Source: | Binary string: winhttp.pdbV source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: wininet.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: ole32.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: msvcrt.pdbk source: WerFault.exe, 00000003.00000003.678504903.0000000005912000.00000004.00000040.sdmp |
Source: | Binary string: wkernel32.pdb source: WerFault.exe, 00000003.00000003.678490919.0000000005791000.00000004.00000001.sdmp |
Source: | Binary string: crypt32.pdbN source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: ucrtbase.pdb source: WerFault.exe, 00000003.00000003.678490919.0000000005791000.00000004.00000001.sdmp |
Source: | Binary string: wldap32.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: msvcrt.pdb source: WerFault.exe, 00000003.00000003.678504903.0000000005912000.00000004.00000040.sdmp |
Source: | Binary string: wrpcrt4.pdb source: WerFault.exe, 00000003.00000003.678546892.0000000005915000.00000004.00000040.sdmp |
Source: | Binary string: wntdll.pdb source: WerFault.exe, 00000003.00000003.678490919.0000000005791000.00000004.00000001.sdmp |
Source: | Binary string: wrpcrt4.pdbk source: WerFault.exe, 00000003.00000003.678546892.0000000005915000.00000004.00000040.sdmp |
Source: | Binary string: shcore.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: wgdi32.pdb source: WerFault.exe, 00000003.00000003.678490919.0000000005791000.00000004.00000001.sdmp |
Source: | Binary string: fltLib.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: advapi32.pdb source: WerFault.exe, 00000003.00000003.678490919.0000000005791000.00000004.00000001.sdmp |
Source: | Binary string: wsspicli.pdb source: WerFault.exe, 00000003.00000003.678541937.0000000005910000.00000004.00000040.sdmp |
Source: | Binary string: shell32.pdb source: WerFault.exe, 00000003.00000003.678541937.0000000005910000.00000004.00000040.sdmp |
Source: | Binary string: msvcp_win.pdb source: WerFault.exe, 00000003.00000003.678490919.0000000005791000.00000004.00000001.sdmp |
Source: | Binary string: wkernelbase.pdb source: WerFault.exe, 00000003.00000003.674734776.0000000003688000.00000004.00000001.sdmp |
Source: | Binary string: version.pdb\ source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: wimm32.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: shlwapi.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: wwin32u.pdb source: WerFault.exe, 00000003.00000003.678490919.0000000005791000.00000004.00000001.sdmp |
Source: | Binary string: setupapi.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: winhttp.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: wldap32.pdb~ source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: wntdll.pdb( source: WerFault.exe, 00000003.00000003.674970320.000000000367C000.00000004.00000001.sdmp |
Source: | Binary string: profapi.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: ws2_32.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: wgdi32full.pdb source: WerFault.exe, 00000003.00000003.678490919.0000000005791000.00000004.00000001.sdmp |
Source: | Binary string: sechost.pdb source: WerFault.exe, 00000003.00000003.678546892.0000000005915000.00000004.00000040.sdmp |
Source: | Binary string: msasn1.pdbp source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: powrprof.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: shlwapi.pdbh source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: cfgmgr32.pdbb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: f:\sys\objfre_wxp_x86\i386\FsFilter32.pdb source: V7F2H10gJw.dll |
Source: | Binary string: version.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: ole32.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: ws2_32.pdbd source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: fltLib.pdbZ source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: msasn1.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: Kernel.Appcore.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: cryptbase.pdb source: WerFault.exe, 00000003.00000003.678541937.0000000005910000.00000004.00000040.sdmp |
Source: | Binary string: f:\sys\objfre_wxp_x86\i386\FsFilter32.pdbpJ source: V7F2H10gJw.dll |
Source: | Binary string: setupapi.pdb@ source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: sechost.pdbk source: WerFault.exe, 00000003.00000003.678546892.0000000005915000.00000004.00000040.sdmp |
