Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\freebl\freebl_freebl3\freebl3.pdbZZ source: freebl3.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\gfx\angle\targets\libEGL\libEGL.pdb source: libEGL.dll.12.dr |
Source: | Binary string: api-ms-win-crt-locale-l1-1-0.pdb source: api-ms-win-crt-locale-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-crt-runtime-l1-1-0.pdb source: api-ms-win-crt-runtime-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\comm\ldap\c-sdk\libraries\libprldap\prldap60.pdb source: prldap60.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\accessible\interfaces\ia2\IA2Marshal.pdb source: IA2Marshal.dll.12.dr |
Source: | Binary string: api-ms-win-core-file-l1-2-0.pdb source: api-ms-win-core-file-l1-2-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss3.pdb source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881153656.000000006D200000.00000002.00020000.sdmp, nss3.dll.12.dr |
Source: | Binary string: ucrtbase.pdb source: ucrtbase.dll.12.dr |
Source: | Binary string: api-ms-win-core-memory-l1-1-0.pdb source: api-ms-win-core-memory-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-sysinfo-l1-1-0.pdb source: api-ms-win-core-sysinfo-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\comm\ldap\c-sdk\libraries\libldap\ldap60.pdb source: ldap60.dll.12.dr |
Source: | Binary string: api-ms-win-crt-filesystem-l1-1-0.pdb source: api-ms-win-crt-filesystem-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-crt-stdio-l1-1-0.pdb source: api-ms-win-crt-stdio-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-heap-l1-1-0.pdb source: api-ms-win-core-heap-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-util-l1-1-0.pdb source: api-ms-win-core-util-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-synch-l1-1-0.pdb source: api-ms-win-core-synch-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-crt-environment-l1-1-0.pdb source: api-ms-win-crt-environment-l1-1-0.dll.12.dr |
Source: | Binary string: vcruntime140.i386.pdbGCTL source: vcruntime140.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\softoken\softoken_softokn3\softokn3.pdb source: softokn3.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\ckfw\builtins\builtins_nssckbi\nssckbi.pdb source: nssckbi.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\mozglue\build\mozglue.pdb22! source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881046456.000000006D0F9000.00000002.00020000.sdmp, mozglue.dll.12.dr |
Source: | Binary string: api-ms-win-core-processthreads-l1-1-0.pdb source: api-ms-win-core-processthreads-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\freebl\freebl_freebl3\freebl3.pdb source: freebl3.dll.12.dr |
Source: | Binary string: api-ms-win-crt-private-l1-1-0.pdb source: api-ms-win-crt-private-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-crt-convert-l1-1-0.pdb source: api-ms-win-crt-convert-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\accessible\ipc\win\handler\AccessibleHandler.pdb source: AccessibleHandler.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\softoken\legacydb\legacydb_nssdbm3\nssdbm3.pdb-- source: nssdbm3.dll.12.dr |
Source: | Binary string: msvcp140.i386.pdb source: msvcp140.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\comm\mailnews\mapi\mapihook\build\MapiProxy.pdb source: MapiProxy_InUse.dll.12.dr |
Source: | Binary string: api-ms-win-core-profile-l1-1-0.pdb source: api-ms-win-core-profile-l1-1-0.dll.12.dr |
Source: | Binary string: ucrtbase.pdbUGP source: ucrtbase.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\comm\ldap\c-sdk\libraries\libldap\ldap60.pdbUU source: ldap60.dll.12.dr |
Source: | Binary string: api-ms-win-crt-time-l1-1-0.pdb source: api-ms-win-crt-time-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\ckfw\builtins\builtins_nssckbi\nssckbi.pdb66 source: nssckbi.dll.12.dr |
Source: | Binary string: api-ms-win-core-handle-l1-1-0.pdb source: api-ms-win-core-handle-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-synch-l1-2-0.pdb source: api-ms-win-core-synch-l1-2-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\softoken\softoken_softokn3\softokn3.pdb)) source: softokn3.dll.12.dr |
Source: | Binary string: api-ms-win-core-processenvironment-l1-1-0.pdb source: api-ms-win-core-processenvironment-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\accessible\interfaces\ia2\IA2Marshal.pdb<< source: IA2Marshal.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\mozglue\build\mozglue.pdb source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881046456.000000006D0F9000.00000002.00020000.sdmp, mozglue.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\toolkit\library\dummydll\qipcap.pdb source: qipcap.dll.12.dr |
Source: | Binary string: api-ms-win-crt-conio-l1-1-0.pdb source: api-ms-win-crt-conio-l1-1-0.dll.12.dr |
Source: | Binary string: ms-win-core-memory-l1-1-0.pdb source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.880884389.000000006698B000.00000004.00000001.sdmp |
Source: | Binary string: api-ms-win-crt-math-l1-1-0.pdb source: api-ms-win-crt-math-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-localization-l1-2-0.pdb source: api-ms-win-core-localization-l1-2-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-processthreads-l1-1-1.pdb source: api-ms-win-core-processthreads-l1-1-1.dll.12.dr |
Source: | Binary string: api-ms-win-core-namedpipe-l1-1-0.pdb source: api-ms-win-core-namedpipe-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-crt-multibyte-l1-1-0.pdb source: api-ms-win-crt-multibyte-l1-1-0.dll.12.dr |
