Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EDDD0 malloc,memset,FindFirstFileW,free, | 2_2_000001845C4EDDD0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EC850 memset,lstrcatW,lstrcatW,memset,FindFirstFileW,FindNextFileW,FindNextFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 2_2_000001845C4EC850 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EE210 __chkstk,memset,memset,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,memset,lstrcatW,lstrcatW,lstrcatW,Sleep,lstrlenW,wcsstr,GetCurrentThread,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,FindNextFileW,LeaveCriticalSection,WaitForSingleObject,VirtualFree,VirtualFree, | 2_2_000001845C4EE210 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4ECCF0 memset,memset,memset,memset,CreateToolhelp32Snapshot,GetProcessHeap,HeapAlloc,Process32FirstW,lstrcmpiW,Process32NextW,GetProcessHeap,HeapFree,CloseHandle,ProcessIdToSessionId,memset,memset,wsprintfW,wsprintfW,FindFirstFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,memset,memset,wsprintfW,FindFirstFileW,FindNextFileW,lstrcmpiW,lstrcmpiW,lstrcmpiW,lstrcmpiW,memset,memset,lstrcatW,lstrcatW,lstrcatW,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,FindNextFileW,FindNextFileW,lstrlenW,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 2_2_000001845C4ECCF0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001E210 __chkstk,memset,memset,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,memset,lstrcatW,lstrcatW,lstrcatW,Sleep,lstrlenW,wcsstr,GetCurrentThread,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,FindNextFileW,LeaveCriticalSection,WaitForSingleObject,VirtualFree,VirtualFree, | 3_2_000000018001E210 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001C850 memset,lstrcatW,lstrcatW,memset,FindFirstFileW,FindNextFileW,FindNextFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 3_2_000000018001C850 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001CCF0 memset,memset,memset,memset,CreateToolhelp32Snapshot,GetProcessHeap,HeapAlloc,Process32FirstW,lstrcmpiW,Process32NextW,GetProcessHeap,HeapFree,CloseHandle,ProcessIdToSessionId,memset,memset,wsprintfW,wsprintfW,FindFirstFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,memset,memset,wsprintfW,FindFirstFileW,FindNextFileW,lstrcmpiW,lstrcmpiW,lstrcmpiW,lstrcmpiW,memset,memset,lstrcatW,lstrcatW,lstrcatW,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,FindNextFileW,FindNextFileW,lstrlenW,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 3_2_000000018001CCF0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001DDD0 malloc,memset,FindFirstFileW,free, | 3_2_000000018001DDD0 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_000000018001E210 __chkstk,memset,memset,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,memset,lstrcatW,lstrcatW,lstrcatW,Sleep,lstrlenW,wcsstr,GetCurrentThread,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,FindNextFileW,LeaveCriticalSection,WaitForSingleObject,VirtualFree,VirtualFree, | 4_2_000000018001E210 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_000000018001C850 memset,lstrcatW,lstrcatW,memset,FindFirstFileW,FindNextFileW,FindNextFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 4_2_000000018001C850 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_000000018001CCF0 memset,memset,memset,memset,CreateToolhelp32Snapshot,GetProcessHeap,HeapAlloc,Process32FirstW,lstrcmpiW,Process32NextW,GetProcessHeap,HeapFree,CloseHandle,ProcessIdToSessionId,memset,memset,wsprintfW,wsprintfW,FindFirstFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,memset,memset,wsprintfW,FindFirstFileW,FindNextFileW,lstrcmpiW,lstrcmpiW,lstrcmpiW,lstrcmpiW,memset,memset,lstrcatW,lstrcatW,lstrcatW,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,FindNextFileW,FindNextFileW,lstrlenW,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 4_2_000000018001CCF0 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_000000018001DDD0 malloc,memset,FindFirstFileW,free, | 4_2_000000018001DDD0 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_00007FF767A08F78 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,FindClose, | 5_2_00007FF767A08F78 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_00007FFE11ED05EC FindFirstFileExW, | 5_2_00007FFE11ED05EC |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_000000018001E210 __chkstk,memset,memset,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,memset,lstrcatW,lstrcatW,lstrcatW,Sleep,lstrlenW,wcsstr,GetCurrentThread,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,FindNextFileW,LeaveCriticalSection,WaitForSingleObject,VirtualFree,VirtualFree, | 5_2_000000018001E210 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_000000018001C850 memset,lstrcatW,lstrcatW,memset,FindFirstFileW,FindNextFileW,FindNextFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 5_2_000000018001C850 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_000000018001CCF0 memset,memset,memset,memset,CreateToolhelp32Snapshot,GetProcessHeap,HeapAlloc,Process32FirstW,lstrcmpiW,Process32NextW,GetProcessHeap,HeapFree,CloseHandle,ProcessIdToSessionId,memset,memset,wsprintfW,wsprintfW,FindFirstFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,memset,memset,wsprintfW,FindFirstFileW,FindNextFileW,lstrcmpiW,lstrcmpiW,lstrcmpiW,lstrcmpiW,memset,memset,lstrcatW,lstrcatW,lstrcatW,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,FindNextFileW,FindNextFileW,lstrlenW,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 5_2_000000018001CCF0 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_000000018001DDD0 malloc,memset,FindFirstFileW,free, | 5_2_000000018001DDD0 |
Source: R2-Signed.exe, 00000000.00000002.1690216804.0000012739F00000.00000004.00001000.00020000.00000000.sdmp, R2-Signed.exe, 00000000.00000002.1685826341.0000000180001000.00000020.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2931170899.000001845BF30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2924508884.0000000180001000.00000020.00000001.00020000.00000000.sdmp, ParphaCrashReport64.exe.2.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E |
Source: R2-Signed.exe, 00000000.00000002.1690216804.0000012739F00000.00000004.00001000.00020000.00000000.sdmp, R2-Signed.exe, 00000000.00000002.1685826341.0000000180001000.00000020.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2931170899.000001845BF30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2924508884.0000000180001000.00000020.00000001.00020000.00000000.sdmp, ParphaCrashReport64.exe.2.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0 |
Source: R2-Signed.exe, 00000000.00000002.1690216804.0000012739F00000.00000004.00001000.00020000.00000000.sdmp, R2-Signed.exe, 00000000.00000002.1685826341.0000000180001000.00000020.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2931170899.000001845BF30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2924508884.0000000180001000.00000020.00000001.00020000.00000000.sdmp, ParphaCrashReport64.exe.2.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0 |
Source: R2-Signed.exe, 00000000.00000002.1690216804.0000012739F00000.00000004.00001000.00020000.00000000.sdmp, R2-Signed.exe, 00000000.00000002.1685826341.0000000180001000.00000020.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2931170899.000001845BF30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2924508884.0000000180001000.00000020.00000001.00020000.00000000.sdmp, ParphaCrashReport64.exe.2.dr | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C |
Source: R2-Signed.exe, 00000000.00000002.1690216804.0000012739F00000.00000004.00001000.00020000.00000000.sdmp, R2-Signed.exe, 00000000.00000002.1685826341.0000000180001000.00000020.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2931170899.000001845BF30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2924508884.0000000180001000.00000020.00000001.00020000.00000000.sdmp, ParphaCrashReport64.exe.2.dr | String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0 |
Source: R2-Signed.exe, 00000000.00000002.1690216804.0000012739F00000.00000004.00001000.00020000.00000000.sdmp, R2-Signed.exe, 00000000.00000002.1685826341.0000000180001000.00000020.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2931170899.000001845BF30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2924508884.0000000180001000.00000020.00000001.00020000.00000000.sdmp, ParphaCrashReport64.exe.2.dr | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S |
Source: R2-Signed.exe, 00000000.00000002.1690216804.0000012739F00000.00000004.00001000.00020000.00000000.sdmp, R2-Signed.exe, 00000000.00000002.1685826341.0000000180001000.00000020.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2931170899.000001845BF30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2924508884.0000000180001000.00000020.00000001.00020000.00000000.sdmp, ParphaCrashReport64.exe.2.dr | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0 |
Source: ParphaCrashReport64.exe.2.dr | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0 |
Source: R2-Signed.exe, 00000000.00000002.1690216804.0000012739F00000.00000004.00001000.00020000.00000000.sdmp, R2-Signed.exe, 00000000.00000002.1685826341.0000000180001000.00000020.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2931170899.000001845BF30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2924508884.0000000180001000.00000020.00000001.00020000.00000000.sdmp, ParphaCrashReport64.exe.2.dr | String found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0 |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: http://ejemplo.com |
Source: R2-Signed.exe, 00000000.00000002.1690216804.0000012739F00000.00000004.00001000.00020000.00000000.sdmp, R2-Signed.exe, 00000000.00000002.1685826341.0000000180001000.00000020.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2931170899.000001845BF30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2924508884.0000000180001000.00000020.00000001.00020000.00000000.sdmp, ParphaCrashReport64.exe.2.dr | String found in binary or memory: http://ocsp.digicert.com0 |
Source: R2-Signed.exe, 00000000.00000002.1690216804.0000012739F00000.00000004.00001000.00020000.00000000.sdmp, R2-Signed.exe, 00000000.00000002.1685826341.0000000180001000.00000020.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2931170899.000001845BF30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2924508884.0000000180001000.00000020.00000001.00020000.00000000.sdmp, ParphaCrashReport64.exe.2.dr | String found in binary or memory: http://ocsp.digicert.com0A |
