Source: C:\Users\user\AppData\Local\Temp\ADCA.exe |
Code function: 10_2_00878884 CryptAcquireContextA,CryptCreateHash,CryptHashData,CryptGetHashParam,CryptGetHashParam,CryptDestroyHash,CryptReleaseContext, |
10_2_00878884 |
Source: C:\Users\user\AppData\Local\Temp\ADCA.exe |
Code function: 10_2_00881940 CryptAcquireContextA,CryptCreateHash,CryptHashData,CryptDeriveKey,CryptDecrypt,CryptDestroyKey,CryptReleaseContext, |
10_2_00881940 |
Source: C:\Users\user\AppData\Local\Temp\ADCA.exe |
Code function: 10_2_0087885C CryptAcquireContextA,CryptCreateHash,CryptHashData,CryptGetHashParam,CryptGetHashParam,CryptDestroyHash, |
10_2_0087885C |
Source: C:\Users\user\AppData\Local\Temp\ADCA.exe |
Code function: 10_2_008799FF CryptDestroyHash, |
10_2_008799FF |
Source: C:\Users\user\AppData\Local\Temp\ADCA.exe |
Code function: 10_2_0087A511 CryptReleaseContext, |
10_2_0087A511 |
Source: C:\Users\user\AppData\Local\Temp\ADCA.exe |
Code function: 10_2_00884967 CryptReleaseContext, |
10_2_00884967 |
Source: C:\Users\user\AppData\Local\Temp\ADCA.exe |
Code function: 10_2_00883F6C CryptDestroyHash, |
10_2_00883F6C |
Source: |
Binary string: setupapi.pdbf source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: wkernel32.pdb source: WerFault.exe, 00000013.00000003.527754656.0000000004961000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: bcrypt.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: sfc_os.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: c:\jfmo\tlcp\nyvnyt\obocmwsb.pdb source: 5AF.exe, 00000016.00000002.637978186.0000000004BA6000.00000004.00000800.00020000.00000000.sdmp, 5AF.exe, 00000016.00000002.522529716.00000000023B8000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: ucrtbase.pdb source: WerFault.exe, 00000013.00000003.527903261.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: msvcrt.pdb source: WerFault.exe, 00000013.00000003.527754656.0000000004961000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: wrpcrt4.pdb source: WerFault.exe, 00000013.00000003.527903261.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: wntdll.pdb source: WerFault.exe, 00000013.00000003.527754656.0000000004961000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: cryptbase.pdbD source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: shcore.pdb source: WerFault.exe, 00000013.00000003.527903261.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: C:\dohaf\kaxidin\wukoni\wefof\nojeyuve jucahazetozep zisasime.pdb0f source: 5AF.exe, 00000010.00000000.456599162.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, 5AF.exe, 00000016.00000000.482478776.0000000000401000.00000020.00000001.01000000.0000000B.sdmp |
Source: |
Binary string: wgdi32.pdb source: WerFault.exe, 00000013.00000003.527754656.0000000004961000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: advapi32.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: fltLib.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: wsspicli.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: shell32.pdb source: WerFault.exe, 00000013.00000003.527903261.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: msctf.pdby source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: comctl32v582.pdbB source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: wsspicli.pdb6 source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: msvcp_win.pdb source: WerFault.exe, 00000013.00000003.527754656.0000000004961000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: fltLib.pdbR source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: wimm32.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: wkernelbase.pdb source: WerFault.exe, 00000013.00000003.527754656.0000000004961000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: mpr.pdb source: WerFault.exe, 00000013.00000003.527903261.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: shlwapi.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: mpr.pdbA source: WerFault.exe, 00000013.00000003.527903261.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: wwin32u.pdb source: WerFault.exe, 00000013.00000003.527754656.0000000004961000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: sechost.pdb0 source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: setupapi.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: imagehlp.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: wUxTheme.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: Qrundll32.pdb source: WerFault.exe, 00000013.00000003.506255817.0000000004740000.00000004.00000800.00020000.00000000.sdmp, WerFault.exe, 00000013.00000003.489353790.000000000473F000.00000004.00000800.00020000.00000000.sdmp, WerFault.exe, 00000013.00000003.494807738.000000000473F000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: Qrundll32.pdb^t source: WerFault.exe, 00000013.00000003.527460296.0000000004740000.00000004.00000800.00020000.00000000.sdmp, WerFault.exe, 00000013.00000003.527287787.0000000004740000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: shcore.pdbk source: WerFault.exe, 00000013.00000003.527903261.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: c:\omtnkdoj\bnwv\yogisfk\cqf.pdb source: 5AF.exe, 00000010.00000002.485930859.0000000000410000.00000040.00000001.01000000.0000000B.sdmp, 5AF.exe, 00000016.00000002.517131758.0000000000410000.00000040.00000001.01000000.0000000B.sdmp |
