hxxps://ybp26xifvf6405f63717ba6[.]opticair[.]ru/Deez[.]nuts@timmy[.]com

Analysis

max time kernel
150s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
07/03/2023, 15:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://ybp26xifvf6405f63717ba6.opticair.ru/[email protected]

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133226793740621861"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1128	chrome.exe
1128	chrome.exe
632	chrome.exe
632	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe
Token: SeShutdownPrivilege	1128	chrome.exe
Token: SeCreatePagefilePrivilege	1128	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe
1128	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1128 wrote to memory of 1156	1128	chrome.exe	84
PID 1128 wrote to memory of 1156	1128	chrome.exe	84
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 4788	1128	chrome.exe	85
PID 1128 wrote to memory of 3240	1128	chrome.exe	86
PID 1128 wrote to memory of 3240	1128	chrome.exe	86
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87
PID 1128 wrote to memory of 4652	1128	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://ybp26xifvf6405f63717ba6.opticair.ru/[email protected]
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa27739758,0x7ffa27739768,0x7ffa27739778
  2⤵
  PID:1156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1800 --field-trial-handle=1816,i,5150366789567648969,10105381421045538804,131072 /prefetch:2
  2⤵
  PID:4788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1816,i,5150366789567648969,10105381421045538804,131072 /prefetch:8
  2⤵
  PID:3240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1816,i,5150366789567648969,10105381421045538804,131072 /prefetch:8
  2⤵
  PID:4652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3196 --field-trial-handle=1816,i,5150366789567648969,10105381421045538804,131072 /prefetch:1
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3216 --field-trial-handle=1816,i,5150366789567648969,10105381421045538804,131072 /prefetch:1
  2⤵
  PID:2980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4964 --field-trial-handle=1816,i,5150366789567648969,10105381421045538804,131072 /prefetch:1
  2⤵
  PID:3200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5068 --field-trial-handle=1816,i,5150366789567648969,10105381421045538804,131072 /prefetch:8
  2⤵
  PID:984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5532 --field-trial-handle=1816,i,5150366789567648969,10105381421045538804,131072 /prefetch:8
  2⤵
  PID:4760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5708 --field-trial-handle=1816,i,5150366789567648969,10105381421045538804,131072 /prefetch:8
  2⤵
  PID:2308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2336 --field-trial-handle=1816,i,5150366789567648969,10105381421045538804,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:632

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4464

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
8df058cd780171a7b6d0f9a4b60b76ae

SHA1
20e0c13417606f432e900c25d43bd1def3d34854

SHA256
6b2682de9d11f1a16b9718a9f5eca94023e02055d2ea57b594f87fb8f0118d6f

SHA512
c72aea98e1b2f867e7a199d041ee0852a197b0e7324269e917f1df7ec0b2df8102ecf3c6cd0e1e0850ba7645092290925b3e82d7aa13906fb89ce255c58df488

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
63106570604c994d1b1ed31ffe4e765e

SHA1
c65d34ed2b5ffdd84dc6ce382e134bfbd44c9581

SHA256
ece7ead3443defb1e4276805b101fb2d5829742dce607437f1b9217c8afdee64

SHA512
73b11887507fd11e6148fbbe8a533307b7c42fe6d98a1ea0d8b17bfb6afd0409ae4a4f5db06b03354669da2ea964508b04b46d2035fdc1ac1d1faaac3fac8ac9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c55d391b71f0e877d418757c0e9ef1e6

SHA1
41f9b68014f2c0bdf6093351557bf11efae349e0

SHA256
31e4c581069acfc53569b8ef5f9c6a98ac97ff57115b358140000080562d63f5

SHA512
7830a762be50fabd1ab0aa270601b4f8fb1ac04d022fa8968d4b2d828a5bfed32459b5c3697737186ee5e0c146e17cd76465d1f8078da8284341d309427d0ff4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
3ab71c4f52d80706e8107f549008ddfb

SHA1
50a5e1c6565531b5ecfab71c03b85dbf2967c624

SHA256
1863c53cd7b9cced0b67ab7bc7bb4fbb34bf20970eb670ff94556dfc87b92cd0

SHA512
16626a8bdfce05623f2d92a0774b8a99c12a5bdb8348b06d07478ff268ab9ddcab175b79d96306031de0a2a308082994f6b54223cd462cd56f5906982236ab8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
143KB

MD5
05d62ff579618fdb79f90e68840b6c63

SHA1
24ae4275e99a429f8ba39765e813830bea8b73c8

SHA256
863b45631ca6b3fb35207102b962ea7f010c5bb26a76bc6c515745f5c758ccd1

SHA512
660fe3a2dfc87d7aa8534bac211236fd38025470e9e7a0da22ecbce82f90a415c1f300f10d7388de88a37d0517ed34188530af470b6aa531ef534161c9dc5257

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
memory/632-242-0x000002BF00390000-0x000002BF00391000-memory.dmp

Filesize
4KB

Download
memory/632-241-0x000002BF00390000-0x000002BF00391000-memory.dmp

Filesize
4KB

Download
memory/632-243-0x000002BF00390000-0x000002BF00391000-memory.dmp

Filesize
4KB

Download
memory/632-248-0x000002BF00390000-0x000002BF00391000-memory.dmp

Filesize
4KB

Download
memory/632-247-0x000002BF00390000-0x000002BF00391000-memory.dmp

Filesize
4KB

Download
memory/632-250-0x000002BF00390000-0x000002BF00391000-memory.dmp

Filesize
4KB

Download
memory/632-249-0x000002BF00390000-0x000002BF00391000-memory.dmp

Filesize
4KB

Download
memory/632-252-0x000002BF00390000-0x000002BF00391000-memory.dmp

Filesize
4KB

Download
memory/632-253-0x000002BF00390000-0x000002BF00391000-memory.dmp

Filesize
4KB

Download
memory/632-251-0x000002BF00390000-0x000002BF00391000-memory.dmp

Filesize
4KB

Download
memory/4760-176-0x00007FFA437D0000-0x00007FFA437D1000-memory.dmp

Filesize
4KB

Download
memory/4760-175-0x00007FFA437C0000-0x00007FFA437C1000-memory.dmp

Filesize
4KB

Download
memory/4788-136-0x00007FFA437B0000-0x00007FFA437B1000-memory.dmp

Filesize
4KB

Download