Source: R2-Signed.exe, 00000000.00000002.1690216804.0000012739F00000.00000004.00001000.00020000.00000000.sdmp, R2-Signed.exe, 00000000.00000002.1685826341.0000000180001000.00000020.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2931170899.000001845BF30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2924508884.0000000180001000.00000020.00000001.00020000.00000000.sdmp, ParphaCrashReport64.exe.2.dr | String found in binary or memory: http://ocsp.digicert.com0C |
Source: R2-Signed.exe, 00000000.00000002.1690216804.0000012739F00000.00000004.00001000.00020000.00000000.sdmp, R2-Signed.exe, 00000000.00000002.1685826341.0000000180001000.00000020.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2931170899.000001845BF30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2924508884.0000000180001000.00000020.00000001.00020000.00000000.sdmp, ParphaCrashReport64.exe.2.dr | String found in binary or memory: http://ocsp.digicert.com0X |
Source: R2-Signed.exe, 00000000.00000002.1690216804.0000012739F00000.00000004.00001000.00020000.00000000.sdmp, R2-Signed.exe, 00000000.00000002.1685826341.0000000180001000.00000020.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2931170899.000001845BF30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.2924508884.0000000180001000.00000020.00000001.00020000.00000000.sdmp, ParphaCrashReport64.exe.2.dr | String found in binary or memory: http://www.digicert.com/CPS0 |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore/category/extensions |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=af&category=theme81https://myactivity.google.com/myactivity/?u |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=afCtrl$1 |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=en&category=theme81https://myactivity.google.com/myactivity/?u |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=en-GB&category=theme81https://myactivity.google.com/myactivity |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=en-GBCtrl$1 |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=enCtrl$1 |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=es&category=theme81https://myactivity.google.com/myactivity/?u |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=es-419&category=theme81https://myactivity.google.com/myactivit |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=es-419Ctrl$1 |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=esCtrl$1 |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=et&category=theme81https://myactivity.google.com/myactivity/?u |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=etCtrl$1 |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=fi&category=theme81https://myactivity.google.com/myactivity/?u |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=fiCtrl$1 |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=fil&category=theme81https://myactivity.google.com/myactivity/? |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=filCtrl$1 |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=fr&category=theme81https://myactivity.google.com/myactivity/?u |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=frCtrl$1 |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=zh-TW&category=theme81https://myactivity.google.com/myactivity |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chrome.google.com/webstore?hl=zh-TWCtrl$1 |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chromeenterprise.google/policies/#BrowserSwitcherEnabled |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chromeenterprise.google/policies/#BrowserSwitcherExternalGreylistUrl |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chromeenterprise.google/policies/#BrowserSwitcherExternalSitelistUrl |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chromeenterprise.google/policies/#BrowserSwitcherUrlGreylist |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chromeenterprise.google/policies/#BrowserSwitcherUrlList |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chromeenterprise.google/policies/#BrowserSwitcherUseIeSitelist |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://chromestatus.com/features#browsers.chrome.status%3A%22Deprecated%22 |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://ejemplo.com.Se |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://myactivity.google.com/ |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://passwords.google.com |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://passwords.google.comContrase |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://passwords.google.comGestoorde |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://passwords.google.comMga |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://passwords.google.comMots |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://passwords.google.comSaved |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://passwords.google.comSe |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://passwords.google.comSelle |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://passwords.google.comT |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://policies.google.com/ |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://support.google.com/chrome/a/?p=browser_profile_details |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://support.google.com/chrome/a/answer/9122284 |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://support.google.com/chrome/answer/6098869 |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://support.google.com/chrome/answer/6098869?hl=es |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://support.google.com/chrome/answer/96817 |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://support.google.com/chromebook?p=app_intent |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://www.google.com/chrome/privacy/eula_text.html |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://www.google.com/chrome/privacy/eula_text.html&AideG |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://www.google.com/chrome/privacy/eula_text.htmlA&biHaldab |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://www.google.com/chrome/privacy/eula_text.htmlA&yudaAdministrado |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://www.google.com/chrome/privacy/eula_text.htmlAy&udaGestionado |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://www.google.com/chrome/privacy/eula_text.htmlBestuur |
Source: R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://www.google.com/chrome/privacy/eula_text.htmlH&elpManaged |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://www.google.com/chrome/privacy/eula_text.htmlO&hjeOrganisaatiosi |
Source: R2-Signed.exe, 00000000.00000000.1666745025.00007FF6AE6C5000.00000008.00000001.01000000.00000003.sdmp, R2-Signed.exe, 00000000.00000002.1692179704.00007FF6AE716000.00000008.00000001.01000000.00000003.sdmp | String found in binary or memory: https://www.google.com/chrome/privacy/eula_text.htmlT&ulongPinapamahalaan |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_00000001800080F2 | 0_2_00000001800080F2 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180009BC0 | 0_2_0000000180009BC0 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_00000001800054D5 | 0_2_00000001800054D5 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_00000001800015B0 | 0_2_00000001800015B0 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180001010 | 0_2_0000000180001010 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180003833 | 0_2_0000000180003833 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180028038 | 0_2_0000000180028038 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180014848 | 0_2_0000000180014848 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000284D | 0_2_000000018000284D |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018002C080 | 0_2_000000018002C080 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180003880 | 0_2_0000000180003880 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_00000001800180EE | 0_2_00000001800180EE |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000290C | 0_2_000000018000290C |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180004153 | 0_2_0000000180004153 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180002170 | 0_2_0000000180002170 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000B1AC | 0_2_000000018000B1AC |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_00000001800069E0 | 0_2_00000001800069E0 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_00000001800151E8 | 0_2_00000001800151E8 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180002A06 | 0_2_0000000180002A06 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180001A10 | 0_2_0000000180001A10 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180002A19 | 0_2_0000000180002A19 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180003220 | 0_2_0000000180003220 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000225E | 0_2_000000018000225E |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018001AA6C | 0_2_000000018001AA6C |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000B280 | 0_2_000000018000B280 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180006AB0 | 0_2_0000000180006AB0 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000C2D0 | 0_2_000000018000C2D0 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180003AE0 | 0_2_0000000180003AE0 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180003220 | 0_2_0000000180003220 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000435B | 0_2_000000018000435B |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000C370 | 0_2_000000018000C370 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180023B98 | 0_2_0000000180023B98 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_00000001800033B8 | 0_2_00000001800033B8 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018001FC0C | 0_2_000000018001FC0C |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180028464 | 0_2_0000000180028464 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180003464 | 0_2_0000000180003464 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000947B | 0_2_000000018000947B |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180002C8A | 0_2_0000000180002C8A |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180004CB0 | 0_2_0000000180004CB0 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_00000001800044C1 | 0_2_00000001800044C1 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180003CF2 | 0_2_0000000180003CF2 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180002526 | 0_2_0000000180002526 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180003530 | 0_2_0000000180003530 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180007550 | 0_2_0000000180007550 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180001D60 | 0_2_0000000180001D60 