Source: | Binary string: vcruntime140.i386.pdb source: vcruntime140.dll.12.dr |
Source: | Binary string: api-ms-win-crt-utility-l1-1-0.pdb source: api-ms-win-crt-utility-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\comm\mailnews\mapi\mapiDLL\mozMapi32.pdb source: mozMapi32.dll.12.dr |
Source: | Binary string: api-ms-win-core-rtlsupport-l1-1-0.pdb source: api-ms-win-core-rtlsupport-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-timezone-l1-1-0.pdb source: api-ms-win-core-timezone-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-string-l1-1-0.pdb source: api-ms-win-core-string-l1-1-0.dll.12.dr |
Source: | Binary string: msvcp140.i386.pdbGCTL source: msvcp140.dll.12.dr |
Source: | Binary string: api-ms-win-core-file-l2-1-0.pdb source: api-ms-win-core-file-l2-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-crt-process-l1-1-0.pdb source: api-ms-win-crt-process-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-libraryloader-l1-1-0.pdb source: api-ms-win-core-libraryloader-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\config\external\lgpllibs\lgpllibs.pdb source: lgpllibs.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\comm\ldap\c-sdk\libraries\libldif\ldif60.pdb source: ldif60.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\accessible\interfaces\msaa\AccessibleMarshal.pdb source: AccessibleMarshal.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\softoken\legacydb\legacydb_nssdbm3\nssdbm3.pdb source: nssdbm3.dll.12.dr |
Source: | Binary string: api-ms-win-core-interlocked-l1-1-0.pdb source: api-ms-win-core-interlocked-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\toolkit\crashreporter\injector\breakpadinjector.pdb source: breakpadinjector.dll.12.dr |
Source: | Binary string: api-ms-win-crt-heap-l1-1-0.pdb source: api-ms-win-crt-heap-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-crt-string-l1-1-0.pdb source: api-ms-win-crt-string-l1-1-0.dll.12.dr |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ebx, 00005B18h |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 4x nop then mov ecx, ecx |
Source: mozglue.dll.12.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0 |
Source: mozglue.dll.12.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://cps.chambersign.org/cps/chambersignroot.html0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://cps.chambersign.org/cps/chambersroot.html0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://crl.chambersign.org/chambersignroot.crl0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://crl.chambersign.org/chambersroot.crl0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://crl.comodoca.com/COMODOCertificationAuthority.crl0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://crl.globalsign.net/root-r2.crl0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://crl.netsolssl.com/NetworkSolutionsCertificateAuthority.crl0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://crl.securetrust.com/SGCA.crl0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://crl.securetrust.com/STCA.crl0 |
Source: mozglue.dll.12.dr | String found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://crl.xrampsecurity.com/XGCA.crl0 |
Source: mozglue.dll.12.dr | String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O |
Source: mozglue.dll.12.dr | String found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05 |
Source: mozglue.dll.12.dr | String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0: |
Source: mozglue.dll.12.dr | String found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://fedir.comsign.co.il/crl/ComSignCA.crl0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://ocsp.accv.es0 |
Source: mozglue.dll.12.dr | String found in binary or memory: http://ocsp.digicert.com0C |
Source: mozglue.dll.12.dr | String found in binary or memory: http://ocsp.digicert.com0N |
Source: mozglue.dll.12.dr | String found in binary or memory: http://ocsp.thawte.com0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://policy.camerfirma.com0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://repository.swisssign.com/0 |
Source: mozglue.dll.12.dr | String found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0 |
Source: mozglue.dll.12.dr | String found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0( |
Source: mozglue.dll.12.dr | String found in binary or memory: http://ts-ocsp.ws.symantec.com07 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://www.accv.es/legislacion_c.htm0U |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://www.accv.es00 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://www.cert.fnmt.es/dpcs/0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://www.certicamara.com/dpc/0Z |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://www.certplus.com/CRL/class2.crl0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://www.chambersign.org1 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://www.diginotar.nl/cps/pkioverheid0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://www.firmaprofesional.com/cps0 |
Source: mozglue.dll.12.dr | String found in binary or memory: http://www.mozilla.com/en-US/blocklist/ |
Source: mozglue.dll.12.dr | String found in binary or memory: http://www.mozilla.com0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://www.pkioverheid.nl/policies/root-policy-G20 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://www.quovadis.bm0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://www.quovadisglobal.com/cps0 |
Source: sqlite3.dll.12.dr | String found in binary or memory: http://www.sqlite.org/copyright.html. |
