
|
||
|
1BC05739000
|
heap
|
page read and write
|
||
|
1BC05726000
|
heap
|
page read and write
|
||
|
1BC05748000
|
heap
|
page read and write
|
||
|
1BC056EB000
|
heap
|
page read and write
|
||
|
1BC057AF000
|
heap
|
page read and write
|
||
|
1BC0384E000
|
heap
|
page read and write
|
||
|
7DF484751000
|
trusted library allocation
|
page execute read
|
||
|
1BC057B6000
|
heap
|
page read and write
|
||
|
1BC0579D000
|
heap
|
page read and write
|
||
|
1BC0387E000
|
heap
|
page read and write
|
||
|
1BC03851000
|
heap
|
page read and write
|
||
|
1BC03730000
|
heap
|
page read and write
|
||
|
1BC07D90000
|
heap
|
page read and write
|
||
|
1BC05748000
|
heap
|
page read and write
|
||
|
1BC0578F000
|
heap
|
page read and write
|
||
|
603497E000
|
stack
|
page read and write
|
||
|
1BC057AB000
|
heap
|
page read and write
|
||
|
1BC03860000
|
heap
|
page read and write
|
||
|
1BC057A6000
|
heap
|
page read and write
|
||
|
1BC036F0000
|
heap
|
page read and write
|
||
|
1BC056D1000
|
heap
|
page read and write
|
||
|
1BC056CD000
|
heap
|
page read and write
|
||
|
1BC057AE000
|
heap
|
page read and write
|
||
|
1BC05779000
|
heap
|
page read and write
|
||
|
1BC0578B000
|
heap
|
page read and write
|
||
|
1BC03839000
|
heap
|
page read and write
|
||
|
1BC0579D000
|
heap
|
page read and write
|
||
|
1BC057B2000
|
heap
|
page read and write
|
||
|
1BC056F5000
|
heap
|
page read and write
|
||
|
1BC05794000
|
heap
|
page read and write
|
||
|
1BC05726000
|
heap
|
page read and write
|
||
|
1BC03839000
|
heap
|
page read and write
|
||
|
1BC0381C000
|
heap
|
page read and write
|
||
|
1BC057B2000
|
heap
|
page read and write
|
||
|
1BC07DEA000
|
heap
|
page read and write
|
||
|
1BC056DC000
|
heap
|
page read and write
|
||
|
1BC05791000
|
heap
|
page read and write
|
||
|
1BC0578F000
|
heap
|
page read and write
|
||
|
1BC07DEE000
|
heap
|
page read and write
|
||
|
1BC0578F000
|
heap
|
page read and write
|
||
|
6034B7B000
|
stack
|
page read and write
|
||
|
1BC0388A000
|
heap
|
page read and write
|
||
|
1BC05790000
|
heap
|
page read and write
|
||
|
1BC03859000
|
heap
|
page read and write
|
||
|
6034877000
|
stack
|
page read and write
|
||
|
1BC0578B000
|
heap
|
page read and write
|
||
|
1BC03836000
|
heap
|
page read and write
|
||
|
1BC0385A000
|
heap
|
page read and write
|
||
|
1BC0578F000
|
heap
|
page read and write
|
||
|
1BC056D3000
|
heap
|
page read and write
|
||
|
1BC056F3000
|
heap
|
page read and write
|
||
|
1BC0571A000
|
heap
|
page read and write
|
||
|
1BC056CA000
|
heap
|
page read and write
|
||
|
1BC05771000
|
heap
|
page read and write
|
||
|
1BC056E5000
|
heap
|
page read and write
|
||
|
1BC057AA000
|
heap
|
page read and write
|
||
|
1BC03836000
|
heap
|
page read and write
|
||
|
1BC0388A000
|
heap
|
page read and write
|
||
|
1BC03842000
|
heap
|
page read and write
|
||
|
1BC05706000
|
heap
|