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180016D88 | 0_2_0000000180016D88 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_00000001800045A9 | 0_2_00000001800045A9 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180003DBC | 0_2_0000000180003DBC |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000360B | 0_2_000000018000360B |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000B620 | 0_2_000000018000B620 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180002E24 | 0_2_0000000180002E24 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180005E58 | 0_2_0000000180005E58 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180002666 | 0_2_0000000180002666 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180029E8C | 0_2_0000000180029E8C |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000469C | 0_2_000000018000469C |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180024EB0 | 0_2_0000000180024EB0 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000BEB0 | 0_2_000000018000BEB0 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000B6C0 | 0_2_000000018000B6C0 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180008EC0 | 0_2_0000000180008EC0 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018001FED8 | 0_2_000000018001FED8 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_00000001800096E0 | 0_2_00000001800096E0 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000DEE8 | 0_2_000000018000DEE8 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_000000018000C6F0 | 0_2_000000018000C6F0 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180003717 | 0_2_0000000180003717 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180010F18 | 0_2_0000000180010F18 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180021F44 | 0_2_0000000180021F44 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180006F70 | 0_2_0000000180006F70 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Code function: 0_2_0000000180002777 | 0_2_0000000180002777 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180001010 | 2_2_0000000180001010 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180001A10 | 2_2_0000000180001A10 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180001D60 | 2_2_0000000180001D60 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180003833 | 2_2_0000000180003833 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180028038 | 2_2_0000000180028038 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180014848 | 2_2_0000000180014848 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000284D | 2_2_000000018000284D |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018002C080 | 2_2_000000018002C080 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180003880 | 2_2_0000000180003880 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_00000001800180EE | 2_2_00000001800180EE |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_00000001800080F2 | 2_2_00000001800080F2 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000290C | 2_2_000000018000290C |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180004153 | 2_2_0000000180004153 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180002170 | 2_2_0000000180002170 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000B1AC | 2_2_000000018000B1AC |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_00000001800069E0 | 2_2_00000001800069E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_00000001800151E8 | 2_2_00000001800151E8 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180002A06 | 2_2_0000000180002A06 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180002A19 | 2_2_0000000180002A19 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180003220 | 2_2_0000000180003220 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000225E | 2_2_000000018000225E |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018001AA6C | 2_2_000000018001AA6C |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000B280 | 2_2_000000018000B280 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180006AB0 | 2_2_0000000180006AB0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000C2D0 | 2_2_000000018000C2D0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180003AE0 | 2_2_0000000180003AE0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180003220 | 2_2_0000000180003220 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000435B | 2_2_000000018000435B |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000C370 | 2_2_000000018000C370 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180023B98 | 2_2_0000000180023B98 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_00000001800033B8 | 2_2_00000001800033B8 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180009BC0 | 2_2_0000000180009BC0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018001FC0C | 2_2_000000018001FC0C |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180028464 | 2_2_0000000180028464 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180003464 | 2_2_0000000180003464 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000947B | 2_2_000000018000947B |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180002C8A | 2_2_0000000180002C8A |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180004CB0 | 2_2_0000000180004CB0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_00000001800044C1 | 2_2_00000001800044C1 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_00000001800054D5 | 2_2_00000001800054D5 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180003CF2 | 2_2_0000000180003CF2 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180002526 | 2_2_0000000180002526 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180003530 | 2_2_0000000180003530 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180007550 | 2_2_0000000180007550 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180016D88 | 2_2_0000000180016D88 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_00000001800045A9 | 2_2_00000001800045A9 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_00000001800015B0 | 2_2_00000001800015B0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180003DBC | 2_2_0000000180003DBC |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000360B | 2_2_000000018000360B |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000B620 | 2_2_000000018000B620 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180002E24 | 2_2_0000000180002E24 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180005E58 | 2_2_0000000180005E58 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180002666 | 2_2_0000000180002666 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180029E8C | 2_2_0000000180029E8C |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000469C | 2_2_000000018000469C |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180024EB0 | 2_2_0000000180024EB0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000BEB0 | 2_2_000000018000BEB0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000B6C0 | 2_2_000000018000B6C0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180008EC0 | 2_2_0000000180008EC0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018001FED8 | 2_2_000000018001FED8 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_00000001800096E0 | 2_2_00000001800096E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000DEE8 | 2_2_000000018000DEE8 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000000018000C6F0 | 2_2_000000018000C6F0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180003717 | 2_2_0000000180003717 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180010F18 | 2_2_0000000180010F18 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180021F44 | 2_2_0000000180021F44 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180006F70 | 2_2_0000000180006F70 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_0000000180002777 | 2_2_0000000180002777 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF374F2 | 2_2_000001845BF374F2 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF474EE | 2_2_000001845BF474EE |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF5B480 | 2_2_000001845BF5B480 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF32C80 | 2_2_000001845BF32C80 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF43C48 | 2_2_000001845BF43C48 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF31C4D | 2_2_000001845BF31C4D |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF57438 | 2_2_000001845BF57438 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF32C33 | 2_2_000001845BF32C33 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF30410 | 2_2_000001845BF30410 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF31B77 | 2_2_000001845BF31B77 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF36370 | 2_2_000001845BF36370 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF51344 | 2_2_000001845BF51344 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF32B17 | 2_2_000001845BF32B17 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF40318 | 2_2_000001845BF40318 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF3D2E8 | 2_2_000001845BF3D2E8 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF3BAF0 | 2_2_000001845BF3BAF0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF4F2D8 | 2_2_000001845BF4F2D8 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF38AE0 | 2_2_000001845BF38AE0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF382C0 | 2_2_000001845BF382C0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF3AAC0 | 2_2_000001845BF3AAC0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF542B0 | 2_2_000001845BF542B0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF3B2B0 | 2_2_000001845BF3B2B0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF33A9C | 2_2_000001845BF33A9C |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF5928C | 2_2_000001845BF5928C |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF31A66 | 2_2_000001845BF31A66 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF35258 | 2_2_000001845BF35258 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF32224 | 2_2_000001845BF32224 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF3AA20 | 2_2_000001845BF3AA20 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF32A0B | 2_2_000001845BF32A0B |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF331BC | 2_2_000001845BF331BC |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF339A9 | 2_2_000001845BF339A9 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF309B0 | 2_2_000001845BF309B0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF46188 | 2_2_000001845BF46188 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF31160 | 2_2_000001845BF31160 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF36950 | 2_2_000001845BF36950 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF31926 | 2_2_000001845BF31926 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF32930 | 2_2_000001845BF32930 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF330F2 | 2_2_000001845BF330F2 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF348D5 | 2_2_000001845BF348D5 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF338C1 | 2_2_000001845BF338C1 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF340B0 | 2_2_000001845BF340B0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF3208A | 2_2_000001845BF3208A |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF3887B | 2_2_000001845BF3887B |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF32864 | 2_2_000001845BF32864 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF57864 | 2_2_000001845BF57864 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF4F00C | 2_2_000001845BF4F00C |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF327B8 | 2_2_000001845BF327B8 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF38FC0 | 2_2_000001845BF38FC0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF52F98 | 2_2_000001845BF52F98 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF3B770 | 2_2_000001845BF3B770 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF3375B | 2_2_000001845BF3375B |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF32620 | 2_2_000001845BF32620 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF32EE0 | 2_2_000001845BF32EE0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF3B6D0 | 2_2_000001845BF3B6D0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF35EB0 | 2_2_000001845BF35EB0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF3A680 | 2_2_000001845BF3A680 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF49E6C | 2_2_000001845BF49E6C |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF3165E | 2_2_000001845BF3165E |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF31E19 | 2_2_000001845BF31E19 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF32620 | 2_2_000001845BF32620 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF31E06 | 2_2_000001845BF31E06 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF30E10 | 2_2_000001845BF30E10 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF445E8 | 2_2_000001845BF445E8 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF35DE0 | 2_2_000001845BF35DE0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF3A5AC | 2_2_000001845BF3A5AC |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF31570 | 2_2_000001845BF31570 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF33553 | 2_2_000001845BF33553 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845BF31D0C | 2_2_000001845BF31D0C |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F0680 | 2_2_000001845C4F0680 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E2140 | 2_2_000001845C4E2140 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EF9E0 | 2_2_000001845C4EF9E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DED50 | 2_2_000001845C4DED50 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EE550 | 2_2_000001845C4EE550 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D6D44 | 2_2_000001845C4D6D44 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D656A | 2_2_000001845C4D656A |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D1D80 | 2_2_000001845C4D1D80 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F6530 | 2_2_000001845C4F6530 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4FAD30 | 2_2_000001845C4FAD30 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C508D24 | 2_2_000001845C508D24 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D75D2 | 2_2_000001845C4D75D2 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DF5E0 | 2_2_000001845C4DF5E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DC5F0 | 2_2_000001845C4DC5F0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DEDF0 | 2_2_000001845C4DEDF0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F4D90 | 2_2_000001845C4F4D90 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F5590 | 2_2_000001845C4F5590 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D9588 | 2_2_000001845C4D9588 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D2D8A | 2_2_000001845C4D2D8A |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D7DA1 | 2_2_000001845C4D7DA1 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E8DA0 | 2_2_000001845C4E8DA0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EB5A0 | 2_2_000001845C4EB5A0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4FBDC0 | 2_2_000001845C4FBDC0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C502660 | 2_2_000001845C502660 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C526670 | 2_2_000001845C526670 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D6E10 | 2_2_000001845C4D6E10 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DCE10 | 2_2_000001845C4DCE10 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E3E10 | 2_2_000001845C4E3E10 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F9E10 | 2_2_000001845C4F9E10 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D5E06 | 2_2_000001845C4D5E06 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DFE20 | 2_2_000001845C4DFE20 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D1630 | 2_2_000001845C4D1630 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E6630 | 2_2_000001845C4E6630 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EAE40 | 2_2_000001845C4EAE40 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D3EC7 | 2_2_000001845C4D3EC7 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E76E0 | 2_2_000001845C4E76E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D6EEB | 2_2_000001845C4D6EEB |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F4700 | 2_2_000001845C4F4700 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D7E89 | 2_2_000001845C4D7E89 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DA6A0 | 2_2_000001845C4DA6A0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D769C | 2_2_000001845C4D769C |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C529E90 | 2_2_000001845C529E90 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E9EC0 | 2_2_000001845C4E9EC0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C503760 | 2_2_000001845C503760 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D5F46 | 2_2_000001845C4D5F46 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E6F60 | 2_2_000001845C4E6F60 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D176F | 2_2_000001845C4D176F |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E8780 | 2_2_000001845C4E8780 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F1F80 | 2_2_000001845C4F1F80 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D7F7C | 2_2_000001845C4D7F7C |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EF710 | 2_2_000001845C4EF710 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D6704 | 2_2_000001845C4D6704 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D271A | 2_2_000001845C4D271A |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4FA7F0 | 2_2_000001845C4FA7F0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D6FF7 | 2_2_000001845C4D6FF7 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D1F88 | 2_2_000001845C4D1F88 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C504FA0 | 2_2_000001845C504FA0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E7FA0 | 2_2_000001845C4E7FA0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E5FB0 | 2_2_000001845C4E5FB0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EEFC0 | 2_2_000001845C4EEFC0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F4FC0 | 2_2_000001845C4F4FC0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F57C0 | 2_2_000001845C4F57C0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D4FB5 | 2_2_000001845C4D4FB5 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EC850 | 2_2_000001845C4EC850 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D6057 | 2_2_000001845C4D6057 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D1070 | 2_2_000001845C4D1070 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F7870 | 2_2_000001845C4F7870 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F8880 | 2_2_000001845C4F8880 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DB822 | 2_2_000001845C4DB822 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4FE010 | 2_2_000001845C4FE010 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C500810 | 2_2_000001845C500810 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E38D0 | 2_2_000001845C4E38D0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D20C7 | 2_2_000001845C4D20C7 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DE8DC | 2_2_000001845C4DE8DC |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4FF890 | 2_2_000001845C4FF890 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C50A8BC | 2_2_000001845C50A8BC |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E5150 | 2_2_000001845C4E5150 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D7160 | 2_2_000001845C4D7160 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D2971 | 2_2_000001845C4D2971 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E1180 | 2_2_000001845C4E1180 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D517C | 2_2_000001845C4D517C |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D517A | 2_2_000001845C4D517A |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DA110 | 2_2_000001845C4DA110 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D7113 | 2_2_000001845C4D7113 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F4930 | 2_2_000001845C4F4930 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D612D | 2_2_000001845C4D612D |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C514140 | 2_2_000001845C514140 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DA1E0 | 2_2_000001845C4DA1E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E99F0 | 2_2_000001845C4E99F0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D61EC | 2_2_000001845C4D61EC |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DFA00 | 2_2_000001845C4DFA00 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E9190 | 2_2_000001845C4E9190 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EA190 | 2_2_000001845C4EA190 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D219F | 2_2_000001845C4D219F |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DE9B0 | 2_2_000001845C4DE9B0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D5A50 | 2_2_000001845C4D5A50 