Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF1440 FindFirstFileExW,FindNextFileW,FindClose,FindClose,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF1440 FindFirstFileExW,FindNextFileW,FindClose,FindClose,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF1BA0 FindFirstFileExW, |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF203C FindFirstFileExW,FindNextFileW,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E0BC20 FindFirstFileA,FindNextFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E0BD50 FindFirstFileA,FindNextFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E03E90 FindFirstFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E01130 FindFirstFileA,GetLastError,FindFirstFileA,GetLastError,FindNextFileA,GetLastError,FindClose,FindFirstFileA,GetLastError,FindNextFileA,GetLastError,FindClose,FindFirstFileA,GetLastError,FindNextFileA,GetLastError,FindClose,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E01470 FindFirstFileA,GetLastError,FindNextFileA,GetLastError,FindClose,FindFirstFileA,GetLastError,FindFirstFileA,GetLastError,FindFirstFileA,GetLastError,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E0B900 FindFirstFileA,FindNextFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E12880 FindFirstFileA,CreateFileA,GetFileTime,CloseHandle,CopyFileA,FindNextFileA,FindClose,CloseHandle, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E0BC20 FindFirstFileA,FindNextFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E0BD50 FindFirstFileA,FindNextFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E03E90 FindFirstFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E011F3 FindFirstFileA,GetLastError,FindFirstFileA,GetLastError,FindNextFileA,GetLastError,FindClose,FindFirstFileA,GetLastError,FindNextFileA,GetLastError,FindClose,FindFirstFileA,GetLastError,FindNextFileA,GetLastError,FindClose,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E016AB FindNextFileA,GetLastError,FindClose,FindFirstFileA,GetLastError,FindFirstFileA,GetLastError,FindFirstFileA,GetLastError,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E0B900 FindFirstFileA,FindNextFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E12880 FindFirstFileA,CreateFileA,GetFileTime,CloseHandle,CopyFileA,FindNextFileA,FindClose,CloseHandle, |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertEVCodeSigningCA-SHA2.crt0 |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0 |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0 |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C |
Source: FileOpenBroker64.exe, 0000000D.00000002.3718619772.000002253DE13000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06 |
Source: FileOpenBroker64.exe, 0000000D.00000002.3718619772.000002253DE13000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://crl.globalsign.net/root-r2.crl0 |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0 |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0 |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0 |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://crl3.digicert.com/EVCodeSigningSHA2-g1.crl07 |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0 |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://crl4.digicert.com/EVCodeSigningSHA2-g1.crl0J |
Source: FileOpenBroker64.exe, FileOpenBroker64.exe, 00000010.00000000.2815621930.00007FF668FC8000.00000002.00000001.01000000.0000000A.sdmp, is-JKV7N.tmp.4.dr, is-GV932.tmp.4.dr | String found in binary or memory: http://fileopen.com |
Source: FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003C5E000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003AB5000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003A30000.00000004.00001000.00020000.00000000.sdmp, FileOpenBroker64.exe, 0000000D.00000002.3723165095.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 0000000D.00000000.2735368706.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 00000010.00000000.2815055164.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 00000010.00000002.2820538293.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, is-JKV7N.tmp.4.dr, is-GV932.tmp.4.dr | String found in binary or memory: http://fileopen.com/updates |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://ocsp.digicert.com0A |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://ocsp.digicert.com0H |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://ocsp.digicert.com0I |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://ocsp.digicert.com0X |
Source: FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003C5E000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003AB5000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003A30000.00000004.00001000.00020000.00000000.sdmp, FileOpenBroker64.exe, 0000000D.00000002.3723165095.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 0000000D.00000000.2735368706.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 0000000D.00000002.3718619772.000002253DD40000.00000004.00000020.00020000.00000000.sdmp, FileOpenBroker64.exe, 00000010.00000000.2815055164.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 00000010.00000002.2817935948.0000021445E97000.00000004.00000020.00020000.00000000.sdmp, FileOpenBroker64.exe, 00000010.00000002.2820538293.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, is-JKV7N.tmp.4.dr, is-GV932.tmp.4.dr | String found in binary or memory: http://plugin.fileopen.com/. |
