Source: Yara match | File source: 00000019.00000002.914491877.0000000000400000.00000040.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: 00000007.00000002.664656928.0000000000400000.00000040.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: 00000010.00000002.780636700.0000000003E8B000.00000004.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: 00000001.00000002.710784907.0000000004374000.00000004.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: 00000001.00000002.706118629.0000000003969000.00000004.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: 00000010.00000002.781443613.00000000049AD000.00000004.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: 0000000F.00000002.771805512.000000000559E000.00000004.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: 00000018.00000002.752626728.0000000003279000.00000004.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: 00000021.00000002.728536035.0000000000400000.00000040.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: 0000000F.00000002.766450964.0000000002DE1000.00000004.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: 00000018.00000002.759339292.0000000003C85000.00000004.00000001.sdmp, type: MEMORY |
Source: Yara match | File source: Process Memory Space: PxxoServicesTrialNet1.exe PID: 4480, type: MEMORY |
Source: Yara match | File source: Process Memory Space: PxxoServicesTrialNet1.exe PID: 7144, type: MEMORY |
Source: Yara match | File source: Process Memory Space: PxxoServicesTrialNet1.exe PID: 5772, type: MEMORY |
Source: Yara match | File source: Process Memory Space: EXTRACTOSERFINANZA989543704031499704092798964.exe PID: 6880, type: MEMORY |
Source: Yara match | File source: Process Memory Space: PxxoServicesTrialNet1.exe PID: 6788, type: MEMORY |
Source: Yara match | File source: 33.2.PxxoServicesTrialNet1.exe.400000.0.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 16.2.PxxoServicesTrialNet1.exe.49ce510.5.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 25.2.PxxoServicesTrialNet1.exe.400000.0.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 24.2.PxxoServicesTrialNet1.exe.3ca6f88.4.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 24.2.PxxoServicesTrialNet1.exe.3ca6f88.4.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 7.2.EXTRACTOSERFINANZA989543704031499704092798964.exe.400000.0.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 24.2.PxxoServicesTrialNet1.exe.3c85f68.3.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 7.2.EXTRACTOSERFINANZA989543704031499704092798964.exe.400000.0.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 15.2.PxxoServicesTrialNet1.exe.55bf940.3.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 15.2.PxxoServicesTrialNet1.exe.559e920.4.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 16.2.PxxoServicesTrialNet1.exe.49ce510.5.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 33.2.PxxoServicesTrialNet1.exe.400000.0.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 25.2.PxxoServicesTrialNet1.exe.400000.0.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 1.2.EXTRACTOSERFINANZA989543704031499704092798964.exe.4395598.4.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 15.2.PxxoServicesTrialNet1.exe.55bf940.3.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 1.2.EXTRACTOSERFINANZA989543704031499704092798964.exe.4374578.5.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 15.2.PxxoServicesTrialNet1.exe.559e920.4.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 16.2.PxxoServicesTrialNet1.exe.49ad4f0.6.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 24.2.PxxoServicesTrialNet1.exe.3c85f68.3.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 1.2.EXTRACTOSERFINANZA989543704031499704092798964.exe.4395598.4.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 16.2.PxxoServicesTrialNet1.exe.49ad4f0.6.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 1.2.EXTRACTOSERFINANZA989543704031499704092798964.exe.4374578.5.raw.unpack, type: UNPACKEDPE |
Source: | Binary string: rsaenh.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: C:\Windows\mscorlib.pdbpdblib.pdb source: PxxoServicesTrialNet1.exe, 0000000F.00000002.765912392.0000000001282000.00000004.00000020.sdmp |
Source: | Binary string: \??\C:\Windows\mscorlib.pdbH{ source: PxxoServicesTrialNet1.exe, 0000000F.00000002.765912392.0000000001282000.00000004.00000020.sdmp |
Source: | Binary string: System.ni.pdb% source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: cfgmgr32.pdb% source: WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: System.ni.pdb" source: WerFault.exe, 0000000C.00000003.681825978.00000000052E5000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.734788443.0000000004AD5000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.746630451.0000000002DF5000.00000004.00000001.sdmp |
Source: | Binary string: Microsoft.VisualBasic.pdbx source: WerFault.exe, 0000000C.00000002.697878831.00000000053F0000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000002.762864959.0000000004CD0000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000002.774116993.00000000054F0000.00000004.00000001.sdmp |
Source: | Binary string: \??\C:\Windows\dll\mscorlib.pdb source: EXTRACTOSERFINANZA989543704031499704092798964.exe, 00000001.00000002.701319384.00000000014AB000.00000004.00000020.sdmp, PxxoServicesTrialNet1.exe, 0000000F.00000002.765912392.0000000001282000.00000004.00000020.sdmp |