Source: |
Binary string: C:\xehalulomuto\5\wacewatolere ciralameko_sunumeginupah\kupuwu.pdb source: ADCA.exe, 0000000A.00000000.410105733.0000000000401000.00000020.00000001.01000000.00000008.sdmp |
Source: |
Binary string: profapi.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: c:\bfllk\pdgh\qovxk\wqdtbmac.pdb source: 5AF.exe, 00000016.00000002.637978186.0000000004BA6000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: winspool.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: iphlpapi.pdbz source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: wgdi32full.pdb source: WerFault.exe, 00000013.00000003.527754656.0000000004961000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: shell32.pdbk source: WerFault.exe, 00000013.00000003.527903261.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: sechost.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: iphlpapi.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: combase.pdbt source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: 5C:\xehalulomuto\5\wacewatolere ciralameko_sunumeginupah\kupuwu.pdb0f source: ADCA.exe, 0000000A.00000000.410105733.0000000000401000.00000020.00000001.01000000.00000008.sdmp |
Source: |
Binary string: propsys.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: cfgmgr32.pdbk source: WerFault.exe, 00000013.00000003.527903261.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: ucrtbase.pdbk source: WerFault.exe, 00000013.00000003.527903261.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: powrprof.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: msctf.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: C:\yepiro_lafonu\vekamogudit62\deney\jef.pdb source: file.exe, 00000000.00000000.243494837.0000000000401000.00000020.00000001.01000000.00000003.sdmp, dfhwrav, 00000009.00000000.369163815.0000000000401000.00000020.00000001.01000000.00000007.sdmp |
Source: |
Binary string: ole32.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: version.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: AcLayers.pdb source: WerFault.exe, 00000013.00000003.527754656.0000000004961000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: propsys.pdb` source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: sfc.pdbB source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: oleaut32.pdbl source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: IC:\yepiro_lafonu\vekamogudit62\deney\jef.pdb0f source: file.exe, 00000000.00000000.243494837.0000000000401000.00000020.00000001.01000000.00000003.sdmp, dfhwrav, 00000009.00000000.369163815.0000000000401000.00000020.00000001.01000000.00000007.sdmp |
Source: |
Binary string: Kernel.Appcore.pdb source: WerFault.exe, 00000013.00000003.527903261.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: advapi32.pdbJ source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: cryptbase.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: netapi32.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: comctl32v582.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: bcryptprimitives.pdb source: WerFault.exe, 00000013.00000003.527903261.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: cfgmgr32.pdb source: WerFault.exe, 00000013.00000003.527903261.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: Windows.Storage.pdb source: WerFault.exe, 00000013.00000003.527903261.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: combase.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: c:\bfllk\pdgh\qovxk\wqdtbmac.pdb/; source: 5AF.exe, 00000016.00000002.637978186.0000000004BA6000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: c:\jfmo\tlcp\nyvnyt\obocmwsb.pdb/; source: 5AF.exe, 00000016.00000002.637978186.0000000004BA6000.00000004.00000800.00020000.00000000.sdmp, 5AF.exe, 00000016.00000002.522529716.00000000023B8000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: rundll32.pdb source: WerFault.exe, 00000013.00000003.527754656.0000000004961000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: oleaut32.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: sfc.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: powrprof.pdbX source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: apphelp.pdb source: WerFault.exe, 00000013.00000003.527754656.0000000004961000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: C:\dohaf\kaxidin\wukoni\wefof\nojeyuve jucahazetozep zisasime.pdb source: 5AF.exe, 00000010.00000000.456599162.0000000000401000.00000020.00000001.01000000.0000000B.sdmp, 5AF.exe, 00000016.00000000.482478776.0000000000401000.00000020.00000001.01000000.0000000B.sdmp |
Source: |
Binary string: wuser32.pdb source: WerFault.exe, 00000013.00000003.527754656.0000000004961000.00000004.00000800.00020000.00000000.sdmp |
Source: |
Binary string: profapi.pdb^ source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: netutils.pdb source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: netapi32.pdbk source: WerFault.exe, 00000013.00000003.527963392.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp |