Source: | Binary string: wkernel32.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.238112124.0000000004D27000.00000004.00000001.sdmp, WerFault.exe, 0000000D.00000003.242480144.0000000005391000.00000004.00000001.sdmp |
Source: | Binary string: bcrypt.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: sfc_os.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: ucrtbase.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: wimm32.pdb~,7't source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: msvcrt.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: wrpcrt4.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: wntdll.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.239722445.0000000002E7F000.00000004.00000001.sdmp, WerFault.exe, 0000000D.00000003.242480144.0000000005391000.00000004.00000001.sdmp |
Source: | Binary string: fltLib.pdbMs1 source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: shcore.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: sfc_os.pdb`,1' source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: wgdi32.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: rundll32.pdbk source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: advapi32.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: fltLib.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: wsspicli.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: shell32.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: mCReportStore::Prune: MaxReportCount=%d MaxSizeInMb=%dRSDSwkernel32.pdb source: WerFault.exe, 0000000A.00000002.246495574.0000000002BE2000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000002.249988868.0000000000842000.00000004.00000001.sdmp, WerFault.exe, 0000000D.00000002.247898866.0000000002CB2000.00000004.00000001.sdmp |
Source: | Binary string: msvcp_win.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: sechost.pdbos source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: wkernelbase.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.238558393.0000000002E8B000.00000004.00000001.sdmp, WerFault.exe, 0000000D.00000003.240540546.00000000030BC000.00000004.00000001.sdmp |
Source: | Binary string: wimm32.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: mpr.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: shlwapi.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: fltLib.pdbF, source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: wwin32u.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: iphlpapi.pdbZ, source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: profapi.pdbws source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: setupapi.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: imagehlp.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: advapi32.pdbcs source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: combase.pdbr, source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: shcore.pdbk source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: wntdll.pdb( source: WerFault.exe, 0000000C.00000003.239722445.0000000002E7F000.00000004.00000001.sdmp, WerFault.exe, 0000000D.00000003.240520074.00000000030B0000.00000004.00000001.sdmp |
Source: | Binary string: profapi.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: sfc.pdb= source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: winspool.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: wgdi32full.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: propsys.pdb_s# source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: bcrypt.pdbj,+'r source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: shell32.pdbk source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: sechost.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: iphlpapi.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: shlwapi.pdbys source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: profapi.pdbH,' source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: winspool.pdbAs% source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: propsys.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: cfgmgr32.pdbk source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: powrprof.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: rundll32.pdb( source: WerFault.exe, 0000000C.00000003.238484656.0000000002E79000.00000004.00000001.sdmp |
Source: | Binary string: imagehlp.pdbP,a'a source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: AcLayers.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: sfc.pdbD source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: setupapi.pdbKs? source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: Kernel.Appcore.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: cryptbase.pdbes source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: cryptbase.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: oleaut32.pdb\, source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: cfgmgr32.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: bcryptprimitives.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: wkernelbase.pdb( source: WerFault.exe, 0000000C.00000003.238558393.0000000002E8B000.00000004.00000001.sdmp, WerFault.exe, 0000000D.00000003.240540546.00000000030BC000.00000004.00000001.sdmp |
Source: | Binary string: Windows.Storage.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: combase.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: rundll32.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.238484656.0000000002E79000.00000004.00000001.sdmp |
