Overview

overview

10

Static

static

390c6a70c5...95.exe

windows7-x64

10

390c6a70c5...95.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    152s
  • max time network
    166s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    29-10-2022 20:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    390c6a70c5f09f688567145974de4d5ffd6d890e134c8e6725ec3cd91868d495.exe

  • Size

    1.3MB

  • MD5

    598b4477c5ce8920b377f808ce666c4a

  • SHA1

    a3c5d98f2b895b9fd60e3090143234a51cac81b4

  • SHA256

    390c6a70c5f09f688567145974de4d5ffd6d890e134c8e6725ec3cd91868d495

  • SHA512

    3b97b59fbaaf9ad43b6da7d92b602b506559c562479937e4a50a5bfc539a313eaed8e2598a150be659ddfcfb6a175176d1e5254b516d5c39d08ae57c77c6e7d8

  • SSDEEP

    24576:+pINQhyjAhM97x6PpSi6/I/6AjqRVZntMw91e:+g+M9apTEIYl2wO

Score
10/10
jokerinfostealertrojan

Malware Config

Signatures

  • joker

    Joker is an Android malware that targets billing and SMS fraud.

    infostealertrojanjoker
  • Drops file in System32 directory 1 IoCs
  • Drops file in Program Files directory 14 IoCs
  • Drops file in Windows directory 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SetWindowsHookEx 20 IoCs
  • Suspicious use of WriteProcessMemory 43 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\390c6a70c5f09f688567145974de4d5ffd6d890e134c8e6725ec3cd91868d495.exe
    "C:\Users\Admin\AppData\Local\Temp\390c6a70c5f09f688567145974de4d5ffd6d890e134c8e6725ec3cd91868d495.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1856
    • C:\Windows\SysWOW64\explorer.exe
      explorer.exe http://www.v258.net/list/list16.html?mmm
      2⤵
        PID:1984
      • C:\Windows\SysWOW64\cmd.exe
        cmd /c C:\Users\Admin\AppData\Local\Temp\JGUHE.bat
        2⤵
        • Suspicious use of WriteProcessMemory
        PID:1424
        • C:\Windows\SysWOW64\expand.exe
          expand.exe "C:\Users\Admin\AppData\Local\Temp\ico.cab" -F:*.* "C:\progra~1\ico"
          3⤵
          • Drops file in Program Files directory
          • Drops file in Windows directory
          PID:1152
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://www.q22.cc/?ukt
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:1048
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1048 CREDAT:275457 /prefetch:2
          3⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:612
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://www.v921.com/?uk
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:1608
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1608 CREDAT:275457 /prefetch:2
          3⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:1456
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://www.779dh.com/?kj
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:1560
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1560 CREDAT:275457 /prefetch:2
          3⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:776
    • C:\Windows\explorer.exe
      C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:1776
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://www.v258.net/list/list16.html?mmm
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:1164
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1164 CREDAT:275457 /prefetch:2
          3⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:1276

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_3431D4C539FB2CFCB781821E9902850D
      Filesize

      2KB

      MD5

      34feb9279587011e5bd1bc825e7d2943

      SHA1

      d7ad421c0f4c305936e4b6b1ee3b4d73dea0b094

      SHA256

      96b9b67b871e3adbab0a5b0ba635679443636a97c7dd2f19fec1b45a2dd36a5d

      SHA512

      9fd6ff36a966661ab2ccd5e0c2dd0b24661fc87686fe039db97f79eecbb1504ac9735462b16d8657ef900e3bc405c149ff98c32aa1c682b83d2ffd2382b5f285

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
      Filesize

      1KB

      MD5

      50efb31213c5903b7f66d26656873c4e

      SHA1

      c8014d7d78aa8981555c3afe28d1fe320fdd434d

      SHA256

      b612a61f6a7e6d06c625bf9602c906ac31a9b5bc36a59913f9ff2304a5323402

      SHA512

      238358b86e22b8821c723fc5f9c3e830b2daadb0dc79007739a4cbcca6114dc4e71b1fbb771f97356da79345d566ae9b4e14c72b87c437f03fb35f4a86acbc22

