Source: C:\Users\user\Desktop\dqH3t8JU1x.exe | Code function: 1_2_00408AD5 CryptAcquireContextA,CryptCreateHash,CryptHashData,CryptGetHashParam,CryptDestroyHash,CryptReleaseContext, | 1_2_00408AD5 |
Source: C:\Users\user\Desktop\dqH3t8JU1x.exe | Code function: 1_2_00408AF8 CryptAcquireContextA,CryptCreateHash,CryptHashData,CryptGetHashParam,CryptDestroyHash,CryptReleaseContext, | 1_2_00408AF8 |
Source: C:\Users\user\Desktop\dqH3t8JU1x.exe | Code function: 1_2_0040930B CredEnumerateA,CryptUnprotectData, | 1_2_0040930B |
Source: C:\Users\user\Desktop\dqH3t8JU1x.exe | Code function: 1_2_0040930C CredEnumerateA,CryptUnprotectData, | 1_2_0040930C |
Source: C:\Users\user\Desktop\dqH3t8JU1x.exe | Code function: 1_2_00408E58 RegOpenKeyExA,RegQueryValueExA,RegQueryValueExA,CryptUnprotectData,RegEnumValueA,RegCloseKey, | 1_2_00408E58 |
Source: C:\Windows\install\TEXTURAFIVEM.exe | Code function: 4_2_00408AD5 CryptAcquireContextA,CryptCreateHash,CryptHashData,CryptGetHashParam,CryptDestroyHash,CryptReleaseContext, | 4_2_00408AD5 |
Source: C:\Windows\install\TEXTURAFIVEM.exe | Code function: 4_2_00408AF8 CryptAcquireContextA,CryptCreateHash,CryptHashData,CryptGetHashParam,CryptDestroyHash,CryptReleaseContext, | 4_2_00408AF8 |
Source: C:\Windows\install\TEXTURAFIVEM.exe | Code function: 4_2_0040930B CredEnumerateA,CryptUnprotectData, | 4_2_0040930B |
Source: C:\Windows\install\TEXTURAFIVEM.exe | Code function: 4_2_0040930C CredEnumerateA,CryptUnprotectData, | 4_2_0040930C |
Source: C:\Windows\install\TEXTURAFIVEM.exe | Code function: 4_2_00408E58 RegOpenKeyExA,RegQueryValueExA,RegQueryValueExA,CryptUnprotectData,RegEnumValueA,RegCloseKey, | 4_2_00408E58 |
Source: C:\Windows\install\TEXTURAFIVEM.exe | Code function: 5_2_00408AD5 CryptAcquireContextA,CryptCreateHash,CryptHashData,CryptGetHashParam,CryptDestroyHash,CryptReleaseContext, | 5_2_00408AD5 |
Source: C:\Windows\install\TEXTURAFIVEM.exe | Code function: 5_2_00408AF8 CryptAcquireContextA,CryptCreateHash,CryptHashData,CryptGetHashParam,CryptDestroyHash,CryptReleaseContext, | 5_2_00408AF8 |
Source: C:\Windows\install\TEXTURAFIVEM.exe | Code function: 5_2_0040930B CredEnumerateA,CryptUnprotectData, | 5_2_0040930B |
Source: C:\Windows\install\TEXTURAFIVEM.exe | Code function: 5_2_0040930C CredEnumerateA,CryptUnprotectData, | 5_2_0040930C |
Source: C:\Windows\install\TEXTURAFIVEM.exe | Code function: 5_2_00408E58 RegOpenKeyExA,RegQueryValueExA,RegQueryValueExA,CryptUnprotectData,RegEnumValueA,RegCloseKey, | 5_2_00408E58 |
Source: C:\Windows\install\TEXTURAFIVEM.exe | Code function: 9_2_00408AD5 CryptAcquireContextA,CryptCreateHash,CryptHashData,CryptGetHashParam,CryptDestroyHash,CryptReleaseContext, | 9_2_00408AD5 |
Source: C:\Windows\install\TEXTURAFIVEM.exe | Code function: 9_2_00408AF8 CryptAcquireContextA,CryptCreateHash,CryptHashData,CryptGetHashParam,CryptDestroyHash,CryptReleaseContext, | 9_2_00408AF8 |
Source: C:\Windows\install\TEXTURAFIVEM.exe | Code function: 9_2_0040930B CredEnumerateA,CryptUnprotectData, | 9_2_0040930B |
Source: C:\Windows\install\TEXTURAFIVEM.exe | Code function: 9_2_0040930C CredEnumerateA,CryptUnprotectData, | 9_2_0040930C |
Source: C:\Windows\install\TEXTURAFIVEM.exe | Code function: 9_2_00408E58 RegOpenKeyExA,RegQueryValueExA,RegQueryValueExA,CryptUnprotectData,RegEnumValueA,RegCloseKey, | 9_2_00408E58 |
Source: | Binary string: msacm32.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: RmClient.pdb= source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: msvfw32.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wkernel32.pdb source: WerFault.exe, 0000001C.00000003.530664291.0000000004FCE000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555588364.00000000056E0000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.553818944.0000000000BCA000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587851693.0000000003400000.00000004.00000040.sdmp |
Source: | Binary string: pstorec.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: bcrypt.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: ucrtbase.pdb source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: msvcrt.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555588364.00000000056E0000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.572284230.0000000005060000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587851693.0000000003400000.00000004.00000040.sdmp |
Source: | Binary string: wrpcrt4.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: wntdll.pdb source: WerFault.exe, 0000001C.00000003.530712712.00000000031F1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555588364.00000000056E0000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.572284230.0000000005060000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587851693.0000000003400000.00000004.00000040.sdmp |
Source: | Binary string: CoreMessaging.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: cryptsp.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: advapi32.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: SettingSyncCore.pdbd source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: wsspicli.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: ntmarta.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: CLBCatQ.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: rasapi32.pdbhr source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: wkernelbase.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555588364.00000000056E0000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.572284230.0000000005060000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587851693.0000000003400000.00000004.00000040.sdmp |
