Source: |
Binary string: rsaenh.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.ni.pdb% source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: wkernel32.pdb source: WerFault.exe, 00000005.00000003.260801117.0000000002F4D000.00000004.00000001.sdmp |
Source: |
Binary string: bcrypt.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: ucrtbase.pdb source: WerFault.exe, 00000005.00000003.267702128.0000000005460000.00000004.00000040.sdmp |
Source: |
Binary string: mskeyprotect.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: msvcrt.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: wrpcrt4.pdb source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: wntdll.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: rtutils.pdb& source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: dnsapi.pdb2 source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: winnsi.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: clr.pdb source: WerFault.exe, 00000005.00000003.267702128.0000000005460000.00000004.00000040.sdmp |
Source: |
Binary string: cryptsp.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: advapi32.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: wsspicli.pdb source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: System.Configuration.ni.pdb% source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: crypt32.pdb4 source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.Configuration.ni.pdb> source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: schannel.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.Configuration.pdbx source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: ws2_32.pdbh source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: wkernelbase.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: shlwapi.pdb source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: mscorlib.ni.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: rasadhlp.pdb~ source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.Xml.pdbx source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: System.ni.pdbT3Rm source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: System.Configuration.pdbHL source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: mscoree.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: ws2_32.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: shlwapi.pdbk source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: iphlpapi.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: nsi.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: powrprof.pdb:0 source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: cryptsp.pdb= source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: gpapi.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: powrprof.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: mscorlib.ni.pdbRSDS source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: wsspicli.pdbk source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: System.Configuration.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: ole32.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: mscorlib.ni.pdbx source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: msasn1.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.Configuration.pdb> source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: mscorlib.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: cfgmgr32.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: combase.pdb source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: Windows.Storage.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: wkernel32.pdb( source: WerFault.exe, 00000005.00000003.260801117.0000000002F4D000.00000004.00000001.sdmp |
Source: |
Binary string: System.Configuration.ni.pdbRSDSO* source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: kDC:\Users\user\Desktop\calc.pdb source: calc.exe, 00000000.00000000.252775219.00000000006F8000.00000004.00000001.sdmp |
Source: |
Binary string: ncrypt.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: secur32.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: apphelp.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: System.Xml.ni.pdbRSDS source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: System.pdb> source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: rasadhlp.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.Xml.ni.pdb> source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.Core.ni.pdbRSDSD source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: winhttp.pdbZ source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: dhcpcsvc.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: diasymreader.pdb_ source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.pdbMZ@ source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: mscoreei.pdbk source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: mscorlib.pdbx source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: winnsi.pdbd source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: wrpcrt4.pdbk source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: shcore.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Core.ni.pdb% source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: sechost.pdbG source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: wgdi32.pdb source: WerFault.exe, 00000005.00000003.267702128.0000000005460000.00000004.00000040.sdmp |
Source: |
Binary string: fltLib.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Core.ni.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: shell32.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: msvcp_win.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: dnsapi.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: rasapi32.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: wimm32.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: iphlpapi.pdbb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: wwin32u.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Xml.ni.pdbT source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: diasymreader.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: winhttp.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: ntasn1.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: mscorlib.ni.pdb% source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: rtutils.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.pdbx source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: wntdll.pdb( source: WerFault.exe, 00000005.00000003.260565634.0000000002F42000.00000004.00000001.sdmp |
Source: |
Binary string: wmswsock.pdbV source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.Core.ni.pdb> source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: dhcpcsvc6.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: profapi.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Xml.ni.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: wgdi32full.pdb source: WerFault.exe, 00000005.00000003.267702128.0000000005460000.00000004.00000040.sdmp |
Source: |