Source: FileOpenBroker64.exe, 00000010.00000002.2817935948.0000021445E97000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://plugin.fileopen.com/.n |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://www.digicert.com/CPS0 |
Source: FileOpenInstaller.exe, is-FC998.tmp.4.dr, is-JKV7N.tmp.4.dr, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0 |
Source: is-GV932.tmp.4.dr | String found in binary or memory: http://www.fileopen.com/%s |
Source: is-GV932.tmp.4.dr | String found in binary or memory: http://www.fileopen.com/%sPlugin |
Source: FileOpenInstaller.exe, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://www.fileopen.com/0 |
Source: FileOpenInstaller.exe, 00000000.00000003.2795690428.000000000243E000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2788287916.00000000025E1000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: http://www.fileopen.com/request-tech-support/ |
Source: FileOpenInstaller.exe, 00000000.00000003.2795690428.000000000243E000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: http://www.fileopen.com/request-tech-support/0A |
Source: FileOpenInstaller.exe, 00000000.00000003.2483235521.00000000026E0000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2499714116.0000000003650000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: http://www.fileopen.com/request-tech-support/Zhttp://www.fileopen.com/request-tech-support/ |
Source: FileOpenInstaller.tmp, 00000004.00000003.2788287916.00000000025E1000.00000004.00001000.00020000.00000000.sdmp | String found in binary or memory: http://www.fileopen.com/request-tech-support/q |
Source: FileOpenInstaller.exe, 00000000.00000003.2487120202.000000007FB50000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.exe, 00000000.00000003.2484508219.0000000002820000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000000.2493227668.0000000000401000.00000020.00000001.01000000.00000005.sdmp, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://www.innosetup.com/ |
Source: FileOpenInstaller.exe, 00000000.00000003.2487120202.000000007FB50000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.exe, 00000000.00000003.2484508219.0000000002820000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000000.2493227668.0000000000401000.00000020.00000001.01000000.00000005.sdmp, is-NSHSA.tmp.4.dr, FileOpenInstaller.tmp.0.dr | String found in binary or memory: http://www.remobjects.com/ps |
Source: FileOpenInstaller.exe | String found in binary or memory: https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU |
Source: FileOpenBroker64.exe, 0000000D.00000002.3720780457.000002253FA30000.00000004.00000020.00020000.00000000.sdmp, FileOpenBroker64.exe, 0000000D.00000002.3718619772.000002253DDD0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://plugin.fileopen.com/ |
Source: FileOpenBroker64.exe, 0000000D.00000002.3720780457.000002253FA30000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://plugin.fileopen.com//& |
Source: FileOpenBroker64.exe, 0000000D.00000002.3720780457.000002253FA6B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://plugin.fileopen.com/installcomplete.ashx?Request=DocPerm&Stamp=1675795218&Mode=CNR&USR=10007 |
Source: FileOpenBroker64.exe, 0000000D.00000002.3720780457.000002253FA6B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://plugin.fileopen.com/installcomplete.ashx?Request=Setting&Stamp=1675795217&Mode=CNR&USR=10007 |
Source: FileOpenBroker64.exe, 0000000D.00000002.3718619772.000002253DDD0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://usr.fileopen.com/ |
Source: FileOpenBroker64.exe, 0000000D.00000002.3718619772.000002253DDD0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://usr.fileopen.com/_ |
Source: FileOpenBroker64.exe, 0000000D.00000002.3718619772.000002253DDD0000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://usr.fileopen.com/check/usr/ZHAk7YpwDRdZvZq3ePSvK2nhY4hHWUX |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600A768B0 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AA1180 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600A77510 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600A87640 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AAA224 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AC421C |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600ADA15C |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AFA2DC |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600A8E320 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF626C |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF44EC |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AC4484 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600B006CC |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AEA720 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AC4700 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF44EC |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AC4968 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600A7C9A0 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AE6A68 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600ADEBD8 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600ADABC8 