Source: |
Binary string: colorui.pdb source: cp.exe, 00000000.00000002.2019674190.0000000000AB9000.00000004.00000020.00020000.00000000.sdmp, cp.exe, 00000000.00000002.2019674190.0000000000AF2000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2152639067.0000000000A09000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2152639067.0000000000A43000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2149618787.0000000000B00000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2149618787.0000000000B39000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: ESENTPRF.pdb source: explorer.exe, explorer.exe, 0000000D.00000002.4458119225.0000000000196000.00000008.00000001.01000000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374192088.0000000000196000.00000008.00000001.01000000.00000000.sdmp, udmxic.2.dr, uwlocrmqutuaw.7.dr, dpijo.9.dr |
Source: |
Binary string: colorui.pdbGCTL source: cp.exe, 00000000.00000002.2019674190.0000000000AB9000.00000004.00000020.00020000.00000000.sdmp, cp.exe, 00000000.00000002.2019674190.0000000000AF2000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2152639067.0000000000A09000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2152639067.0000000000A43000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2149618787.0000000000B00000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2149618787.0000000000B39000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: wntdll.pdbUGP source: cp.exe, 00000000.00000002.2019837042.0000000002689000.00000004.00000020.00020000.00000000.sdmp, cp.exe, 00000000.00000002.2021503139.0000000004418000.00000004.00000001.00020000.00000000.sdmp, cp.exe, 00000000.00000002.2020806103.0000000003580000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302996226.0000000004A00000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302726527.0000000004575000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2154092117.00000000043EB000.00000004.00000001.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153934424.0000000004030000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153409342.0000000003209000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2150080420.00000000026EC000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2150781023.00000000035C0000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151832009.000000000449B000.00000004.00000001.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283739232.0000000004AF5000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283963987.0000000004F70000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373785405.0000000004B10000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373570599.0000000004698000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2304116293.0000000004DB0000.00000004.00001000.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303998761.0000000004A58000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458857086.00000000052C0000.00000004.00001000.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458511694.0000000004E46000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374585925.0000000004A50000.00000004.00001000.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374373592.00000000045D7000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: wntdll.pdb source: cp.exe, 00000000.00000002.2019837042.0000000002689000.00000004.00000020.00020000.00000000.sdmp, cp.exe, 00000000.00000002.2021503139.0000000004418000.00000004.00000001.00020000.00000000.sdmp, cp.exe, 00000000.00000002.2020806103.0000000003580000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302996226.0000000004A00000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302726527.0000000004575000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2154092117.00000000043EB000.00000004.00000001.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153934424.0000000004030000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153409342.0000000003209000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2150080420.00000000026EC000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2150781023.00000000035C0000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151832009.000000000449B000.00000004.00000001.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283739232.0000000004AF5000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283963987.0000000004F70000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373785405.0000000004B10000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373570599.0000000004698000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2304116293.0000000004DB0000.00000004.00001000.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303998761.0000000004A58000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458857086.00000000052C0000.00000004.00001000.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458511694.0000000004E46000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374585925.0000000004A50000.00000004.00001000.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374373592.00000000045D7000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: C:\Users\sveinar\Desktop\DiskState\Src Tutorial\Release\DSTutorial.pdb source: cp.exe |
Source: |
Binary string: ESENTPRF.pdbGCTL source: comp.exe, 00000002.00000002.2303280052.0000000005470000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2284172565.0000000005930000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373972550.0000000005470000.00000004.00001000.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303752148.00000000029E6000.00000008.00000001.01000000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458119225.0000000000196000.00000008.00000001.01000000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374192088.0000000000196000.00000008.00000001.01000000.00000000.sdmp, udmxic.2.dr, uwlocrmqutuaw.7.dr, dpijo.9.dr |
Source: |
Binary string: C:\Users\sveinar\Desktop\DiskState\Src Tutorial\Release\DSTutorial.pdbq source: cp.exe |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDCA-1.crt0 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDCodeSigningCA-1.crt0 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0 |
Source: cp.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0 |
Source: cp.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0 |
Source: cp.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0 |
Source: cp.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDCA-1.crl08 |
Source: cp.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0: |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P |
