Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\IEXPLORE.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\IEXPLORE.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\e\52C64B7E
|
@C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\oregres.dll,-205
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Microsoft Office\root\Office16\Winword.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Microsoft Office\root\Office16\Winword.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\e\52C64B7E
|
@wmploc.dll,-102
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
There are 9 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
22128239000
|
heap
|
page read and write
|
||
|
2212821E000
|
heap
|
page read and write
|
||
|
221261E0000
|
heap
|
page read and write
|
||
|
22128217000
|
heap
|
page read and write
|
||
|
2212822A000
|
heap
|
page read and write
|
||
|
2212D020000
|
trusted library allocation
|
page read and write
|
||
|
22128131000
|
heap
|
page read and write
|
||
|
22128226000
|
heap
|
page read and write
|
||
|
221281CD000
|
heap
|
page read and write
|
||
|
2212823A000
|
heap
|
page read and write
|
||
|
22128233000
|
heap
|
page read and write
|
||
|
2212813F000
|
heap
|
page read and write
|
||
|
221281E0000
|
heap
|
page read and write
|
||
|
221281F7000
|
heap
|
page read and write
|
||
|
22126167000
|
heap
|
page read and write
|
||
|
221281D1000
|
heap
|
page read and write
|
||
|
221281CA000
|
heap
|
page read and write
|
||
|
221261AA000
|
heap
|
page read and write
|
||
|
2212810F000
|
heap
|
page read and write
|
||
|
22128226000
|
heap
|
page read and write
|
||
|
4B9B8FE000
|
stack
|
page read and write
|
||
|
2212820A000
|
heap
|
page read and write
|
||
|
221261A2000
|
heap
|
page read and write
|
||
|
2212A330000
|
trusted library allocation
|
page read and write
|
||
|
2212817B000
|
heap
|
page read and write
|
||
|
4B9B97A000
|
stack
|
page read and write
|
||
|
221261DC000
|
heap
|
page read and write
|
||
|
22128240000
|
heap
|
page read and write
|
||
|
221261D9000
|
heap
|
page read and write
|
||
|
221261C6000
|
heap
|
page read and write
|
||
|
221261C8000
|
heap
|
page read and write
|
||
|
22126180000
|
heap
|
page read and write
|
||
|
22128210000
|
heap
|
page read and write
|
||
|
22125F70000
|
heap
|
page read and write
|
||
|
221280EE000
|
heap
|
page read and write
|
||
|
22128113000
|
heap
|
page read and write
|
||
|
22128233000
|
heap
|
page read and write
|
||
|
221281F0000
|
heap
|
page read and write
|
||
|
2212822A000
|
heap
|
page read and write
|
||
|
221261AC000
|
heap
|
page read and write
|
||
|
221280EA000
|
heap
|
page read and write
|
||
|
221261D0000
|
heap
|
page read and write
|
||
|
2212823A000
|
heap
|
page read and write
|
||
|
2212823A000
|
heap
|
page read and write
|
||
|
22128226000
|
heap
|
page read and write
|
||
|
2212823B000
|
heap
|
page read and write
|
||
|
22128208000
|
heap
|
page read and write
|
||
|
221281B3000
|
heap
|
page read and write
|
||
|
22128248000
|
heap
|
page read and write
|
||
|
2212817B000
|
heap
|
page read and write
|
||
|
2212813F000
|
heap
|
page read and write
|
||
|
2212812B000
|
heap
|
page read and write
|
||
|
4B9B877000
|
stack
|
page read and write
|
||
|
22128188000
|
heap
|
page read and write
|
||
|
22128118000
|
heap
|
page read and write
|
||
|
221281C2000
|
heap
|
page read and write