page read and write
|
||
|
1BC03839000
|
heap
|
page read and write
|
||
|
1BC03825000
|
heap
|
page read and write
|
||
|
1BC07DE2000
|
heap
|
page read and write
|
||
|
1BC0579E000
|
heap
|
page read and write
|
||
|
1BC056D5000
|
heap
|
page read and write
|
||
|
1BC05794000
|
heap
|
page read and write
|
||
|
60348FE000
|
stack
|
page read and write
|
||
|
1BC0383A000
|
heap
|
page read and write
|
||
|
1BC07DF5000
|
heap
|
page read and write
|
||
|
1BC056DC000
|
heap
|
page read and write
|
||
|
1BC05728000
|
heap
|
page read and write
|
||
|
1BC03827000
|
heap
|
page read and write
|
||
|
1BC0577B000
|
heap
|
page read and write
|
||
|
1BC05782000
|
heap
|
page read and write
|
||
|
1BC056AD000
|
heap
|
page read and write
|
||
|
1BC056CD000
|
heap
|
page read and write
|
||
|
1BC057A6000
|
heap
|
page read and write
|
||
|
1BC056D1000
|
heap
|
page read and write
|
||
|
1BC05759000
|
heap
|
page read and write
|
||
|
1BC0381C000
|
heap
|
page read and write
|
||
|
1BC05748000
|
heap
|
page read and write
|
||
|
1BC03836000
|
heap
|
page read and write
|
||
|
1BC05722000
|
heap
|
page read and write
|
||
|
1BC05799000
|
heap
|
page read and write
|
||
|
1BC0578A000
|
heap
|
page read and write
|
||
|
1BC05791000
|
heap
|
page read and write
|
||
|
1BC03836000
|
heap
|
page read and write
|
||
|
1BC07DD8000
|
heap
|
page read and write
|
||
|
1BC05790000
|
heap
|
page read and write
|
||
|
1BC07DD8000
|
heap
|
page read and write
|
||
|
1BC056EB000
|
heap
|
page read and write
|
||
|
1BC05739000
|
heap
|
page read and write
|
||
|
1BC037FF000
|
heap
|
page read and write
|
||
|
1BC07DE9000
|
heap
|
page read and write
|
||
|
1BC05739000
|
heap
|
page read and write
|
||
|
1BC03855000
|
heap
|
page read and write
|
||
|
1BC03838000
|
heap
|
page read and write
|
||
|
1BC0388A000
|
heap
|
page read and write
|
||
|
1BC057BA000
|
heap
|
page read and write
|
||
|
1BC07DE9000
|
heap
|
page read and write
|
||
|
1BC0A170000
|
heap
|
page readonly
|
||
|
1BC0381C000
|
heap
|
page read and write
|
||
|
1BC03825000
|
heap
|
page read and write
|
||
|
1BC0383F000
|
heap
|
page read and write
|
||
|
1BC0388A000
|
heap
|
page read and write
|
||
|
1BC05120000
|
heap
|
page read and write
|
||
|
1BC03825000
|
heap
|
page read and write
|
||
|
1BC03882000
|
heap
|
page read and write
|
||
|
1BC0388C000
|
heap
|
page read and write
|
||
|
1BC03836000
|
heap
|
page read and write
|
||
|
1BC056D5000
|
heap
|
page read and write
|
||
|
1BC03838000
|
heap
|
page read and write
|
||
|
1BC03839000
|
heap
|
page read and write
|
||
|
1BC03854000
|
heap
|
page read and write
|
||
|
1BC03842000
|
heap
|
page read and write
|
||
|
1BC057AA000
|
heap
|
page read and write
|
||
|
1BC03825000
|
heap
|
page read and write
|
||
|
1BC057A6000
|
heap
|
page read and write
|
||
|
1BC057A2000
|
heap
|
page read and write
|
||
|
1BC07DE1000
|
heap
|
page read and write