Binary string: sechost.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: System.ni.pdbRSDS source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: clrjit.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: rasman.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Core.pdb> source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: msvcr120_clr0400.i386.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Configuration.ni.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: ncryptsslp.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: wmswsock.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: version.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Xml.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: System.pdb source: calc.exe, 00000000.00000000.254647015.0000000002729000.00000004.00000001.sdmp, WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: Kernel.Appcore.pdb source: WerFault.exe, 00000005.00000003.267702128.0000000005460000.00000004.00000040.sdmp |
Source: |
Binary string: psapi.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: fwpuclnt.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: ntasn1.pdb* source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: cryptbase.pdb source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: C:\Users\jpint\OneDrive\Desktop\BuilderBot\BuilderBot\bin\Release\stub\un_priv\DarkEdition\obj\Release\calc.pdb source: calc.exe |
Source: |
Binary string: System.Core.pdbx source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: mscoreei.pdb source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: bcryptprimitives.pdb source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: wkernelbase.pdb( source: WerFault.exe, 00000005.00000003.260585475.0000000002F53000.00000004.00000001.sdmp |
Source: |
Binary string: calc.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: combase.pdbk source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: System.Core.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: oleaut32.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: bcryptprimitives.pdbk source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: wuser32.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Core.pdbh source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: System.ni.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: cryptbase.pdbk source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: crypt32.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: msasn1.pdb@ source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: calc.exe, 00000000.00000002.293292330.0000000002691000.00000004.00000001.sdmp |
String found in binary or memory: http://cdn.discordapp.com |
Source: WerFault.exe, 00000005.00000003.289499864.0000000004EDB000.00000004.00000001.sdmp |
String found in binary or memory: http://crl.globalsign.net/root-r2.crl0 |
Source: WerFault.exe, 00000005.00000003.265173725.00000000059A0000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/authentication |
Source: WerFault.exe, 00000005.00000003.265173725.00000000059A0000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/authorizationdecisionzhttp://schemas.xmlsoap.o |
Source: WerFault.exe, 00000005.00000003.265173725.00000000059A0000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirthrhttp://schemas.xmlsoap.org/ws/2005 |
Source: WerFault.exe, 00000005.00000003.265173725.00000000059A0000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid |
Source: WerFault.exe, 00000005.00000003.265173725.00000000059A0000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddressxhttp://schemas.xmlsoap.org/ws/200 |
Source: WerFault.exe, 00000005.00000003.265173725.00000000059A0000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/locality |
Source: WerFault.exe, 00000005.00000003.265173725.00000000059A0000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone |
Source: calc.exe, 00000000.00000002.293201383.0000000002677000.00000004.00000001.sdmp, WerFault.exe, 00000005.00000003.265173725.00000000059A0000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
Source: WerFault.exe, 00000005.00000003.265173725.00000000059A0000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier |
Source: WerFault.exe, 00000005.00000003.265173725.00000000059A0000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/otherphone |
Source: WerFault.exe, 00000005.00000003.265173725.00000000059A0000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcoderhttp://schemas.xmlsoap.org/ws/2005/ |
Source: WerFault.exe, 00000005.00000003.265173725.00000000059A0000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince |
Source: WerFault.exe, 00000005.00000003.265173725.00000000059A0000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/streetaddresszhttp://schemas.xmlsoap.org/ws/20 |
Source: WerFault.exe, 00000005.00000003.265173725.00000000059A0000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprintrhttp://schemas.xmlsoap.org/ws/2005/ |
Source: WerFault.exe, 00000005.00000003.265173725.00000000059A0000.00000004.00000001.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/x500distinguishednamejhttp://schemas.xmlsoap.o |
Source: Amcache.hve.5.dr |
String found in binary or memory: http://upx.sf.net |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.d |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.di |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.dis |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.disc |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.disco |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discor |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discord |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discorda |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordap |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp. |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.c |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.co |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/ |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/a |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/at |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/att |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/atta |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attac |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attach |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachm |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachme |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachmen |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachment |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/ |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/8 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/89 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/8972 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/89722 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/8972237 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/89722370 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/8972237076 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/89722370764 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/8972237076495 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/89722370764951 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/8972237076495156 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/89722370764951560 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/ |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/8 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/89 