Source: |
Binary string: userenv.pdb> source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: dwmapi.pdb2 source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wkernel32.pdb source: WerFault.exe, 00000005.00000003.666812842.0000000004D0F000.00000004.00000001.sdmp |
Source: |
Binary string: bcrypt.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wwin32u.pdb\ source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: ucrtbase.pdb source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: ColorAdapterClient.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: msvcrt.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: wuser32.pdbH source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wrpcrt4.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: wntdll.pdb source: WerFault.exe, 00000005.00000003.667774393.0000000002E62000.00000004.00000001.sdmp |
Source: |
Binary string: shcore.pdb source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: riched20.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: oleacc.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wgdi32.pdb source: WerFault.exe, 00000005.00000003.672712202.00000000052B0000.00000004.00000040.sdmp |
Source: |
Binary string: fltLib.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: advapi32.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: comctl32v582.pdbE source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wsspicli.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: shell32.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: oleaut32.pdbB source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: msi.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: ntmarta.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: CLBCatQ.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: fltLib.pdbP source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: msvcp_win.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: version.pdb` source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wkernelbase.pdb source: WerFault.exe, 00000005.00000003.667332189.0000000002E6E000.00000004.00000001.sdmp |
Source: |
Binary string: wimm32.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: userenv.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: shlwapi.pdb source: WerFault.exe, 00000005.00000003.672712202.00000000052B0000.00000004.00000040.sdmp |
Source: |
Binary string: wwin32u.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wimm32.pdb$ source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: setupapi.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: usp10.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wUxTheme.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: crypt32.pdb@ source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: dwmapi.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: rtutils.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wntdll.pdb( source: WerFault.exe, 00000005.00000003.667774393.0000000002E62000.00000004.00000001.sdmp |
Source: |
Binary string: shcore.pdbk source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: profapi.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wgdi32full.pdb source: WerFault.exe, 00000005.00000003.672712202.00000000052B0000.00000004.00000040.sdmp |
Source: |
Binary string: sechost.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: shfolder.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: ntmarta.pdbt source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: propsys.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: propsys.pdbN source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: shfolder.pdbE source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: cfgmgr32.pdbk source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: ucrtbase.pdbk source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: setupapi.pdb8 source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: powrprof.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: powrprof.pdbz source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: msctf.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: version.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: ole32.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: apphelp.pdbf source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: mscms.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: msasn1.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: Kernel.Appcore.pdb source: WerFault.exe, 00000005.00000003.672712202.00000000052B0000.00000004.00000040.sdmp |
Source: |
Binary string: comctl32v582.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: cryptbase.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: wUxTheme.pdb* source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wkernelbase.pdb( source: WerFault.exe, 00000005.00000003.667332189.0000000002E6E000.00000004.00000001.sdmp |
Source: |
Binary string: cfgmgr32.pdb source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: bcryptprimitives.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: combase.pdb source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: Windows.Storage.pdb source: WerFault.exe, 00000005.00000003.672712202.00000000052B0000.00000004.00000040.sdmp |
Source: |
Binary string: Kernel.Appcore.pdbF source: WerFault.exe, 00000005.00000003.672712202.00000000052B0000.00000004.00000040.sdmp |
Source: |
Binary string: combase.pdbk source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: oleaut32.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: profapi.pdbV source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: msls31.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: apphelp.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wuser32.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: crypt32.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: C:\Users\user\Desktop\Invoice 6500TH21Y5674.exe |
Code function: 0_2_00405339 GetDlgItem,GetDlgItem,GetDlgItem,GetDlgItem,GetClientRect,GetSystemMetrics,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,ShowWindow,ShowWindow,GetDlgItem,SendMessageA,SendMessageA,SendMessageA,GetDlgItem,CreateThread,CloseHandle,ShowWindow,ShowWindow,ShowWindow,ShowWindow,SendMessageA,CreatePopupMenu,AppendMenuA,GetWindowRect,TrackPopupMenu,SendMessageA,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,SendMessageA,GlobalUnlock,SetClipboardData,CloseClipboard, |
0_2_00405339 |
Source: C:\Users\user\Desktop\Invoice 6500TH21Y5674.exe |
Code function: 0_2_00403325 EntryPoint,SetErrorMode,GetVersion,lstrlenA,#17,OleInitialize,SHGetFileInfoA,GetCommandLineA,CharNextA,GetTempPathA,GetTempPathA,GetWindowsDirectoryA,lstrcatA,GetTempPathA,lstrcatA,SetEnvironmentVariableA,SetEnvironmentVariableA,SetEnvironmentVariableA,DeleteFileA,OleUninitialize,ExitProcess,lstrcatA,lstrcatA,lstrcatA,lstrcmpiA,SetCurrentDirectoryA,DeleteFileA,CopyFileA,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess, |
0_2_00403325 |
Source: C:\Users\user\Desktop\Invoice 6500TH21Y5674.exe |
Code function: 0_2_00403325 EntryPoint,SetErrorMode,GetVersion,lstrlenA,#17,OleInitialize,SHGetFileInfoA,GetCommandLineA,CharNextA,GetTempPathA,GetTempPathA,GetWindowsDirectoryA,lstrcatA,GetTempPathA,lstrcatA,SetEnvironmentVariableA,SetEnvironmentVariableA,SetEnvironmentVariableA,DeleteFileA,OleUninitialize,ExitProcess,lstrcatA,lstrcatA,lstrcatA,lstrcmpiA,SetCurrentDirectoryA,DeleteFileA,CopyFileA,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess, |
0_2_00403325 |
Source: |
