Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

1

URLScan

urlscan

1

http://ed53ec.zbrjts...

windows10-1703-x64

4

Analysis

  • max time kernel
    69s
  • max time network
    73s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-en
  • resource tags

    arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
  • submitted
    17/03/2023, 05:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://ed53ec.zbrjtstrclnm.com

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 5 IoCs
  • Modifies Internet Explorer settings 1 TTPs 3 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious behavior: MapViewOfSection 6 IoCs
  • Suspicious use of AdjustPrivilegeToken 11 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 35 IoCs

Processes

  • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    powershell start shell:Appsfolder\Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge http://ed53ec.zbrjtstrclnm.com
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2460
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
    1⤵
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:3700
  • C:\Windows\system32\browser_broker.exe
    C:\Windows\system32\browser_broker.exe -Embedding
    1⤵
    • Modifies Internet Explorer settings
    PID:1236
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Suspicious behavior: MapViewOfSection
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4420
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    PID:4716
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    PID:2252
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:4648
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    PID:68
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Modifies registry class
    PID:4804

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
    Filesize

    4KB

    MD5

    f7dcb24540769805e5bb30d193944dce

    SHA1

    e26c583c562293356794937d9e2e6155d15449ee

    SHA256

    6b88c6ac55bbd6fea0ebe5a760d1ad2cfce251c59d0151a1400701cb927e36ea

    SHA512

    cb5ad678b0ef642bf492f32079fe77e8be20c02de267f04b545df346b25f3e4eb98bb568c4c2c483bb88f7d1826863cb515b570d620766e52476c8ee2931ea94

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\BMT3HFX2\edgecompatviewlist[1].xml
    Filesize

    74KB

    MD5

    d4fc49dc14f63895d997fa4940f24378

    SHA1

    3efb1437a7c5e46034147cbbc8db017c69d02c31

    SHA256

    853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

    SHA512

    cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VPKXL0JW\sitenav-v2.ed405a82[1].css
    Filesize

    168B

    MD5

    b7b2c617e2f9296b69ea8c5922c592b7

    SHA1

    dedf05f13e26e80c7a5881cb8114d52b947f24f1

    SHA256

    a0c48e9ef8014577c35a79e768d710977644f6cbc4c19bea39c2ddb2a68bd075

    SHA512

    394b4b97f340ccd624229844b729dac6e89c37eed874d7e9fc7bca15e5d69a6e409665bd3eafc1f91e26eef744bee01618eeb8cc4223b4f253ec3dc0cd7d24ca

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\6OVDSC7C\www.volvocars[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\QKJX0HXZ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\UYNIH9CN\favicon-16x16.v2[1].png
    Filesize

    262B

    MD5

    c90866d816fff478f7ac79c2c533149e

    SHA1

    da8ba7ee3c6a322ceae515e6700738130f16f020

    SHA256

    0fb218a37ccb85b59c3a13e68d8bbb81b89bd0dd1297b982f16b6f4eb399488a

    SHA512

    6b45195c7eb61fd1afafe2e81fcbc3d705afae7596248318715945c6c0c32720ce7348495be684725f2863cde326f2958636e4fb5ac317a63cd71dee9d071c9d

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Microsoft\Windows\3720402701\2219095117.pri
    Filesize

    207KB

    MD5

    e2b88765ee31470114e866d939a8f2c6

    SHA1

    e0a53b8511186ff308a0507b6304fb16cabd4e1f

    SHA256

    523e419d2fa2e780239812d36caa37e92f8c3e6a5cd9f18f0d807c593effa45e

    SHA512

    462e8e6b4e63fc6781b6a9935b332a1dc77bfb88e1de49134f86fd46bd1598d2e842902dd9415a328e325bd7cdee766bd9473f2695acdfa769ffe7ba9ae1953d

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\PQ6IU2T0\caf[1].js
    Filesize

    144KB

    MD5

    bbfeb7b899d24b225a019663aff46bb1

    SHA1

    3ce58822cca61601b2c8ef93bdc0ab030eed346a

    SHA256

    7203c2e619c731040f060f9f907f5fe653daa3cc2870a6d738ba564e77e96cdb

    SHA512

    e0266f52df4b6b5159f4fea1803d54b6f32752f1d4929166e36fd35b663b3915d611ff4ac293c267575895b5829413ef5f82a9fc0b3bde343ba40ed4d65ec360

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Q083IP1K\arrows[1].png
    Filesize

    11KB

    MD5

    0cb2e5165dc9324eb462199f04e1ffa9

    SHA1

    9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8

    SHA256

    67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

    SHA512

    7a285c4a87b9f9093b7ba720d8fe08e0ad7e2ebde9ef8c8d11b70afa08245af8f8a7281c7b3fbe8bad21c3afde4f32634d3bd416822892aa47ba82c12f4b8191