Source: | Binary string: wkernel32.pdb source: WerFault.exe, 0000000C.00000003.681869437.00000000051A1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.721117453.000000000458B000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.733685179.0000000004F2D000.00000004.00000001.sdmp |
Source: | Binary string: PxxoServicesTrialNet1.PDB source: PxxoServicesTrialNet1.exe, 0000000F.00000002.765005138.0000000000EF8000.00000004.00000001.sdmp, PxxoServicesTrialNet1.exe, 00000010.00000002.775167654.0000000001538000.00000004.00000001.sdmp |
Source: | Binary string: bcrypt.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: onfiguration.ni.pdb source: WerFault.exe, 0000000C.00000003.681825978.00000000052E5000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.746630451.0000000002DF5000.00000004.00000001.sdmp |
Source: | Binary string: ucrtbase.pdb source: WerFault.exe, 0000000C.00000003.681925394.00000000052D0000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.735005331.0000000004AC0000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746862935.0000000002DE5000.00000004.00000040.sdmp |
Source: | Binary string: msvcrt.pdb source: WerFault.exe, 0000000C.00000003.681869437.00000000051A1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.734900230.0000000004AF1000.00000004.00000001.sdmp |
Source: | Binary string: wrpcrt4.pdb source: WerFault.exe, 0000000C.00000003.681869437.00000000051A1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.734900230.0000000004AF1000.00000004.00000001.sdmp |
Source: | Binary string: wntdll.pdb source: WerFault.exe, 0000000C.00000003.681869437.00000000051A1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.734900230.0000000004AF1000.00000004.00000001.sdmp |
Source: | Binary string: ml.pdb source: WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746630451.0000000002DF5000.00000004.00000001.sdmp |
Source: | Binary string: .ni.pdb source: WerFault.exe, 0000000C.00000003.681825978.00000000052E5000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746630451.0000000002DF5000.00000004.00000001.sdmp |
Source: | Binary string: clr.pdb source: WerFault.exe, 0000000C.00000003.681925394.00000000052D0000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.735005331.0000000004AC0000.00000004.00000040.sdmp |
Source: | Binary string: cryptsp.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: System.pdb99zz source: WerFault.exe, 0000000C.00000003.681825978.00000000052E5000.00000004.00000001.sdmp |
Source: | Binary string: advapi32.pdb source: WerFault.exe, 0000000C.00000003.681869437.00000000051A1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.734900230.0000000004AF1000.00000004.00000001.sdmp |
Source: | Binary string: profapi.pdb> source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp |
Source: | Binary string: wsspicli.pdb source: WerFault.exe, 0000000C.00000003.681869437.00000000051A1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.734900230.0000000004AF1000.00000004.00000001.sdmp |
Source: | Binary string: System.Configuration.ni.pdb" source: WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp |
Source: | Binary string: System.Configuration.ni.pdb% source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: Microsoft.VisualBasic.pdb source: WerFault.exe, 0000000C.00000003.681825978.00000000052E5000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.734788443.0000000004AD5000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.746630451.0000000002DF5000.00000004.00000001.sdmp |
Source: | Binary string: CLBCatQ.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: urlmon.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: System.Configuration.pdbx source: WerFault.exe, 0000000C.00000002.697878831.00000000053F0000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000002.762864959.0000000004CD0000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000002.774116993.00000000054F0000.00000004.00000001.sdmp |
Source: | Binary string: \??\C:\Windows\dll\Microsoft.VisualBasic.pdbCE source: EXTRACTOSERFINANZA989543704031499704092798964.exe, 00000001.00000002.701319384.00000000014AB000.00000004.00000020.sdmp |
Source: | Binary string: bcrypt.pdb1 source: WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: wkernelbase.pdb source: WerFault.exe, 0000000C.00000003.668670088.00000000030C8000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.721650694.00000000006C6000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.733540972.0000000003285000.00000004.00000001.sdmp |
Source: | Binary string: shlwapi.pdb source: WerFault.exe, 0000000C.00000003.681835852.00000000052D1000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734932038.0000000004AC5000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746862935.0000000002DE5000.00000004.00000040.sdmp |
Source: | Binary string: crypt32.pdb8 source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp |
Source: | Binary string: C:\Users\user\AppData\Roaming\System32\PxxoServicesTrialNet1.PDB@Jh source: PxxoServicesTrialNet1.exe, 00000010.00000002.775167654.0000000001538000.00000004.00000001.sdmp |
Source: | Binary string: mscorlib.ni.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: System.Xml.pdbx source: WerFault.exe, 0000000C.00000002.697878831.00000000053F0000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000002.762864959.0000000004CD0000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000002.774116993.00000000054F0000.00000004.00000001.sdmp |
