IOC Report
download

loading gif

Processes

Path
Cmdline
Malicious
C:\Windows\System32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding

Memdumps

Base Address
Regiontype
Protect
Malicious
28977DC0000
heap
page read and write
28979885000
heap
page read and write
B242C7C000
stack
page read and write
28977BD0000
heap
page read and write
28979880000
heap
page read and write
28977E30000
heap
page read and write
28977E5C000
heap
page read and write
B24275E000
stack
page read and write
B2426D9000
stack
page read and write
B2427DE000
stack
page read and write
B242BFE000
stack
page read and write
28977D10000
heap
page read and write
28977D40000
heap
page read and write
B242AFC000
stack
page read and write
B242B7E000
stack
page read and write
B242A7F000
stack
page read and write
28977E38000
heap
page read and write
There are 7 hidden memdumps, click here to show them.