Source: nssckbi.dll.12.dr | String found in binary or memory: http://www.trustcenter.de/crl/v2/tc_class_3_ca_II.crl |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000003.862159056.0000000066921000.00000004.00000001.sdmp, 1xVPfvJcrg.12.dr | String found in binary or memory: https://ac.ecosia.org/autocomplete?q= |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000003.862159056.0000000066921000.00000004.00000001.sdmp, 1xVPfvJcrg.12.dr | String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q= |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.877495152.0000000000561000.00000040.00000001.sdmp | String found in binary or memory: https://drive.google.com/uc?export=download&id=1EVgv79jm2Kha80e4t5kPPRtQGH8glBYc |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000003.862159056.0000000066921000.00000004.00000001.sdmp, 1xVPfvJcrg.12.dr | String found in binary or memory: https://duckduckgo.com/ac/?q= |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000003.862159056.0000000066921000.00000004.00000001.sdmp, 1xVPfvJcrg.12.dr | String found in binary or memory: https://duckduckgo.com/chrome_newtab |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000003.862159056.0000000066921000.00000004.00000001.sdmp, 1xVPfvJcrg.12.dr | String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q= |
Source: nssckbi.dll.12.dr | String found in binary or memory: https://ocsp.quovadisoffshore.com0 |
Source: nssckbi.dll.12.dr | String found in binary or memory: https://repository.luxtrust.lu0 |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000003.862159056.0000000066921000.00000004.00000001.sdmp, 1xVPfvJcrg.12.dr | String found in binary or memory: https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000003.862159056.0000000066921000.00000004.00000001.sdmp, 1xVPfvJcrg.12.dr | String found in binary or memory: https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command= |
Source: nssckbi.dll.12.dr | String found in binary or memory: https://www.catcert.net/verarrel |
Source: nssckbi.dll.12.dr | String found in binary or memory: https://www.catcert.net/verarrel05 |
Source: mozglue.dll.12.dr | String found in binary or memory: https://www.digicert.com/CPS0 |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000003.862159056.0000000066921000.00000004.00000001.sdmp, 1xVPfvJcrg.12.dr | String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A4E08 NtProtectVirtualMemory, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A528C NtResumeThread, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A1F10 NtSetInformationThread,NtWriteVirtualMemory, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A03F5 EnumWindows,NtSetInformationThread, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A300B NtSetInformationThread, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A2018 NtWriteVirtualMemory, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A22BC NtWriteVirtualMemory, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A5295 NtResumeThread, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A10FF NtSetInformationThread, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A0EF7 NtSetInformationThread, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A04C9 NtSetInformationThread, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A5336 NtResumeThread, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A5501 NtResumeThread, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A0D5E NtSetInformationThread, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A51EB NtProtectVirtualMemory, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A53F2 NtResumeThread, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A11CB NtSetInformationThread, |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00403E7A |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_0040445A |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404C77 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404015 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404839 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_004044C9 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_004040F0 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404081 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_004048AA |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_0040415D |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404915 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404538 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_004041C0 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_004049F8 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404987 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_004045B2 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404A65 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_0040461C |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404230 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00403EC3 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404AC5 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_004046EA |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_0040468B |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_004042A4 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404753 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_0040430C |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404B27 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_004047C4 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_004043E8 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404380 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00403FA7 |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 12_2_6D0EBD8F |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 12_2_6D0F5F1F |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 12_2_6D0F0229 |
Source: softokn3.dll.12.dr | Binary or memory string: CREATE TABLE metaData (id PRIMARY KEY UNIQUE ON CONFLICT REPLACE, item1, item2); |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881153656.000000006D200000.00000002.00020000.sdmp, sqlite3.dll.12.dr | Binary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q); |
Source: softokn3.dll.12.dr | Binary or memory string: SELECT ALL %s FROM %s WHERE id=$ID; |
Source: softokn3.dll.12.dr | Binary or memory string: SELECT ALL * FROM %s LIMIT 0; |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881153656.000000006D200000.00000002.00020000.sdmp, sqlite3.dll.12.dr | Binary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB); |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881153656.000000006D200000.00000002.00020000.sdmp, nss3.dll.12.dr | Binary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);docid INTEGER PRIMARY KEY%z, 'c%d%q'%z, langidCREATE TABLE %Q.'%q_content'(%s)CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);< |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881153656.000000006D200000.00000002.00020000.sdmp, sqlite3.dll.12.dr | Binary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB); |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881153656.000000006D200000.00000002.00020000.sdmp, sqlite3.dll.12.dr | Binary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx)); |
Source: softokn3.dll.12.dr | Binary or memory string: UPDATE %s SET %s WHERE id=$ID; |
Source: softokn3.dll.12.dr | Binary or memory string: SELECT ALL * FROM metaData WHERE id=$ID; |
Source: softokn3.dll.12.dr | Binary or memory string: SELECT ALL id FROM %s WHERE %s; |
Source: softokn3.dll.12.dr | Binary or memory string: SELECT ALL id FROM %s; |
Source: softokn3.dll.12.dr | Binary or memory string: INSERT INTO metaData (id,item1) VALUES($ID,$ITEM1); |
Source: sqlite3.dll.12.dr | Binary or memory string: UPDATE %Q.%s SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger'); |
Source: softokn3.dll.12.dr | Binary or memory string: INSERT INTO %s (id%s) VALUES($ID%s); |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881153656.000000006D200000.00000002.00020000.sdmp, nss3.dll.12.dr | Binary or memory string: UPDATE "%w".%s SET sql = sqlite_rename_parent(sql, %Q, %Q) WHERE %s; |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881153656.000000006D200000.00000002.00020000.sdmp, nss3.dll.12.dr | Binary or memory string: UPDATE sqlite_temp_master SET sql = sqlite_rename_trigger(sql, %Q), tbl_name = %Q WHERE %s; |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881153656.000000006D200000.00000002.00020000.sdmp, sqlite3.dll.12.dr | Binary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB); |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881153656.000000006D200000.00000002.00020000.sdmp, nss3.dll.12.dr | Binary or memory string: CREATE TABLE xx( name TEXT, /* Name of table or index */ path TEXT, /* Path to page from root */ pageno INTEGER, /* Page number */ pagetype TEXT, /* 'internal', 'leaf' or 'overflow' */ ncell INTEGER, /* Cells on page (0 for overflow) */ payload INTEGER, /* Bytes of payload on this page */ unused INTEGER, /* Bytes of unused space on this page */ mx_payload INTEGER, /* Largest payload size of all cells */ pgoffset INTEGER, /* Offset of page in file */ pgsize INTEGER, /* Size of the page */ schema TEXT HIDDEN /* Database schema being analyzed */); |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881153656.000000006D200000.00000002.00020000.sdmp, nss3.dll.12.dr | Binary or memory string: UPDATE %Q.%s SET sql = CASE WHEN type = 'trigger' THEN sqlite_rename_trigger(sql, %Q)ELSE sqlite_rename_table(sql, %Q) END, tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger'); |
Source: softokn3.dll.12.dr | Binary or memory string: INSERT INTO metaData (id,item1,item2) VALUES($ID,$ITEM1,$ITEM2); |
Source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881153656.000000006D200000.00000002.00020000.sdmp, nss3.dll.12.dr | Binary or memory string: CREATE TABLE xx( name TEXT, /* Name of table or index */ path TEXT, /* Path to page from root */ pageno INTEGER, /* Page number */ pagetype TEXT, /* 'internal', 'leaf' or 'overflow' */ ncell INTEGER, /* Cells on page (0 for overflow) */ payload INTEGER, /* Bytes of payload on this page */ unused INTEGER, /* Bytes of unused space on this page */ mx_payload INTEGER, /* Largest payload size of all cells */ pgoffset INTEGER, /* Offset of page in file */ pgsize INTEGER, /* Size of the page */ schema TEXT HIDDEN /* Database schema being analyzed */);/overflow%s%.3x+%.6x%s%.3x/internalleafcorruptedno such schema: %sSELECT 'sqlite_master' AS name, 1 AS rootpage, 'table' AS type UNION ALL SELECT name, rootpage, type FROM "%w".%s WHERE rootpage!=0 ORDER BY namedbstat2018-01-22 18:45:57 0c55d179733b46d8d0ba4d88e01a25e10677046ee3da1d5b1581e86726f2171d: |
Source: sqlite3.dll.12.dr | Binary or memory string: CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY,parentnode); |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\freebl\freebl_freebl3\freebl3.pdbZZ source: freebl3.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\gfx\angle\targets\libEGL\libEGL.pdb source: libEGL.dll.12.dr |