|
||
|
2212AB6B000
|
heap
|
page read and write
|
||
|
2212810B000
|
heap
|
page read and write
|
||
|
22128217000
|
heap
|
page read and write
|
||
|
4B9B77E000
|
stack
|
page read and write
|
||
|
221281AF000
|
heap
|
page read and write
|
||
|
22127B40000
|
heap
|
page read and write
|
||
|
22128120000
|
heap
|
page read and write
|
||
|
221261E3000
|
heap
|
page read and write
|
||
|
2212810D000
|
heap
|
page read and write
|
||
|
221280EB000
|
heap
|
page read and write
|
||
|
2212824E000
|
heap
|
page read and write
|
||
|
2212823F000
|
heap
|
page read and write
|
||
|
7DF4490B1000
|
trusted library allocation
|
page execute read
|
||
|
221261E1000
|
heap
|
page read and write
|
||
|
221281B2000
|
heap
|
page read and write
|
||
|
2212822A000
|
heap
|
page read and write
|
||
|
22128188000
|
heap
|
page read and write
|
||
|
22128210000
|
heap
|
page read and write
|
||
|
2212821C000
|
heap
|
page read and write
|
||
|
2212823A000
|
heap
|
page read and write
|
||
|
22128131000
|
heap
|
page read and write
|
||
|
2212823B000
|
heap
|
page read and write
|
||
|
22128221000
|
heap
|
page read and write
|
||
|
22128125000
|
heap
|
page read and write
|
||
|
2212810B000
|
heap
|
page read and write
|
||
|
221261A2000
|
heap
|
page read and write
|
||
|
22128247000
|
heap
|
page read and write
|
||
|
22128226000
|
heap
|
page read and write
|
||
|
22128233000
|
heap
|
page read and write
|
||
|
4B9B6FE000
|
stack
|
page read and write
|
||
|
2212812B000
|
heap
|
page read and write
|
||
|
2212AB6C000
|
heap
|
page read and write
|
||
|
221261C6000
|
heap
|
page read and write
|
||
|
22128241000
|
heap
|
page read and write
|
||
|
22128214000
|
heap
|
page read and write
|
||
|
2212821C000
|
heap
|
page read and write
|
||
|
2212D030000
|
heap
|
page readonly
|
||
|
221281AB000
|
heap
|
page read and write
|
||
|
2212823A000
|
heap
|
page read and write
|
||
|
22128240000
|
heap
|
page read and write
|
||
|
22128247000
|
heap
|
page read and write
|
||
|
22128221000
|
heap
|
page read and write
|
||
|
221261D8000
|
heap
|
page read and write
|
||
|
4B9B3A6000
|
stack
|
page read and write
|
||
|
2212822F000
|
heap
|
page read and write
|
||
|
2212810F000
|
heap
|
page read and write
|
||
|
2212C712000
|
trusted library allocation
|
page read and write
|
||
|
22128226000
|
heap
|
page read and write
|
||
|
2212821C000
|
heap
|
page read and write
|
||
|
221280FF000
|
heap
|
page read and write
|
||
|
221281F0000
|
heap
|
page read and write
|
||
|
221261D6000
|
heap
|
page read and write
|
||
|
22128227000
|
heap
|
page read and write
|
||
|
22128241000
|
heap
|
page read and write
|
||
|
22128210000
|
heap
|
page read and write
|
||
|
22126112000
|
heap
|
page read and write
|
||
|
22128230000
|
heap
|
page read and write
|
||
|
22128111000
|
heap
|
page read and write
|
||
|
2212818A000
|
heap
|
page read and write
|
||
|
22126135000
|
heap
|
page read and write
|
||
|
22128234000
|
heap
|
page read and write
|
||
|
22128120000
|
heap
|
page read and write
|
||
|
2212822A000
|
heap
|
page read and write
|
||
|
4B9BC7E000
|
stack
|
page read and write
|
||
|
22128120000
|
heap
|
page read and write
|
||
|
2212814F000
|
heap
|
page read and write
|
||
|
2212AD90000
|
heap
|
page read and write
|
||
|
221261AB000
|
heap
|
page read and write
|
||
|
22128240000
|
heap
|
page read and write
|
||
|
