Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Internet Explorer\iexplore.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\mspaint.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\system32\NOTEPAD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\f0\52C64B7E
|
@C:\Program Files\Common Files\Microsoft Shared\Office16\oregres.dll,-205
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Office16\WINWORD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Microsoft Office\Office16\WINWORD.EXE.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\f0\52C64B7E
|
@wmploc.dll,-102
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Windows Media Player\wmplayer.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE.ApplicationCompany
|
There are 6 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
A19EC76000
|
stack
|
page read and write
|
||
|
1B3DC0D5000
|
heap
|
page read and write
|
||
|
A19EE7E000
|
stack
|
page read and write
|
||
|
1B3DC0CD000
|
heap
|
page read and write
|
||
|
1B3DC0F6000
|
heap
|
page read and write
|
||
|
1B3DDE02000
|
heap
|
page read and write
|
||
|
1B3DDDEA000
|
heap
|
page read and write
|
||
|
1B3DDE0B000
|
heap
|
page read and write
|
||
|
1B3DDDDF000
|
heap
|
page read and write
|
||
|
1B3DDF78000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
1B3DC0E4000
|
heap
|
page read and write
|
||
|
1B3DDF87000
|
heap
|
page read and write
|
||
|
1B3DDF92000
|
heap
|
page read and write
|
||
|
1B3DDFD5000
|
heap
|
page read and write
|
||
|
1B3DC0F1000
|
heap
|
page read and write
|
||
|
1B3DBE00000
|
heap
|
page read and write
|
||
|
1B3DDF9C000
|
heap
|
page read and write
|
||
|
1B3DDF92000
|
heap
|
page read and write
|
||
|
1B3DDF0B000
|
heap
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3DDF84000
|
heap
|
page read and write
|
||
|
1B3DDE0F000
|
heap
|
page read and write
|
||
|
1B3DC040000
|
heap
|
page read and write
|
||
|
1B3DDF03000
|
heap
|
page read and write
|
||
|
1B3DDE21000
|
heap
|
page read and write
|
||
|
1B3DDE21000
|
heap
|
page read and write
|
||
|
1B3DC0EB000
|
heap
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3E2A17000
|
heap
|
page read and write
|
||
|
1B3DC128000
|
heap
|
page read and write
|
||
|
1B3E2A1B000
|
heap
|
page read and write
|
||
|
1B3DDF27000
|
heap
|
page read and write
|
||
|
1B3DDF43000
|
heap
|
page read and write
|
||
|
1B3DDDF0000
|
heap
|
page read and write
|
||
|
1B3DDDF0000
|
heap
|
page read and write
|
||
|
1B3DDF84000
|
heap
|
page read and write
|
||
|
1B3DC128000
|
heap
|
page read and write
|
||
|
1B3DC104000
|
heap
|
page read and write
|
||
|
1B3DC0CC000
|
heap
|
page read and write
|
||
|
1B3DDDEA000
|
heap
|
page read and write
|
||
|
1B3DC0CA000
|
heap
|
page read and write
|
||
|
1B3DC0F7000
|
heap
|
page read and write
|
||
|
1B3DC129000
|
heap
|
page read and write
|
||
|
1B3DDA25000
|
heap
|
page read and write
|
||
|
1B3DC135000
|
heap
|
page read and write
|
||
|
1B3DC122000
|
heap
|
page read and write
|
||
|
1B3DDDF6000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
1B3DDF0B000
|
heap
|
page read and write
|
||
|
1B3E2A15000
|
heap
|
page read and write
|
||
|
1B3DC128000
|
heap
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3DC0D8000
|
heap
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3DDFC6000
|
heap
|
page read and write
|
||
|
1B3DC0D5000
|
heap
|
page read and write
|
||
|
1B3DDF70000
|
heap
|
page read and write
|
||
|
1B3DDE12000
|
heap
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
A19F2FC000
|
stack
|
page read and write
|
||
|
1B3DDFA0000
|
heap
|
page read and write
|
||
|
A19EFFE000
|
stack
|
page read and write
|
||
|
1B3DDE10000
|
heap
|
page read and write
|
||
|