Source: | Binary string: api-ms-win-crt-locale-l1-1-0.pdb source: api-ms-win-crt-locale-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-crt-runtime-l1-1-0.pdb source: api-ms-win-crt-runtime-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\comm\ldap\c-sdk\libraries\libprldap\prldap60.pdb source: prldap60.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\accessible\interfaces\ia2\IA2Marshal.pdb source: IA2Marshal.dll.12.dr |
Source: | Binary string: api-ms-win-core-file-l1-2-0.pdb source: api-ms-win-core-file-l1-2-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss3.pdb source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881153656.000000006D200000.00000002.00020000.sdmp, nss3.dll.12.dr |
Source: | Binary string: ucrtbase.pdb source: ucrtbase.dll.12.dr |
Source: | Binary string: api-ms-win-core-memory-l1-1-0.pdb source: api-ms-win-core-memory-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-sysinfo-l1-1-0.pdb source: api-ms-win-core-sysinfo-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\comm\ldap\c-sdk\libraries\libldap\ldap60.pdb source: ldap60.dll.12.dr |
Source: | Binary string: api-ms-win-crt-filesystem-l1-1-0.pdb source: api-ms-win-crt-filesystem-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-crt-stdio-l1-1-0.pdb source: api-ms-win-crt-stdio-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-heap-l1-1-0.pdb source: api-ms-win-core-heap-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-util-l1-1-0.pdb source: api-ms-win-core-util-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-synch-l1-1-0.pdb source: api-ms-win-core-synch-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-crt-environment-l1-1-0.pdb source: api-ms-win-crt-environment-l1-1-0.dll.12.dr |
Source: | Binary string: vcruntime140.i386.pdbGCTL source: vcruntime140.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\softoken\softoken_softokn3\softokn3.pdb source: softokn3.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\ckfw\builtins\builtins_nssckbi\nssckbi.pdb source: nssckbi.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\mozglue\build\mozglue.pdb22! source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881046456.000000006D0F9000.00000002.00020000.sdmp, mozglue.dll.12.dr |
Source: | Binary string: api-ms-win-core-processthreads-l1-1-0.pdb source: api-ms-win-core-processthreads-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\freebl\freebl_freebl3\freebl3.pdb source: freebl3.dll.12.dr |
Source: | Binary string: api-ms-win-crt-private-l1-1-0.pdb source: api-ms-win-crt-private-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-crt-convert-l1-1-0.pdb source: api-ms-win-crt-convert-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\accessible\ipc\win\handler\AccessibleHandler.pdb source: AccessibleHandler.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\softoken\legacydb\legacydb_nssdbm3\nssdbm3.pdb-- source: nssdbm3.dll.12.dr |
Source: | Binary string: msvcp140.i386.pdb source: msvcp140.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\comm\mailnews\mapi\mapihook\build\MapiProxy.pdb source: MapiProxy_InUse.dll.12.dr |
Source: | Binary string: api-ms-win-core-profile-l1-1-0.pdb source: api-ms-win-core-profile-l1-1-0.dll.12.dr |
Source: | Binary string: ucrtbase.pdbUGP source: ucrtbase.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\comm\ldap\c-sdk\libraries\libldap\ldap60.pdbUU source: ldap60.dll.12.dr |
Source: | Binary string: api-ms-win-crt-time-l1-1-0.pdb source: api-ms-win-crt-time-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\ckfw\builtins\builtins_nssckbi\nssckbi.pdb66 source: nssckbi.dll.12.dr |
Source: | Binary string: api-ms-win-core-handle-l1-1-0.pdb source: api-ms-win-core-handle-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-synch-l1-2-0.pdb source: api-ms-win-core-synch-l1-2-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\softoken\softoken_softokn3\softokn3.pdb)) source: softokn3.dll.12.dr |
Source: | Binary string: api-ms-win-core-processenvironment-l1-1-0.pdb source: api-ms-win-core-processenvironment-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\accessible\interfaces\ia2\IA2Marshal.pdb<< source: IA2Marshal.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\mozglue\build\mozglue.pdb source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.881046456.000000006D0F9000.00000002.00020000.sdmp, mozglue.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\toolkit\library\dummydll\qipcap.pdb source: qipcap.dll.12.dr |
Source: | Binary string: api-ms-win-crt-conio-l1-1-0.pdb source: api-ms-win-crt-conio-l1-1-0.dll.12.dr |
Source: | Binary string: ms-win-core-memory-l1-1-0.pdb source: Anmodning om tilbud 12-04-2021#U00b7pdf.exe, 0000000C.00000002.880884389.000000006698B000.00000004.00000001.sdmp |
Source: | Binary string: api-ms-win-crt-math-l1-1-0.pdb source: api-ms-win-crt-math-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-localization-l1-2-0.pdb source: api-ms-win-core-localization-l1-2-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-processthreads-l1-1-1.pdb source: api-ms-win-core-processthreads-l1-1-1.dll.12.dr |
Source: | Binary string: api-ms-win-core-namedpipe-l1-1-0.pdb source: api-ms-win-core-namedpipe-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-crt-multibyte-l1-1-0.pdb source: api-ms-win-crt-multibyte-l1-1-0.dll.12.dr |
Source: | Binary string: vcruntime140.i386.pdb source: vcruntime140.dll.12.dr |
Source: | Binary string: api-ms-win-crt-utility-l1-1-0.pdb source: api-ms-win-crt-utility-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\comm\mailnews\mapi\mapiDLL\mozMapi32.pdb source: mozMapi32.dll.12.dr |