Source: | Binary string: shlwapi.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: mpr.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wuser32.pdbe source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: avicap32.pdbq source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: shell32.pdb{ source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: dwmapi.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: ntmarta.pdbc source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: shell32.pdbp source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: ole32.pdbk source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp |
Source: | Binary string: WINMMBASE.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: ws2_32.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: dwmapi.pdbw source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: wscui.pdbUGP source: explorer.exe, 00000002.00000000.358325341.0000000007AA0000.00000002.00000001.sdmp |
Source: | Binary string: iphlpapi.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: fltLib.pdb|r# source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: ucrtbase.pdbk source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp |
Source: | Binary string: oleaut32.pdbzr- source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: winmm.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: KiUserCallbackDispatcherRSDSwntdll.pdb source: WerFault.exe, 00000025.00000002.603618013.0000000000C12000.00000004.00000001.sdmp |
Source: | Binary string: powrprof.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: ole32.pdb source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: shlwapi.pdbd source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: msasn1.pdb source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp |
Source: | Binary string: shell32.pdbRr source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: advapi32.pdbO source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: cfgmgr32.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: Windows.Storage.pdb source: WerFault.exe, 0000001C.00000003.540697482.00000000053E0000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: combase.pdb source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: Kernel.Appcore.pdbF source: WerFault.exe, 0000001C.00000003.540697482.00000000053E0000.00000004.00000040.sdmp |
Source: | Binary string: wkernel32.pdb( source: WerFault.exe, 0000001C.00000003.530725448.00000000031F7000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.552560599.0000000000B94000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.564345998.0000000003273000.00000004.00000001.sdmp |
Source: | Binary string: wimm32.pdbY source: WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wsock32.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wininet.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: WinTypes.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: comctl32.pdb`? source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: powrprof.pdb.rQ source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: wwin32u.pdbU source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: twinapi.appcore.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wsock32.pdb; source: WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: msacm32.pdbF? source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: cfgmgr32.pdbLrs source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: iphlpapi.pdbC source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: shlwapi.pdb^r source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: rasman.pdb@r source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: shcore.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: ws2_32.pdbx? source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: explorer.pdb source: WerFault.exe, 0000001F.00000003.555588364.00000000056E0000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.572284230.0000000005060000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587851693.0000000003400000.00000004.00000040.sdmp |
Source: | Binary string: wgdi32.pdb source: WerFault.exe, 0000001C.00000003.540697482.00000000053E0000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: fltLib.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: powrprof.pdbA source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: shell32.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: gdiplus.pdbL? source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: msvcp_win.pdbm source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: cryptsp.pdbr? source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: msvcp_win.pdb source: WerFault.exe, 0000001C.00000003.540697482.00000000053E0000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: rasapi32.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: wimm32.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: userenv.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: CoreUIComponents.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wwin32u.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: SettingSyncCore.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: TextInputFramework.pdbd source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: wUxTheme.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wimm32.pdbpr7 source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: comctl32.pdb source: WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: gdiplus.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: RmClient.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: rtutils.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: profapi.pdbfr source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: msvcp_win.pdb*Rp source: WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wntdll.pdb( source: WerFault.exe, 0000001C.00000003.530712712.00000000031F1000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.552533833.0000000000B8E000.00000004.00000001.sdmp |