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600ADECF4 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AC4C48 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600ADEE14 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AD0E04 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600ADEF30 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600A8EFE0 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AC4F3C |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600B050CC |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600ADD110 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AC521C |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600ADB18C |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AEB2C8 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AE528C |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600A8F42F |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600A85400 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AFD384 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AC54E8 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF1440 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AFB568 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF1440 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AC57C8 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF5AAC |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AC3A78 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF7C04 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600ADDB50 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600A8DB40 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF1BA0 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AC3CFC |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600ADE000 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AC3F98 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600A75F80 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668DD8DE0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668F0ED98 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668F0F02C |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668DD8180 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E0F6A0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668DE7640 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668DD7850 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668DD5A10 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668EF9974 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668DEDB30 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668F2A95C |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E08B10 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E23B10 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668F299B4 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E22A7C |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E07A70 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668F0FC40 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668EEEBEC |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668F0ECB4 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E1EBA0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668F1CB98 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668F0AC04 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E20DF0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E01D50 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668F3FD98 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E47EC0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668F29DB4 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E03E90 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E1F024 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E8BFF0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668DEEFD0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E01130 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668F1FF98 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E18220 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668F09280 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E5F1C0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E1F2F6 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668DEE310 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668DEF41F |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668DE5400 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E074F0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E094D0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668F333AC |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E0B540 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668F3D5A4 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E4A820 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E0D7D0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668F0ED98 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668F0F02C |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668DD8180 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E0F6A0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668DE7640 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668DD5A10 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668EF9974 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668DEDB30 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E08B10 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668F299B4 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E07A70 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668F0FC40 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668EEEBEC |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668F0ECB4 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E1EBA0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668F1CB98 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668F0AC04 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668DD8DE0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E20DF0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E01D50 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E47EC0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E03E90 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E1F024 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E8BFF0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668DEEFD0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668F1FF98 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E18220 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E011F3 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E1F2F6 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668DEE310 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668DEF41F |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668DE5400 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E074F0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E094D0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E0B540 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E0D7D0 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E39860 |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668DD7850 |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600A768B0 GetCurrentProcess,GetCurrentProcess,GetCurrentProcess,DuplicateHandle,SetLastError,FindCloseChangeNotification,EnterCriticalSection,LeaveCriticalSection,LocalAlloc,NtCreatePort,LocalFree,LocalFree,LocalFree,LocalAlloc,lstrlenA,LocalAlloc,lstrcpyA,CreateSemaphoreW,InitializeCriticalSection,CreateThread,CreateThread,SetThreadPriority,SetThreadPriority,EnterCriticalSection,LeaveCriticalSection, |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600A77510 LocalAlloc,NtReplyWaitReceivePortEx,NtReplyWaitReceivePort,FindCloseChangeNotification,NtAcceptConnectPort,LocalFree,GetCurrentProcessId,LocalAlloc,NtAcceptConnectPort,LocalAlloc,LocalFree,NtCompleteConnectPort,SetEvent,EnterCriticalSection,LeaveCriticalSection,ReleaseSemaphore,LocalFree,NtAcceptConnectPort,LocalFree,LocalFree,LocalFree, |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600A77AF0 EnterCriticalSection,LeaveCriticalSection,ReleaseSemaphore,NtConnectPort,LocalFree,WaitForSingleObject,TerminateThread,CloseHandle,WaitForSingleObject,TerminateThread,CloseHandle,GetCurrentProcess,GetCurrentProcess,DuplicateHandle,SetEvent,WaitForSingleObject,CloseHandle,SetEvent,WaitForSingleObject,EnterCriticalSection,TerminateThread,CloseHandle,CloseHandle,LocalFree,LocalFree,LeaveCriticalSection,CloseHandle,CloseHandle,DeleteCriticalSection,LocalFree,LocalFree, |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600A75F80 GetLastError,GetCurrentProcessId,GetCurrentProcessId,GetCurrentProcessId,CreateFileMappingW,MapViewOfFile,UnmapViewOfFile,NtConnectPort,CloseHandle,LocalFree,CloseHandle,GetCurrentProcessId,OpenProcess,OpenProcess,GetCurrentProcess,DuplicateHandle,GetCurrentProcessId,WriteFile,WriteFile,WriteFile,WriteFile,WriteFile,CloseHandle,ReleaseMutex,CloseHandle,CloseHandle,SetLastError, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668DD8DE0 LocalAlloc,NtReplyWaitReceivePortEx,NtReplyWaitReceivePort,CloseHandle,NtAcceptConnectPort,LocalFree,GetCurrentProcessId,LocalAlloc,NtAcceptConnectPort,LocalAlloc,LocalFree,NtCompleteConnectPort,SetEvent,EnterCriticalSection,LeaveCriticalSection,ReleaseSemaphore,LocalFree,NtAcceptConnectPort,LocalFree,LocalFree,LocalFree, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668DD8180 GetCurrentProcess,GetCurrentProcess,GetCurrentProcess,DuplicateHandle,SetLastError,FindCloseChangeNotification,EnterCriticalSection,LeaveCriticalSection,LocalAlloc,NtCreatePort,LocalFree,LocalFree,LocalFree,LocalAlloc,lstrlenA,LocalAlloc,lstrcpyA,CreateSemaphoreW,InitializeCriticalSection,CreateThread,CreateThread,SetThreadPriority,SetThreadPriority,EnterCriticalSection,LeaveCriticalSection, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668DD7850 GetLastError,GetCurrentProcessId,GetCurrentProcessId,GetCurrentProcessId,CreateFileMappingW,MapViewOfFile,UnmapViewOfFile,NtConnectPort,CloseHandle,LocalFree,CloseHandle,GetCurrentProcessId,OpenProcess,OpenProcess,GetCurrentProcess,DuplicateHandle,GetCurrentProcessId,WriteFile,WriteFile,WriteFile,WriteFile,WriteFile,CloseHandle,ReleaseMutex,CloseHandle,CloseHandle,SetLastError, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668DD93C0 EnterCriticalSection,LeaveCriticalSection,ReleaseSemaphore,NtConnectPort,LocalFree,WaitForSingleObject,TerminateThread,CloseHandle,WaitForSingleObject,TerminateThread,CloseHandle,GetCurrentProcess,GetCurrentProcess,DuplicateHandle,SetEvent,WaitForSingleObject,CloseHandle,SetEvent,WaitForSingleObject,EnterCriticalSection,TerminateThread,CloseHandle,CloseHandle,LocalFree,LocalFree,LeaveCriticalSection,CloseHandle,CloseHandle,DeleteCriticalSection,LocalFree,LocalFree, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668DD8180 