Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00838F57 FindFirstFileExW,FindNextFileW,FindClose,FindClose, |
0_2_00838F57 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_0040BDAF _EH_prolog,FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,StrCmpCA,DeleteFileA,StrCmpCA,CopyFileA,DeleteFileA,FindNextFileA,FindClose, |
2_2_0040BDAF |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_004011D9 _EH_prolog,FindFirstFileA,StrCmpCA,StrCmpCA,FindFirstFileA,FindNextFileA,FindClose,FindNextFileA,FindClose, |
2_2_004011D9 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_004093C1 _EH_prolog,FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose, |
2_2_004093C1 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_004145BC _EH_prolog,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,FindNextFileA,FindClose, |
2_2_004145BC |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_004097DC _EH_prolog,StrCmpCA,FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose, |
2_2_004097DC |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_00414960 _EH_prolog,GetProcessHeap,HeapAlloc,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,FindNextFileA,FindClose,lstrcat,lstrcat,lstrlen,lstrlen, |
2_2_00414960 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_00414CC7 _EH_prolog,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,FindNextFileA,FindClose, |
2_2_00414CC7 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_00409E01 _EH_prolog,FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,FindNextFileA, |
2_2_00409E01 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_00413F80 _EH_prolog,wsprintfA,FindFirstFileA,memset,memset,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,memset,lstrcat,strtok_s,memset,lstrcat,PathMatchSpecA,wsprintfA,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,strtok_s,FindNextFileA,FindClose, |
2_2_00413F80 |
Source: 77EC63BDA74BD0D0E0426DC8F80085060.2.dr |
String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab |
Source: RegAsm.exe, 00000002.00000002.2894211044.0000000000D9D000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab4 |
Source: RegAsm.exe, 00000002.00000002.2894211044.0000000000D74000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en; |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: http://store.steampowered.com/account/cookiepreferences/ |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: http://store.steampowered.com/privacy_agreement/ |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: http://store.steampowered.com/subscriber_agreement/ |
Source: RegAsm.exe, 00000002.00000002.2895552761.0000000015E0D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2900945500.000000001BDAD000.00000002.00001000.00020000.00000000.sdmp, sqlx[1].dll.2.dr |
String found in binary or memory: http://www.sqlite.org/copyright.html. |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: http://www.valvesoftware.com/legal.htm |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42/ |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42/( |
Source: 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://95.217.245.42:9000 |
Source: RegAsm.exe, 00000002.00000002.2894673197.0000000000E80000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/ |
Source: RegAsm.exe, 00000002.00000002.2894928338.0000000000F6E000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/) |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/0ed9osoft |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/B |
Source: RegAsm.exe, 00000002.00000002.2894211044.0000000000D9D000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/M |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/Pd |
Source: RegAsm.exe, 00000002.00000002.2894623309.0000000000E2E000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/freebl3.dll |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/freebl3.dllEdge |
Source: RegAsm.exe, 00000002.00000002.2894623309.0000000000E2E000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/freebl3.dllu |
Source: RegAsm.exe, 00000002.00000002.2894623309.0000000000E2E000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000528000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/mozglue.dll |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/mozglue.dllEdge |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000528000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/mozglue.dllome |
Source: RegAsm.exe, 00000002.00000002.2894623309.0000000000E2E000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/msvcp140.dll |
Source: RegAsm.exe, 00000002.00000002.2894623309.0000000000E2E000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/msvcp140.dllz)l |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2894928338.0000000000F6E000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/nss3.dll |
Source: RegAsm.exe, 00000002.00000002.2894928338.0000000000F6E000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/nss3.dll2 |
Source: RegAsm.exe, 00000002.00000002.2894623309.0000000000E2E000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/softokn3.dll |
Source: RegAsm.exe, 00000002.00000002.2894623309.0000000000E2E000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/softokn3.dllh |