Source: | Binary string: profapi.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wgdi32full.pdb source: WerFault.exe, 0000001C.00000003.540697482.00000000053E0000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wsock32.pdbP?}& source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: msvfw32.pdbS source: WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: sechost.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: msasn1.pdbk source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp |
Source: | Binary string: msctf.pdbM source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: rasman.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: fltLib.pdbi source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: propsys.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wuser32.pdbJr} source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: msctf.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: TextInputFramework.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wscui.pdb source: explorer.exe, 00000002.00000000.358325341.0000000007AA0000.00000002.00000001.sdmp |
Source: | Binary string: twinapi.pdb source: WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: WINMMBASE.pdbY source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: Kernel.Appcore.pdb source: WerFault.exe, 0000001C.00000003.540697482.00000000053E0000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: avicap32.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: cryptbase.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: bcryptprimitives.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: wkernelbase.pdb( source: WerFault.exe, 0000001C.00000003.530737964.00000000031FD000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.552584359.0000000000B9A000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.566720629.0000000003279000.00000004.00000001.sdmp |
Source: | Binary string: iphlpapi.pdb! source: WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: WinTypes.pdb} source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: combase.pdbk source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp |
Source: | Binary string: wtsapi32.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: oleaut32.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: wsock32.pdbw source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: wuser32.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: comctl32.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: pstorec.pdbTr source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: RmClient.pdbS source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: crypt32.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://fontfabrik.com |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0 |
Source: explorer.exe, 00000002.00000002.610418959.000000000095C000.00000004.00000020.sdmp | String found in binary or memory: http://www.autoitscript.com/autoit3/J |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.carterandcone.coml |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.fontbureau.com |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.fontbureau.com/designers |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.fontbureau.com/designers/? |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.fontbureau.com/designers/cabarga.htmlN |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.fontbureau.com/designers/frere-jones.html |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.fontbureau.com/designers8 |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.fontbureau.com/designers? |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.fontbureau.com/designersG |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.fonts.com |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.founder.com.cn/cn |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.founder.com.cn/cn/bThe |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.founder.com.cn/cn/cThe |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.galapagosdesign.com/DPlease |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htm |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.goodfont.co.kr |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.jiyu-kobo.co.jp/ |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.sajatypeworks.com |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.sakkal.com |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.sandoll.co.kr |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.tiro.com |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.typography.netD |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.urwpp.deDPlease |
Source: explorer.exe, 00000002.00000000.361040308.000000000B1A6000.00000002.00000001.sdmp | String found in binary or memory: http://www.zhongyicts.com.cn |
Source: 00000014.00000002.652344852.0000000024010000.00000040.00000001.sdmp, type: MEMORY | Matched rule: Malware_QA_update date = 2016-08-29, hash2 = 6415b45f5bae6429dd5d92d6cae46e8a704873b7090853e68e80cd179058903e, author = Florian Roth, description = VT Research QA uploaded malware - file update.exe, reference = VT Research QA, license = https://creativecommons.org/licenses/by-nc/4.0/, score = 6d805533623d7063241620eec38b7eb9b625533ccadeaf4f6c2cc6db32711541 |
Source: 00000015.00000002.628676656.0000000024080000.00000040.00000001.sdmp, type: MEMORY | Matched rule: Malware_QA_update date = 2016-08-29, hash2 = 6415b45f5bae6429dd5d92d6cae46e8a704873b7090853e68e80cd179058903e, author = Florian Roth, description = VT Research QA uploaded malware - file update.exe, reference = VT Research QA, license = https://creativecommons.org/licenses/by-nc/4.0/, score = 6d805533623d7063241620eec38b7eb9b625533ccadeaf4f6c2cc6db32711541 |
Source: 0000001E.00000002.630169861.0000000024010000.00000040.00000001.sdmp, type: MEMORY | Matched rule: Malware_QA_update date = 2016-08-29, hash2 = 6415b45f5bae6429dd5d92d6cae46e8a704873b7090853e68e80cd179058903e, author = Florian Roth, description = VT Research QA uploaded malware - file update.exe, reference = VT Research QA, license = https://creativecommons.org/licenses/by-nc/4.0/, score = 6d805533623d7063241620eec38b7eb9b625533ccadeaf4f6c2cc6db32711541 |