Source: | Binary string: System.Core.pdb" source: WerFault.exe, 0000000C.00000003.681825978.00000000052E5000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.734788443.0000000004AD5000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.746630451.0000000002DF5000.00000004.00000001.sdmp |
Source: | Binary string: \??\C:\Windows\dll\Microsoft.VisualBasic.pdbtE source: EXTRACTOSERFINANZA989543704031499704092798964.exe, 00000001.00000002.701319384.00000000014AB000.00000004.00000020.sdmp |
Source: | Binary string: indows.Forms.pdb source: WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746630451.0000000002DF5000.00000004.00000001.sdmp |
Source: | Binary string: \??\C:\Windows\symbols\dll\mscorlib.pdbkE source: PxxoServicesTrialNet1.exe, 0000000F.00000002.765912392.0000000001282000.00000004.00000020.sdmp |
Source: | Binary string: CLBCatQ.pdbC source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp |
Source: | Binary string: mscoree.pdb source: WerFault.exe, 0000000C.00000003.681869437.00000000051A1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.734900230.0000000004AF1000.00000004.00000001.sdmp |
Source: | Binary string: C:\Windows\symbols\dll\Microsoft.VisualBasic.pdb source: EXTRACTOSERFINANZA989543704031499704092798964.exe, 00000001.00000002.701291575.0000000001499000.00000004.00000020.sdmp |
Source: | Binary string: shlwapi.pdbk source: WerFault.exe, 0000000C.00000003.681835852.00000000052D1000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734932038.0000000004AC5000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746862935.0000000002DE5000.00000004.00000040.sdmp |
Source: | Binary string: \??\C:\Windows\symbols\dll\Microsoft.VisualBasic.pdb source: PxxoServicesTrialNet1.exe, 0000000F.00000002.765912392.0000000001282000.00000004.00000020.sdmp |
Source: | Binary string: ole32.pdbX source: WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp |
Source: | Binary string: rsaenh.pdb+ source: WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: ucrtbase.pdbk source: WerFault.exe, 00000023.00000003.746862935.0000000002DE5000.00000004.00000040.sdmp |
Source: | Binary string: cryptsp.pdb= source: WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: edputil.pdbY source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp |
Source: | Binary string: profapi.pdbv source: WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp |
Source: | Binary string: powrprof.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: msvcr120_clr0400.i386.pdb% source: WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: System.Configuration.pdb source: WerFault.exe, 0000000C.00000003.681825978.00000000052E5000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000002.774116993.00000000054F0000.00000004.00000001.sdmp |
Source: | Binary string: wimm32.pdb7 source: WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: ole32.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: \??\C:\Windows\dll\Microsoft.VisualBasic.pdber source: PxxoServicesTrialNet1.exe, 0000000F.00000002.765835715.000000000121F000.00000004.00000020.sdmp |
Source: | Binary string: propsys.pdba source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp |
Source: | Binary string: iertutil.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: msvcp_win.pdb, source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp |
Source: | Binary string: mscorlib.ni.pdbx source: WerFault.exe, 0000000C.00000002.697878831.00000000053F0000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000002.762864959.0000000004CD0000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000002.774116993.00000000054F0000.00000004.00000001.sdmp |
Source: | Binary string: inaries\Intermediate\vb\microsoft.visualbasic.build.vbproj_731629843\objr\x86\Microsoft.VisualBasic.pdb source: PxxoServicesTrialNet1.exe, 0000000F.00000002.765835715.000000000121F000.00000004.00000020.sdmp |
Source: | Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.pdbWS source: PxxoServicesTrialNet1.exe, 0000000F.00000002.765912392.0000000001282000.00000004.00000020.sdmp |
Source: | Binary string: msasn1.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: mscorlib.pdb source: WerFault.exe, 0000000C.00000002.697878831.00000000053F0000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000002.762864959.0000000004CD0000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000002.774116993.00000000054F0000.00000004.00000001.sdmp |
Source: | Binary string: urlmon.pdbs source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp |
Source: | Binary string: \??\C:\Windows\symbols\dll\Microsoft.VisualBasic.pdb7cZ^ source: PxxoServicesTrialNet1.exe, 0000000F.00000002.765912392.0000000001282000.00000004.00000020.sdmp |
Source: | Binary string: WLDP.pdbl source: WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp |
Source: | Binary string: iertutil.pdb2 source: WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: cfgmgr32.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: propsys.pdbq source: WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp |
Source: | Binary string: Windows.Storage.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: combase.pdb source: WerFault.exe, 0000000C.00000003.681835852.00000000052D1000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734932038.0000000004AC5000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746862935.0000000002DE5000.00000004.00000040.sdmp |