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
      Filesize

      1KB

      MD5

      50efb31213c5903b7f66d26656873c4e

      SHA1

      c8014d7d78aa8981555c3afe28d1fe320fdd434d

      SHA256

      b612a61f6a7e6d06c625bf9602c906ac31a9b5bc36a59913f9ff2304a5323402

      SHA512

      238358b86e22b8821c723fc5f9c3e830b2daadb0dc79007739a4cbcca6114dc4e71b1fbb771f97356da79345d566ae9b4e14c72b87c437f03fb35f4a86acbc22

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_97A2CB43E01F27293633B7B57353C80B
      Filesize

      1KB

      MD5

      dfa4cbcae8cf9f65745fd221371f6113

      SHA1

      b207dcf6398f18a0257444d1063a42eeb3bc1011

      SHA256

      c5f97ed7ff7e1d6e8852411842e8110f2cf19416e95a1bb34bb41266caf9c170

      SHA512

      3fb2e787567639c924a765c1a30af7a6d22afd66ea7853526558d10dde8632c738770bed8004d2a7c74da2c689531eb0341550915d03f7686f69c22ba2386980

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
      Filesize

      61KB

      MD5

      3dcf580a93972319e82cafbc047d34d5

      SHA1

      8528d2a1363e5de77dc3b1142850e51ead0f4b6b

      SHA256

      40810e31f1b69075c727e6d557f9614d5880112895ff6f4df1767e87ae5640d1

      SHA512

      98384be7218340f95dae88d1cb865f23a0b4e12855beb6e74a3752274c9b4c601e493864db777bca677a370d0a9dbffd68d94898a82014537f3a801cce839c42

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
      Filesize

      1KB

      MD5

      dd992bcfe5717f29d4ac5f891133a0ea

      SHA1

      c8e8a329c3b411e40f51c0ca55845b316d63a886

      SHA256

      0453654ed94ec44a94b63162e9e03717deba2c94e807ecd6067f05f2e3f48b6e

      SHA512

      f1093343983a81a6d22c528d2ad82bf41797c54ac1aa57fb48c4b7ddcb0d5a1e2fbd6d9eab0de3ba5348598eee0c7c311d01a75536351e15595428a6cd785af4

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
      Filesize

      1KB

      MD5

      70e313bdfcedd5b0ad67b15018c3e460

      SHA1

      1cc946d5334d11975921792bf9c050c7c75e5066

      SHA256

      634af52d3e696040d54d73d7e364abef48050c5653366a75cf3e56ff8ff9299d

      SHA512

      9c8e7c65e7a0fe3d510b08c9ea041384fe864fabd9a5f3f169d83c28d18d4d59a534d7bee2cf65bb15477343e5c9457645f51fc7903b725c09cea9332dec9161

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E
      Filesize

      1KB

      MD5

      28d104709bf1eb7d9b0f50c9b71f8ffb

      SHA1

      3622e9c08765df6b773b7f9d28819d289ddc5894

      SHA256

      9648713c60ba24ca1550adc7eafcf81438c6e059e63f778d4461fc23044213b3

      SHA512

      175dbcc54a2c013f87bebeced0ee569f9d56e5eeb67c65fb1f0c3ac55fdf9a07251abdbad951d270b635af0031840b48e4521aee7b211f68b18479e75e56a2cc

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_3431D4C539FB2CFCB781821E9902850D
      Filesize

      488B

      MD5

      b00f3a8d6d875b4dbf81c07dfc7b68a9

      SHA1

      15ad861a44627ddf2a085b3ee9b4c8448ec2fd7f

      SHA256

      ed4bf35750f995eb87cb28ae6a4036116c52ce6a887f6bf6d866da5d2e27ca62

      SHA512

      87a514ab91b494c4b6b6cf7f4244190591b354f5d6bf19a1ca8a88231393bd3cde5c56007199adf4d61ff7cabdd8a8bef9d6916701c9a0198fab4d6a626172d3

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
      Filesize

      508B

      MD5

      f801f45d2015dddec6d45628f1356df8

      SHA1

      5be803316817e8ceecb0ac50debf7001e333954d

      SHA256

      40fe052e47dae6040ad1a6850c14f55c33941d9821e2b0bf5f7caec53bdff2dc

      SHA512

      cd077085a29845a996bc6531a46b2b4e81cc204d3209f1d681bb231c5bb53bfefa2c8f8b2ca78ca9d74e44368a72184baa70f96bed6b1a351977c08dab8fd703