Source: RegAsm.exe, 00000002.00000002.2894928338.0000000000F6E000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/sqlx.dll |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.000000000052E000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/vcruntime140.dll |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/vcruntime140.dll4 |
Source: RegAsm.exe, 00000002.00000002.2893637125.000000000052E000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/vcruntime140.dllUser |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000/vcruntime140.dllt |
Source: RegAsm.exe, 00000002.00000002.2893637125.000000000056C000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000acrosoft |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000ing |
Source: RegAsm.exe, 00000002.00000002.2893637125.000000000056C000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000l |
Source: RegAsm.exe, 00000002.00000002.2893637125.000000000052E000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://95.217.245.42:9000msvcp140.dll0_15_7) |
Source: AKKEGHJD.2.dr |
String found in binary or memory: https://ac.ecosia.org/autocomplete?q= |
Source: 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://avatars.cloudflare.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg |
Source: AKKEGHJD.2.dr |
String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q= |
Source: AKKEGHJD.2.dr |
String found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search |
Source: AKKEGHJD.2.dr |
String found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command= |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/applications/community/main.css?v=tIrWyaxi8A |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english&am |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/promo/summer2017/stickers.css?v=bZKSp7oNwVPK |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=engli |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/modalContent.css?v=.TP5s6TzX6LLh& |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/profilev2.css?v=gNE3gksLVEVa&l=en |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/images/skin_1/arrowDn9x5.gif |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1 |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28b |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=roSu |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v= |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=PyuRtGtUpR0t&l=englis |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC& |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/modalContent.js?v=Wd0kCESeJquW&l= |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=engli |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/profile.js?v=X93cgZRtuH6z&l=engli |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/promo/stickers.js?v=GfA42_x2_aub& |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw& |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe& |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpE |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/webui/clientcom.js?v=KyfgrihL0xta& |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=engl |
Source: 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l= |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=2VoZa2M8Wh3k& |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=eghn9DNyCY67& |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/r |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2894211044.0000000000D9D000.00000004.00000020.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2894211044.0000000000D9D000.00000004.00000020.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.p |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=wJD9maDpDcV |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/toolt |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0& |
Source: AKKEGHJD.2.dr |
String found in binary or memory: https://duckduckgo.com/ac/?q= |
Source: AKKEGHJD.2.dr |
String found in binary or memory: https://duckduckgo.com/chrome_newtab |
Source: AKKEGHJD.2.dr |
String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q= |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://help.steampowered.com/en/ |
Source: 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://steamcommunity.com/ |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://steamcommunity.com/?subsection=broadcasts |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://steamcommunity.com/discussions/ |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org |
Source: 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199680449169 |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://steamcommunity.com/market/ |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2894211044.0000000000D9D000.00000004.00000020.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://steamcommunity.com/my/wishlist/ |
Source: file.exe, file.exe, 00000000.00000002.1626908949.000000000084D000.00000004.00000001.01000000.00000003.sdmp, RegAsm.exe, RegAsm.exe, 00000002.00000002.2894211044.0000000000D74000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://steamcommunity.com/profiles/76561199680449169 |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://steamcommunity.com/profiles/76561199680449169/badges |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://steamcommunity.com/profiles/76561199680449169/inventory/ |