Source: | Binary string: api-ms-win-core-rtlsupport-l1-1-0.pdb source: api-ms-win-core-rtlsupport-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-timezone-l1-1-0.pdb source: api-ms-win-core-timezone-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-string-l1-1-0.pdb source: api-ms-win-core-string-l1-1-0.dll.12.dr |
Source: | Binary string: msvcp140.i386.pdbGCTL source: msvcp140.dll.12.dr |
Source: | Binary string: api-ms-win-core-file-l2-1-0.pdb source: api-ms-win-core-file-l2-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-crt-process-l1-1-0.pdb source: api-ms-win-crt-process-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-core-libraryloader-l1-1-0.pdb source: api-ms-win-core-libraryloader-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\config\external\lgpllibs\lgpllibs.pdb source: lgpllibs.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\comm\ldap\c-sdk\libraries\libldif\ldif60.pdb source: ldif60.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\accessible\interfaces\msaa\AccessibleMarshal.pdb source: AccessibleMarshal.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\security\nss\lib\softoken\legacydb\legacydb_nssdbm3\nssdbm3.pdb source: nssdbm3.dll.12.dr |
Source: | Binary string: api-ms-win-core-interlocked-l1-1-0.pdb source: api-ms-win-core-interlocked-l1-1-0.dll.12.dr |
Source: | Binary string: z:\task_1552562425\build\src\obj-thunderbird\toolkit\crashreporter\injector\breakpadinjector.pdb source: breakpadinjector.dll.12.dr |
Source: | Binary string: api-ms-win-crt-heap-l1-1-0.pdb source: api-ms-win-crt-heap-l1-1-0.dll.12.dr |
Source: | Binary string: api-ms-win-crt-string-l1-1-0.pdb source: api-ms-win-crt-string-l1-1-0.dll.12.dr |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-rtlsupport-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\nssdbm3.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-synch-l1-2-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-environment-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-utility-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\MapiProxy_InUse.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\freebl3.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\sqlite3.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-processthreads-l1-1-1.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\softokn3.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-string-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\AccessibleMarshal.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-processenvironment-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\ldap60.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-file-l2-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-memory-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-synch-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-stdio-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-profile-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-time-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\vcruntime140.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-private-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-timezone-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\ucrtbase.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-multibyte-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-heap-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-process-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-interlocked-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\qipcap.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\lgpllibs.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-filesystem-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\mozMapi32_InUse.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\ldif60.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\prldap60.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-namedpipe-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-file-l1-2-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-string-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-math-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-locale-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\mozMapi32.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\mozglue.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\nss3.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-libraryloader-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\breakpadinjector.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-heap-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\MapiProxy.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-conio-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-processthreads-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-util-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\nssckbi.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-sysinfo-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-convert-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\AccessibleHandler.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-handle-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\msvcp140.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\IA2Marshal.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-localization-l1-2-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-runtime-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | File created: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\libEGL.