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
      Filesize

      508B

      MD5

      96d4b9e0aa6877fe0ed9e0fb91bed4cc

      SHA1

      bf971b613cafe1ebd749eeadbf4a6abd51fad79a

      SHA256

      e865cf451fced224ee0dabe1f42acb2e6cf9e2ab36156d92549cbb00398899b9

      SHA512

      ada9fbc8611559133a06021624de0d9157fb6214a0e1a8b4bdf7b09dc073066cbbb4c072c7db3ac5671f6df412b8e1e8b22095d13a6bdd0c648198c4a3c4c028

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_97A2CB43E01F27293633B7B57353C80B
      Filesize

      532B

      MD5

      8fc3bcd90341317b985268c48d7dee91

      SHA1

      2926ed3976a3b32d84b84d5fc791fdd91cb18c7e

      SHA256

      b4ecf5cc516533f34061936f309d1849354495d149953a4a2f3ea10b415eaecc

      SHA512

      80bffd50422e1656b92753df0c9d280a6932ed5e1ca0f0493eb492d73736efa89045073c03dd3087d57ee286f7a6404fc12fa60b67b5e678e681279fecd5c59e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      cc9d238ff46d55914abdf4a70b960f16

      SHA1

      b1250e2f83a9e185a6e8ae043f1b0104fe5be69f

      SHA256

      31b29677c926dcec5d0c4865f50eb22d89af3f3a9cbdaeebcd14dc18d879cdd8

      SHA512

      554ab95474b3a7d28a26481d1ef9fa57f991c791f1e755771230b31f45aa7b50358919cb88a79988bf31582d082875d543ce330f782b2b93107ffe93e0a7731a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      350b5889a9fa743384cd025e2496c7f6

      SHA1

      f42cdba0a18cd8607910a720f4c0be39ff54f830

      SHA256

      319875f0f264f23de1f3d634261940f2a204039daea6bc744cc8cbdb36dee7c1

      SHA512

      ad075b078ad8a5d854172c0f238e9c8076a983082cd0b54764d569ebeb15c359255c2cd343cfd14a3e723b80cbcdd4012a8187d18104351be178c9ef92548c53

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      e371319abc62cc21500846aaa0390ff1

      SHA1

      73b0892f205d4e8b7383cb3cb4046b21692428a5

      SHA256

      991e4b188e81f6e7def9dc7068e2e8fc2ad23509acca826b8bb54d87eaadb30e

      SHA512

      8c3f5212a7f0f3780f257ab3b2bc70ea4f0e2521a1b8feed3d72139f878bb2737786797baec748e554fc2ee429e0e8befd576e774c8312e471bacab92d9eff96

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      fe79e922bc609403a18f3ffd598f056f

      SHA1

      58e0de81de7fe8c8adecd17333b3442f0d56df4c

      SHA256

      39af19a989bd3b47fe7a53d7a7ed592b261b41d5aee9e497042c81ffd62f764b

      SHA512

      5e77bfda3637edd8734c100bccd8737112426189a55a248564e62821befd66c1bcf376c7bd4879f4e305ab6d93888f5251624d2a6ec147cdb3c0d167d309eed9

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
      Filesize

      492B

      MD5

      9dd9d42b15eb909440f8bc872eee4c66

      SHA1

      c9b7437ef9ba86da6db63bfbb739a3e89cccd6da

      SHA256

      068f98d6fe54988ff43ebeb06a5b969d7aff6dc1394912aa9d8da59791da4036

      SHA512

      5e9965223a4ff50833de46f087c4687315697cd7ae6bb1bd1c4d311bd13d2a2ea0c52ee66adeae108f090b55a4513a23afd71a5ef71b073f9aec9a1e129e04c3

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
      Filesize

      506B

      MD5

      ab2844ff3cf561c7bb91a2fc9b40c5a1

      SHA1

      d0a467507c82829c328dace5956e820875a45c78

      SHA256

      6728f84d8b35c498d13777c16653d865fb7c29c2d29aae15abaef4071c58c933

      SHA512

      522cd6c236d2ae7c1434c901b77c080086e7b9aacf489dc65fb0807536101a82d4b79d193bfed85645aad7042f356925187e9f0acca5eb07c50126d504ffe51e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E
      Filesize