|
||
|
1BC05787000
|
heap
|
page read and write
|
||
|
1BC07DEF000
|
heap
|
page read and write
|
||
|
1BC0571D000
|
heap
|
page read and write
|
||
|
1BC057B2000
|
heap
|
page read and write
|
||
|
1BC05660000
|
heap
|
page read and write
|
||
|
1BC056D3000
|
heap
|
page read and write
|
||
|
1BC07DC2000
|
heap
|
page read and write
|
||
|
1BC056CF000
|
heap
|
page read and write
|
||
|
6034D7B000
|
stack
|
page read and write
|
||
|
1BC05789000
|
heap
|
page read and write
|
||
|
1BC05788000
|
heap
|
page read and write
|
||
|
1BC07D99000
|
heap
|
page read and write
|
||
|
1BC0383B000
|
heap
|
page read and write
|
||
|
1BC05739000
|
heap
|
page read and write
|
||
|
1BC0574C000
|
heap
|
page read and write
|
||
|
1BC056EC000
|
heap
|
page read and write
|
||
|
1BC05775000
|
heap
|
page read and write
|
||
|
6034A7D000
|
stack
|
page read and write
|
||
|
1BC057A6000
|
heap
|
page read and write
|
||
|
1BC03839000
|
heap
|
page read and write
|
||
|
1BC0577B000
|
heap
|
page read and write
|
||
|
1BC0579D000
|
heap
|
page read and write
|
||
|
1BC03825000
|
heap
|
page read and write
|
||
|
60349FF000
|
stack
|
page read and write
|
||
|
1BC057A6000
|
heap
|
page read and write
|
||
|
1BC07DF2000
|
heap
|
page read and write
|
||
|
1BC057A2000
|
heap
|
page read and write
|
||
|
1BC0388A000
|
heap
|
page read and write
|
||
|
1BC05794000
|
heap
|
page read and write
|
||
|
1BC056DC000
|
heap
|
page read and write
|
||
|
1BC0579E000
|
heap
|
page read and write
|
||
|
1BC056E5000
|
heap
|
page read and write
|
||
|
1BC07DDE000
|
heap
|
page read and write
|
||
|
1BC057AB000
|
heap
|
page read and write
|
||
|
1BC05795000
|
heap
|
page read and write
|
||
|
1BC07D9D000
|
heap
|
page read and write
|
||
|
1BC07DB0000
|
heap
|
page read and write
|
||
|
1BC056A2000
|
heap
|
page read and write
|
||
|
1BC07DD6000
|
heap
|
page read and write
|
||
|
1BC051C5000
|
heap
|
page read and write
|
||
|
1BC03610000
|
heap
|
page read and write
|
||
|
1BC03858000
|
heap
|
page read and write
|
||
|
1BC083A0000
|
heap
|
page read and write
|
||
|
1BC0382E000
|
heap
|
page read and write
|
||
|
1BC078B0000
|
trusted library allocation
|
page read and write
|
||
|
1BC05794000
|
heap
|
page read and write
|
||
|
1BC057AE000
|
heap
|
page read and write
|
||
|
1BC05727000
|
heap
|
page read and write
|
||
|
1BC0574B000
|
heap
|
page read and write
|
||
|
1BC056E5000
|
heap
|
page read and write
|
||
|
1BC05705000
|
heap
|
page read and write
|
||
|
1BC057A2000
|
heap
|
page read and write
|
||
|
1BC07DF3000
|
heap
|
page read and write
|
||
|
1BC0381A000
|
heap
|
page read and write
|
||
|
1BC056CF000
|
heap
|
page read and write
|
||
|
1BC056EB000
|
heap
|
page read and write
|
||
|
1BC057B3000
|
heap
|
page read and write
|
||
|
1BC03834000
|
heap
|
page read and write
|
||
|
1BC0384C000
|
heap
|
page read and write
|
||
|
1BC05735000
|
heap