Source: 00000016.00000002.628591472.0000000024010000.00000040.00000001.sdmp, type: MEMORY | Matched rule: Malware_QA_update date = 2016-08-29, hash2 = 6415b45f5bae6429dd5d92d6cae46e8a704873b7090853e68e80cd179058903e, author = Florian Roth, description = VT Research QA uploaded malware - file update.exe, reference = VT Research QA, license = https://creativecommons.org/licenses/by-nc/4.0/, score = 6d805533623d7063241620eec38b7eb9b625533ccadeaf4f6c2cc6db32711541 |
Source: 20.2.explorer.exe.24010000.6.unpack, type: UNPACKEDPE | Matched rule: Malware_QA_update date = 2016-08-29, hash2 = 6415b45f5bae6429dd5d92d6cae46e8a704873b7090853e68e80cd179058903e, author = Florian Roth, description = VT Research QA uploaded malware - file update.exe, reference = VT Research QA, license = https://creativecommons.org/licenses/by-nc/4.0/, score = 6d805533623d7063241620eec38b7eb9b625533ccadeaf4f6c2cc6db32711541 |
Source: 25.2.TEXTURAFIVEM.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: RAT_CyberGate date = 01.04.2014, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, description = Detects CyberGate RAT, reference = http://malwareconfig.com/stats/CyberGate |
Source: 25.2.TEXTURAFIVEM.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: CyberGate date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/CyberGate |
Source: 1.2.dqH3t8JU1x.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: RAT_CyberGate date = 01.04.2014, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, description = Detects CyberGate RAT, reference = http://malwareconfig.com/stats/CyberGate |
Source: 1.2.dqH3t8JU1x.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: CyberGate date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/CyberGate |
Source: 4.2.TEXTURAFIVEM.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: RAT_CyberGate date = 01.04.2014, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, description = Detects CyberGate RAT, reference = http://malwareconfig.com/stats/CyberGate |
Source: 4.2.TEXTURAFIVEM.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: CyberGate date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/CyberGate |
Source: 30.2.explorer.exe.24010000.3.unpack, type: UNPACKEDPE | Matched rule: Malware_QA_update date = 2016-08-29, hash2 = 6415b45f5bae6429dd5d92d6cae46e8a704873b7090853e68e80cd179058903e, author = Florian Roth, description = VT Research QA uploaded malware - file update.exe, reference = VT Research QA, license = https://creativecommons.org/licenses/by-nc/4.0/, score = 6d805533623d7063241620eec38b7eb9b625533ccadeaf4f6c2cc6db32711541 |
Source: 20.2.explorer.exe.24010000.6.raw.unpack, type: UNPACKEDPE | Matched rule: Malware_QA_update date = 2016-08-29, hash2 = 6415b45f5bae6429dd5d92d6cae46e8a704873b7090853e68e80cd179058903e, author = Florian Roth, description = VT Research QA uploaded malware - file update.exe, reference = VT Research QA, license = https://creativecommons.org/licenses/by-nc/4.0/, score = 6d805533623d7063241620eec38b7eb9b625533ccadeaf4f6c2cc6db32711541 |
Source: 5.2.TEXTURAFIVEM.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: RAT_CyberGate date = 01.04.2014, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, description = Detects CyberGate RAT, reference = http://malwareconfig.com/stats/CyberGate |
Source: 5.2.TEXTURAFIVEM.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: CyberGate date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/CyberGate |
Source: 9.2.TEXTURAFIVEM.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: RAT_CyberGate date = 01.04.2014, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, description = Detects CyberGate RAT, reference = http://malwareconfig.com/stats/CyberGate |
Source: 9.2.TEXTURAFIVEM.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: CyberGate date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/CyberGate |
Source: 22.2.explorer.exe.24010000.3.raw.unpack, type: UNPACKEDPE | Matched rule: Malware_QA_update date = 2016-08-29, hash2 = 6415b45f5bae6429dd5d92d6cae46e8a704873b7090853e68e80cd179058903e, author = Florian Roth, description = VT Research QA uploaded malware - file update.exe, reference = VT Research QA, license = https://creativecommons.org/licenses/by-nc/4.0/, score = 6d805533623d7063241620eec38b7eb9b625533ccadeaf4f6c2cc6db32711541 |
Source: 21.2.explorer.exe.24080000.3.raw.unpack, type: UNPACKEDPE | Matched rule: Malware_QA_update date = 2016-08-29, hash2 = 6415b45f5bae6429dd5d92d6cae46e8a704873b7090853e68e80cd179058903e, author = Florian Roth, description = VT Research QA uploaded malware - file update.exe, reference = VT Research QA, license = https://creativecommons.org/licenses/by-nc/4.0/, score = 6d805533623d7063241620eec38b7eb9b625533ccadeaf4f6c2cc6db32711541 |
Source: 21.2.explorer.exe.24080000.3.unpack, type: UNPACKEDPE | Matched rule: Malware_QA_update date = 2016-08-29, hash2 = 6415b45f5bae6429dd5d92d6cae46e8a704873b7090853e68e80cd179058903e, author = Florian Roth, description = VT Research QA uploaded malware - file update.exe, reference = VT Research QA, license = https://creativecommons.org/licenses/by-nc/4.0/, score = 6d805533623d7063241620eec38b7eb9b625533ccadeaf4f6c2cc6db32711541 |
Source: 22.2.explorer.exe.24010000.3.unpack, type: UNPACKEDPE | Matched rule: Malware_QA_update date = 2016-08-29, hash2 = 6415b45f5bae6429dd5d92d6cae46e8a704873b7090853e68e80cd179058903e, author = Florian Roth, description = VT Research QA uploaded malware - file update.exe, reference = VT Research QA, license = https://creativecommons.org/licenses/by-nc/4.0/, score = 6d805533623d7063241620eec38b7eb9b625533ccadeaf4f6c2cc6db32711541 |
Source: 30.2.explorer.exe.24010000.3.raw.unpack, type: UNPACKEDPE | Matched rule: Malware_QA_update date = 2016-08-29, hash2 = 6415b45f5bae6429dd5d92d6cae46e8a704873b7090853e68e80cd179058903e, author = Florian Roth, description = VT Research QA uploaded malware - file update.exe, reference = VT Research QA, license = https://creativecommons.org/licenses/by-nc/4.0/, score = 6d805533623d7063241620eec38b7eb9b625533ccadeaf4f6c2cc6db32711541 |