Source: | Binary string: wkernel32.pdb( source: WerFault.exe, 0000000D.00000003.240629576.00000000030B6000.00000004.00000001.sdmp |
Source: | Binary string: oleaut32.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: sfc.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: apphelp.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp, WerFault.exe, 0000000D.00000003.242480144.0000000005391000.00000004.00000001.sdmp |
Source: | Binary string: wuser32.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: wntdll.pdbk source: WerFault.exe, 0000000D.00000003.242480144.0000000005391000.00000004.00000001.sdmp |
Source: unknown | Process created: C:\Windows\System32\loaddll32.exe loaddll32.exe 'C:\Users\user\Desktop\570000.dll' |
Source: C:\Windows\System32\loaddll32.exe | Process created: C:\Windows\SysWOW64\cmd.exe cmd.exe /C rundll32.exe 'C:\Users\user\Desktop\570000.dll',#1 |
Source: C:\Windows\System32\loaddll32.exe | Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\570000.dll,#1 |
Source: C:\Windows\SysWOW64\cmd.exe | Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe 'C:\Users\user\Desktop\570000.dll',#1 |
Source: C:\Windows\SysWOW64\rundll32.exe | Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 5400 -s 640 |
Source: C:\Windows\SysWOW64\rundll32.exe | Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 5372 -s 644 |
Source: C:\Windows\System32\loaddll32.exe | Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 5428 -s 272 |
Source: C:\Windows\System32\loaddll32.exe | Process created: C:\Windows\SysWOW64\cmd.exe cmd.exe /C rundll32.exe 'C:\Users\user\Desktop\570000.dll',#1 |
Source: C:\Windows\System32\loaddll32.exe | Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe C:\Users\user\Desktop\570000.dll,#1 |
Source: C:\Windows\SysWOW64\cmd.exe | Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe 'C:\Users\user\Desktop\570000.dll',#1 |
Source: | Binary string: wkernel32.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.238112124.0000000004D27000.00000004.00000001.sdmp, WerFault.exe, 0000000D.00000003.242480144.0000000005391000.00000004.00000001.sdmp |
Source: | Binary string: bcrypt.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: sfc_os.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: ucrtbase.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: wimm32.pdb~,7't source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: msvcrt.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: wrpcrt4.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: wntdll.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.239722445.0000000002E7F000.00000004.00000001.sdmp, WerFault.exe, 0000000D.00000003.242480144.0000000005391000.00000004.00000001.sdmp |
Source: | Binary string: fltLib.pdbMs1 source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: shcore.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: sfc_os.pdb`,1' source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: wgdi32.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: rundll32.pdbk source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: advapi32.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: fltLib.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: wsspicli.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: shell32.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: mCReportStore::Prune: MaxReportCount=%d MaxSizeInMb=%dRSDSwkernel32.pdb source: WerFault.exe, 0000000A.00000002.246495574.0000000002BE2000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000002.249988868.0000000000842000.00000004.00000001.sdmp, WerFault.exe, 0000000D.00000002.247898866.0000000002CB2000.00000004.00000001.sdmp |
Source: | Binary string: msvcp_win.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: sechost.pdbos source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: wkernelbase.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.238558393.0000000002E8B000.00000004.00000001.sdmp, WerFault.exe, 0000000D.00000003.240540546.00000000030BC000.00000004.00000001.sdmp |
Source: | Binary string: wimm32.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: mpr.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: shlwapi.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: fltLib.pdbF, source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: wwin32u.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: iphlpapi.pdbZ, source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: profapi.pdbws source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: setupapi.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: imagehlp.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: advapi32.pdbcs source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: combase.pdbr, source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: shcore.pdbk source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: wntdll.pdb( source: WerFault.exe, 0000000C.00000003.239722445.0000000002E7F000.00000004.00000001.sdmp, WerFault.exe, 0000000D.00000003.240520074.00000000030B0000.00000004.00000001.sdmp |