GetCurrentProcess,GetCurrentProcess,GetCurrentProcess,DuplicateHandle,SetLastError,CloseHandle,EnterCriticalSection,LeaveCriticalSection,LocalAlloc,NtCreatePort,LocalFree,LocalFree,LocalFree,LocalAlloc,lstrlenA,LocalAlloc,lstrcpyA,CreateSemaphoreW,InitializeCriticalSection,CreateThread,CreateThread,SetThreadPriority,SetThreadPriority,EnterCriticalSection,LeaveCriticalSection, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668DD8DE0 LocalAlloc,NtReplyWaitReceivePortEx,NtReplyWaitReceivePort,CloseHandle,NtAcceptConnectPort,LocalFree,GetCurrentProcessId,LocalAlloc,NtAcceptConnectPort,LocalAlloc,LocalFree,NtCompleteConnectPort,SetEvent,EnterCriticalSection,LeaveCriticalSection,ReleaseSemaphore,LocalFree,NtAcceptConnectPort,LocalFree,LocalFree,LocalFree, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668DD93C0 EnterCriticalSection,LeaveCriticalSection,ReleaseSemaphore,NtConnectPort,LocalFree,WaitForSingleObject,TerminateThread,CloseHandle,WaitForSingleObject,TerminateThread,CloseHandle,GetCurrentProcess,GetCurrentProcess,DuplicateHandle,SetEvent,WaitForSingleObject,CloseHandle,SetEvent,WaitForSingleObject,EnterCriticalSection,TerminateThread,CloseHandle,CloseHandle,LocalFree,LocalFree,LeaveCriticalSection,CloseHandle,CloseHandle,DeleteCriticalSection,LocalFree,LocalFree, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668DD7850 GetLastError,GetCurrentProcessId,GetCurrentProcessId,GetCurrentProcessId,CreateFileMappingW,MapViewOfFile,UnmapViewOfFile,NtConnectPort,CloseHandle,LocalFree,CloseHandle,GetCurrentProcessId,OpenProcess,OpenProcess,GetCurrentProcess,DuplicateHandle,GetCurrentProcessId,WriteFile,WriteFile,WriteFile,WriteFile,WriteFile,CloseHandle,ReleaseMutex,CloseHandle,CloseHandle,SetLastError, |
Source: unknown | Process created: C:\Users\user\Desktop\FileOpenInstaller.exe C:\Users\user\Desktop\FileOpenInstaller.exe |
Source: C:\Users\user\Desktop\FileOpenInstaller.exe | Process created: C:\Users\user\AppData\Local\Temp\is-RJIJI.tmp\FileOpenInstaller.tmp "C:\Users\user\AppData\Local\Temp\is-RJIJI.tmp\FileOpenInstaller.tmp" /SL5="$6040A,6054369,1320960,C:\Users\user\Desktop\FileOpenInstaller.exe" |
Source: C:\Users\user\AppData\Local\Temp\is-RJIJI.tmp\FileOpenInstaller.tmp | Process created: C:\Windows\System32\sc.exe "C:\Windows\system32\sc.exe" create FileOpenManager binpath= "\"C:\Program Files\FileOpen\Services\FileOpenManager64.exe\"" start= auto |
Source: C:\Windows\System32\sc.exe | Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
Source: C:\Users\user\AppData\Local\Temp\is-RJIJI.tmp\FileOpenInstaller.tmp | Process created: C:\Windows\System32\sc.exe "C:\Windows\system32\sc.exe" description FileOpenManager "FileOpen Client Manager" |
Source: C:\Windows\System32\sc.exe | Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
Source: C:\Users\user\AppData\Local\Temp\is-RJIJI.tmp\FileOpenInstaller.tmp | Process created: C:\Windows\System32\sc.exe "C:\Windows\system32\sc.exe" start FileOpenManager |
Source: C:\Windows\System32\sc.exe | Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
Source: unknown | Process created: C:\Program Files\FileOpen\Services\FileOpenManager64.exe C:\Program Files\FileOpen\Services\FileOpenManager64.exe |
Source: C:\Users\user\AppData\Local\Temp\is-RJIJI.tmp\FileOpenInstaller.tmp | Process created: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe C:\Program Files\FileOpen\Services\FileOpenBroker64.exe |
Source: C:\Users\user\AppData\Local\Temp\is-RJIJI.tmp\FileOpenInstaller.tmp | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" installcomplete.pdf |
Source: unknown | Process created: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe "C:\Program Files\FileOpen\Services\FileOpenBroker64.exe" |
Source: C:\Users\user\Desktop\FileOpenInstaller.exe | Process created: C:\Users\user\AppData\Local\Temp\is-RJIJI.tmp\FileOpenInstaller.tmp "C:\Users\user\AppData\Local\Temp\is-RJIJI.tmp\FileOpenInstaller.tmp" /SL5="$6040A,6054369,1320960,C:\Users\user\Desktop\FileOpenInstaller.exe" |
Source: C:\Users\user\AppData\Local\Temp\is-RJIJI.tmp\FileOpenInstaller.tmp | Process created: C:\Windows\System32\sc.exe "C:\Windows\system32\sc.exe" create FileOpenManager binpath= "\"C:\Program Files\FileOpen\Services\FileOpenManager64.exe\"" start= auto |
Source: C:\Users\user\AppData\Local\Temp\is-RJIJI.tmp\FileOpenInstaller.tmp | Process created: C:\Windows\System32\sc.exe "C:\Windows\system32\sc.exe" description FileOpenManager "FileOpen Client Manager" |
Source: C:\Users\user\AppData\Local\Temp\is-RJIJI.tmp\FileOpenInstaller.tmp | Process created: C:\Windows\System32\sc.exe "C:\Windows\system32\sc.exe" start FileOpenManager |
Source: C:\Users\user\AppData\Local\Temp\is-RJIJI.tmp\FileOpenInstaller.tmp | Process created: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe C:\Program Files\FileOpen\Services\FileOpenBroker64.exe |
Source: C:\Users\user\AppData\Local\Temp\is-RJIJI.tmp\FileOpenInstaller.tmp | Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" installcomplete.pdf |