Source: RegAsm.exe, 00000002.00000002.2894211044.0000000000D74000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://steamcommunity.com/profiles/76561199680449169;C |
Source: RegAsm.exe, 00000002.00000002.2894211044.0000000000D74000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://steamcommunity.com/tQ |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://steamcommunity.com/workshop/ |
Source: RegAsm.exe, 00000002.00000002.2894211044.0000000000D9D000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://store.steampowere/(: |
Source: 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://store.steampowered.com/ |
Source: 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://store.steampowered.com/about/ |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2894211044.0000000000D9D000.00000004.00000020.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://store.steampowered.com/explore/ |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://store.steampowered.com/legal/ |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://store.steampowered.com/mobile |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2894211044.0000000000D9D000.00000004.00000020.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://store.steampowered.com/news/ |
Source: RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2894211044.0000000000D9D000.00000004.00000020.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://store.steampowered.com/points/shop/ |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://store.steampowered.com/privacy_agreement/ |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://store.steampowered.com/stats/ |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://store.steampowered.com/steam_refunds/ |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://store.steampowered.com/subscriber_agreement/ |
Source: RegAsm.exe, 00000002.00000002.2893637125.000000000056C000.00000040.00000400.00020000.00000000.sdmp, KFIIJJJD.2.dr |
String found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016 |
Source: KFIIJJJD.2.dr |
String found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples |
Source: RegAsm.exe, 00000002.00000002.2893637125.000000000056C000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016ost.exe |
Source: RegAsm.exe, 00000002.00000002.2893637125.000000000056C000.00000040.00000400.00020000.00000000.sdmp, KFIIJJJD.2.dr |
String found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17 |
Source: KFIIJJJD.2.dr |
String found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install |
Source: RegAsm.exe, 00000002.00000002.2893637125.000000000056C000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17rer.exe |
Source: file.exe, file.exe, 00000000.00000002.1626908949.000000000084D000.00000004.00000001.01000000.00000003.sdmp, RegAsm.exe, RegAsm.exe, 00000002.00000002.2893637125.0000000000400000.00000040.00000400.00020000.00000000.sdmp |
String found in binary or memory: https://t.me/r1g1o |
Source: AKKEGHJD.2.dr |
String found in binary or memory: https://www.ecosia.org/newtab/ |
Source: AKKEGHJD.2.dr |
String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico |
Source: RegAsm.exe, 00000002.00000002.2894452308.0000000000DCC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2893637125.0000000000435000.00000040.00000400.00020000.00000000.sdmp, 76561199680449169[1].htm.2.dr |
String found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0086B0A8 |
0_2_0086B0A8 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_008694E3 |
0_2_008694E3 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00833653 |
0_2_00833653 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00868A41 |
0_2_00868A41 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00869BBF |
0_2_00869BBF |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0083CD70 |
0_2_0083CD70 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0082EEE0 |
0_2_0082EEE0 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_0082BE6D |
0_2_0082BE6D |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00868F92 |
0_2_00868F92 |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00833F3F |
0_2_00833F3F |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_0041A609 |
2_2_0041A609 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_0041B787 |
2_2_0041B787 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_0041AB5A |
2_2_0041AB5A |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_0041CC70 |
2_2_0041CC70 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB74CF0 |
2_2_1BB74CF0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC89A20 |
2_2_1BC89A20 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB62018 |
2_2_1BB62018 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC15940 |
2_2_1BC15940 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB61C9E |
2_2_1BB61C9E |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB62AA9 |
2_2_1BB62AA9 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB612A8 |
2_2_1BB612A8 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BCC9CC0 |
2_2_1BCC9CC0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB6292D |
2_2_1BB6292D |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBF53B0 |
2_2_1BBF53B0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB63580 |
2_2_1BB63580 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BD3D209 |