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VPKXL0JW\caf[1].js
    Filesize

    144KB

    MD5

    c630e83e4eaa33dbef6d5427861a9e35

    SHA1

    dec32a4c453a5679d2d0aaef79d63f61e33d5731

    SHA256

    0893358c30d1a9af8147bd339826fe8439f80f28a8ef0eb601e63b8051b9a5e5

    SHA512

    f0941036d65d21f6bd63f8e3f3906b75437b8a378da6b078cc43ff930fff0b7ec07dba24de5cf82c2077658aa19827d311524a859625e2a015793573f684cb7a

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
    Filesize

    717B

    MD5

    ec8ff3b1ded0246437b1472c69dd1811

    SHA1

    d813e874c2524e3a7da6c466c67854ad16800326

    SHA256

    e634c2d1ed20e0638c95597adf4c9d392ebab932d3353f18af1e4421f4bb9cab

    SHA512

    e967b804cbf2d6da30a532cbc62557d09bd236807790040c6bee5584a482dc09d724fc1d9ac0de6aa5b4e8b1fff72c8ab3206222cc2c95a91035754ac1257552

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    d90bf322b323841f3307dc2a314f50cc

    SHA1

    66733a18ab8a97c3e531eaf239cf9dd28c91f8b5

    SHA256

    74640b30659f00aa9905e9f05c2c0951158bf6f43aaf24ab08dfd11033dc4e1f

    SHA512

    160d7edc04b577578b447806016d2531698f4eb6f39ab13ced17261f742c287bdbe273d642c1d6c51ad297ea7900d322266c71f9746952080cf13279e846cae5

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\A7F4A6293960281444499D6325261CA9
    Filesize

    503B

    MD5

    5876a623812a3671b54475e05e361a27

    SHA1

    d912ef7508ad7e86aa87cff5f27e44152a1ae5b4

    SHA256

    d27b2a8ad9042ff8f0a1e578091c8f810089f103604cdce79f51b7ba84e760e5

    SHA512

    8bb6424bae06049a6671d8281a09bf7772e315d37d21437ec16beeb6441b89978466ec543d0f48926dc5449022443298a718a47c2b79856f6bd60596d61f8ea1

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    724B

    MD5

    f569e1d183b84e8078dc456192127536

    SHA1

    30c537463eed902925300dd07a87d820a713753f

    SHA256

    287bc80237497eb8681dbf136a56cc3870dd5bd12d48051525a280ae62aab413

    SHA512

    49553b65a8e3fc0bf98c1bc02bae5b22188618d8edf8e88e4e25932105796956ae8301c63c487e0afe368ea39a4a2af07935a808f5fb53287ef9287bc73e1012

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\F2DDCD2B5F37625B82E81F4976CEE400_724DFBA1CAEDEE0611D7EB4AB3BE904A
    Filesize

    471B

    MD5

    7e35a37363796a7d892702c070d88c62

    SHA1

    8a15a894f7f1c391cf199d49a90346b1992c44b1

    SHA256

    9d818bbfaa2b4e9b0f994cc014294f51003de23c743d9bf5dde86f9dcc102126

    SHA512

    f02f5a7d6cab7b2b6e405ae4ca62a866bb4ebb13deed532009bd0b484dd1260a1412fd12147c90d0f0f840230d26d43d8f47f5450b67cefee2c613807edb1eef

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    Filesize

    192B

    MD5

    3ea14df6d9d901e5585e5980b95d73a4

    SHA1

    d43f9c732f182fd754da517d0352b84f278a467d

    SHA256

    a44ca689b4b79677336f63ba73d7125fb470c9cc1b6f972193019ce0c054c34b

    SHA512

    740c9531016b7c6a813759e84d75df8a510c9140ec69d4fc070c3fcff97095be83c95573f0279c187fb01639832b606f1bb6f424cd411314ba335e14e5831e62

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    b1ee4026696396f74c901689ffb6b419

    SHA1

    b4025a9004bb205392fd5122856a0e4afa85c072

    SHA256

    d4f2d5fe55575bf5d1ad27571bddb088e3a76aaa792f0fc99ba9ec624246f57f

    SHA512

    faaf3a48fb3bcb8d598fa6a702e0eb65088a6d3312e916ad935ab16364a59716fcd7e8fbad82dd4dd23e6e2bb7008f9353699cd2c8e1be352b5d31a11be2a99f

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\A7F4A6293960281444499D6325261CA9
    Filesize