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D1264 | 2_2_000001845C4D1264 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D227C | 2_2_000001845C4D227C |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C501270 | 2_2_000001845C501270 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F1A10 | 2_2_000001845C4F1A10 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F5A10 | 2_2_000001845C4F5A10 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D7A33 | 2_2_000001845C4D7A33 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E8230 | 2_2_000001845C4E8230 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D3A32 | 2_2_000001845C4D3A32 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4FAA30 | 2_2_000001845C4FAA30 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EEA40 | 2_2_000001845C4EEA40 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EAAD0 | 2_2_000001845C4EAAD0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4FB2D0 | 2_2_000001845C4FB2D0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DD2F0 | 2_2_000001845C4DD2F0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D62E6 | 2_2_000001845C4D62E6 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D3300 | 2_2_000001845C4D3300 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D6B00 | 2_2_000001845C4D6B00 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F9300 | 2_2_000001845C4F9300 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D62F9 | 2_2_000001845C4D62F9 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F7290 | 2_2_000001845C4F7290 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DFAA0 | 2_2_000001845C4DFAA0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D4A98 | 2_2_000001845C4D4A98 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E2B50 | 2_2_000001845C4E2B50 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F4B60 | 2_2_000001845C4F4B60 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F5340 | 2_2_000001845C4F5340 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D5B3E | 2_2_000001845C4D5B3E |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E73D0 | 2_2_000001845C4E73D0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D83E0 | 2_2_000001845C4D83E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D2BD6 | 2_2_000001845C4D2BD6 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D13F7 | 2_2_000001845C4D13F7 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DCBAB | 2_2_000001845C4DCBAB |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D73C0 | 2_2_000001845C4D73C0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F3BC0 | 2_2_000001845C4F3BC0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4FFC54 | 2_2_000001845C4FFC54 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4FFC5D | 2_2_000001845C4FFC5D |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4FFC4B | 2_2_000001845C4FFC4B |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D3470 | 2_2_000001845C4D3470 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F3464 | 2_2_000001845C4F3464 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4DAC80 | 2_2_000001845C4DAC80 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E4410 | 2_2_000001845C4E4410 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D8C05 | 2_2_000001845C4D8C05 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C500C20 | 2_2_000001845C500C20 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D6B00 | 2_2_000001845C4D6B00 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4ED420 | 2_2_000001845C4ED420 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4FFC39 | 2_2_000001845C4FFC39 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4FFC42 | 2_2_000001845C4FFC42 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4FFC27 | 2_2_000001845C4FFC27 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D7C3B | 2_2_000001845C4D7C3B |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4FFC30 | 2_2_000001845C4FFC30 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D2CD2 | 2_2_000001845C4D2CD2 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D54E0 | 2_2_000001845C4D54E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F24E0 | 2_2_000001845C4F24E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4ECCF0 | 2_2_000001845C4ECCF0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C5034F0 | 2_2_000001845C5034F0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F5C90 | 2_2_000001845C4F5C90 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D6C98 | 2_2_000001845C4D6C98 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4E9CB0 | 2_2_000001845C4E9CB0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F44B0 | 2_2_000001845C4F44B0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4D3CA6 | 2_2_000001845C4D3CA6 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180012140 | 3_2_0000000180012140 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180015150 | 3_2_0000000180015150 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800224E0 | 3_2_00000001800224E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180020680 | 3_2_0000000180020680 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800176E0 | 3_2_00000001800176E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001F9E0 | 3_2_000000018001F9E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001AAD0 | 3_2_000000018001AAD0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180013E10 | 3_2_0000000180013E10 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180006FF7 | 3_2_0000000180006FF7 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018002E010 | 3_2_000000018002E010 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180006057 | 3_2_0000000180006057 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180001070 | 3_2_0000000180001070 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800020C7 | 3_2_00000001800020C7 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000A110 | 3_2_000000018000A110 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180007113 | 3_2_0000000180007113 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000612D | 3_2_000000018000612D |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180044140 | 3_2_0000000180044140 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180007160 | 3_2_0000000180007160 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000517A | 3_2_000000018000517A |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000517C | 3_2_000000018000517C |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180011180 | 3_2_0000000180011180 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001A190 | 3_2_000000018001A190 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180019190 | 3_2_0000000180019190 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000219F | 3_2_000000018000219F |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000A1E0 | 3_2_000000018000A1E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800061EC | 3_2_00000001800061EC |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180018230 | 3_2_0000000180018230 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180001264 | 3_2_0000000180001264 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180031270 | 3_2_0000000180031270 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000227C | 3_2_000000018000227C |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180027290 | 3_2_0000000180027290 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018002B2D0 | 3_2_000000018002B2D0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800642E0 | 3_2_00000001800642E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800062E6 | 3_2_00000001800062E6 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000D2F0 | 3_2_000000018000D2F0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800062F9 | 3_2_00000001800062F9 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180029300 | 3_2_0000000180029300 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180003300 | 3_2_0000000180003300 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180062327 | 3_2_0000000180062327 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180025340 | 3_2_0000000180025340 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018005B380 | 3_2_000000018005B380 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800073C0 | 3_2_00000001800073C0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800173D0 | 3_2_00000001800173D0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800083E0 | 3_2_00000001800083E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800013F7 | 3_2_00000001800013F7 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018004C410 | 3_2_000000018004C410 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180014410 | 3_2_0000000180014410 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001D420 | 3_2_000000018001D420 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180023464 | 3_2_0000000180023464 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180003470 | 3_2_0000000180003470 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800244B0 | 3_2_00000001800244B0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800054E0 | 3_2_00000001800054E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800334F0 | 3_2_00000001800334F0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180026530 | 3_2_0000000180026530 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001E550 | 3_2_000000018001E550 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000656A | 3_2_000000018000656A |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180009588 | 3_2_0000000180009588 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180025590 | 3_2_0000000180025590 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001B5A0 | 3_2_000000018001B5A0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800075D2 | 3_2_00000001800075D2 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000F5E0 | 3_2_000000018000F5E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000C5F0 | 3_2_000000018000C5F0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180016630 | 3_2_0000000180016630 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180001630 | 3_2_0000000180001630 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018003664B | 3_2_000000018003664B |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180032660 | 3_2_0000000180032660 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180056670 | 3_2_0000000180056670 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000769C | 3_2_000000018000769C |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000A6A0 | 3_2_000000018000A6A0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800486E0 | 