1B3DDFCB000
|
heap
|
page read and write
|
||
|
1B3DC0FE000
|
heap
|
page read and write
|
||
|
1B3DDE03000
|
heap
|
page read and write
|
||
|
1B3DDE17000
|
heap
|
page read and write
|
||
|
1B3DDF77000
|
heap
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3DDF5E000
|
heap
|
page read and write
|
||
|
1B3DC128000
|
heap
|
page read and write
|
||
|
1B3DDDFB000
|
heap
|
page read and write
|
||
|
1B3DDF1F000
|
heap
|
page read and write
|
||
|
1B3DDDD2000
|
heap
|
page read and write
|
||
|
1B3DC0F7000
|
heap
|
page read and write
|
||
|
1B3DDF5E000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
A19F37A000
|
stack
|
page read and write
|
||
|
1B3DDFC8000
|
heap
|
page read and write
|
||
|
1B3DDDFA000
|
heap
|
page read and write
|
||
|
1B3DDFA8000
|
heap
|
page read and write
|
||
|
1B3DDF27000
|
heap
|
page read and write
|
||
|
1B3DC104000
|
heap
|
page read and write
|
||
|
1B3DDF17000
|
heap
|
page read and write
|
||
|
1B3DDF84000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
A19EDFE000
|
stack
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3DDF2D000
|
heap
|
page read and write
|
||
|
1B3DDDE6000
|
heap
|
page read and write
|
||
|
A19EEFE000
|
stack
|
page read and write
|
||
|
1B3DDDC0000
|
heap
|
page read and write
|
||
|
1B3DC0FF000
|
heap
|
page read and write
|
||
|
1B3DDF9C000
|
heap
|
page read and write
|
||
|
1B3DC0F9000
|
heap
|
page read and write
|
||
|
A19F1FE000
|
stack
|
page read and write
|
||
|
1B3DDE10000
|
heap
|
page read and write
|
||
|
1B3DC134000
|
heap
|
page read and write
|
||
|
1B3DC100000
|
heap
|
page read and write
|
||
|
1B3DDDFB000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
1B3DC102000
|
heap
|
page read and write
|
||
|
1B3DDDED000
|
heap
|
page read and write
|
||
|
1B3E2A39000
|
heap
|
page read and write
|
||
|
7DF4B1931000
|
trusted library allocation
|
page execute read
|
||
|
1B3DDDD8000
|
heap
|
page read and write
|
||
|
1B3DDF9C000
|
heap
|
page read and write
|
||
|
1B3DDFA8000
|
heap
|
page read and write
|
||
|
1B3DDFC3000
|
heap
|
page read and write
|
||
|
1B3DC13A000
|
heap
|
page read and write
|
||
|
1B3DDF0D000
|
heap
|
page read and write
|
||
|
1B3DC0C8000
|
heap
|
page read and write
|
||
|
1B3DC0C1000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
1B3DDE15000
|
heap
|
page read and write
|
||
|
1B3DDFA0000
|
heap
|
page read and write
|
||
|
1B3DDE10000
|
heap
|
page read and write
|
||
|
1B3DDDD3000
|
heap
|
page read and write
|
||
|
1B3DDE01000
|
heap
|
page read and write
|
||
|
1B3DC0FE000
|
heap
|
page read and write
|
||
|
1B3DDE16000
|
heap
|
page read and write
|
||
|
1B3DC0C1000
|
heap
|
page read and write
|
||
|
1B3E2D00000
|
heap
|
page readonly
|
||
|
1B3DDDDA000
|
heap
|
page read and write
|
||
|
1B3DBF70000
|
heap
|
page read and write
|
||
|
1B3DC0DC000
|
heap
|
page read and write
|
||
|
1B3DDE1A000
|
heap
|
page read and write
|
||
|
1B3E0500000
|
heap
|
page read and write
|
||
|
1B3DC11B000
|
heap
|
page read and write
|
||
|
1B3E2A1B000
|
heap
|
page read and write
|
||
|
1B3DDF9C000
|
heap
|
page read and write
|
||
|
1B3DC0D9000
|
heap
|
page read and write
|
||
|
1B3DDDF2000
|
heap
|
page read and write
|
||
|
1B3DDF2D000
|
heap
|
page read and write
|
||
|
1B3DDE08000
|
heap
|
page read and write
|
||
|
1B3DBFE0000
|
heap
|
page read and write
|
||
|
1B3DC0D0000
|
heap
|
page read and write
|
||
|
1B3DDFC0000
|
heap
|
page read and write
|
||
|
1B3DDE1A000
|
heap
|
page read and write
|
||
|
1B3DDDD2000
|
heap
|
page read and write
|
||
|
1B3E2A3F000
|
heap
|
page read and write
|
||
|
1B3DDE07000
|
heap
|
page read and write
|
||
|
1B3DDF11000
|
heap
|
page read and write
|
||
|
1B3DDDFB000
|
heap
|
page read and write
