d37c4258d4139407c78d684aed33fe7bd0dd49e8bb51dcb671da224a3d8cc12e

Analysis

max time kernel
119s
max time network
110s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
08/03/2023, 12:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Payment for br-automation.com.html
Size

2KB
MD5

55e1f5ce2ddf04f3a8eb95f181c57715
SHA1

cf8ddba31fe49668bd37ab0b76fb2380c29cfd4f
SHA256

d37c4258d4139407c78d684aed33fe7bd0dd49e8bb51dcb671da224a3d8cc12e
SHA512

bc04df747960468cb58aa5846c29b52001f1a4e10a52fc847d222eaf7543fbfa9c3030df135ea45fb4fcf01e1fbe3edf04b2c445952f1ae089e1bd6658e8caf7

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133227546922897230"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4768	chrome.exe
4768	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe
Token: SeShutdownPrivilege	4768	chrome.exe
Token: SeCreatePagefilePrivilege	4768	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe
4768	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4768 wrote to memory of 404	4768	chrome.exe	86
PID 4768 wrote to memory of 404	4768	chrome.exe	86
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 4444	4768	chrome.exe	87
PID 4768 wrote to memory of 5048	4768	chrome.exe	88
PID 4768 wrote to memory of 5048	4768	chrome.exe	88
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89
PID 4768 wrote to memory of 5104	4768	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" "C:\Users\Admin\AppData\Local\Temp\Payment for br-automation.com.html"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffebac59758,0x7ffebac59768,0x7ffebac59778
  2⤵
  PID:404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 --field-trial-handle=1900,i,851765536193675906,9201592594640242906,131072 /prefetch:2
  2⤵
  PID:4444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1900,i,851765536193675906,9201592594640242906,131072 /prefetch:8
  2⤵
  PID:5048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2260 --field-trial-handle=1900,i,851765536193675906,9201592594640242906,131072 /prefetch:8
  2⤵
  PID:5104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3172 --field-trial-handle=1900,i,851765536193675906,9201592594640242906,131072 /prefetch:1
  2⤵
  PID:4120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3192 --field-trial-handle=1900,i,851765536193675906,9201592594640242906,131072 /prefetch:1
  2⤵
  PID:2128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4972 --field-trial-handle=1900,i,851765536193675906,9201592594640242906,131072 /prefetch:8
  2⤵
  PID:2660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5052 --field-trial-handle=1900,i,851765536193675906,9201592594640242906,131072 /prefetch:8
  2⤵
  PID:844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5168 --field-trial-handle=1900,i,851765536193675906,9201592594640242906,131072 /prefetch:8
  2⤵
  PID:3584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4972 --field-trial-handle=1900,i,851765536193675906,9201592594640242906,131072 /prefetch:8
  2⤵
  PID:2672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4988 --field-trial-handle=1900,i,851765536193675906,9201592594640242906,131072 /prefetch:8
  2⤵
  PID:4284

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1036

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
39171a72926ec6453238806d126a1446

SHA1
9ce287dab2bb8480dbf311842a64681820116673

SHA256
70f15ae5c448aa2bd8abc77782a7c236ed299569c0c1be5216c91f872707b913

SHA512
bf1782610960ce840c55506d879e6d2bcad4c9e459f46b6adc6cdc0e22edf8947afda820e12481b355927d5452b5cf17d36d24b078b1d7d0f81787be6ed262d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2950b22c12ec4625b48c0b388fc698c5

SHA1
deae763f6437dd6f33005357833b566dd12a5893

SHA256
21c9785f6b6bdb628ea370b5a71e6c0b941615b665c1b7e1aec9f8be5dddeff3

SHA512
be05d548ea98382ec98d55308f99f6b87e21364b977d7ea909175cb8bbe69c8431582f07e7384c8b8ccd8a5d40bacca4821b863e51228f05d15a4b158c67ed84

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
37c5518b8f800f117b432e7b57c86baf

SHA1
369f4e469f7818d124e1f3b5858c904b11ee2230

SHA256
c315ede53d8ee7a53cf8d3622a84f5e991bcfd6cd9f573f04d7e8fef262d96c1

SHA512
dd228a956d93c9f52315c4e46278d9ddbb2da5ea0140762bfd6140d97a204460e5ef5cb07f2c7f45908d9475f7fe064f15b612ff3145024e3a580a88ed13f734

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
b0de4ad40a9b1b405a1cae99c16599c8

SHA1
13c31dd1e7109c21e0ecb1a24c1d1db2bc98cc2a

SHA256
de94a5a4df90b83a47c9b02f4d8edd41cce57d95a379e6dab96b762633ce7ed9

SHA512
2593f4f4a2857d6f0816130f3c95911edd64562612cc836c5761a14aae270a386ce53f4cbd97cdb585bc93cdbb088e2f38bfc230470924d460230376b6a00efc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
145KB

MD5
6a1238ca88ff092e695cc4d5fc267d1c

SHA1
5ac8034fd890b23a83e880656c18a9599411a069

SHA256
6a62be8419754ce7fb82bbccab1d0622f95d73cffa7d170525498d024cf6f652

SHA512
d18aedfedf45f94ac25696538c9715a0ff70118b28f375b21de9a0757335947efa5b775c008a3b4d2212d96d8e143667d3293a4bc0becb192e311d8b00f3f3de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
72KB

MD5
0caa9896cea0c1b23a2a2252649cbe57

SHA1
cab0f35822b507b08f5f3964f39649ee8c15052f

SHA256
ca45d15dd613555c68c1733d8e55f5823f20337905c7c23d82b78060b4eeebe0

SHA512
1a641001d1908aea1e06e0276ca8d345d8f783e43efd6509a65225e97cc6cae1203cdfc08419ef0c3a8244ff3ec0e0600b846dceb095646656f5737a5348ff71

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
16b130a8356c9db745b9a880e0c733ac

SHA1
6b46212dcd64aad708e0433131ad6e8bfd1c45a1

SHA256
d53804c9eb851fa316952491c5bde0eb26a22655300edf8b24a3bd400e056f0c

SHA512
ec261e54871ec38417fea96543ba6ddfe0743f150052191aa43aa34b45923b27cc9fc654fa710c84b969fe0a348abcfac8e3d42d46d558556503fc43753a0398

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
145KB

MD5
33d97ded0d085ce13544166a702af2d0

SHA1
7a6b6d2450ad4f750bd9c91fe8eae6d355250071

SHA256
6f67650af816a8fa6baacd1565f3e4ffd549bbc46030d5f26cbf72fac48b961a

SHA512
931d14bea2b9cb241501f8543c2e81cab1b3d35199327a237a19858df90c8664e7bc9a102cda8caeda032b562592a3c0538af232c39abd306d7d883c2ce99f3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
memory/844-163-0x00007FFED7F40000-0x00007FFED7F41000-memory.dmp

Filesize
4KB

Download
memory/844-162-0x00007FFED7E10000-0x00007FFED7E11000-memory.dmp

Filesize
4KB

Download
memory/4444-142-0x00007FFED6D80000-0x00007FFED6D81000-memory.dmp

Filesize
4KB

Download