22128226000
|
heap
|
page read and write
|
||
|
221261FE000
|
heap
|
page read and write
|
||
|
2212821C000
|
heap
|
page read and write
|
||
|
22128117000
|
heap
|
page read and write
|
||
|
2212822A000
|
heap
|
page read and write
|
||
|
22128241000
|
heap
|
page read and write
|
||
|
22128135000
|
heap
|
page read and write
|
||
|
221281B2000
|
heap
|
page read and write
|
||
|
22128203000
|
heap
|
page read and write
|
||
|
2212822A000
|
heap
|
page read and write
|
||
|
22128120000
|
heap
|
page read and write
|
||
|
221261AA000
|
heap
|
page read and write
|
||
|
22128219000
|
heap
|
page read and write
|
||
|
2212823A000
|
heap
|
page read and write
|
||
|
2212823B000
|
heap
|
page read and write
|
||
|
221281FB000
|
heap
|
page read and write
|
||
|
22128233000
|
heap
|
page read and write
|
||
|
22128134000
|
heap
|
page read and write
|
||
|
2212AB7B000
|
heap
|
page read and write
|
||
|
221281D1000
|
heap
|
page read and write
|
||
|
2212AB6C000
|
heap
|
page read and write
|
||
|
22127A10000
|
heap
|
page read and write
|
||
|
22128226000
|
heap
|
page read and write
|
||
|
22128241000
|
heap
|
page read and write
|
||
|
4B9B67E000
|
stack
|
page read and write
|
||
|
22128233000
|
heap
|
page read and write
|
||
|
2212810D000
|
heap
|
page read and write
|
||
|
221261B3000
|
heap
|
page read and write
|
||
|
22128131000
|
heap
|
page read and write
|
||
|
221261D6000
|
heap
|
page read and write
|
||
|
22128217000
|
heap
|
page read and write
|
||
|
22128221000
|
heap
|
page read and write
|
||
|
22128226000
|
heap
|
page read and write
|
||
|
2212AB5D000
|
heap
|
page read and write
|
||
|
2212AB78000
|
heap
|
page read and write
|
||
|
22128221000
|
heap
|
page read and write
|
||
|
2212822A000
|
heap
|
page read and write
|
||
|
221280E0000
|
heap
|
page read and write
|
||
|
22128241000
|
heap
|
page read and write
|
||
|
22128227000
|
heap
|
page read and write
|
||
|
22128221000
|
heap
|
page read and write
|
||
|
221261E6000
|
heap
|
page read and write
|
||
|
22126100000
|
heap
|
page read and write
|
||
|
22128103000
|
heap
|
page read and write
|
||
|
2212822C000
|
heap
|
page read and write
|
||
|
22128240000
|
heap
|
page read and write
|
||
|
221261E1000
|
heap
|
page read and write
|
||
|
2212AB7B000
|
heap
|
page read and write
|
||
|
4B9B7FE000
|
stack
|
page read and write
|
||
|
221261A2000
|
heap
|
page read and write
|
||
|
221261AC000
|
heap
|
page read and write
|
||
|
2212AB60000
|
heap
|
page read and write
|
||
|
22128233000
|
heap
|
page read and write
|
||
|
2212AB80000
|
heap
|
page read and write
|
||
|
221261A9000
|
heap
|
page read and write
|
||
|
221280F7000
|
heap
|
page read and write
|
||
|
2212820C000
|
heap
|
page read and write
|
||
|
221280F6000
|
heap
|
page read and write
|
||
|
22128113000
|
heap
|
page read and write
|
||
|
221261D9000
|
heap
|
page read and write
|
||
|
2212AB6C000
|
heap
|
page read and write
|
||
|
22128117000
|
heap
|
page read and write
|
||
|
22128188000
|
heap
|
page read and write
|
||
|
2212821C000
|
heap
|
page read and write
|
||
|
22128233000
|
heap
|
page read and write
|
||
|
2212821E000
|
heap
|
page read and write
|
||
|
22128233000
|
heap
|
page read and write
|
||
|
221281B2000
|
heap
|
page read and write
|
||
|
2212AB7B000
|
heap
|
page read and write
|
||
|
221261CD000
|
heap
|
page read and write
|
||
|
2212619F000
|