    548B

    MD5

    fa8774edce659ed26f142589c694fcd4

    SHA1

    fde98f22c08f072617a2638a692b92124712a1ae

    SHA256

    bf8fc9d6688c96150e743d6906562620782689ccfed9794dd0f565e188126ec0

    SHA512

    c038979462e8fdd70d2c55d8f03beb3be668eda5dd3ad7fec91e6309ad3974241a9838a08df60fbf45f6fc786ebef0f181c1e55c92245c75c36ec696a76ba922

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    392B

    MD5

    8babe8c97d1e995cc211befe98d4324a

    SHA1

    610767f0b2b6ed4f7c5b02b75afacc8de4b1164e

    SHA256

    e8082dd041efc67bf9a98bee5258351d29b5b5d46eedef7707c079a708ce6ffa

    SHA512

    8b7a53ab1c6aba17b8e915a7da00b624fe3e321d457d6c8f762c2a28bd32e1e6dad89e79ef38ce782dbde03db9c5dae4169ba5bab8d272fa265bfbc91c5f27e1

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\F2DDCD2B5F37625B82E81F4976CEE400_724DFBA1CAEDEE0611D7EB4AB3BE904A
    Filesize

    406B

    MD5

    591a8258ff1df65159c842327372201f

    SHA1

    8d22813d1ca042b732209487ab46386806643eb0

    SHA256

    3f6d450d4cadbd33d0f7711c5df5d7364ecad62beb80e495a711b9db90744939

    SHA512

    7e7b694f7c54da213447eb906dba0087e3f0adab14b614ea04156fadd819a63220698d197717918589ec80362c97fbfd4edeb195e0ccde8464ff0b86d4a7466f

    Download Submit

  • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\Windows\3720402701\2219095117.pri
    Filesize

    207KB

    MD5

    e2b88765ee31470114e866d939a8f2c6

    SHA1

    e0a53b8511186ff308a0507b6304fb16cabd4e1f

    SHA256

    523e419d2fa2e780239812d36caa37e92f8c3e6a5cd9f18f0d807c593effa45e

    SHA512

    462e8e6b4e63fc6781b6a9935b332a1dc77bfb88e1de49134f86fd46bd1598d2e842902dd9415a328e325bd7cdee766bd9473f2695acdfa769ffe7ba9ae1953d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_cixm0d4o.pvr.ps1
    Filesize

    1B

    MD5

    c4ca4238a0b923820dcc509a6f75849b

    SHA1

    356a192b7913b04c54574d18c28d46e6395428ab

    SHA256

    6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

    SHA512

    4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a

    Download Submit

  • memory/2460-142-0x0000024E84B40000-0x0000024E84B50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2460-143-0x0000024E84B40000-0x0000024E84B50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2460-129-0x0000024E9DC10000-0x0000024E9DC86000-memory.dmp

    Filesize

    472KB

    Download

  • memory/2460-126-0x0000024E9D050000-0x0000024E9D072000-memory.dmp

    Filesize

    136KB

    Download

  • memory/3700-160-0x00000263AA220000-0x00000263AA230000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3700-159-0x00007FFC92F63000-0x00007FFC92F64000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3700-311-0x00000263B0750000-0x00000263B0751000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3700-178-0x00000263AA800000-0x00000263AA810000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3700-313-0x00000263B0760000-0x00000263B0761000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3700-199-0x00000263AA690000-0x00000263AA692000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3700-201-0x00000263AED70000-0x00000263AED72000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3700-197-0x00000263A94F0000-0x00000263A94F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3700-202-0x00000263AEDD0000-0x00000263AEDD2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4648-458-0x000002014B180000-0x000002014B182000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4648-460-0x000002014B190000-0x000002014B192000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4648-351-0x000002014AE90000-0x000002014AEB0000-memory.dmp

    Filesize

    128KB

    Download

  • memory/4648-405-0x000002014AD70000-0x000002014AE70000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/4716-217-0x0000019D06830000-0x0000019D06832000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4716-318-0x0000019D19310000-0x0000019D19312000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4716-316-0x0000019D192F0000-0x0000019D192F2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4716-310-0x0000019D185E0000-0x0000019D185E2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4716-314-0x0000019D18DF0000-0x0000019D18DF2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4716-269-0x0000019D174A0000-0x0000019D174C0000-memory.dmp

    Filesize

    128KB

    Download

  • memory/4716-256-0x0000019D178E0000-0x0000019D178E2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4716-251-0x0000019D06CC0000-0x0000019D06DC0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/4716-250-0x0000019D17000000-0x0000019D17100000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/4716-241-0x0000019D16ED0000-0x0000019D16EF0000-memory.dmp

    Filesize

    128KB

    Download

  • memory/4716-222-0x0000019D06880000-0x0000019D06882000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4716-220-0x0000019D06860000-0x0000019D06862000-memory.dmp

    Filesize

    8KB

    Download