Overview

overview

10

Static

static

068ca3e92c...fd.exe

windows7-x64

10

068ca3e92c...fd.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    145s
  • max time network
    105s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    12-01-2023 13:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    068ca3e92c65eb907b5a34be16580e267efbbde6f9129ca30ad80c948a1d3ffd.exe

  • Size

    147KB

  • MD5

    75256873a03f4a4bc073185f48c1097c

  • SHA1

    e9023061def67ba21c09826fadc1607fd7f71d88

  • SHA256

    068ca3e92c65eb907b5a34be16580e267efbbde6f9129ca30ad80c948a1d3ffd

  • SHA512

    4b718093ad42d7b7b72498dfcbcfd1b39c980ef44e999b7035e6bfe6b782aad6b7553832f1efee45003d9b0c56bf2e408ca55082c550ac4faa19f199f366dede

  • SSDEEP

    3072:s6glyuxE4GsUPnliByocWepvdHFdjFpZ/fgyVF0dj:s6gDBGpvEByocWetdHZ/fgKF0

Score
10/10
ransomwarespywarestealer

Malware Config

Extracted

Path

C:\cHpfiXA9s.README.txt

Ransom Note
~~~ XeqtR Ransomeware The world's fastest ransomware ~~~ >>>> Your data is now stolen and encrypted, pleaes read the following carefully, as it is in your best interest. We are sorry to inform you that a Ransomware Virus has taken control of your computer. ALL of your important files and folders on your computer have been encrypted with a military grade encryption algorithm. Your documents, videos, images and every other forms of data are now inaccessible and completely locked, and cannot be unlocked without the sole decryption key, in which we are the ONLY ones in possession of this key. This key is currently being stored on a remote server. To acquire this key and have all files restored, transfer the amount of 500 USD in the cryptocurrency BITCOIN to the below specified bitcoin wallet address before the time runs out. Once you have read this you now have 36 hours until your files are lost forever. If you fail to take action within this time window, the decryption key will be destroyed and access to your files will be permanently lost. If you are not familiar with cryptocurrency and bitcoin, just do a google search, visit bitcoin.org, go on your mobile to Cash App, or pretty much just ask someone and most likely they can explain it. Once again, 500 USD in the form of Bitcoin to this wallet address bc1q8wqyacjzzvrn57d2g7aj35lnr5r8fqv0dn0394 The second you have sent the bitcoin and the transaction verifies another text file will appear on your desktop with the website to get your key, and the simple instructions on how to use it to get your files back. 36 hours starts now, we suggest you do not waste time. For any reason you should need customer service, email [email protected]

Signatures

  • Executes dropped EXE 1 IoCs
  • Modifies extensions of user files 14 IoCs

    Ransomware generally changes the extension on encrypted files.

    ransomware
  • Deletes itself 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Drops desktop.ini file(s) 2 IoCs
  • Sets desktop wallpaper using registry 2 TTPs 2 IoCs
    ransomware
  • Suspicious use of NtSetInformationThreadHideFromDebugger 5 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies Control Panel 2 IoCs
    evasion
  • Modifies registry class 5 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: RenamesItself 26 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\068ca3e92c65eb907b5a34be16580e267efbbde6f9129ca30ad80c948a1d3ffd.exe
    "C:\Users\Admin\AppData\Local\Temp\068ca3e92c65eb907b5a34be16580e267efbbde6f9129ca30ad80c948a1d3ffd.exe"
    1⤵
    • Modifies extensions of user files
    • Loads dropped DLL
    • Drops desktop.ini file(s)
    • Sets desktop wallpaper using registry
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Drops file in Program Files directory
    • Modifies Control Panel
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:840
    • C:\ProgramData\4D27.tmp
      "C:\ProgramData\4D27.tmp"
      2⤵
      • Executes dropped EXE
      • Deletes itself
      • Suspicious use of NtSetInformationThreadHideFromDebugger
      • Suspicious behavior: RenamesItself
      • Suspicious use of WriteProcessMemory
      PID:1544
      • C:\Windows\SysWOW64\cmd.exe
        "C:\Windows\System32\cmd.exe" /C DEL /F /Q C:\PROGRA~3\4D27.tmp >> NUL