|
page read and write
|
||
|
1BC03790000
|
heap
|
page read and write
|
||
|
1BC056C2000
|
heap
|
page read and write
|
||
|
1BC0382C000
|
heap
|
page read and write
|
||
|
1BC05759000
|
heap
|
page read and write
|
||
|
1BC05770000
|
heap
|
page read and write
|
||
|
1BC03839000
|
heap
|
page read and write
|
||
|
1BC057B2000
|
heap
|
page read and write
|
||
|
1BC0578F000
|
heap
|
page read and write
|
||
|
1BC03863000
|
heap
|
page read and write
|
||
|
1BC057AE000
|
heap
|
page read and write
|
||
|
1BC056CA000
|
heap
|
page read and write
|
||
|
1BC05759000
|
heap
|
page read and write
|
||
|
1BC07DE9000
|
heap
|
page read and write
|
||
|
1BC05785000
|
heap
|
page read and write
|
||
|
1BC0383C000
|
heap
|
page read and write
|
||
|
6034AFC000
|
stack
|
page read and write
|
||
|
1BC057AA000
|
heap
|
page read and write
|
||
|
1BC056B7000
|
heap
|
page read and write
|
||
|
1BC057AE000
|
heap
|
page read and write
|
||
|
1BC057AA000
|
heap
|
page read and write
|
||
|
1BC056BE000
|
heap
|
page read and write
|
||
|
1BC05783000
|
heap
|
page read and write
|
||
|
1BC0384B000
|
heap
|
page read and write
|
||
|
1BC0385E000
|
heap
|
page read and write
|
||
|
1BC05759000
|
heap
|
page read and write
|
||
|
1BC0384F000
|
heap
|
page read and write
|
||
|
1BC0384F000
|
heap
|
page read and write
|
||
|
1BC03835000
|
heap
|
page read and write
|
||
|
1BC03825000
|
heap
|
page read and write
|
||
|
1BC0579A000
|
heap
|
page read and write
|
||
|
1BC0574C000
|
heap
|
page read and write
|
||
|
1BC057AE000
|
heap
|
page read and write
|
||
|
1BC08290000
|
trusted library allocation
|
page read and write
|
||
|
1BC057A2000
|
heap
|
page read and write
|
||
|
1BC03858000
|
heap
|
page read and write
|
||
|
1BC07DE9000
|
heap
|
page read and write
|
||
|
1BC057B3000
|
heap
|
page read and write
|
||
|
1BC03835000
|
heap
|
page read and write
|
||
|
1BC05760000
|
heap
|
page read and write
|
||
|
1BC0384B000
|
heap
|
page read and write
|
||
|
1BC057AE000
|
heap
|
page read and write
|
||
|
1BC0579E000
|
heap
|
page read and write
|
||
|
1BC0579E000
|
heap
|
page read and write
|
||
|
1BC07DCF000
|
heap
|
page read and write
|
||
|
1BC05794000
|
heap
|
page read and write
|
||
|
1BC0381E000
|
heap
|
page read and write
|
||
|
1BC07DC5000
|
heap
|
page read and write
|
||
|
1BC03850000
|
heap
|
page read and write
|
||
|
1BC056EB000
|
heap
|
page read and write
|
||
|
1BC03845000
|
heap
|
page read and write
|
||
|
1BC057A2000
|
heap
|
page read and write
|
||
|
1BC0388B000
|
heap
|
page read and write
|
||
|
1BC05778000
|
heap
|
page read and write
|
||
|
1BC057AA000
|
heap
|
page read and write
|
||
|
1BC051C0000
|
heap
|
page read and write
|
||
|
1BC05728000
|
heap
|
page read and write
|
||
|
1BC03829000
|
heap
|
page read and write
|
||
|
1BC05737000
|
heap
|
page read and write
|
There are 232 hidden memdumps, click here to show them.