Source: | Binary string: profapi.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: sfc.pdb= source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: winspool.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: wgdi32full.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: propsys.pdb_s# source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: bcrypt.pdbj,+'r source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: shell32.pdbk source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: sechost.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: iphlpapi.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: shlwapi.pdbys source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: profapi.pdbH,' source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: winspool.pdbAs% source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: propsys.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: cfgmgr32.pdbk source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: powrprof.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: rundll32.pdb( source: WerFault.exe, 0000000C.00000003.238484656.0000000002E79000.00000004.00000001.sdmp |
Source: | Binary string: imagehlp.pdbP,a'a source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: AcLayers.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: sfc.pdbD source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: setupapi.pdbKs? source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: Kernel.Appcore.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: cryptbase.pdbes source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp |
Source: | Binary string: cryptbase.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: oleaut32.pdb\, source: WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: cfgmgr32.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: bcryptprimitives.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: wkernelbase.pdb( source: WerFault.exe, 0000000C.00000003.238558393.0000000002E8B000.00000004.00000001.sdmp, WerFault.exe, 0000000D.00000003.240540546.00000000030BC000.00000004.00000001.sdmp |
Source: | Binary string: Windows.Storage.pdb source: WerFault.exe, 0000000A.00000003.241204436.0000000005380000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244374092.0000000005050000.00000004.00000040.sdmp |
Source: | Binary string: combase.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: rundll32.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.238484656.0000000002E79000.00000004.00000001.sdmp |
Source: | Binary string: wkernel32.pdb( source: WerFault.exe, 0000000D.00000003.240629576.00000000030B6000.00000004.00000001.sdmp |
Source: | Binary string: oleaut32.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: sfc.pdb source: WerFault.exe, 0000000A.00000003.241213662.0000000005386000.00000004.00000040.sdmp, WerFault.exe, 0000000C.00000003.244383478.0000000005056000.00000004.00000040.sdmp |
Source: | Binary string: apphelp.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp, WerFault.exe, 0000000D.00000003.242480144.0000000005391000.00000004.00000001.sdmp |
Source: | Binary string: wuser32.pdb source: WerFault.exe, 0000000A.00000003.241187494.00000000053B1000.00000004.00000001.sdmp, WerFault.exe, 0000000C.00000003.244308991.0000000005081000.00000004.00000001.sdmp |
Source: | Binary string: wntdll.pdbk source: WerFault.exe, 0000000D.00000003.242480144.0000000005391000.00000004.00000001.sdmp |
Source: C:\Windows\SysWOW64\rundll32.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\rundll32.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: C:\Windows\SysWOW64\WerFault.exe | Process information set: NOOPENFILEERRORBOX |
Source: rundll32.exe, 00000004.00000002.255353714.00000000048D0000.00000002.00000001.sdmp, rundll32.exe, 00000005.00000002.264436539.00000000046E0000.00000002.00000001.sdmp, WerFault.exe, 0000000A.00000002.247837029.0000000005010000.00000002.00000001.sdmp, WerFault.exe, 0000000C.00000002.252014123.0000000004D70000.00000002.00000001.sdmp, WerFault.exe, 0000000D.00000002.248316269.0000000004AD0000.00000002.00000001.sdmp | Binary or memory string: A Virtual Machine could not be started because Hyper-V is not installed. |
Source: rundll32.exe, 00000004.00000002.255353714.00000000048D0000.00000002.00000001.sdmp, rundll32.exe, 00000005.00000002.264436539.00000000046E0000.00000002.00000001.sdmp, WerFault.exe, 0000000A.00000002.247837029.0000000005010000.00000002.00000001.sdmp, WerFault.exe, 0000000C.00000002.252014123.0000000004D70000.00000002.00000001.sdmp, WerFault.exe, 0000000D.00000002.248316269.0000000004AD0000.00000002.00000001.sdmp | Binary or memory string: A communication protocol error has occurred between the Hyper-V Host and Guest Compute Service. |
Source: rundll32.exe, 00000004.00000002.255353714.00000000048D0000.00000002.00000001.sdmp, rundll32.exe, 00000005.00000002.264436539.00000000046E0000.00000002.00000001.sdmp, WerFault.exe, 0000000A.00000002.247837029.0000000005010000.00000002.00000001.sdmp, WerFault.exe, 0000000C.00000002.252014123.0000000004D70000.00000002.00000001.sdmp, WerFault.exe, 0000000D.00000002.248316269.0000000004AD0000.00000002.00000001.sdmp | Binary or memory string: The communication protocol version between the Hyper-V Host and Guest Compute Services is not supported. |
Source: rundll32.exe, 00000004.00000002.255353714.00000000048D0000.00000002.00000001.sdmp, rundll32.exe, 00000005.00000002.264436539.00000000046E0000.00000002.00000001.sdmp, WerFault.exe, 0000000A.00000002.247837029.0000000005010000.00000002.00000001.sdmp, WerFault.exe, 0000000C.00000002.252014123.0000000004D70000.00000002.00000001.sdmp, WerFault.exe, 0000000D.00000002.248316269.0000000004AD0000.00000002.00000001.sdmp | Binary or memory string: An unknown internal message was received by the Hyper-V Compute Service. |