      482B

      MD5

      67beb1c927bb916c931cb9b1e80fae03

      SHA1

      5312693ea2409b942928a9db59fea28eb1f32be0

      SHA256

      2b81e0fc89a08430e071427d3de5fbe95dfa14929fe8381a4ed2e0ccc9e90f9a

      SHA512

      d0fd108d56674943e450558da95bc49a272c80f13332f4474afbb597cdf7c2d0d5782f61c183e72b2bc17e0ce44f5937926a3edf664261a534ee43b177bc1328

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{15328241-5813-11ED-86C8-4A4A572A2DE9}.dat
      Filesize

      3KB

      MD5

      f6539c323ec7f587eb3abf3410bc8aaf

      SHA1

      18f7836f3a918982d5ec19e2681c7301d75e9d24

      SHA256

      ff2680705a30d55c296fb03ff6fd35dbc55c3c6b4bf6854db9ac61f772a5aa30

      SHA512

      19c4ef66bf6439d92439f037fc3d60e15ae12f48b2fce2e69945557c11ba61838260952752b1ad3ef9ba68d08968519f12988a7d3bce19fe64f516da7d905efb

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{15456631-5813-11ED-86C8-4A4A572A2DE9}.dat
      Filesize

      3KB

      MD5

      9f7ee4cdb81c76dabce9ecf0e2b088d6

      SHA1

      6d0a9cda588c72f2eab88d69507474f8b9401b68

      SHA256

      914046d8b5716e6923420890266236bc6263e1b6f5c7122cedfa7e0d490cf5c2

      SHA512

      37eadbcf27e20f25825ad258ae892650da13767ee05508169ed2c64098c40ebfa5845e7133b67db0df1f75f717f87574625775c06556fc19070477c2cf200913

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\JGUHE.bat
      Filesize

      98B

      MD5

      ada787702460241a372c495dc53dbdcf

      SHA1

      da7d65ec9541fe9ed13b3531f38202f83b0ac96d

      SHA256

      0d0f600f95192d2d602dbda346c4e08745295f331f5a0349deae21705367b850

      SHA512

      c86091735b855691c89c7946145591dec6a6a6a36a2438d392587a9cc1f2d85c1ebe44fcff1cc9d94271a24ebbc2ca38639577a6f5c592e9e10517da26572708

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\RJJLSZK2.txt
      Filesize

      94B

      MD5

      4334df82fa7bb48261cee814aa3f1bc2

      SHA1

      897ed120a9af85e0f779dbaacf77a97055aa9227

      SHA256

      9a457e4ae2fb4cb5a5d17f142c8c1ba4cca48ffc2f2fcff8e21c28211d7388ab

      SHA512

      82ff95f93c0e84f38f70dd73af9e0eb7e09af9a05238898172e2ae874f27316cfb90153a87ec9a2cc3ab4e6ed9f2d0578cfb86dcbaa770f1f918a354f66e25e6

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\S53MWVOS.txt
      Filesize

      595B

      MD5

      1a7c032211ba0214c59e5b4418cc2f2a

      SHA1

      9def44421e8245bc23bc69ed2a02cf9f4a105f60

      SHA256

      5d536a191183ba4957f5d89bc25b56761f0072c81a8f3a0607033d2c2fdc0dda

      SHA512

      bb8b0b047bd3c0d235f30685e0d4bac6fd5d14b3351ad8860e2da98bc0c5c00b2a22063c0a4c279f02836fa2d7743131aa108ffc172d658fe6021b62b4baa566

      Download Submit

    • \??\c:\users\admin\appdata\local\temp\ico.cab
      Filesize

      20KB

      MD5

      1319e9998cedc513c68fa6d590b6ad63

      SHA1

      ae95b333e88a13886994f320f5dfb4856168a710

      SHA256

      9a5b18efe243fbe9b9b0be3674a24080e9210436986988f3f85a4007905083bb

      SHA512

      d4052a899c6c310296e2f5fdf6c2031c22d2644be620cb34ddcc6b59789d82a6462daaeb34466c568be48ee975c4a5ab43143eab0792312a6cd0d49f9fbd8d3f

      Download Submit

    • memory/1776-63-0x000007FEFC311000-0x000007FEFC313000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1856-66-0x0000000000400000-0x0000000000548000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/1856-54-0x0000000000400000-0x0000000000548000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/1856-55-0x0000000075E51000-0x0000000075E53000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1984-62-0x0000000074F81000-0x0000000074F83000-memory.dmp

      Filesize

      8KB

      Download