2_2_1BD3D209 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC85040 |
2_2_1BC85040 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB79000 |
2_2_1BB79000 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC1D6D0 |
2_2_1BC1D6D0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC09690 |
2_2_1BC09690 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BCC9430 |
2_2_1BCC9430 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC64A60 |
2_2_1BC64A60 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB61EF1 |
2_2_1BB61EF1 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB88D2A |
2_2_1BB88D2A |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB63AB2 |
2_2_1BB63AB2 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBE8120 |
2_2_1BBE8120 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBE0090 |
2_2_1BBE0090 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC88030 |
2_2_1BC88030 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB88763 |
2_2_1BB88763 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBC4760 |
2_2_1BBC4760 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBF8760 |
2_2_1BBF8760 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB88680 |
2_2_1BB88680 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BCA0480 |
2_2_1BCA0480 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB8BAB0 |
2_2_1BB8BAB0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB6251D |
2_2_1BB6251D |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB6290A |
2_2_1BB6290A |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB93370 |
2_2_1BB93370 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB6174E |
2_2_1BB6174E |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB6F160 |
2_2_1BB6F160 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB6EA80 |
2_2_1BB6EA80 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB6AA40 |
2_2_1BB6AA40 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC469C0 |
2_2_1BC469C0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC5A940 |
2_2_1BC5A940 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC7A900 |
2_2_1BC7A900 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB6481D |
2_2_1BB6481D |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB63E3B |
2_2_1BB63E3B |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC9E800 |
2_2_1BC9E800 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBA6E80 |
2_2_1BBA6E80 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBC2EE0 |
2_2_1BBC2EE0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BD3AEBE |
2_2_1BD3AEBE |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB619DD |
2_2_1BB619DD |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBEA0B0 |
2_2_1BBEA0B0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB6209F |
2_2_1BB6209F |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB766C0 |
2_2_1BB766C0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC5A590 |
2_2_1BC5A590 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB8A560 |
2_2_1BB8A560 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB647AF |
2_2_1BB647AF |
Source: RegAsm.exe, 00000002.00000002.2900833620.000000001BD78000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2895552761.0000000015E0D000.00000004.00000020.00020000.00000000.sdmp, sqlx[1].dll.2.dr |
Binary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger'); |
Source: RegAsm.exe, 00000002.00000002.2900833620.000000001BD78000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2895552761.0000000015E0D000.00000004.00000020.00020000.00000000.sdmp, sqlx[1].dll.2.dr |
Binary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB); |
Source: RegAsm.exe, RegAsm.exe, 00000002.00000002.2900833620.000000001BD78000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2895552761.0000000015E0D000.00000004.00000020.00020000.00000000.sdmp, sqlx[1].dll.2.dr |
Binary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB); |
Source: RegAsm.exe, 00000002.00000002.2900833620.000000001BD78000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2895552761.0000000015E0D000.00000004.00000020.00020000.00000000.sdmp, sqlx[1].dll.2.dr |
Binary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx)); |
Source: RegAsm.exe, RegAsm.exe, 00000002.00000002.2900833620.000000001BD78000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2895552761.0000000015E0D000.00000004.00000020.00020000.00000000.sdmp, sqlx[1].dll.2.dr |
Binary or memory string: INSERT INTO "%w"."%w"("%w") VALUES('integrity-check'); |
Source: RegAsm.exe, 00000002.00000002.2900833620.000000001BD78000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2895552761.0000000015E0D000.00000004.00000020.00020000.00000000.sdmp, sqlx[1].dll.2.dr |
Binary or memory string: CREATE TABLE IF NOT EXISTS %s.'rbu_tmp_%q' AS SELECT *%s FROM '%q' WHERE 0; |
Source: RegAsm.exe, 00000002.00000002.2895040896.00000000032E5000.00000004.00000020.00020000.00000000.sdmp |
Binary or memory string: SELECT name_on_card, expiration_month, expiration_year, card_number_encrypted FROM credit_cards;0 |
Source: RegAsm.exe, 00000002.00000002.2900833620.000000001BD78000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2895552761.0000000015E0D000.00000004.00000020.00020000.00000000.sdmp, sqlx[1].dll.2.dr |
Binary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q); |