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/8972 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/89722 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/8972285 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/89722859 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/8972285953 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/89722859531 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/8972285953181 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/89722859531812 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/8972285953181245 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/89722859531812455 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124554 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124554/ |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124554/a |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124554/as |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124554/asc |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124554/asci |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124554/ascii |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124554/ascii_ |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124554/ascii_A |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124554/ascii_AR |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124554/ascii_ART |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124554/ascii_ART. |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124554/ascii_ART.t |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124554/ascii_ART.tx |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897223707649515602/897228595318124554/ascii_ART.txt |
Source: calc.exe, 00000000.00000002.293201383.0000000002677000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com/attachments/897402450376536075/897465559711633408/8NMrqq.txt |
Source: calc.exe, 00000000.00000002.293201383.0000000002677000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.com4 |
Source: calc.exe, 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp |
String found in binary or memory: https://cdn.discordapp.comD8 |
Source: calc.exe, type: SAMPLE |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: 0.0.calc.exe.320000.1.unpack, type: UNPACKEDPE |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: 0.0.calc.exe.320000.0.unpack, type: UNPACKEDPE |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: 0.0.calc.exe.320000.2.unpack, type: UNPACKEDPE |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: 0.2.calc.exe.320000.0.unpack, type: UNPACKEDPE |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: 00000000.00000000.252642988.0000000000322000.00000002.00020000.sdmp, type: MEMORY |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: 00000000.00000002.291985012.0000000000322000.00000002.00020000.sdmp, type: MEMORY |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: 00000000.00000000.245005606.0000000000322000.00000002.00020000.sdmp, type: MEMORY |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: 00000000.00000000.253313788.00000000026D3000.00000004.00000001.sdmp, type: MEMORY |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: 00000000.00000002.293201383.0000000002677000.00000004.00000001.sdmp, type: MEMORY |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: 00000000.00000000.254525892.0000000002677000.00000004.00000001.sdmp, type: MEMORY |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: 00000000.00000000.254621493.00000000026D3000.00000004.00000001.sdmp, type: MEMORY |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: 00000000.00000002.293367777.00000000026D3000.00000004.00000001.sdmp, type: MEMORY |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: 00000000.00000000.253884839.0000000000322000.00000002.00020000.sdmp, type: MEMORY |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp, type: MEMORY |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: 00000000.00000000.253255248.0000000002677000.00000004.00000001.sdmp, type: MEMORY |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: Process Memory Space: calc.exe PID: 2952, type: MEMORYSTR |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: Process Memory Space: WerFault.exe PID: 5944, type: MEMORYSTR |
Matched rule: SUSP_Encoded_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious encoded URL to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score = |
Source: |
Binary string: rsaenh.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.ni.pdb% source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: wkernel32.pdb source: WerFault.exe, 00000005.00000003.260801117.0000000002F4D000.00000004.00000001.sdmp |
Source: |
Binary string: bcrypt.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: ucrtbase.pdb source: WerFault.exe, 00000005.00000003.267702128.0000000005460000.00000004.00000040.sdmp |
Source: |
Binary string: mskeyprotect.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: msvcrt.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: wrpcrt4.pdb source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: wntdll.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: rtutils.pdb& source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: dnsapi.pdb2 source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: winnsi.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: clr.pdb source: WerFault.exe, 00000005.00000003.267702128.0000000005460000.00000004.00000040.sdmp |
Source: |
Binary string: cryptsp.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: advapi32.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: wsspicli.pdb source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: System.Configuration.ni.pdb% source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: crypt32.pdb4 source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.Configuration.ni.pdb> source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: schannel.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.Configuration.pdbx source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: ws2_32.pdbh source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: wkernelbase.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: shlwapi.pdb source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: mscorlib.ni.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: rasadhlp.pdb~ source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.Xml.pdbx source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: System.ni.pdbT3Rm source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: System.Configuration.pdbHL source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: mscoree.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: ws2_32.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: shlwapi.pdbk source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: iphlpapi.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: nsi.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: powrprof.pdb:0 source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: cryptsp.pdb= source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: gpapi.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: powrprof.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: mscorlib.ni.pdbRSDS source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: wsspicli.pdbk source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: System.Configuration.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: ole32.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: mscorlib.ni.pdbx source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: msasn1.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.Configuration.pdb> source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: mscorlib.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: cfgmgr32.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: combase.pdb source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: Windows.Storage.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: wkernel32.pdb( source: WerFault.exe, 00000005.00000003.260801117.0000000002F4D000.00000004.00000001.sdmp |