Binary string: userenv.pdb> source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: dwmapi.pdb2 source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wkernel32.pdb source: WerFault.exe, 00000005.00000003.666812842.0000000004D0F000.00000004.00000001.sdmp |
Source: |
Binary string: bcrypt.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wwin32u.pdb\ source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: ucrtbase.pdb source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: ColorAdapterClient.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: msvcrt.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: wuser32.pdbH source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wrpcrt4.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: wntdll.pdb source: WerFault.exe, 00000005.00000003.667774393.0000000002E62000.00000004.00000001.sdmp |
Source: |
Binary string: shcore.pdb source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: riched20.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: oleacc.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wgdi32.pdb source: WerFault.exe, 00000005.00000003.672712202.00000000052B0000.00000004.00000040.sdmp |
Source: |
Binary string: fltLib.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: advapi32.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: comctl32v582.pdbE source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wsspicli.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: shell32.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: oleaut32.pdbB source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: msi.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: ntmarta.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: CLBCatQ.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: fltLib.pdbP source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: msvcp_win.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: version.pdb` source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wkernelbase.pdb source: WerFault.exe, 00000005.00000003.667332189.0000000002E6E000.00000004.00000001.sdmp |
Source: |
Binary string: wimm32.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: userenv.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: shlwapi.pdb source: WerFault.exe, 00000005.00000003.672712202.00000000052B0000.00000004.00000040.sdmp |
Source: |
Binary string: wwin32u.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wimm32.pdb$ source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: setupapi.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: usp10.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wUxTheme.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: crypt32.pdb@ source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: dwmapi.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: rtutils.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wntdll.pdb( source: WerFault.exe, 00000005.00000003.667774393.0000000002E62000.00000004.00000001.sdmp |
Source: |
Binary string: shcore.pdbk source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: profapi.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wgdi32full.pdb source: WerFault.exe, 00000005.00000003.672712202.00000000052B0000.00000004.00000040.sdmp |
Source: |
Binary string: sechost.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: shfolder.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: ntmarta.pdbt source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: propsys.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: propsys.pdbN source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: shfolder.pdbE source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: cfgmgr32.pdbk source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: ucrtbase.pdbk source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: setupapi.pdb8 source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: powrprof.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: powrprof.pdbz source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: msctf.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: version.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: ole32.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: apphelp.pdbf source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: mscms.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: msasn1.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: Kernel.Appcore.pdb source: WerFault.exe, 00000005.00000003.672712202.00000000052B0000.00000004.00000040.sdmp |
Source: |
Binary string: comctl32v582.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: cryptbase.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: wUxTheme.pdb* source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wkernelbase.pdb( source: WerFault.exe, 00000005.00000003.667332189.0000000002E6E000.00000004.00000001.sdmp |
Source: |
Binary string: cfgmgr32.pdb source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: bcryptprimitives.pdb source: WerFault.exe, 00000005.00000003.672571387.0000000005101000.00000004.00000001.sdmp |
Source: |
Binary string: combase.pdb source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: Windows.Storage.pdb source: WerFault.exe, 00000005.00000003.672712202.00000000052B0000.00000004.00000040.sdmp |
Source: |
Binary string: Kernel.Appcore.pdbF source: WerFault.exe, 00000005.00000003.672712202.00000000052B0000.00000004.00000040.sdmp |
Source: |
Binary string: combase.pdbk source: WerFault.exe, 00000005.00000003.672610626.00000000052B1000.00000004.00000040.sdmp |
Source: |
Binary string: oleaut32.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: profapi.pdbV source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: msls31.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: apphelp.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: wuser32.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: |
Binary string: crypt32.pdb source: WerFault.exe, 00000005.00000003.672737412.00000000052B7000.00000004.00000040.sdmp |
Source: C:\Users\user\Desktop\Invoice 6500TH21Y5674.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: WerFault.exe, 00000005.00000002.685752998.00000000052D0000.00000002.00000001.sdmp |
Binary or memory string: A Virtual Machine could not be started because Hyper-V is not installed. |
Source: WerFault.exe, 00000005.00000002.685487977.0000000004D00000.00000004.00000001.sdmp |
Binary or memory string: Hyper-V RAW |
Source: WerFault.exe, 00000005.00000002.685752998.00000000052D0000.00000002.00000001.sdmp |
Binary or memory string: A communication protocol error has occurred between the Hyper-V Host and Guest Compute Service. |
Source: WerFault.exe, 00000005.00000002.685752998.00000000052D0000.00000002.00000001.sdmp |
Binary or memory string: The communication protocol version between the Hyper-V Host and Guest Compute Services is not supported. |
Source: WerFault.exe, 00000005.00000002.685752998.00000000052D0000.00000002.00000001.sdmp |
Binary or memory string: An unknown internal message was received by the Hyper-V Compute Service. |
Source: C:\Users\user\Desktop\Invoice 6500TH21Y5674.exe |
Code function: 0_2_00403325 EntryPoint,SetErrorMode,GetVersion,lstrlenA,#17,OleInitialize,SHGetFileInfoA,GetCommandLineA,CharNextA,GetTempPathA,GetTempPathA,GetWindowsDirectoryA,lstrcatA,GetTempPathA,lstrcatA,SetEnvironmentVariableA,SetEnvironmentVariableA,SetEnvironmentVariableA,DeleteFileA,OleUninitialize,ExitProcess,lstrcatA,lstrcatA,lstrcatA,lstrcmpiA,SetCurrentDirectoryA,DeleteFileA,CopyFileA,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess, |
0_2_00403325 |