Source: RegAsm.exe, 00000002.00000002.2900833620.000000001BD78000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2895552761.0000000015E0D000.00000004.00000020.00020000.00000000.sdmp, sqlx[1].dll.2.dr |
Binary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB); |
Source: RegAsm.exe, 00000002.00000002.2900833620.000000001BD78000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2895552761.0000000015E0D000.00000004.00000020.00020000.00000000.sdmp, sqlx[1].dll.2.dr |
Binary or memory string: CREATE TABLE x(addr INT,opcode TEXT,p1 INT,p2 INT,p3 INT,p4 TEXT,p5 INT,comment TEXT,subprog TEXT,nexec INT,ncycle INT,stmt HIDDEN); |
Source: DHJDAFIEHIEGDHIDGDGH.2.dr |
Binary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key)); |
Source: RegAsm.exe, RegAsm.exe, 00000002.00000002.2900833620.000000001BD78000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2895552761.0000000015E0D000.00000004.00000020.00020000.00000000.sdmp, sqlx[1].dll.2.dr |
Binary or memory string: CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY,parentnode); |
Source: RegAsm.exe, 00000002.00000002.2900833620.000000001BD78000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2895552761.0000000015E0D000.00000004.00000020.00020000.00000000.sdmp, sqlx[1].dll.2.dr |
Binary or memory string: CREATE TABLE x(type TEXT,schema TEXT,name TEXT,wr INT,subprog TEXT,stmt HIDDEN); |
Source: C:\Users\user\Desktop\file.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\file.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: aclayers.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: mpr.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: sfc.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: sfc_os.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: wininet.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: rstrtmgr.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: ncrypt.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: ntasn1.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: dbghelp.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: iertutil.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: ondemandconnroutehelper.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: winhttp.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: mswsock.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: iphlpapi.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: winnsi.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: urlmon.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: srvcli.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: netutils.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: dnsapi.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: rasadhlp.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: fwpuclnt.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: schannel.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: mskeyprotect.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: msasn1.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: dpapi.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: gpapi.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: ncryptsslp.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: cryptnet.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: dhcpcsvc6.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: dhcpcsvc.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: webio.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: cabinet.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: wbemcomn.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: amsi.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: version.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: sxs.dll |
Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Section loaded: ntmarta.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\file.exe |
Code function: 0_2_00838F57 FindFirstFileExW,FindNextFileW,FindClose,FindClose, |
0_2_00838F57 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_0040BDAF _EH_prolog,FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,StrCmpCA,DeleteFileA,StrCmpCA,CopyFileA,DeleteFileA,FindNextFileA,FindClose, |
2_2_0040BDAF |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_004011D9 _EH_prolog,FindFirstFileA,StrCmpCA,StrCmpCA,FindFirstFileA,FindNextFileA,FindClose,FindNextFileA,FindClose, |
2_2_004011D9 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_004093C1 _EH_prolog,FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose, |
2_2_004093C1 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_004145BC _EH_prolog,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,FindNextFileA,FindClose, |
2_2_004145BC |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_004097DC _EH_prolog,StrCmpCA,FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose, |
2_2_004097DC |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_00414960 _EH_prolog,GetProcessHeap,HeapAlloc,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,FindNextFileA,FindClose,lstrcat,lstrcat,lstrlen,lstrlen, |
2_2_00414960 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_00414CC7 _EH_prolog,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,FindNextFileA,FindClose, |
2_2_00414CC7 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_00409E01 _EH_prolog,FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,FindNextFileA, |
2_2_00409E01 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_00413F80 _EH_prolog,wsprintfA,FindFirstFileA,memset,memset,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,memset,lstrcat,strtok_s,memset,lstrcat,PathMatchSpecA,wsprintfA,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,strtok_s,FindNextFileA,FindClose, |
2_2_00413F80 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBDDB10 sqlite3_initialize,sqlite3_bind_int64,sqlite3_step,sqlite3_column_bytes,sqlite3_column_blob,sqlite3_reset,sqlite3_free,sqlite3_free,sqlite3_bind_int64,sqlite3_step,sqlite3_reset,sqlite3_free, |
2_2_1BBDDB10 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC8D9E0 sqlite3_bind_int64,sqlite3_log,sqlite3_log,sqlite3_log,sqlite3_bind_int64,sqlite3_log,sqlite3_log,sqlite3_log, |
2_2_1BC8D9E0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC05910 sqlite3_mprintf,sqlite3_bind_int64, |
2_2_1BC05910 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBE1FE0 sqlite3_mprintf,sqlite3_bind_int64,sqlite3_step,sqlite3_reset, |
2_2_1BBE1FE0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBDDFC0 sqlite3_bind_int64,sqlite3_bind_int64,sqlite3_bind_int64,sqlite3_bind_int64,sqlite3_bind_int64,sqlite3_mprintf,sqlite3_bind_text,sqlite3_step,sqlite3_reset, |
2_2_1BBDDFC0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB75C70 sqlite3_prepare_v3,sqlite3_bind_int64,sqlite3_step,sqlite3_column_value,sqlite3_result_value,sqlite3_reset, |
2_2_1BB75C70 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC1D3B0 sqlite3_bind_int64,sqlite3_step,sqlite3_reset, |
2_2_1BC1D3B0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC051D0 sqlite3_mprintf,sqlite3_bind_int64,sqlite3_step,sqlite3_reset, |
2_2_1BC051D0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBF9090 sqlite3_reset,sqlite3_bind_int64,sqlite3_step,sqlite3_reset,sqlite3_errmsg,sqlite3_mprintf, |
2_2_1BBF9090 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC3D610 sqlite3_free,sqlite3_bind_int64,sqlite3_step,sqlite3_reset,sqlite3_bind_int64,sqlite3_step,sqlite3_reset, |
2_2_1BC3D610 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC055B0 sqlite3_bind_int64,sqlite3_step,sqlite3_reset, |
2_2_1BC055B0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC814D0 sqlite3_bind_int64,sqlite3_log,sqlite3_log,sqlite3_log, |
2_2_1BC814D0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC8D4F0 sqlite3_bind_value,sqlite3_log,sqlite3_log,sqlite3_log, |
2_2_1BC8D4F0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB74820 sqlite3_bind_int64,sqlite3_step,sqlite3_column_int64,sqlite3_reset,sqlite3_reset,sqlite3_initialize, |
2_2_1BB74820 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB90FB0 sqlite3_result_int64,sqlite3_result_double,sqlite3_result_int,sqlite3_prepare_v3,sqlite3_bind_int64,sqlite3_step,sqlite3_column_value,sqlite3_result_value,sqlite3_reset, |
2_2_1BB90FB0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC44D40 sqlite3_bind_int64,sqlite3_step,sqlite3_column_int64,sqlite3_reset,sqlite3_reset,InitOnceBeginInitialize,sqlite3_bind_int64,sqlite3_step,sqlite3_reset,sqlite3_free, |
2_2_1BC44D40 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBD8200 sqlite3_bind_int64,sqlite3_bind_int64,sqlite3_step,sqlite3_column_int64,sqlite3_reset,sqlite3_bind_int64,sqlite3_step,sqlite3_column_int,sqlite3_reset, |
2_2_1BBD8200 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB88680 sqlite3_mprintf,sqlite3_mprintf,sqlite3_initialize,sqlite3_finalize,sqlite3_free,sqlite3_mprintf,sqlite3_bind_value,sqlite3_bind_int64,sqlite3_bind_int64, |
2_2_1BB88680 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBB06E0 sqlite3_bind_int64,sqlite3_step,sqlite3_column_int64,sqlite3_reset, |
2_2_1BBB06E0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBB8550 sqlite3_bind_int64,sqlite3_step,sqlite3_column_int64,sqlite3_reset,sqlite3_reset, |
2_2_1BBB8550 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC437E0 sqlite3_bind_int64,sqlite3_bind_int64,sqlite3_step,sqlite3_reset, |
2_2_1BC437E0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BC23770 sqlite3_bind_int64,sqlite3_bind_int64,sqlite3_step,sqlite3_reset, |
2_2_1BC23770 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB8B400 sqlite3_mprintf,sqlite3_mprintf,sqlite3_free,sqlite3_bind_value,sqlite3_reset,sqlite3_step,sqlite3_reset,sqlite3_column_int64, |
2_2_1BB8B400 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBBEF30 sqlite3_bind_int64,sqlite3_step,sqlite3_reset,sqlite3_result_error_code, |
2_2_1BBBEF30 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBCE200 sqlite3_initialize,sqlite3_free,sqlite3_bind_int64,sqlite3_bind_blob,sqlite3_step,sqlite3_reset, |
2_2_1BBCE200 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBDE170 sqlite3_bind_int64,sqlite3_step,sqlite3_reset, |
2_2_1BBDE170 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBCE090 sqlite3_bind_int64,sqlite3_bind_value,sqlite3_step,sqlite3_reset, |
2_2_1BBCE090 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BBDA6F0 sqlite3_mprintf,sqlite3_mprintf,sqlite3_mprintf,sqlite3_free,sqlite3_bind_value, |
2_2_1BBDA6F0 |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Code function: 2_2_1BB766C0 sqlite3_mprintf,sqlite3_bind_int64,sqlite3_step,sqlite3_reset,sqlite3_bind_int64,sqlite3_bind_null,sqlite3_bind_blob,sqlite3_bind_value,sqlite3_free,sqlite3_bind_value,sqlite3_step,sqlite3_reset, |
2_2_1BB766C0 |