heap
|
page read and write
|
||
|
2212615B000
|
heap
|
page read and write
|
||
|
221281D0000
|
heap
|
page read and write
|
||
|
22128138000
|
heap
|
page read and write
|
||
|
22126200000
|
heap
|
page read and write
|
||
|
22128221000
|
heap
|
page read and write
|
||
|
2212812B000
|
heap
|
page read and write
|
||
|
221281AE000
|
heap
|
page read and write
|
||
|
2212AB98000
|
heap
|
page read and write
|
||
|
22128189000
|
heap
|
page read and write
|
||
|
22128233000
|
heap
|
page read and write
|
||
|
2212C6F4000
|
trusted library allocation
|
page read and write
|
||
|
22128106000
|
heap
|
page read and write
|
||
|
2212822F000
|
heap
|
page read and write
|
||
|
2212820B000
|
heap
|
page read and write
|
||
|
22128242000
|
heap
|
page read and write
|
||
|
2212822A000
|
heap
|
page read and write
|
||
|
4B9BB7B000
|
stack
|
page read and write
|
||
|
2212820D000
|
heap
|
page read and write
|
||
|
22126165000
|
heap
|
page read and write
|
||
|
22128222000
|
heap
|
page read and write
|
||
|
22126161000
|
heap
|
page read and write
|
||
|
2212817B000
|
heap
|
page read and write
|
||
|
22128115000
|
heap
|
page read and write
|
||
|
2212823F000
|
heap
|
page read and write
|
||
|
22128111000
|
heap
|
page read and write
|
||
|
2212821C000
|
heap
|
page read and write
|
||
|
221281D0000
|
heap
|
page read and write
|
||
|
2212AB80000
|
heap
|
page read and write
|
||
|
2212AB81000
|
heap
|
page read and write
|
||
|
22126109000
|
heap
|
page read and write
|
||
|
22128115000
|
heap
|
page read and write
|
||
|
2212823E000
|
heap
|
page read and write
|
||
|
2212AB7D000
|
heap
|
page read and write
|
||
|
221261B8000
|
heap
|
page read and write
|
||
|
22128233000
|
heap
|
page read and write
|
||
|
2212823D000
|
heap
|
page read and write
|
||
|
22128221000
|
heap
|
page read and write
|
||
|
2212823A000
|
heap
|
page read and write
|
||
|
22128152000
|
heap
|
page read and write
|
||
|
2212820D000
|
heap
|
page read and write
|
||
|
22128131000
|
heap
|
page read and write
|
||
|
2212AB7B000
|
heap
|
page read and write
|
||
|
2212817B000
|
heap
|
page read and write
|
||
|
22128210000
|
heap
|
page read and write
|
||
|
221261CF000
|
heap
|
page read and write
|
||
|
2212AB50000
|
heap
|
page read and write
|
||
|
22128188000
|
heap
|
page read and write
|
||
|
2212823A000
|
heap
|
page read and write
|
||
|
22128210000
|
heap
|
page read and write
|
||
|
22127AC5000
|
heap
|
page read and write
|
||
|
2212820A000
|
heap
|
page read and write
|
||
|
2212822A000
|
heap
|
page read and write
|
||
|
2212823B000
|
heap
|
page read and write
|
||
|
221261BB000
|
heap
|
page read and write
|
||
|
221281B2000
|
heap
|
page read and write
|
||
|
2212820C000
|
heap
|
page read and write
|
||
|
2212817B000
|
heap
|
page read and write
|
||
|
221261AC000
|
heap
|
page read and write
|
||
|
22128226000
|
heap
|
page read and write
|
||
|
22128188000
|
heap
|
page read and write
|
||
|
22128202000
|
heap
|
page read and write
|
||
|
22128240000
|
heap
|
page read and write
|
||
|
22128240000
|
heap
|
page read and write
|
||
|
2212823A000
|
heap
|
page read and write
|
||
|
22128241000
|
heap
|
page read and write
|
||
|
2212615E000
|
heap
|
page read and write
|
||
|
22127AC0000
|
heap
|
page read and write
|
||
|
22128118000
|
heap
|
page read and write
|
There are 254 hidden memdumps, click here to show them.