|
||
|
1B3DDDE4000
|
heap
|
page read and write
|
||
|
1B3DDE0B000
|
heap
|
page read and write
|
||
|
1B3DC0C1000
|
heap
|
page read and write
|
||
|
1B3DDDD4000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
1B3DDF72000
|
heap
|
page read and write
|
||
|
1B3DC13E000
|
heap
|
page read and write
|
||
|
1B3DDE0B000
|
heap
|
page read and write
|
||
|
1B3DDF1F000
|
heap
|
page read and write
|
||
|
1B3DDDED000
|
heap
|
page read and write
|
||
|
1B3E2A3E000
|
heap
|
page read and write
|
||
|
1B3DDFCD000
|
heap
|
page read and write
|
||
|
1B3DC0C8000
|
heap
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3DDFA8000
|
heap
|
page read and write
|
||
|
1B3E1FF4000
|
trusted library allocation
|
page read and write
|
||
|
1B3DDF5E000
|
heap
|
page read and write
|
||
|
1B3DDDFA000
|
heap
|
page read and write
|
||
|
1B3DC116000
|
heap
|
page read and write
|
||
|
1B3E0020000
|
trusted library allocation
|
page read and write
|
||
|
1B3DC0F1000
|
heap
|
page read and write
|
||
|
1B3E2920000
|
trusted library allocation
|
page read and write
|
||
|
1B3E2CD0000
|
heap
|
page read and write
|
||
|
1B3DDF38000
|
heap
|
page read and write
|
||
|
1B3DDE01000
|
heap
|
page read and write
|
||
|
1B3DC13E000
|
heap
|
page read and write
|
||
|
1B3DBF40000
|
heap
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3DC128000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
A19EF7D000
|
stack
|
page read and write
|
||
|
1B3DDDFB000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
1B3DDF1F000
|
heap
|
page read and write
|
||
|
1B3DDE16000
|
heap
|
page read and write
|
||
|
1B3DDE1F000
|
heap
|
page read and write
|
||
|
1B3DDE15000
|
heap
|
page read and write
|
||
|
1B3DC13E000
|
heap
|
page read and write
|
||
|
1B3DBFE3000
|
heap
|
page read and write
|
||
|
1B3DC04F000
|
heap
|
page read and write
|
||
|
1B3DDF2D000
|
heap
|
page read and write
|
||
|
1B3DDE19000
|
heap
|
page read and write
|
||
|
1B3DDE02000
|
heap
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3DDFBB000
|
heap
|
page read and write
|
||
|
1B3DC0A2000
|
heap
|
page read and write
|
||
|
1B3DC0F9000
|
heap
|
page read and write
|
||
|
1B3DC0D5000
|
heap
|
page read and write
|
||
|
1B3DC11E000
|
heap
|
page read and write
|
||
|
1B3DDDED000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
1B3DDE16000
|
heap
|
page read and write
|
||
|
1B3E2A20000
|
heap
|
page read and write
|
||
|
1B3DC0EE000
|
heap
|
page read and write
|
||
|
1B3DDF13000
|
heap
|
page read and write
|
||
|
1B3DC103000
|
heap
|
page read and write
|
||
|
1B3DDDFB000
|
heap
|
page read and write
|
||
|
1B3DDFC6000
|
heap
|
page read and write
|
||
|
1B3DDF92000
|
heap
|
page read and write
|
||
|
1B3DC12C000
|
heap
|
page read and write
|
||
|
1B3DDF78000
|
heap
|
page read and write
|
||
|
1B3DDE19000
|
heap
|
page read and write
|
||
|
1B3DDDE7000
|
heap
|
page read and write
|
||
|
1B3DC0D2000
|
heap
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3DDF87000
|
heap
|
page read and write
|
||
|
1B3DDDF9000
|
heap
|
page read and write
|
||
|
1B3DC100000
|
heap
|
page read and write
|
||
|
1B3DDE12000
|
heap
|
page read and write
|
||
|
1B3DDE15000
|
heap
|
page read and write
|
||
|
1B3DDE10000
|
heap
|
page read and write
|
||
|
1B3DDDF6000
|
heap
|
page read and write
|
||
|
1B3DDF29000
|
heap
|
page read and write
|
||
|
1B3DDDED000
|
heap
|
page read and write
|
||
|
1B3DC128000
|
heap
|
page read and write
|
||
|
1B3DDDF5000
|
heap
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
1B3DDDFB000
|
heap
|
page read and write
|
||
|
1B3DC0CE000
|
heap
|
page read and write
|
||
|
1B3DDF87000
|
heap
|
page read and write
|
||
|
1B3DDDDE000
|
heap
|
page read and write