3_2_00000001800486E0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180024700 | 3_2_0000000180024700 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180006704 | 3_2_0000000180006704 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001F710 | 3_2_000000018001F710 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000271A | 3_2_000000018000271A |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180033760 | 3_2_0000000180033760 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180063770 | 3_2_0000000180063770 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000176F | 3_2_000000018000176F |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180018780 | 3_2_0000000180018780 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180052790 | 3_2_0000000180052790 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800367B8 | 3_2_00000001800367B8 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800257C0 | 3_2_00000001800257C0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018002A7F0 | 3_2_000000018002A7F0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180030810 | 3_2_0000000180030810 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000B822 | 3_2_000000018000B822 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001C850 | 3_2_000000018001C850 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180027870 | 3_2_0000000180027870 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180028880 | 3_2_0000000180028880 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018002F890 | 3_2_000000018002F890 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018003A8BC | 3_2_000000018003A8BC |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800138D0 | 3_2_00000001800138D0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000E8DC | 3_2_000000018000E8DC |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180024930 | 3_2_0000000180024930 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180002971 | 3_2_0000000180002971 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000E9B0 | 3_2_000000018000E9B0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_00000001800199F0 | 3_2_00000001800199F0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180053A00 | 3_2_0000000180053A00 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000FA00 | 3_2_000000018000FA00 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180021A10 | 3_2_0000000180021A10 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180025A10 | 3_2_0000000180025A10 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018002AA30 | 3_2_000000018002AA30 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180003A32 | 3_2_0000000180003A32 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180007A33 | 3_2_0000000180007A33 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001EA40 | 3_2_000000018001EA40 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180005A50 | 3_2_0000000180005A50 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180004A98 | 3_2_0000000180004A98 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000FAA0 | 3_2_000000018000FAA0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180035AD0 | 3_2_0000000180035AD0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180006B00 | 3_2_0000000180006B00 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180005B3E | 3_2_0000000180005B3E |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180012B50 | 3_2_0000000180012B50 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180024B60 | 3_2_0000000180024B60 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000CBAB | 3_2_000000018000CBAB |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180023BC0 | 3_2_0000000180023BC0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180002BD6 | 3_2_0000000180002BD6 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180008C05 | 3_2_0000000180008C05 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180030C20 | 3_2_0000000180030C20 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180006B00 | 3_2_0000000180006B00 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018002FC27 | 3_2_000000018002FC27 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018002FC30 | 3_2_000000018002FC30 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018002FC39 | 3_2_000000018002FC39 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180007C3B | 3_2_0000000180007C3B |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018002FC42 | 3_2_000000018002FC42 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018002FC4B | 3_2_000000018002FC4B |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018002FC54 | 3_2_000000018002FC54 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180065C60 | 3_2_0000000180065C60 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018002FC5D | 3_2_000000018002FC5D |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000AC80 | 3_2_000000018000AC80 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180035C90 | 3_2_0000000180035C90 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180025C90 | 3_2_0000000180025C90 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180006C98 | 3_2_0000000180006C98 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180036C9E | 3_2_0000000180036C9E |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180061CA7 | 3_2_0000000180061CA7 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180003CA6 | 3_2_0000000180003CA6 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180019CB0 | 3_2_0000000180019CB0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180002CD2 | 3_2_0000000180002CD2 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001CCF0 | 3_2_000000018001CCF0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180038D24 | 3_2_0000000180038D24 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018002AD30 | 3_2_000000018002AD30 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180006D44 | 3_2_0000000180006D44 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018000ED50 | 3_2_000000018000ED50 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180062D70 | 3_2_0000000180062D70 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180001D80 | 3_2_0000000180001D80 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F0680 VirtualAlloc,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualAlloc,InitializeCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection, | 2_2_000001845C4F0680 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EFD10 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,OpenProcess,GetLastError, | 2_2_000001845C4EFD10 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4FCE70 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,memset,OpenProcess,K32EnumProcessModules,K32GetProcessImageFileNameW,lstrcpyW,CloseHandle, | 2_2_000001845C4FCE70 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F7870 memset,lstrlenW,lstrlenW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,GetExtendedUdpTable,VirtualAlloc,GetExtendedUdpTable,VirtualFree,memset,lstrlenW,memset,inet_ntoa,lstrcpyA,lstrlenA,htons,lstrlenA,memset,lstrlenW,VirtualFree,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 2_2_000001845C4F7870 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F9A70 memset,memset,VirtualFree,VirtualFree,GetModuleHandleW,GetProcAddress,GetProcAddress,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,OpenProcess,K32EnumProcessModules,K32GetProcessImageFileNameW,GetLogicalDriveStringsW,QueryDosDeviceW,lstrlenW,wcsncmp,lstrcpyW,TerminateProcess,Sleep,DeleteFileW,lstrcpyW,lstrcatW,TerminateProcess,CloseHandle,Sleep, | 2_2_000001845C4F9A70 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F9300 __chkstk,memset,memset,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,CreateToolhelp32Snapshot,Process32FirstW,OpenProcess,memset,lstrcpyW,GetPriorityClass,memset,memset,OpenProcessToken,GetTokenInformation,GlobalAlloc,GetTokenInformation,LookupAccountSidW,LookupAccountSidW,lstrcpyW,GlobalFree,CloseHandle,ProcessIdToSessionId,K32GetProcessMemoryInfo,K32EnumProcessModules,K32GetProcessImageFileNameW,GetLogicalDriveStringsW,QueryDosDeviceW,lstrlenW,wcsncmp,lstrcpyW,CreateFileW,GetFileSize,CloseHandle,lstrcpyW,lstrcatW,CloseHandle,Process32NextW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,CloseHandle,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 2_2_000001845C4F9300 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F7290 memset,lstrlenW,lstrlenW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,GetExtendedTcpTable,VirtualAlloc,GetExtendedTcpTable,VirtualFree,memset,lstrlenW,memset,inet_ntoa,lstrcpyA,lstrlenA,htons,memset,inet_ntoa,lstrcpyA,lstrlenA,htons,memset,lstrlenW,VirtualFree,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 2_2_000001845C4F7290 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4F0480 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualAlloc,GetLastError,memcpy, | 2_2_000001845C4F0480 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180020680 VirtualAlloc,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualAlloc,InitializeCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection, | 3_2_0000000180020680 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180027290 memset,lstrlenW,lstrlenW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,GetExtendedTcpTable,VirtualAlloc,GetExtendedTcpTable,VirtualFree,memset,lstrlenW,memset,inet_ntoa,lstrcpyA,lstrlenA,htons,memset,inet_ntoa,lstrcpyA,lstrlenA,htons,memset,lstrlenW,VirtualFree,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 3_2_0000000180027290 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180029300 __chkstk,memset,memset,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,CreateToolhelp32Snapshot,Process32FirstW,OpenProcess,memset,lstrcpyW,GetPriorityClass,memset,memset,OpenProcessToken,GetTokenInformation,GlobalAlloc,GetTokenInformation,LookupAccountSidW,LookupAccountSidW,lstrcpyW,GlobalFree,CloseHandle,ProcessIdToSessionId,K32GetProcessMemoryInfo,K32EnumProcessModules,K32GetProcessImageFileNameW,GetLogicalDriveStringsW,QueryDosDeviceW,lstrlenW,wcsncmp,lstrcpyW,CreateFileW,GetFileSize,CloseHandle,lstrcpyW,lstrcatW,CloseHandle,Process32NextW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,CloseHandle,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 3_2_0000000180029300 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180020480 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualAlloc,GetLastError,memcpy, | 3_2_0000000180020480 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180027870 memset,lstrlenW,lstrlenW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,GetExtendedUdpTable,VirtualAlloc,GetExtendedUdpTable,VirtualFree,memset,lstrlenW,memset,inet_ntoa,lstrcpyA,lstrlenA,htons,lstrlenA,memset,lstrlenW,VirtualFree,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 