hxxp://igb703n8vw63f3855f3de45[.]atropims[.]ru

Analysis

max time kernel
600s
max time network
495s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
01/03/2023, 15:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://igb703n8vw63f3855f3de45.atropims.ru

Score

5^/10

microsoft phishing

Malware Config

Signatures

Detected potential entity reuse from brand microsoft.
phishing microsoft

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133221610533259870"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2844	chrome.exe
2844	chrome.exe
404	chrome.exe
404	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe
Token: SeShutdownPrivilege	2844	chrome.exe
Token: SeCreatePagefilePrivilege	2844	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe
2844	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2844 wrote to memory of 756	2844	chrome.exe	88
PID 2844 wrote to memory of 756	2844	chrome.exe	88
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 4348	2844	chrome.exe	89
PID 2844 wrote to memory of 2284	2844	chrome.exe	90
PID 2844 wrote to memory of 2284	2844	chrome.exe	90
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91
PID 2844 wrote to memory of 2328	2844	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://igb703n8vw63f3855f3de45.atropims.ru
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9bada9758,0x7ff9bada9768,0x7ff9bada9778
  2⤵
  PID:756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1816,i,7930562193711415021,4592797847183895309,131072 /prefetch:2
  2⤵
  PID:4348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1816,i,7930562193711415021,4592797847183895309,131072 /prefetch:8
  2⤵
  PID:2284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2224 --field-trial-handle=1816,i,7930562193711415021,4592797847183895309,131072 /prefetch:8
  2⤵
  PID:2328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3076 --field-trial-handle=1816,i,7930562193711415021,4592797847183895309,131072 /prefetch:1
  2⤵
  PID:1068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3108 --field-trial-handle=1816,i,7930562193711415021,4592797847183895309,131072 /prefetch:1
  2⤵
  PID:1304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4644 --field-trial-handle=1816,i,7930562193711415021,4592797847183895309,131072 /prefetch:1
  2⤵
  PID:3532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5228 --field-trial-handle=1816,i,7930562193711415021,4592797847183895309,131072 /prefetch:8
  2⤵
  PID:396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5348 --field-trial-handle=1816,i,7930562193711415021,4592797847183895309,131072 /prefetch:8
  2⤵
  PID:1776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5444 --field-trial-handle=1816,i,7930562193711415021,4592797847183895309,131072 /prefetch:8
  2⤵
  PID:2168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5164 --field-trial-handle=1816,i,7930562193711415021,4592797847183895309,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:404

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4444

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
19a55c668bd064c99dcb8058960ef560

SHA1
dabde4216ce0058fbd11babd8aebb007320a09df

SHA256
3e1cf08c9ae3a4de5098c12d7ec7829b20ccad90563181917a63d772b82a2036

SHA512
a8effe0ec70b3b4b9c97205e452281f740a751dbc9ed59e68b2dfadf33e6105da6053e2ddef7beab4f4ae70a6a5e3f8954b3138b2e2f0cf1e6d81870d3c51bb7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
a5d41841050c4c42425ee89c57fdcab2

SHA1
2ca0b3a1e17937edf582d41df75c11b7dd26c4dd

SHA256
96dfd8e8b2b833e4ddfdc00fdab5682eb344c9502e3ed903ac6d464b82f1de33

SHA512
1cf6d0dc67956ff700a66ca86f21cfc67813d4f7aed2bdb69d29debb36410e1008777cd5dd7f7ea386b73ce8eecb3eeaf33ec60c2628e07bcbfce903c3b48f89

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f77108ec8c2426643202760a3574afdb

SHA1
342d7fbed8925b7163681b67a11f0a346ce23b02

SHA256
1cc7cd00beaccb25980483ca9b95815eb00d0616ab251bd482fb022cc76c9cb0

SHA512
b2675ddeeb66c90b6d699dea2cdc3fd0000ed8ea873f5bb3df3c91713b201516064c30dc039f9cdf57f89d93c65cac800a6e13a790040108e3582fa99d3596e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
e0e45bc05c06d0e48d6a30350e5925d5

SHA1
2b1183d59637cf8c8d793e6c59d813fb70617cb5

SHA256
2289b6c2f9e19006dee1d2b402a52002cdc1ddb3fb532ca8f3fc50074d7d667e

SHA512
dc7673210ea0ca92acc0310675cdaf1f0ca8754b004e5ffa0b04361aba8d4aff24d466ba0b6031cbc20f6f3731a73a77e364ed159f6005def015fad3fe3bd57f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
141KB

MD5
be8c6a034b46fade982fb222c0b06ccb

SHA1
910b63b0051cf818e01a67c002c5b32713230b3a

SHA256
d323a98fadc1e2bb1849171f835c28407b95cd6322730f354ded418633a4b358

SHA512
3a0f1c6e165ea52cbce6346fc9d519816630b07cec4f1b6b13d7295d580caf350a604210edf5c1cf1a186e5f0fa8be4ba52a15ada33f8fecb8d61ab6a5cd39be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
memory/396-164-0x00007FF9D8300000-0x00007FF9D8301000-memory.dmp

Filesize
4KB

Download
memory/396-165-0x00007FF9D7F80000-0x00007FF9D7F81000-memory.dmp

Filesize
4KB

Download
memory/404-247-0x00000262C9570000-0x00000262C9571000-memory.dmp

Filesize
4KB

Download
memory/404-248-0x00000262C9570000-0x00000262C9571000-memory.dmp

Filesize
4KB

Download
memory/404-249-0x00000262C9570000-0x00000262C9571000-memory.dmp

Filesize
4KB

Download
memory/404-254-0x00000262C9570000-0x00000262C9571000-memory.dmp

Filesize
4KB

Download
memory/404-253-0x00000262C9570000-0x00000262C9571000-memory.dmp

Filesize
4KB

Download
memory/404-256-0x00000262C9570000-0x00000262C9571000-memory.dmp

Filesize
4KB

Download
memory/404-255-0x00000262C9570000-0x00000262C9571000-memory.dmp

Filesize
4KB

Download
memory/404-258-0x00000262C9570000-0x00000262C9571000-memory.dmp

Filesize
4KB

Download
memory/404-257-0x00000262C9570000-0x00000262C9571000-memory.dmp

Filesize
4KB

Download
memory/404-259-0x00000262C9570000-0x00000262C9571000-memory.dmp

Filesize
4KB

Download
memory/4348-138-0x00007FF9D7210000-0x00007FF9D7211000-memory.dmp

Filesize
4KB

Download