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | Process created: unknown unknown |
Source: FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003C5E000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003AB5000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003A30000.00000004.00001000.00020000.00000000.sdmp, FileOpenBroker64.exe, 0000000D.00000002.3723165095.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 0000000D.00000000.2735368706.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 00000010.00000000.2815055164.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 00000010.00000002.2820538293.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, is-JKV7N.tmp.4.dr, is-GV932.tmp.4.dr | Binary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger'); |
Source: FileOpenBroker64.exe, FileOpenBroker64.exe, 00000010.00000000.2815055164.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 00000010.00000002.2820538293.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, is-JKV7N.tmp.4.dr, is-GV932.tmp.4.dr | Binary or memory string: SELECT tbl_name FROM sqlite_master WHERE type='table' AND name='%s'; |
Source: FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003C5E000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003AB5000.00000004.00001000.00020000.00000000.sdmp | Binary or memory string: UPDATE %s SET = WHERE %s = %d AND %s = '%s';fotkSqliteStorage.cpp:%d. SetLibSqliteDbGdpr - Can't sqlite3_step a '%s' row. Result code %d - Err message '%s'. |
Source: FileOpenBroker64.exe, FileOpenBroker64.exe, 00000010.00000000.2815055164.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 00000010.00000002.2820538293.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, is-JKV7N.tmp.4.dr, is-GV932.tmp.4.dr | Binary or memory string: UPDATE %s SET %s = %u WHERE %s = %d AND %s = '%s'; |
Source: FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003C5E000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003AB5000.00000004.00001000.00020000.00000000.sdmp | Binary or memory string: SELECT * FROM %s WHERE pubId = %d AND url = '%s';fotkSqliteStorage.cpp:%d. GetLibSqliteDbGdpr - Can't sqlite3_prepare_v2 a '%s' statement. Result code %d - Err message '%s'. |
Source: FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003C5E000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003AB5000.00000004.00001000.00020000.00000000.sdmp | Binary or memory string: SELECT idx FROM %s WHERE pubId = %d AND url = '%s';fotkSqliteStorage.cpp:%d. SetLibSqliteDbGdpr. query '%s' |
Source: FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003C5E000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003AB5000.00000004.00001000.00020000.00000000.sdmp | Binary or memory string: SELECT sql FROM sqlite_master WHERE type='table' AND name = '%s';gdprGDPRfotkLibSqliteSchema.cpp. |
Source: FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003C5E000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003AB5000.00000004.00001000.00020000.00000000.sdmp | Binary or memory string: INSERT INTO %s (,) VALUES ('datetime('now')%u);fotkSqliteStorage.cpp:%d. SetLibSqliteDbGdpr. The Gdpr database must be updated. |
Source: FileOpenBroker64.exe, FileOpenBroker64.exe, 00000010.00000000.2815055164.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 00000010.00000002.2820538293.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, is-JKV7N.tmp.4.dr, is-GV932.tmp.4.dr | Binary or memory string: SELECT sql FROM sqlite_master WHERE type='table' AND name = '%s'; |
Source: FileOpenBroker64.exe, FileOpenBroker64.exe, 00000010.00000000.2815055164.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 00000010.00000002.2820538293.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, is-JKV7N.tmp.4.dr, is-GV932.tmp.4.dr | Binary or memory string: SELECT idx FROM %s WHERE pubId = %d AND url = '%s'; |
Source: FileOpenBroker64.exe, FileOpenBroker64.exe, 00000010.00000000.2815055164.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 00000010.00000002.2820538293.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, is-JKV7N.tmp.4.dr, is-GV932.tmp.4.dr | Binary or memory string: SELECT * FROM %s WHERE pubId = %d AND url = '%s'; |
Source: FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003C5E000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003AB5000.00000004.00001000.00020000.00000000.sdmp | Binary or memory string: SELECT %s FROM %s WHERE %s = %d AND %s = '%s';fotkSqliteStorage.cpp:%d. GetLibSqliteDbGdprState. query '%s' |
Source: FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003C5E000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003AB5000.00000004.00001000.00020000.00000000.sdmp | Binary or memory string: SELECT * FROM sqlite_master; |
Source: FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003C5E000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003AB5000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003A30000.00000004.00001000.00020000.00000000.sdmp, FileOpenBroker64.exe, 0000000D.00000002.3723165095.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 0000000D.00000000.2735368706.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 00000010.00000000.2815055164.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 00000010.00000002.2820538293.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, is-JKV7N.tmp.4.dr, is-GV932.tmp.4.dr | Binary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q); |