3_2_0000000180027870 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_0000000180029A70 memset,memset,VirtualFree,VirtualFree,GetModuleHandleW,GetProcAddress,GetProcAddress,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,OpenProcess,K32EnumProcessModules,K32GetProcessImageFileNameW,GetLogicalDriveStringsW,QueryDosDeviceW,lstrlenW,wcsncmp,lstrcpyW,TerminateProcess,Sleep,DeleteFileW,lstrcpyW,lstrcatW,TerminateProcess,CloseHandle,Sleep, | 3_2_0000000180029A70 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001FD10 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,OpenProcess,GetLastError, | 3_2_000000018001FD10 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018002CE70 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,memset,OpenProcess,K32EnumProcessModules,K32GetProcessImageFileNameW,lstrcpyW,CloseHandle, | 3_2_000000018002CE70 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_0000000180027290 memset,lstrlenW,lstrlenW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,GetExtendedTcpTable,VirtualAlloc,GetExtendedTcpTable,VirtualFree,memset,lstrlenW,memset,inet_ntoa,lstrcpyA,lstrlenA,htons,memset,inet_ntoa,lstrcpyA,lstrlenA,htons,memset,lstrlenW,VirtualFree,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 4_2_0000000180027290 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_0000000180029300 __chkstk,memset,memset,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,CreateToolhelp32Snapshot,Process32FirstW,OpenProcess,memset,lstrcpyW,GetPriorityClass,memset,memset,OpenProcessToken,GetTokenInformation,GlobalAlloc,GetTokenInformation,LookupAccountSidW,LookupAccountSidW,lstrcpyW,GlobalFree,CloseHandle,ProcessIdToSessionId,K32GetProcessMemoryInfo,K32EnumProcessModules,K32GetProcessImageFileNameW,GetLogicalDriveStringsW,QueryDosDeviceW,lstrlenW,wcsncmp,lstrcpyW,CreateFileW,GetFileSize,CloseHandle,lstrcpyW,lstrcatW,CloseHandle,Process32NextW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,CloseHandle,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 4_2_0000000180029300 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_0000000180020480 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualAlloc,GetLastError,memcpy, | 4_2_0000000180020480 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_0000000180020680 VirtualAlloc,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualAlloc,InitializeCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection, | 4_2_0000000180020680 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_0000000180027870 memset,lstrlenW,lstrlenW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,GetExtendedUdpTable,VirtualAlloc,GetExtendedUdpTable,VirtualFree,memset,lstrlenW,memset,inet_ntoa,lstrcpyA,lstrlenA,htons,lstrlenA,memset,lstrlenW,VirtualFree,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 4_2_0000000180027870 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_0000000180029A70 memset,memset,VirtualFree,VirtualFree,GetModuleHandleW,GetProcAddress,GetProcAddress,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,OpenProcess,K32EnumProcessModules,K32GetProcessImageFileNameW,GetLogicalDriveStringsW,QueryDosDeviceW,lstrlenW,wcsncmp,lstrcpyW,TerminateProcess,Sleep,DeleteFileW,lstrcpyW,lstrcatW,TerminateProcess,CloseHandle,Sleep, | 4_2_0000000180029A70 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_000000018001FD10 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,OpenProcess,GetLastError, | 4_2_000000018001FD10 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_000000018002CE70 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,memset,OpenProcess,K32EnumProcessModules,K32GetProcessImageFileNameW,lstrcpyW,CloseHandle, | 4_2_000000018002CE70 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_0000000180020480 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualAlloc,GetLastError,memcpy, | 5_2_0000000180020480 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_0000000180020680 VirtualAlloc,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualAlloc,InitializeCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,VirtualAlloc,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection,LeaveCriticalSection, | 5_2_0000000180020680 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_0000000180027290 memset,lstrlenW,lstrlenW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,GetExtendedTcpTable,VirtualAlloc,GetExtendedTcpTable,VirtualFree,memset,lstrlenW,memset,inet_ntoa,lstrcpyA,lstrlenA,htons,memset,inet_ntoa,lstrcpyA,lstrlenA,htons,memset,lstrlenW,VirtualFree,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 5_2_0000000180027290 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_0000000180029300 __chkstk,memset,memset,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,CreateToolhelp32Snapshot,Process32FirstW,OpenProcess,memset,lstrcpyW,GetPriorityClass,memset,memset,OpenProcessToken,GetTokenInformation,GlobalAlloc,GetTokenInformation,LookupAccountSidW,LookupAccountSidW,lstrcpyW,GlobalFree,CloseHandle,ProcessIdToSessionId,K32GetProcessMemoryInfo,K32EnumProcessModules,K32GetProcessImageFileNameW,GetLogicalDriveStringsW,QueryDosDeviceW,lstrlenW,wcsncmp,lstrcpyW,CreateFileW,GetFileSize,CloseHandle,lstrcpyW,lstrcatW,CloseHandle,Process32NextW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,CloseHandle,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 5_2_0000000180029300 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_0000000180027870 memset,lstrlenW,lstrlenW,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,GetExtendedUdpTable,VirtualAlloc,GetExtendedUdpTable,VirtualFree,memset,lstrlenW,memset,inet_ntoa,lstrcpyA,lstrlenA,htons,lstrlenA,memset,lstrlenW,VirtualFree,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 5_2_0000000180027870 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_0000000180029A70 memset,memset,VirtualFree,VirtualFree,GetModuleHandleW,GetProcAddress,GetProcAddress,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,OpenProcess,K32EnumProcessModules,K32GetProcessImageFileNameW,GetLogicalDriveStringsW,QueryDosDeviceW,lstrlenW,wcsncmp,lstrcpyW,TerminateProcess,Sleep,DeleteFileW,lstrcpyW,lstrcatW,TerminateProcess,CloseHandle,Sleep, | 5_2_0000000180029A70 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_000000018001FD10 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,OpenProcess,GetLastError, | 5_2_000000018001FD10 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_000000018002CE70 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,memset,OpenProcess,K32EnumProcessModules,K32GetProcessImageFileNameW,lstrcpyW,CloseHandle, | 5_2_000000018002CE70 |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: apphelp.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: wtsapi32.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: uxtheme.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: dwmapi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: winmm.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: userenv.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: version.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: netapi32.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: netutils.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: srvcli.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: cryptbase.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: windows.storage.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: wldp.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: profapi.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: powrprof.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: umpdc.dll | Jump to behavior |
Source: C:\Users\user\Desktop\R2-Signed.exe | Section loaded: dwrite.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: taskschd.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: winmm.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: netapi32.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: samcli.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: userenv.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: iphlpapi.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: urlmon.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: iertutil.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: srvcli.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: firewallapi.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: dnsapi.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: fwbase.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: fwpolicyiomgr.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: winmm.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: netapi32.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: samcli.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: netutils.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: wtsapi32.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: userenv.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: iphlpapi.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: urlmon.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: iertutil.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: srvcli.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: firewallapi.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: dnsapi.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: fwbase.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: fwpolicyiomgr.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: winsta.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: mswsock.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: profapi.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: sspicli.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: napinsp.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: pnrpnsp.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: wshbth.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: nlaapi.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: dnsapi.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: winrnr.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: fwpuclnt.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: rasadhlp.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: devenum.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: ntmarta.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: devobj.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: msasn1.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: msdmo.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: winmm.