Source: | Binary string: msacm32.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: RmClient.pdb= source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: msvfw32.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wkernel32.pdb source: WerFault.exe, 0000001C.00000003.530664291.0000000004FCE000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555588364.00000000056E0000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.553818944.0000000000BCA000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587851693.0000000003400000.00000004.00000040.sdmp |
Source: | Binary string: pstorec.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: bcrypt.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: ucrtbase.pdb source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: msvcrt.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555588364.00000000056E0000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.572284230.0000000005060000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587851693.0000000003400000.00000004.00000040.sdmp |
Source: | Binary string: wrpcrt4.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: wntdll.pdb source: WerFault.exe, 0000001C.00000003.530712712.00000000031F1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555588364.00000000056E0000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.572284230.0000000005060000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587851693.0000000003400000.00000004.00000040.sdmp |
Source: | Binary string: CoreMessaging.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: cryptsp.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: advapi32.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: SettingSyncCore.pdbd source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: wsspicli.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: ntmarta.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: CLBCatQ.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: rasapi32.pdbhr source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: wkernelbase.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555588364.00000000056E0000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.572284230.0000000005060000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587851693.0000000003400000.00000004.00000040.sdmp |
Source: | Binary string: shlwapi.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: mpr.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wuser32.pdbe source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: avicap32.pdbq source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: shell32.pdb{ source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: dwmapi.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: ntmarta.pdbc source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: shell32.pdbp source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: ole32.pdbk source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp |
Source: | Binary string: WINMMBASE.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: ws2_32.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: dwmapi.pdbw source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: wscui.pdbUGP source: explorer.exe, 00000002.00000000.358325341.0000000007AA0000.00000002.00000001.sdmp |
Source: | Binary string: iphlpapi.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: fltLib.pdb|r# source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: ucrtbase.pdbk source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp |
Source: | Binary string: oleaut32.pdbzr- source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: winmm.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: KiUserCallbackDispatcherRSDSwntdll.pdb source: WerFault.exe, 00000025.00000002.603618013.0000000000C12000.00000004.00000001.sdmp |
Source: | Binary string: powrprof.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: ole32.pdb source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: shlwapi.pdbd source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: msasn1.pdb source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp |
Source: | Binary string: shell32.pdbRr source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: advapi32.pdbO source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: cfgmgr32.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: Windows.Storage.pdb source: WerFault.exe, 0000001C.00000003.540697482.00000000053E0000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: combase.pdb source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: Kernel.Appcore.pdbF source: WerFault.exe, 0000001C.00000003.540697482.00000000053E0000.00000004.00000040.sdmp |
Source: | Binary string: wkernel32.pdb( source: WerFault.exe, 0000001C.00000003.530725448.00000000031F7000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.552560599.0000000000B94000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.564345998.0000000003273000.00000004.00000001.sdmp |
Source: | Binary string: wimm32.pdbY source: WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wsock32.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wininet.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: WinTypes.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: comctl32.pdb`? source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: powrprof.pdb.rQ source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: wwin32u.pdbU source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: twinapi.appcore.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wsock32.pdb; source: WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: msacm32.pdbF? source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: cfgmgr32.pdbLrs source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: iphlpapi.pdbC source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: shlwapi.pdb^r source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: rasman.pdb@r source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: shcore.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: ws2_32.pdbx? source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: explorer.pdb source: WerFault.exe, 0000001F.00000003.555588364.00000000056E0000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.572284230.0000000005060000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587851693.0000000003400000.00000004.00000040.sdmp |