Source: | Binary string: iVisualBasic.pdb source: EXTRACTOSERFINANZA989543704031499704092798964.exe, 00000001.00000002.698512628.00000000010F8000.00000004.00000001.sdmp, PxxoServicesTrialNet1.exe, 0000000F.00000002.765005138.0000000000EF8000.00000004.00000001.sdmp, PxxoServicesTrialNet1.exe, 00000010.00000002.775167654.0000000001538000.00000004.00000001.sdmp |
Source: | Binary string: cldapi.pdb, source: WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: Windows.StateRepositoryPS.pdb% source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: \??\C:\Windows\symbols\dll\mscorlib.pdb~ source: EXTRACTOSERFINANZA989543704031499704092798964.exe, 00000001.00000002.701202553.000000000143F000.00000004.00000020.sdmp |
Source: | Binary string: wkernel32.pdb( source: WerFault.exe, 0000000C.00000003.668176403.00000000030C2000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.721203841.00000000006C0000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.734239841.000000000327F000.00000004.00000001.sdmp |
Source: | Binary string: apphelp.pdb source: WerFault.exe, 0000000C.00000003.681869437.00000000051A1000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.734900230.0000000004AF1000.00000004.00000001.sdmp |
Source: | Binary string: ml.ni.pdb source: WerFault.exe, 0000000C.00000003.681825978.00000000052E5000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746630451.0000000002DF5000.00000004.00000001.sdmp |
Source: | Binary string: WinTypes.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: C:\Users\user\AppData\Roaming\System32\PxxoServicesTrialNet1.PDB source: PxxoServicesTrialNet1.exe, 00000010.00000002.775167654.0000000001538000.00000004.00000001.sdmp |
Source: | Binary string: rsaenh.pdbz source: WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp |
Source: | Binary string: ml.ni.pdb" source: WerFault.exe, 0000000C.00000003.681825978.00000000052E5000.00000004.00000001.sdmp |
Source: | Binary string: mscoreei.pdbk source: WerFault.exe, 0000000C.00000003.681835852.00000000052D1000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734932038.0000000004AC5000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746862935.0000000002DE5000.00000004.00000040.sdmp |
Source: | Binary string: mscorlib.pdbx source: WerFault.exe, 0000000C.00000002.697878831.00000000053F0000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000002.762864959.0000000004CD0000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000002.774116993.00000000054F0000.00000004.00000001.sdmp |
Source: | Binary string: .pdbAx source: PxxoServicesTrialNet1.exe, 00000010.00000002.775167654.0000000001538000.00000004.00000001.sdmp |
Source: | Binary string: shcore.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: C:\Windows\Microsoft.VisualBasic.pdbpdbsic.pdb source: EXTRACTOSERFINANZA989543704031499704092798964.exe, 00000001.00000002.701291575.0000000001499000.00000004.00000020.sdmp, PxxoServicesTrialNet1.exe, 0000000F.00000002.765835715.000000000121F000.00000004.00000020.sdmp |
Source: | Binary string: .pdb% source: WerFault.exe, 00000023.00000003.746630451.0000000002DF5000.00000004.00000001.sdmp |
Source: | Binary string: wgdi32.pdb source: WerFault.exe, 0000000C.00000003.681925394.00000000052D0000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.735005331.0000000004AC0000.00000004.00000040.sdmp |
Source: | Binary string: fltLib.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: System.Core.ni.pdb" source: WerFault.exe, 0000000C.00000003.681825978.00000000052E5000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000003.734788443.0000000004AD5000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.746630451.0000000002DF5000.00000004.00000001.sdmp |
Source: | Binary string: msasn1.pdb" source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp |
Source: | Binary string: \??\C:\Windows\Microsoft.VisualBasic.pdb source: EXTRACTOSERFINANZA989543704031499704092798964.exe, 00000001.00000002.701306786.00000000014A8000.00000004.00000020.sdmp, PxxoServicesTrialNet1.exe, 0000000F.00000002.765835715.000000000121F000.00000004.00000020.sdmp |
Source: | Binary string: System.Core.ni.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734788443.0000000004AD5000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000003.746630451.0000000002DF5000.00000004.00000001.sdmp |
Source: | Binary string: shell32.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: msvcp_win.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp |
Source: | Binary string: version.pdbb source: WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp |
Source: | Binary string: wimm32.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: wwin32u.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source: | Binary string: System.Xml.ni.pdbT source: WerFault.exe, 0000000C.00000002.697878831.00000000053F0000.00000004.00000001.sdmp, WerFault.exe, 0000001F.00000002.762864959.0000000004CD0000.00000004.00000001.sdmp, WerFault.exe, 00000023.00000002.774116993.00000000054F0000.00000004.00000001.sdmp |
Source: | Binary string: diasymreader.pdb source: WerFault.exe, 0000000C.00000003.681843597.00000000052D8000.00000004.00000040.sdmp, WerFault.exe, 0000001F.00000003.734730861.0000000004AC8000.00000004.00000040.sdmp, WerFault.exe, 00000023.00000003.746882968.0000000002DE8000.00000004.00000040.sdmp |
Source |