|
||
|
1B3DDDED000
|
heap
|
page read and write
|
||
|
1B3DDE0D000
|
heap
|
page read and write
|
||
|
1B3DDE01000
|
heap
|
page read and write
|
||
|
1B3DDE01000
|
heap
|
page read and write
|
||
|
1B3DDDDE000
|
heap
|
page read and write
|
||
|
1B3DC0F8000
|
heap
|
page read and write
|
||
|
1B3DC135000
|
heap
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3DC128000
|
heap
|
page read and write
|
||
|
1B3DC13A000
|
heap
|
page read and write
|
||
|
1B3DC0FC000
|
heap
|
page read and write
|
||
|
1B3DC0EA000
|
heap
|
page read and write
|
||
|
1B3DDDED000
|
heap
|
page read and write
|
||
|
1B3DDF5E000
|
heap
|
page read and write
|
||
|
1B3DDE1F000
|
heap
|
page read and write
|
||
|
1B3DDE15000
|
heap
|
page read and write
|
||
|
1B3DDDFD000
|
heap
|
page read and write
|
||
|
1B3DDDE2000
|
heap
|
page read and write
|
||
|
1B3DC0F4000
|
heap
|
page read and write
|
||
|
1B3DDDF3000
|
heap
|
page read and write
|
||
|
A19F47C000
|
stack
|
page read and write
|
||
|
1B3DDEE0000
|
heap
|
page read and write
|
||
|
1B3DC0D4000
|
heap
|
page read and write
|
||
|
1B3E2A20000
|
heap
|
page read and write
|
||
|
1B3DC0F4000
|
heap
|
page read and write
|
||
|
1B3E2012000
|
trusted library allocation
|
page read and write
|
||
|
1B3DDF92000
|
heap
|
page read and write
|
||
|
1B3DC0D5000
|
heap
|
page read and write
|
||
|
1B3DDE02000
|
heap
|
page read and write
|
||
|
A19F07B000
|
stack
|
page read and write
|
||
|
1B3DDE15000
|
heap
|
page read and write
|
||
|
1B3DC0BD000
|
heap
|
page read and write
|
||
|
1B3DC0EA000
|
heap
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3DDE15000
|
heap
|
page read and write
|
||
|
1B3DC100000
|
heap
|
page read and write
|
||
|
1B3DDF84000
|
heap
|
page read and write
|
||
|
1B3DDE08000
|
heap
|
page read and write
|
||
|
1B3DDDF0000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
1B3DDE0B000
|
heap
|
page read and write
|
||
|
1B3DDE17000
|
heap
|
page read and write
|
||
|
1B3DDDF3000
|
heap
|
page read and write
|
||
|
1B3DDA20000
|
heap
|
page read and write
|
||
|
1B3DDF39000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
1B3E2A43000
|
heap
|
page read and write
|
||
|
1B3DDE0B000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
1B3DDE15000
|
heap
|
page read and write
|
||
|
1B3DDDFC000
|
heap
|
page read and write
|
||
|
1B3DDF87000
|
heap
|
page read and write
|
||
|
1B3DDFA0000
|
heap
|
page read and write
|
||
|
A19ED7E000
|
stack
|
page read and write
|
||
|
1B3DC0E3000
|
heap
|
page read and write
|
||
|
1B3DDF40000
|
heap
|
page read and write
|
||
|
1B3DDFA0000
|
heap
|
page read and write
|
||
|
1B3DDE02000
|
heap
|
page read and write
|
||
|
1B3DDF15000
|
heap
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3DC0F0000
|
heap
|
page read and write
|
||
|
1B3DC100000
|
heap
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3E2A10000
|
heap
|
page read and write
|
||
|
1B3DDFA8000
|
heap
|
page read and write
|
||
|
A19ECFE000
|
stack
|
page read and write
|
||
|
1B3DDE6B000
|
heap
|
page read and write
|
||
|
1B3DC0E8000
|
heap
|
page read and write
|
||
|
1B3DDF5E000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
1B3DC0F8000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
1B3DDFCA000
|
heap
|
page read and write
|
||
|
1B3DDE06000
|
heap
|
page read and write
|
||
|
1B3E2A26000
|
heap
|
page read and write
|
||
|
1B3DDDFD000
|
heap
|
page read and write
|
||
|
1B3E2A26000
|
heap
|
page read and write
|
||
|
1B3DDF2D000
|
heap
|
page read and write
|
||
|
1B3DC0C8000
|
heap
|
page read and write
|
||
|
1B3DC107000
|
heap
|
page read and write
|
||
|
1B3E2A39000
|
heap
|
page read and write
|
There are 299 hidden memdumps, click here to show them.