Source: | Binary string: wkernelbase.pdb( source: WerFault.exe, 00000003.00000003.674734776.0000000003688000.00000004.00000001.sdmp |
Source: | Binary string: cfgmgr32.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: bcryptprimitives.pdb source: WerFault.exe, 00000003.00000003.678541937.0000000005910000.00000004.00000040.sdmp |
Source: | Binary string: combase.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: | Binary string: Windows.Storage.pdb source: WerFault.exe, 00000003.00000003.678541937.0000000005910000.00000004.00000040.sdmp |
Source: | Binary string: wkernel32.pdb( source: WerFault.exe, 00000003.00000003.674651326.0000000003682000.00000004.00000001.sdmp |
Source: | Binary string: apphelp.pdb source: WerFault.exe, 00000003.00000003.678490919.0000000005791000.00000004.00000001.sdmp |
Source: | Binary string: wuser32.pdb source: WerFault.exe, 00000003.00000003.678490919.0000000005791000.00000004.00000001.sdmp |
Source: | Binary string: f:\sys\objfre_win7_amd64\amd64\FsFilter64.pdb source: V7F2H10gJw.dll |
Source: | Binary string: apmjrsmCReportStore::Prune: MaxReportCount=%d MaxSizeInMb=%dRSDSwkernel32.pdb source: WerFault.exe, 00000003.00000002.682013956.00000000032B2000.00000004.00000010.sdmp |
Source: | Binary string: crypt32.pdb source: WerFault.exe, 00000003.00000003.678513455.0000000005918000.00000004.00000040.sdmp |
Source: V7F2H10gJw.dll | String found in binary or memory: "name":"fb_dtsg","value":"name="fb_dtsg" value="Sec-Fetch-Dest: documentSec-Fetch-Mode: navigateSec-Fetch-Site: nonehttps://www.facebook.com/""2%d0https://graph.facebook.com/me/friends?access_token=%s&pretty=1&limit=1summarytotal_count{}summarytotal_count%dquery_friends.\task_cookie\facebook_agreement.cpp[HIJACK][%s][%s][%d]: count = %d equals www.facebook.com (Facebook) |
Source: V7F2H10gJw.dll | String found in binary or memory: -3https://www.facebook.com/payments/settings/payment_methods/index.php?__a=1errorSummaryconfirmemail.phpcard_type_name-110query_payment2.\task_cookie\facebook_agreement.cpp[HIJACK][%s][%s][%d]: ret = %s equals www.facebook.com (Facebook) |
Source: V7F2H10gJw.dll | String found in binary or memory: accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9sec-fetch-dest: documentsec-fetch-mode: navigatesec-fetch-site: same-originreferer: https://www.messenger.com/origin: https://www.messenger.comhttps://www.messenger.com/login/nonce/ookie: c_user=ookie: xs=ookie: ;%[^;]; https://m.facebook.com/settings/email/<span class="_52ji _8uk3">accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9sec-fetch-dest: documentsec-fetch-mode: navigatesec-fetch-site: noneupgrade-insecure-requests: 1</span></span>@@@@https://m.facebook.com/settings/sms/<strong><span dir="ltr">accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9sec-fetch-dest: documentsec-fetch-mode: navigatesec-fetch-site: noneupgrade-insecure-requests: 1</span></span>+ https://m.facebook.com/pages/creation_flow/?step=name&cat_ref_page_id=0&ref_type=launch_point"dtsg":{"token":"accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9sec-fetch-dest: documentsec-fetch-mode: navigatesec-fetch-site: noneupgrade-insecure-requests: 1"https://m.facebook.com/pages/create/edit_name/"draftID":Accept: */*Origin: https://m.facebook.comReferer: https://m.facebook.com/pages/creation_flow/?step=name&cat_ref_page_id=0&ref_type=launch_pointSec-Fetch-Dest: emptySec-Fetch-Mode: corsSec-Fetch-Site: same-originX-Requested-With: XMLHttpRequestX-Response-Format: JSONStreampage_name=&m_sess=&fb_dtsg=&jazoest=&__csr=&__req=3&__user=,"https://m.facebook.com/pages/creation_flow/?step=category&draft_id=&cat_ref_page_id=0&extra_data=%7B%22page_name%22%3A%22%22%7D"dtsg":{"token":"accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Referer: https://m.facebook.com/pages/creation_flow/?step=name&cat_ref_page_id=0&ref_type=launch_pointsec-fetch-dest: documentsec-fetch-mode: navigatesec-fetch-site: same-originSec-Fetch-User: ?1upgrade-insecure-requests: 1"https://m.facebook.com/pages/create/edit_category/"pageID":Referer: https://m.facebook.com/pages/creation_flow/?step=category&draft_id=&cat_ref_page_id=0&extra_data=%7B%22page_name%22%3A%22%22%7DAccept: */*Origin: https://m.facebook.comSec-Fetch-Dest: emptySec-F |