Source: | Binary string: wgdi32.pdb source: WerFault.exe, 0000001C.00000003.540697482.00000000053E0000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: fltLib.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: powrprof.pdbA source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: shell32.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: gdiplus.pdbL? source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: msvcp_win.pdbm source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: cryptsp.pdbr? source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: msvcp_win.pdb source: WerFault.exe, 0000001C.00000003.540697482.00000000053E0000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: rasapi32.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: wimm32.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: userenv.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: CoreUIComponents.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wwin32u.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: SettingSyncCore.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: TextInputFramework.pdbd source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: wUxTheme.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wimm32.pdbpr7 source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: comctl32.pdb source: WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: gdiplus.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: RmClient.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: rtutils.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: profapi.pdbfr source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: msvcp_win.pdb*Rp source: WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wntdll.pdb( source: WerFault.exe, 0000001C.00000003.530712712.00000000031F1000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.552533833.0000000000B8E000.00000004.00000001.sdmp |
Source: | Binary string: profapi.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wgdi32full.pdb source: WerFault.exe, 0000001C.00000003.540697482.00000000053E0000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wsock32.pdbP?}& source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: msvfw32.pdbS source: WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: sechost.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: msasn1.pdbk source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp |
Source: | Binary string: msctf.pdbM source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: rasman.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: fltLib.pdbi source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: propsys.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wuser32.pdbJr} source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: msctf.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: TextInputFramework.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: wscui.pdb source: explorer.exe, 00000002.00000000.358325341.0000000007AA0000.00000002.00000001.sdmp |
Source: | Binary string: twinapi.pdb source: WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: WINMMBASE.pdbY source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: Kernel.Appcore.pdb source: WerFault.exe, 0000001C.00000003.540697482.00000000053E0000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: avicap32.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: cryptbase.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: bcryptprimitives.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: wkernelbase.pdb( source: WerFault.exe, 0000001C.00000003.530737964.00000000031FD000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.552584359.0000000000B9A000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.566720629.0000000003279000.00000004.00000001.sdmp |
Source: | Binary string: iphlpapi.pdb! source: WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: WinTypes.pdb} source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: combase.pdbk source: WerFault.exe, 0000001C.00000003.540622242.00000000053E1000.00000004.00000040.sdmp |
Source: | Binary string: wtsapi32.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: oleaut32.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555539796.0000000005711000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.572208737.0000000004F51000.00000004.00000001.sdmp, WerFault.exe, 00000025.00000003.587755590.00000000055F1000.00000004.00000001.sdmp |
Source: | Binary string: wsock32.pdbw source: WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp |
Source: | Binary string: wuser32.pdb source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: comctl32.pdb source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.571867465.0000000005069000.00000004.00000040.sdmp, WerFault.exe, 00000025.00000003.587540845.0000000003409000.00000004.00000040.sdmp |
Source: | Binary string: pstorec.pdbTr source: WerFault.exe, 0000001C.00000003.540720006.00000000053E7000.00000004.00000040.sdmp |
Source: | Binary string: RmClient.pdbS source: WerFault.exe, 0000001F.00000003.555268949.00000000056E9000.00000004.00000040.sdmp |
Source: | Binary string: crypt32.pdb source: WerFault.exe, 0000001C.00000003.540602440.00000000052C1000.00000004.00000001.sdmp |