Source: FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003C5E000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003AB5000.00000004.00001000.00020000.00000000.sdmp | Binary or memory string: SELECT tbl_name FROM sqlite_master WHERE type='table' AND name='%s';SqliteCookies.cpp:%d. GetSqliteDbCookieContent - SQL '%s' returns error '%s'. |
Source: FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003C5E000.00000004.00001000.00020000.00000000.sdmp, FileOpenInstaller.tmp, 00000004.00000003.2775176990.0000000003AB5000.00000004.00001000.00020000.00000000.sdmp | Binary or memory string: UPDATE %s SET %s = %u WHERE %s = %d AND %s = '%s';fotkSqliteStorage.cpp:%d. SetLibSqliteDbGdprState. query '%s' |
Source: FileOpenBroker64.exe, FileOpenBroker64.exe, 00000010.00000000.2815055164.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, FileOpenBroker64.exe, 00000010.00000002.2820538293.00007FF668F4B000.00000002.00000001.01000000.0000000A.sdmp, is-JKV7N.tmp.4.dr, is-GV932.tmp.4.dr | Binary or memory string: SELECT %s FROM %s WHERE %s = %d AND %s = '%s'; |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF1440 FindFirstFileExW,FindNextFileW,FindClose,FindClose,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF1440 FindFirstFileExW,FindNextFileW,FindClose,FindClose,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF1BA0 FindFirstFileExW, |
Source: C:\Program Files\FileOpen\Services\FileOpenManager64.exe | Code function: 12_2_00007FF600AF203C FindFirstFileExW,FindNextFileW,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E0BC20 FindFirstFileA,FindNextFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E0BD50 FindFirstFileA,FindNextFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E03E90 FindFirstFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E01130 FindFirstFileA,GetLastError,FindFirstFileA,GetLastError,FindNextFileA,GetLastError,FindClose,FindFirstFileA,GetLastError,FindNextFileA,GetLastError,FindClose,FindFirstFileA,GetLastError,FindNextFileA,GetLastError,FindClose,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E01470 FindFirstFileA,GetLastError,FindNextFileA,GetLastError,FindClose,FindFirstFileA,GetLastError,FindFirstFileA,GetLastError,FindFirstFileA,GetLastError,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E0B900 FindFirstFileA,FindNextFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 13_2_00007FF668E12880 FindFirstFileA,CreateFileA,GetFileTime,CloseHandle,CopyFileA,FindNextFileA,FindClose,CloseHandle, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E0BC20 FindFirstFileA,FindNextFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E0BD50 FindFirstFileA,FindNextFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E03E90 FindFirstFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E011F3 FindFirstFileA,GetLastError,FindFirstFileA,GetLastError,FindNextFileA,GetLastError,FindClose,FindFirstFileA,GetLastError,FindNextFileA,GetLastError,FindClose,FindFirstFileA,GetLastError,FindNextFileA,GetLastError,FindClose,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E016AB FindNextFileA,GetLastError,FindClose,FindFirstFileA,GetLastError,FindFirstFileA,GetLastError,FindFirstFileA,GetLastError,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E0B900 FindFirstFileA,FindNextFileA,FindNextFileA,FindClose, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Code function: 16_2_00007FF668E12880 FindFirstFileA,CreateFileA,GetFileTime,CloseHandle,CopyFileA,FindNextFileA,FindClose,CloseHandle, |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\L10n VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkLsts.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkLngs.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkCnfs.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkDrs.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkPrs.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkRds.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkNis.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkBus.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\L10n\fotk_de.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\L10n\fotk_fr.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\L10n\fotk_zh.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\L10n\fotk_ja.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\L10n VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkLsts.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkLngs.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkCnfs.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkDrs.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkPrs.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkRds.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkNis.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\Lists\fotkBus.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\L10n\fotk_de.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\L10n\fotk_fr.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\L10n\fotk_zh.lcd VolumeInformation |
Source: C:\Program Files\FileOpen\Services\FileOpenBroker64.exe | Queries volume information: C:\ProgramData\FileOpen\Updates\L10n\fotk_ja.lcd VolumeInformation |