Source: cp.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S |
Source: cp.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0 |
Source: cp.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://crl3.digicert.com/assured-cs-g1.crl00 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDCA-1.crl0w |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0: |
Source: cp.exe |
String found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://crl4.digicert.com/assured-cs-g1.crl0L |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0 |
Source: cp.exe |
String found in binary or memory: http://ocsp.digicert.com0 |
Source: cp.exe |
String found in binary or memory: http://ocsp.digicert.com0A |
Source: cp.exe |
String found in binary or memory: http://ocsp.digicert.com0C |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://ocsp.digicert.com0L |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://ocsp.digicert.com0O |
Source: cp.exe |
String found in binary or memory: http://ocsp.digicert.com0X |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://s1.symcb.com/pca3-g5.crl0 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://s2.symcb.com0 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://sv.symcb.com/sv.crl0a |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://sv.symcb.com/sv.crt0 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://sv.symcd.com0& |
Source: cp.exe |
String found in binary or memory: http://www.digicert.com/CPS0 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003806000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.00000000048DF000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.0000000003470000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003883000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004E59000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.00000000049FC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.0000000004913000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051A3000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.0000000004934000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.info-zip.org/ |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.symauth.com/cps0( |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.symauth.com/rpa00 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.vmware.com/0 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.vmware.com/0/ |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://d.symcb.com/cps0% |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://d.symcb.com/rpa0 |
Source: cp.exe, 00000000.00000002.2020947430.0000000003A93000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302842443.0000000004928000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153537719.00000000036FD000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151012365.0000000003B10000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283875549.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373700226.0000000004A45000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303902668.000000000495C000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458719837.00000000051EC000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374498298.000000000497D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://www.digicert.com/CPS0 |
Source: C:\Users\user\Desktop\cp.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\cp.exe |
Section loaded: msimg32.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\cp.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\cp.exe |
Section loaded: winmm.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\cp.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\cp.exe |
Section loaded: winhttp.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\cp.exe |
Section loaded: windowscodecs.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\cp.exe |
Section loaded: colorui.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\cp.exe |
Section loaded: mscms.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\cp.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\cp.exe |
Section loaded: coloradapterclient.dll |
Jump to behavior |
Source: C:\Users\user\Desktop\cp.exe |
Section loaded: shdocvw.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: ulib.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: fsutilext.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: shdocvw.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: bitsproxy.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: wer.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: taskschd.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: xmllite.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: mstask.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: windows.storage.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: mpr.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: apphelp.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: msimg32.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: winmm.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: winhttp.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: windowscodecs.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: colorui.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: mscms.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: coloradapterclient.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: shdocvw.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: msimg32.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: winmm.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: winhttp.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: windowscodecs.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: colorui.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: mscms.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: coloradapterclient.dll |
Jump to behavior |
Source: C:\Users\user\AppData\Roaming\Obcloud\AacAmbientLighting.exe |
Section loaded: shdocvw.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: ulib.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: fsutilext.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: shdocvw.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: wer.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: mstask.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: ulib.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: fsutilext.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: shdocvw.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: wer.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\comp.exe |