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: netapi32.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: samcli.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: netutils.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: wtsapi32.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: userenv.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: iphlpapi.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: urlmon.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: iertutil.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: srvcli.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: uxtheme.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: firewallapi.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: dnsapi.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: fwbase.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: fwpolicyiomgr.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: apphelp.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: arphadump64.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: winmm.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: netapi32.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: samcli.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: netutils.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: wtsapi32.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: userenv.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: iphlpapi.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: urlmon.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: iertutil.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: srvcli.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: firewallapi.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: dnsapi.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: fwbase.dll | Jump to behavior |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Section loaded: fwpolicyiomgr.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: winmm.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: netapi32.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: samcli.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: netutils.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: wtsapi32.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: userenv.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: iphlpapi.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: urlmon.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: iertutil.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: srvcli.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: firewallapi.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: dnsapi.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: fwbase.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: fwpolicyiomgr.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: winsta.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: mswsock.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: profapi.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: sspicli.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: napinsp.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: pnrpnsp.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: wshbth.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: nlaapi.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: dnsapi.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: winrnr.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: fwpuclnt.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: rasadhlp.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: devenum.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: ntmarta.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: devobj.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: msasn1.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Section loaded: msdmo.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: winmm.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: netapi32.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: samcli.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: netutils.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: wtsapi32.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: userenv.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: iphlpapi.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: urlmon.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: iertutil.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: srvcli.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: kernel.appcore.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: uxtheme.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: firewallapi.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: dnsapi.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: fwbase.dll | Jump to behavior |
Source: C:\Windows\System32\dllhost.exe | Section loaded: fwpolicyiomgr.dll | Jump to behavior |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EDDD0 malloc,memset,FindFirstFileW,free, | 2_2_000001845C4EDDD0 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EC850 memset,lstrcatW,lstrcatW,memset,FindFirstFileW,FindNextFileW,FindNextFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 2_2_000001845C4EC850 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4EE210 __chkstk,memset,memset,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,memset,lstrcatW,lstrcatW,lstrcatW,Sleep,lstrlenW,wcsstr,GetCurrentThread,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,FindNextFileW,LeaveCriticalSection,WaitForSingleObject,VirtualFree,VirtualFree, | 2_2_000001845C4EE210 |
Source: C:\Windows\System32\svchost.exe | Code function: 2_2_000001845C4ECCF0 memset,memset,memset,memset,CreateToolhelp32Snapshot,GetProcessHeap,HeapAlloc,Process32FirstW,lstrcmpiW,Process32NextW,GetProcessHeap,HeapFree,CloseHandle,ProcessIdToSessionId,memset,memset,wsprintfW,wsprintfW,FindFirstFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,memset,memset,wsprintfW,FindFirstFileW,FindNextFileW,lstrcmpiW,lstrcmpiW,lstrcmpiW,lstrcmpiW,memset,memset,lstrcatW,lstrcatW,lstrcatW,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,FindNextFileW,FindNextFileW,lstrlenW,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 2_2_000001845C4ECCF0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001E210 __chkstk,memset,memset,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,memset,lstrcatW,lstrcatW,lstrcatW,Sleep,lstrlenW,wcsstr,GetCurrentThread,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,FindNextFileW,LeaveCriticalSection,WaitForSingleObject,VirtualFree,VirtualFree, | 3_2_000000018001E210 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001C850 memset,lstrcatW,lstrcatW,memset,FindFirstFileW,FindNextFileW,FindNextFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 3_2_000000018001C850 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001CCF0 memset,memset,memset,memset,CreateToolhelp32Snapshot,GetProcessHeap,HeapAlloc,Process32FirstW,lstrcmpiW,Process32NextW,GetProcessHeap,HeapFree,CloseHandle,ProcessIdToSessionId,memset,memset,wsprintfW,wsprintfW,FindFirstFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,memset,memset,wsprintfW,FindFirstFileW,FindNextFileW,lstrcmpiW,lstrcmpiW,lstrcmpiW,lstrcmpiW,memset,memset,lstrcatW,lstrcatW,lstrcatW,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,FindNextFileW,FindNextFileW,lstrlenW,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 3_2_000000018001CCF0 |
Source: C:\Windows\System32\svchost.exe | Code function: 3_2_000000018001DDD0 malloc,memset,FindFirstFileW,free, | 3_2_000000018001DDD0 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_000000018001E210 __chkstk,memset,memset,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,memset,lstrcatW,lstrcatW,lstrcatW,Sleep,lstrlenW,wcsstr,GetCurrentThread,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,FindNextFileW,LeaveCriticalSection,WaitForSingleObject,VirtualFree,VirtualFree, | 4_2_000000018001E210 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_000000018001C850 memset,lstrcatW,lstrcatW,memset,FindFirstFileW,FindNextFileW,FindNextFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 4_2_000000018001C850 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_000000018001CCF0 memset,memset,memset,memset,CreateToolhelp32Snapshot,GetProcessHeap,HeapAlloc,Process32FirstW,lstrcmpiW,Process32NextW,GetProcessHeap,HeapFree,CloseHandle,ProcessIdToSessionId,memset,memset,wsprintfW,wsprintfW,FindFirstFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,memset,memset,wsprintfW,FindFirstFileW,FindNextFileW,lstrcmpiW,lstrcmpiW,lstrcmpiW,lstrcmpiW,memset,memset,lstrcatW,lstrcatW,lstrcatW,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,FindNextFileW,FindNextFileW,lstrlenW,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 4_2_000000018001CCF0 |
Source: C:\Windows\System32\dllhost.exe | Code function: 4_2_000000018001DDD0 malloc,memset,FindFirstFileW,free, | 4_2_000000018001DDD0 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_00007FF767A08F78 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,FindClose, | 5_2_00007FF767A08F78 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_00007FFE11ED05EC FindFirstFileExW, | 5_2_00007FFE11ED05EC |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_000000018001E210 __chkstk,memset,memset,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,memset,lstrcatW,lstrcatW,lstrcatW,Sleep,lstrlenW,wcsstr,GetCurrentThread,IsBadReadPtr,EnterCriticalSection,LeaveCriticalSection,FindNextFileW,LeaveCriticalSection,WaitForSingleObject,VirtualFree,VirtualFree, | 5_2_000000018001E210 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_000000018001C850 memset,lstrcatW,lstrcatW,memset,FindFirstFileW,FindNextFileW,FindNextFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 5_2_000000018001C850 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_000000018001CCF0 memset,memset,memset,memset,CreateToolhelp32Snapshot,GetProcessHeap,HeapAlloc,Process32FirstW,lstrcmpiW,Process32NextW,GetProcessHeap,HeapFree,CloseHandle,ProcessIdToSessionId,memset,memset,wsprintfW,wsprintfW,FindFirstFileW,VirtualFree,VirtualFree,VirtualFree,VirtualFree,VirtualFree,memset,memset,wsprintfW,FindFirstFileW,FindNextFileW,lstrcmpiW,lstrcmpiW,lstrcmpiW,lstrcmpiW,memset,memset,lstrcatW,lstrcatW,lstrcatW,lstrcatW,lstrcatW,FindFirstFileW,FindNextFileW,FindNextFileW,FindNextFileW,lstrlenW,FindClose,VirtualFree,VirtualFree,VirtualFree,VirtualFree, | 5_2_000000018001CCF0 |
Source: C:\Program Files\Windows Mail\ParphaCrashReport64.exe | Code function: 5_2_000000018001DDD0 malloc,memset,FindFirstFileW,free, | 5_2_000000018001DDD0 |