3. Through this malware-induced SSL connection the attacker gains access to your RAM data on constant or periodical basis.
Only the memory of the affected process is dumped, the rest of the system is safe.
Unless the process runs with elevated privileges but in that case you don't need a vulnerable openssl to win.