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 00000000022A453B second address: 00000000022A453B instructions: 0x00000000 rdtsc 0x00000002 xor eax, eax 0x00000004 inc eax 0x00000005 cpuid 0x00000007 popad 0x00000008 call 00007F0BED037528h 0x0000000d lfence 0x00000010 mov edx, dword ptr [7FFE0014h] 0x00000016 lfence 0x00000019 ret 0x0000001a sub edx, esi 0x0000001c ret 0x0000001d test bl, bl 0x0000001f test ch, bh 0x00000021 add edi, edx 0x00000023 test dh, 00000019h 0x00000026 dec dword ptr [ebp+000000F8h] 0x0000002c cmp dword ptr [ebp+000000F8h], 00000000h 0x00000033 jne 00007F0BED037503h 0x00000035 test bl, cl 0x00000037 call 00007F0BED037548h 0x0000003c call 00007F0BED037538h 0x00000041 lfence 0x00000044 mov edx, dword ptr [7FFE0014h] 0x0000004a lfence 0x0000004d ret 0x0000004e mov esi, edx 0x00000050 pushad 0x00000051 rdtsc |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 00000000022A4B5A second address: 00000000022A4B5A instructions: 0x00000000 rdtsc 0x00000002 mov eax, 00000001h 0x00000007 cpuid 0x00000009 popad 0x0000000a inc ebx 0x0000000b cmp ebx, eax 0x0000000d je 00007F0BED03762Fh 0x00000013 cmp byte ptr [ebx], FFFFFFB8h 0x00000016 jne 00007F0BED037509h 0x00000018 pushad 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 00000000022A4BFD second address: 00000000022A4BFD instructions: 0x00000000 rdtsc 0x00000002 mov eax, 00000001h 0x00000007 cpuid 0x00000009 popad 0x0000000a inc ebx 0x0000000b cmp byte ptr [ebx], FFFFFFC2h 0x0000000e jne 00007F0BED03A931h 0x00000010 pushad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 00000000022A295B second address: 00000000022A2998 instructions: 0x00000000 rdtsc 0x00000002 mov eax, 00000001h 0x00000007 cpuid 0x00000009 popad 0x0000000a pop dword ptr [ebp+0000012Ch] 0x00000010 cmp al, 21h 0x00000012 mov dword ptr [ebp+68h], 00000000h 0x00000019 jmp 00007F0BED038045h 0x0000001e call 00007F0BED036A02h 0x00000023 pop dword ptr [ebp+64h] 0x00000026 cmp dh, bh 0x00000028 jmp 00007F0BED037DB2h 0x0000002d call 00007F0BED036C93h 0x00000032 cmp cl, 00000003h 0x00000035 pop dword ptr [ebp+6Ch] 0x00000038 mov dword ptr [ebp+70h], 00000000h 0x0000003f pushad 0x00000040 mov edi, 00000003h 0x00000045 rdtsc |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 00000000022A29B4 second address: 00000000022A29B4 instructions: |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 0000000000561805 second address: 0000000000561805 instructions: |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 00000000005618F8 second address: 00000000005618F8 instructions: |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 0000000000561A99 second address: 0000000000561A99 instructions: |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 00000000022A453B second address: 00000000022A453B instructions: 0x00000000 rdtsc 0x00000002 xor eax, eax 0x00000004 inc eax 0x00000005 cpuid 0x00000007 popad 0x00000008 call 00007F0BED037528h 0x0000000d lfence 0x00000010 mov edx, dword ptr [7FFE0014h] 0x00000016 lfence 0x00000019 ret 0x0000001a sub edx, esi 0x0000001c ret 0x0000001d test bl, bl 0x0000001f test ch, bh 0x00000021 add edi, edx 0x00000023 test dh, 00000019h 0x00000026 dec dword ptr [ebp+000000F8h] 0x0000002c cmp dword ptr [ebp+000000F8h], 00000000h 0x00000033 jne 00007F0BED037503h 0x00000035 test bl, cl 0x00000037 call 00007F0BED037548h 0x0000003c call 00007F0BED037538h 0x00000041 lfence 0x00000044 mov edx, dword ptr [7FFE0014h] 0x0000004a lfence 0x0000004d ret 0x0000004e mov esi, edx 0x00000050 pushad 0x00000051 rdtsc |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 00000000022A455B second address: 00000000022A455B instructions: 0x00000000 rdtsc 0x00000002 lfence 0x00000005 shl edx, 20h 0x00000008 or edx, eax 0x0000000a ret 0x0000000b mov esi, edx 0x0000000d pushad 0x0000000e xor eax, eax 0x00000010 inc eax 0x00000011 cpuid 0x00000013 bt ecx, 1Fh 0x00000017 jc 00007F0BED03AD3Ah 0x0000001d popad 0x0000001e call 00007F0BED03AA51h 0x00000023 lfence 0x00000026 rdtsc |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 00000000022A4B5A second address: 00000000022A4B5A instructions: 0x00000000 rdtsc 0x00000002 mov eax, 00000001h 0x00000007 cpuid 0x00000009 popad 0x0000000a inc ebx 0x0000000b cmp ebx, eax 0x0000000d je 00007F0BED03762Fh 0x00000013 cmp byte ptr [ebx], FFFFFFB8h 0x00000016 jne 00007F0BED037509h 0x00000018 pushad 0x00000019 rdtsc |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 00000000022A4BFD second address: 00000000022A4BFD instructions: 0x00000000 rdtsc 0x00000002 mov eax, 00000001h 0x00000007 cpuid 0x00000009 popad 0x0000000a inc ebx 0x0000000b cmp byte ptr [ebx], FFFFFFC2h 0x0000000e jne 00007F0BED03A931h 0x00000010 pushad 0x00000011 rdtsc |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 00000000022A295B second address: 00000000022A2998 instructions: 0x00000000 rdtsc 0x00000002 mov eax, 00000001h 0x00000007 cpuid 0x00000009 popad 0x0000000a pop dword ptr [ebp+0000012Ch] 0x00000010 cmp al, 21h 0x00000012 mov dword ptr [ebp+68h], 00000000h 0x00000019 jmp 00007F0BED038045h 0x0000001e call 00007F0BED036A02h 0x00000023 pop dword ptr [ebp+64h] 0x00000026 cmp dh, bh 0x00000028 jmp 00007F0BED037DB2h 0x0000002d call 00007F0BED036C93h 0x00000032 cmp cl, 00000003h 0x00000035 pop dword ptr [ebp+6Ch] 0x00000038 mov dword ptr [ebp+70h], 00000000h 0x0000003f pushad 0x00000040 mov edi, 00000003h 0x00000045 rdtsc |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 00000000022A2998 second address: 00000000022A29B4 instructions: 0x00000000 rdtsc 0x00000002 popad 0x00000003 mov dword ptr [ebp+74h], 00000000h 0x0000000a mov dword ptr [ebp+000000ACh], 0008F400h 0x00000014 mov dword ptr [ebp+7Ch], 00000000h 0x0000001b pushad 0x0000001c rdtsc |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 