Source: |
Binary string: System.Configuration.ni.pdbRSDSO* source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: kDC:\Users\user\Desktop\calc.pdb source: calc.exe, 00000000.00000000.252775219.00000000006F8000.00000004.00000001.sdmp |
Source: |
Binary string: ncrypt.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: secur32.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: apphelp.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: System.Xml.ni.pdbRSDS source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: System.pdb> source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: rasadhlp.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.Xml.ni.pdb> source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.Core.ni.pdbRSDSD source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: winhttp.pdbZ source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: dhcpcsvc.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: diasymreader.pdb_ source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.pdbMZ@ source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: mscoreei.pdbk source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: mscorlib.pdbx source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: winnsi.pdbd source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: wrpcrt4.pdbk source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: shcore.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Core.ni.pdb% source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: sechost.pdbG source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: wgdi32.pdb source: WerFault.exe, 00000005.00000003.267702128.0000000005460000.00000004.00000040.sdmp |
Source: |
Binary string: fltLib.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Core.ni.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: shell32.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: msvcp_win.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: dnsapi.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: rasapi32.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: wimm32.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: iphlpapi.pdbb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: wwin32u.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Xml.ni.pdbT source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: diasymreader.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: winhttp.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: ntasn1.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: mscorlib.ni.pdb% source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: rtutils.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.pdbx source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: wntdll.pdb( source: WerFault.exe, 00000005.00000003.260565634.0000000002F42000.00000004.00000001.sdmp |
Source: |
Binary string: wmswsock.pdbV source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: System.Core.ni.pdb> source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: dhcpcsvc6.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: profapi.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Xml.ni.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: wgdi32full.pdb source: WerFault.exe, 00000005.00000003.267702128.0000000005460000.00000004.00000040.sdmp |
Source: |
Binary string: sechost.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp |
Source: |
Binary string: System.ni.pdbRSDS source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: clrjit.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: rasman.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Core.pdb> source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: msvcr120_clr0400.i386.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Configuration.ni.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: ncryptsslp.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: wmswsock.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: version.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Xml.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: System.pdb source: calc.exe, 00000000.00000000.254647015.0000000002729000.00000004.00000001.sdmp, WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: Kernel.Appcore.pdb source: WerFault.exe, 00000005.00000003.267702128.0000000005460000.00000004.00000040.sdmp |
Source: |
Binary string: psapi.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: fwpuclnt.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: ntasn1.pdb* source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: cryptbase.pdb source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: C:\Users\jpint\OneDrive\Desktop\BuilderBot\BuilderBot\bin\Release\stub\un_priv\DarkEdition\obj\Release\calc.pdb source: calc.exe |
Source: |
Binary string: System.Core.pdbx source: WerFault.exe, 00000005.00000002.291489220.0000000005750000.00000004.00000001.sdmp |
Source: |
Binary string: mscoreei.pdb source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: bcryptprimitives.pdb source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: wkernelbase.pdb( source: WerFault.exe, 00000005.00000003.260585475.0000000002F53000.00000004.00000001.sdmp |
Source: |
Binary string: calc.pdb source: WerFault.exe, 00000005.00000003.267591215.0000000005491000.00000004.00000001.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: combase.pdbk source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: System.Core.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: oleaut32.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: bcryptprimitives.pdbk source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: wuser32.pdb source: WerFault.exe, 00000005.00000003.267521490.000000000546A000.00000004.00000040.sdmp |
Source: |
Binary string: System.Core.pdbh source: WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: System.ni.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp, WER2DC6.tmp.dmp.5.dr |
Source: |
Binary string: cryptbase.pdbk source: WerFault.exe, 00000005.00000003.267503853.0000000005462000.00000004.00000040.sdmp |
Source: |
Binary string: crypt32.pdb source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: |
Binary string: msasn1.pdb@ source: WerFault.exe, 00000005.00000003.267465154.000000000546E000.00000004.00000040.sdmp |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Users\user\Desktop\calc.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\SysWOW64\WerFault.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |