Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDCA-1.crt0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.255317617.000000000281E000.00000004.00000800.00020000.00000000.sdmp, 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr, HPPrintScanDoctorDeploymentMgr.exe.0.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertEVCodeSigningCA-SHA2.crt0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.255317617.000000000281E000.00000004.00000800.00020000.00000000.sdmp, HPPrintScanDoctorDeploymentMgr.exe.0.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.255317617.000000000281E000.00000004.00000800.00020000.00000000.sdmp, HPPrintScanDoctorDeploymentMgr.exe.0.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000002.771779733.000000000040A000.00000004.00000001.01000000.00000003.sdmp, 3GJ6S3Kwnb.exe, 00000000.00000002.772699080.000000000281C000.00000004.00000800.00020000.00000000.sdmp, igoAudSessionMonitor.dll.0.dr | String found in binary or memory: http://crl.globalsign.com/gs/gstimestampingsha2g2.crl0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000002.771779733.000000000040A000.00000004.00000001.01000000.00000003.sdmp, 3GJ6S3Kwnb.exe, 00000000.00000002.772699080.000000000281C000.00000004.00000800.00020000.00000000.sdmp, igoAudSessionMonitor.dll.0.dr | String found in binary or memory: http://crl.globalsign.com/gsextendcodesignsha2g3.crl0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000002.771779733.000000000040A000.00000004.00000001.01000000.00000003.sdmp, 3GJ6S3Kwnb.exe, 00000000.00000002.772699080.000000000281C000.00000004.00000800.00020000.00000000.sdmp, igoAudSessionMonitor.dll.0.dr | String found in binary or memory: http://crl.globalsign.com/root-r3.crl0b |
Source: 3GJ6S3Kwnb.exe, 00000000.00000002.771779733.000000000040A000.00000004.00000001.01000000.00000003.sdmp, 3GJ6S3Kwnb.exe, 00000000.00000002.772699080.000000000281C000.00000004.00000800.00020000.00000000.sdmp, igoAudSessionMonitor.dll.0.dr | String found in binary or memory: http://crl.globalsign.com/root.crl0G |
Source: 3GJ6S3Kwnb.exe, 00000000.00000002.771779733.000000000040A000.00000004.00000001.01000000.00000003.sdmp, 3GJ6S3Kwnb.exe, 00000000.00000002.772699080.000000000281C000.00000004.00000800.00020000.00000000.sdmp, igoAudSessionMonitor.dll.0.dr | String found in binary or memory: http://crl.globalsign.net/root-r3.crl0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDCA-1.crl08 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0: |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.255317617.000000000281E000.00000004.00000800.00020000.00000000.sdmp, HPPrintScanDoctorDeploymentMgr.exe.0.dr | String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.255317617.000000000281E000.00000004.00000800.00020000.00000000.sdmp, HPPrintScanDoctorDeploymentMgr.exe.0.dr | String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: http://crl3.digicert.com/EVCodeSigningSHA2-g1.crl07 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.255317617.000000000281E000.00000004.00000800.00020000.00000000.sdmp, HPPrintScanDoctorDeploymentMgr.exe.0.dr | String found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.255317617.000000000281E000.00000004.00000800.00020000.00000000.sdmp, HPPrintScanDoctorDeploymentMgr.exe.0.dr | String found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDCA-1.crl0w |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.255317617.000000000281E000.00000004.00000800.00020000.00000000.sdmp, HPPrintScanDoctorDeploymentMgr.exe.0.dr | String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0: |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: http://crl4.digicert.com/EVCodeSigningSHA2-g1.crl0B |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.255317617.000000000281E000.00000004.00000800.00020000.00000000.sdmp, HPPrintScanDoctorDeploymentMgr.exe.0.dr | String found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.255317617.000000000281E000.00000004.00000800.00020000.00000000.sdmp, HPPrintScanDoctorDeploymentMgr.exe.0.dr | String found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0 |
Source: 3GJ6S3Kwnb.exe | String found in binary or memory: http://nsis.sf.net/NSIS_ErrorError |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: http://ocsp.digicert.com0A |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.255317617.000000000281E000.00000004.00000800.00020000.00000000.sdmp, 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr, HPPrintScanDoctorDeploymentMgr.exe.0.dr | String found in binary or memory: http://ocsp.digicert.com0C |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: http://ocsp.digicert.com0H |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: http://ocsp.digicert.com0I |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.255317617.000000000281E000.00000004.00000800.00020000.00000000.sdmp, HPPrintScanDoctorDeploymentMgr.exe.0.dr | String found in binary or memory: http://ocsp.digicert.com0N |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.255317617.000000000281E000.00000004.00000800.00020000.00000000.sdmp, HPPrintScanDoctorDeploymentMgr.exe.0.dr | String found in binary or memory: http://ocsp.digicert.com0O |
Source: 3GJ6S3Kwnb.exe, 00000000.00000002.771779733.000000000040A000.00000004.00000001.01000000.00000003.sdmp, 3GJ6S3Kwnb.exe, 00000000.00000002.772699080.000000000281C000.00000004.00000800.00020000.00000000.sdmp, igoAudSessionMonitor.dll.0.dr | String found in binary or memory: http://ocsp.globalsign.com/rootr103 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000002.771779733.000000000040A000.00000004.00000001.01000000.00000003.sdmp, 3GJ6S3Kwnb.exe, 00000000.00000002.772699080.000000000281C000.00000004.00000800.00020000.00000000.sdmp, igoAudSessionMonitor.dll.0.dr | String found in binary or memory: http://ocsp2.globalsign.com/gsextendcodesignsha2g30U |
Source: 3GJ6S3Kwnb.exe, 00000000.00000002.771779733.000000000040A000.00000004.00000001.01000000.00000003.sdmp, 3GJ6S3Kwnb.exe, 00000000.00000002.772699080.000000000281C000.00000004.00000800.00020000.00000000.sdmp, igoAudSessionMonitor.dll.0.dr | String found in binary or memory: http://ocsp2.globalsign.com/gstimestampingsha2g20 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000002.771779733.000000000040A000.00000004.00000001.01000000.00000003.sdmp, 3GJ6S3Kwnb.exe, 00000000.00000002.772699080.000000000281C000.00000004.00000800.00020000.00000000.sdmp, igoAudSessionMonitor.dll.0.dr | String found in binary or memory: http://ocsp2.globalsign.com/rootr306 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000002.771779733.000000000040A000.00000004.00000001.01000000.00000003.sdmp, 3GJ6S3Kwnb.exe, 00000000.00000002.772699080.000000000281C000.00000004.00000800.00020000.00000000.sdmp, igoAudSessionMonitor.dll.0.dr | String found in binary or memory: http://secure.globalsign.com/cacert/gsextendcodesignsha2g3ocsp.crt0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000002.771779733.000000000040A000.00000004.00000001.01000000.00000003.sdmp, 3GJ6S3Kwnb.exe, 00000000.00000002.772699080.000000000281C000.00000004.00000800.00020000.00000000.sdmp, igoAudSessionMonitor.dll.0.dr | String found in binary or memory: http://secure.globalsign.com/cacert/gstimestampingsha2g2.crt0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.255317617.000000000281E000.00000004.00000800.00020000.00000000.sdmp, HPPrintScanDoctorDeploymentMgr.exe.0.dr | String found in binary or memory: http://www.digicert.com/CPS0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.255317617.000000000281E000.00000004.00000800.00020000.00000000.sdmp, 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr, HPPrintScanDoctorDeploymentMgr.exe.0.dr | String found in binary or memory: https://www.digicert.com/CPS0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000003.254238343.000000000281B000.00000004.00000800.00020000.00000000.sdmp, DiFxAPI.dll.0.dr | String found in binary or memory: https://www.digicert.com/CPS0~ |
Source: igoAudSessionMonitor.dll.0.dr | String found in binary or memory: https://www.globalsign.com/repository/0 |
Source: 3GJ6S3Kwnb.exe, 00000000.00000002.771779733.000000000040A000.00000004.00000001.01000000.00000003.sdmp, 3GJ6S3Kwnb.exe, 00000000.00000002.772699080.000000000281C000.00000004.00000800.00020000.00000000.sdmp, igoAudSessionMonitor.dll.0.dr | String found in binary or memory: https://www.globalsign.com/repository/06 |
Source: C:\Users\user\Desktop\3GJ6S3Kwnb.exe | Code function: 0_2_004056A8 GetDlgItem,GetDlgItem,GetDlgItem,GetDlgItem,GetClientRect,GetSystemMetrics,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,ShowWindow,ShowWindow,GetDlgItem,SendMessageW,SendMessageW,SendMessageW,GetDlgItem,CreateThread,FindCloseChangeNotification,ShowWindow,ShowWindow,ShowWindow,ShowWindow,SendMessageW,CreatePopupMenu,AppendMenuW,GetWindowRect,TrackPopupMenu,SendMessageW,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,SendMessageW,GlobalUnlock,SetClipboardData,CloseClipboard, |
Source: C:\Users\user\Desktop\3GJ6S3Kwnb.exe | Code function: 0_2_004034F7 EntryPoint,SetErrorMode,GetVersionExW,GetVersionExW,GetVersionExW,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,lstrcatW,lstrcatW,lstrcatW,lstrcmpiW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,OleUninitialize,ExitProcess,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess, |
Source: C:\Users\user\Desktop\3GJ6S3Kwnb.exe | Code function: 0_2_004034F7 EntryPoint,SetErrorMode,GetVersionExW,GetVersionExW,GetVersionExW,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,lstrcatW,lstrcatW,lstrcatW,lstrcmpiW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,OleUninitialize,ExitProcess,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess, |
Source: C:\Users\user\Desktop\3GJ6S3Kwnb.exe | Code function: 0_2_004034F7 EntryPoint,SetErrorMode,GetVersionExW,GetVersionExW,GetVersionExW,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,lstrcatW,lstrcatW,lstrcatW,lstrcmpiW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,OleUninitialize,ExitProcess,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess, |