00000000022A29B4 second address: 00000000022A29B4 instructions: |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 000000000056455B second address: 000000000056455B instructions: 0x00000000 rdtsc 0x00000002 lfence 0x00000005 shl edx, 20h 0x00000008 or edx, eax 0x0000000a ret 0x0000000b mov esi, edx 0x0000000d pushad 0x0000000e xor eax, eax 0x00000010 inc eax 0x00000011 cpuid 0x00000013 bt ecx, 1Fh 0x00000017 jc 00007F0BED03AD3Ah 0x0000001d popad 0x0000001e call 00007F0BED03AA51h 0x00000023 lfence 0x00000026 rdtsc |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 0000000000561805 second address: 0000000000561805 instructions: |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 00000000005618F8 second address: 00000000005618F8 instructions: |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | RDTSC instruction interceptor: First address: 0000000000561A99 second address: 0000000000561A99 instructions: |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-rtlsupport-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\nssdbm3.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-synch-l1-2-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-environment-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-utility-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\MapiProxy_InUse.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\freebl3.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-processthreads-l1-1-1.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\softokn3.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-string-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\AccessibleMarshal.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-processenvironment-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\ldap60.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-file-l2-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-memory-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-synch-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-stdio-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-profile-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-time-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-private-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-timezone-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-heap-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-multibyte-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-process-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-interlocked-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\qipcap.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\lgpllibs.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-filesystem-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\mozMapi32_InUse.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\ldif60.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\prldap60.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-namedpipe-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-file-l1-2-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-string-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-math-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-locale-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\mozMapi32.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-libraryloader-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\breakpadinjector.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\MapiProxy.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-heap-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-conio-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-processthreads-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-util-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-sysinfo-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\nssckbi.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-convert-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\AccessibleHandler.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-handle-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\IA2Marshal.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-core-localization-l1-2-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\api-ms-win-crt-runtime-l1-1-0.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\gC9tT2iQ3s\libEGL.dll | Jump to dropped file |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00403E7A mov ebx, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404015 mov ebx, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_004040F0 mov ebx, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404081 mov ebx, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_0040415D mov ebx, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_004041C0 mov ebx, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00404230 mov ebx, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00403EC3 mov ebx, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_00403FA7 mov ebx, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A1A42 mov eax, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A1A95 mov eax, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A3EFE mov eax, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A4350 mov eax, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A13B6 mov eax, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A2582 mov eax, dword ptr fs:[00000030h] |
Source: C:\Users\user\Desktop\Anmodning om tilbud 12-04-2021#U00b7pdf.exe | Code function: 0_2_022A49C2 mov eax, dword ptr fs:[00000030h] |