        3⤵
          PID:960
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x154
      1⤵
        PID:1492

      Network

      MITRE ATT&CK Enterprise v6

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\AAAAAAAAAAA
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\BBBBBBBBBBB
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\CCCCCCCCCCC
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\DDDDDDDDDDD
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\EEEEEEEEEEE
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\FFFFFFFFFFF
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\GGGGGGGGGGG
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\HHHHHHHHHHH
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\IIIIIIIIIII
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\JJJJJJJJJJJ
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\KKKKKKKKKKK
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\LLLLLLLLLLL
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\MMMMMMMMMMM
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\NNNNNNNNNNN
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\OOOOOOOOOOO
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\PPPPPPPPPPP
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\QQQQQQQQQQQ
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\RRRRRRRRRRR
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\SSSSSSSSSSS
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\TTTTTTTTTTT
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\UUUUUUUUUUU
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\VVVVVVVVVVV
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\WWWWWWWWWWW
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\XXXXXXXXXXX
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\YYYYYYYYYYY
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\$Recycle.Bin\S-1-5-21-3406023954-474543476-3319432036-1000\desktop.ini
        Filesize

        129B

        MD5

        81ec4c9067802a859a95074b2469a6ec

        SHA1

        d649df6388c9b51acebdd6bb152f4bb8ab067c12

        SHA256

        d8e536f0b35b3b4a9c442999df99c60a8a3f0c47c4ccc5d812106db28a2659ff

        SHA512

        f35ca5c57b97d7a987d1da76f834ca5c26926677c40eea887c76df7d49c0b8517c017f525ac61b5f423030b6717dc44cd556e4542f939ecaf68947ed11c9fd6f

        Download Submit

      • C:\ProgramData\4D27.tmp
        Filesize

        14KB

        MD5

        294e9f64cb1642dd89229fff0592856b

        SHA1

        97b148c27f3da29ba7b18d6aee8a0db9102f47c9

        SHA256

        917e115cc403e29b4388e0d175cbfac3e7e40ca1742299fbdb353847db2de7c2

        SHA512

        b87d531890bf1577b9b4af41dddb2cdbbfa164cf197bd5987df3a3075983645a3acba443e289b7bfd338422978a104f55298fbfe346872de0895bde44adc89cf

        Download Submit

      • C:\ProgramData\4D27.tmp
        Filesize

        14KB

        MD5

        294e9f64cb1642dd89229fff0592856b

        SHA1

        97b148c27f3da29ba7b18d6aee8a0db9102f47c9

        SHA256

        917e115cc403e29b4388e0d175cbfac3e7e40ca1742299fbdb353847db2de7c2

        SHA512

        b87d531890bf1577b9b4af41dddb2cdbbfa164cf197bd5987df3a3075983645a3acba443e289b7bfd338422978a104f55298fbfe346872de0895bde44adc89cf

        Download Submit

      • \ProgramData\4D27.tmp
        Filesize

        14KB

        MD5

        294e9f64cb1642dd89229fff0592856b

        SHA1

        97b148c27f3da29ba7b18d6aee8a0db9102f47c9

        SHA256

        917e115cc403e29b4388e0d175cbfac3e7e40ca1742299fbdb353847db2de7c2

        SHA512

        b87d531890bf1577b9b4af41dddb2cdbbfa164cf197bd5987df3a3075983645a3acba443e289b7bfd338422978a104f55298fbfe346872de0895bde44adc89cf

        Download Submit

      • memory/840-81-0x0000000000205000-0x0000000000216000-memory.dmp

        Filesize

        68KB

        Download

      • memory/840-54-0x0000000075A91000-0x0000000075A93000-memory.dmp

        Filesize

        8KB

        Download

      • memory/1544-88-0x0000000000400000-0x0000000000407000-memory.dmp

        Filesize

        28KB

        Download

      • memory/1544-89-0x00000000002D5000-0x00000000002E6000-memory.dmp

        Filesize

        68KB

        Download