Section loaded: mstask.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\explorer.exe |
Section loaded: shdocvw.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\explorer.exe |
Section loaded: shdocvw.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\explorer.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Windows\SysWOW64\explorer.exe |
Section loaded: shdocvw.dll |
Jump to behavior |
Source: |
Binary string: colorui.pdb source: cp.exe, 00000000.00000002.2019674190.0000000000AB9000.00000004.00000020.00020000.00000000.sdmp, cp.exe, 00000000.00000002.2019674190.0000000000AF2000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2152639067.0000000000A09000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2152639067.0000000000A43000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2149618787.0000000000B00000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2149618787.0000000000B39000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: ESENTPRF.pdb source: explorer.exe, explorer.exe, 0000000D.00000002.4458119225.0000000000196000.00000008.00000001.01000000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374192088.0000000000196000.00000008.00000001.01000000.00000000.sdmp, udmxic.2.dr, uwlocrmqutuaw.7.dr, dpijo.9.dr |
Source: |
Binary string: colorui.pdbGCTL source: cp.exe, 00000000.00000002.2019674190.0000000000AB9000.00000004.00000020.00020000.00000000.sdmp, cp.exe, 00000000.00000002.2019674190.0000000000AF2000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2152639067.0000000000A09000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2152639067.0000000000A43000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2149618787.0000000000B00000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2149618787.0000000000B39000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: wntdll.pdbUGP source: cp.exe, 00000000.00000002.2019837042.0000000002689000.00000004.00000020.00020000.00000000.sdmp, cp.exe, 00000000.00000002.2021503139.0000000004418000.00000004.00000001.00020000.00000000.sdmp, cp.exe, 00000000.00000002.2020806103.0000000003580000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302996226.0000000004A00000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302726527.0000000004575000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2154092117.00000000043EB000.00000004.00000001.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153934424.0000000004030000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153409342.0000000003209000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2150080420.00000000026EC000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2150781023.00000000035C0000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151832009.000000000449B000.00000004.00000001.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283739232.0000000004AF5000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283963987.0000000004F70000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373785405.0000000004B10000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373570599.0000000004698000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2304116293.0000000004DB0000.00000004.00001000.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303998761.0000000004A58000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458857086.00000000052C0000.00000004.00001000.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458511694.0000000004E46000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374585925.0000000004A50000.00000004.00001000.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374373592.00000000045D7000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: wntdll.pdb source: cp.exe, 00000000.00000002.2019837042.0000000002689000.00000004.00000020.00020000.00000000.sdmp, cp.exe, 00000000.00000002.2021503139.0000000004418000.00000004.00000001.00020000.00000000.sdmp, cp.exe, 00000000.00000002.2020806103.0000000003580000.00000004.00000800.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302996226.0000000004A00000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000002.00000002.2302726527.0000000004575000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2154092117.00000000043EB000.00000004.00000001.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153934424.0000000004030000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000005.00000002.2153409342.0000000003209000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2150080420.00000000026EC000.00000004.00000020.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2150781023.00000000035C0000.00000004.00000800.00020000.00000000.sdmp, AacAmbientLighting.exe, 00000006.00000002.2151832009.000000000449B000.00000004.00000001.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283739232.0000000004AF5000.00000004.00000020.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2283963987.0000000004F70000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373785405.0000000004B10000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373570599.0000000004698000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2304116293.0000000004DB0000.00000004.00001000.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303998761.0000000004A58000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458857086.00000000052C0000.00000004.00001000.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458511694.0000000004E46000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374585925.0000000004A50000.00000004.00001000.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374373592.00000000045D7000.00000004.00000020.00020000.00000000.sdmp |
Source: |
Binary string: C:\Users\sveinar\Desktop\DiskState\Src Tutorial\Release\DSTutorial.pdb source: cp.exe |
Source: |
Binary string: ESENTPRF.pdbGCTL source: comp.exe, 00000002.00000002.2303280052.0000000005470000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000007.00000002.2284172565.0000000005930000.00000004.00001000.00020000.00000000.sdmp, comp.exe, 00000009.00000002.2373972550.0000000005470000.00000004.00001000.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2303752148.00000000029E6000.00000008.00000001.01000000.00000000.sdmp, explorer.exe, 0000000D.00000002.4458119225.0000000000196000.00000008.00000001.01000000.00000000.sdmp, explorer.exe, 0000000E.00000002.2374192088.0000000000196000.00000008.00000001.01000000.00000000.sdmp, udmxic.2.dr, uwlocrmqutuaw.7.dr, dpijo.9.dr |
Source: |
Binary string: C:\Users\sveinar\Desktop\DiskState\Src Tutorial\Release\DSTutorial.pdbq source: cp.exe |