Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://pixeldrain.c...

windows10-2004-x64

10

Analysis

  • max time kernel
    47s
  • max time network
    87s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-05-2023 17:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://pixeldrain.com/u/nNz5zRSr

Score
10/10
eternitystealer

Malware Config

Signatures

  • Detects Eternity stealer 11 IoCs
    stealer
  • Eternity

    Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

    eternity
  • Executes dropped EXE 2 IoCs
  • Program crash 3 IoCs
  • Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SetWindowsHookEx 30 IoCs
  • Suspicious use of WriteProcessMemory 10 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence
  • Uses Volume Shadow Copy WMI provider

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://pixeldrain.com/u/nNz5zRSr
    1⤵
    • Modifies Internet Explorer Phishing Filter
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3752
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3752 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3944
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3892
    • C:\Program Files\7-Zip\7zFM.exe
      "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Eternity.rar"
      2⤵
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of WriteProcessMemory
      PID:5072
      • C:\Users\Admin\AppData\Local\Temp\7zO0D3E4837\Eternity.exe
        "C:\Users\Admin\AppData\Local\Temp\7zO0D3E4837\Eternity.exe"
        3⤵
        • Executes dropped EXE
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of WriteProcessMemory
        PID:3512
        • C:\Users\Admin\AppData\Local\Temp\dcd.exe
          "C:\Users\Admin\AppData\Local\Temp\dcd.exe" -path=""
          4⤵
          • Executes dropped EXE
          PID:2884
        • C:\Windows\system32\WerFault.exe
          C:\Windows\system32\WerFault.exe -u -p 3512 -s 1952
          4⤵
          • Program crash
          PID:2160
      • C:\Users\Admin\AppData\Local\Temp\7zO0D3FF8C7\Eternity.exe
        "C:\Users\Admin\AppData\Local\Temp\7zO0D3FF8C7\Eternity.exe"
        3⤵
          PID:2676
          • C:\Users\Admin\AppData\Local\Temp\dcd.exe
            "C:\Users\Admin\AppData\Local\Temp\dcd.exe" -path=""
            4⤵
              PID:3648
            • C:\Windows\system32\WerFault.exe
              C:\Windows\system32\WerFault.exe -u -p 2676 -s 1900
              4⤵
              • Program crash
              PID:4024
          • C:\Users\Admin\AppData\Local\Temp\7zO0D3512E7\Eternity.exe
            "C:\Users\Admin\AppData\Local\Temp\7zO0D3512E7\Eternity.exe"
            3⤵
              PID:4784
              • C:\Users\Admin\AppData\Local\Temp\dcd.exe
                "C:\Users\Admin\AppData\Local\Temp\dcd.exe" -path=""
                4⤵
                  PID:2168
                • C:\Windows\system32\WerFault.exe
                  C:\Windows\system32\WerFault.exe -u -p 4784 -s 1956
                  4⤵
                  • Program crash
                  PID:1944
          • C:\Windows\system32\WerFault.exe
            C:\Windows\system32\WerFault.exe -pss -s 460 -p 3512 -ip 3512
            1⤵
              PID:3340
            • C:\Windows\system32\WerFault.exe
              C:\Windows\system32\WerFault.exe -pss -s 480 -p 2676 -ip 2676
              1⤵
                PID:2444
              • C:\Windows\system32\WerFault.exe
                C:\Windows\system32\WerFault.exe -pss -s 532 -p 4784 -ip 4784
                1⤵
                  PID:1780

                Network

                MITRE ATT&CK Enterprise v6

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
                  Filesize

                  471B

                  MD5

                  c8acc7ebd0274710ad136e9ebbf77b30

                  SHA1

                  d99222d014b6694013aca886e37094c480120566

                  SHA256

                  5faffea9fd8c3fd5cccb9acb4fc3dcda1b50e9f69e382acb3e07c893918a53d5

                  SHA512

                  8f030769ed0daa410468084783ec029e4a26697b8c684c18d270c459b84ca9b2359511540e37db2b35561893d72c314d273af066b623cbb3b49e7cd28ce2ecee

                  Download Submit

                • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
                  Filesize

                  434B

                  MD5

                  f3a1d4b6ff7627ba207dcbf54b46b7b0

                  SHA1

                  f85351a569ed9e7b78eed8bffa944f80d697958e

                  SHA256

                  f110be3ffa5ea2870fd35d6804d3358f6d2b18747867c2143eb8b3dc73c9c033

                  SHA512

                  1420dd153fdac0f1aa071cec38814a8df07b817f3ef36df2cb2549226d034bc8573de98d04a9749b1e9dfc789b8852417da4d89074f607cca0d1cfe31d59ee5b

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\q7s3h6i\imagestore.dat
                  Filesize

                  1KB

                  MD5

                  50e6cbde4ec6b31721214b661576d0fa

                  SHA1

                  d1abb38a1ea3d692be394cb0243bc659af0647b8

                  SHA256

                  e84544693d996554870fb6e5277a2982a63b8e7b69b3f9937758d9259f0f3e85

                  SHA512

                  5a22353be9a194e2d9d60ea8d2683263181c6408b9f081dff26b74d8ecb78e8dfd19afd918b69a4d842b30058434339684408f72664772e12d3a2f7c0fec3215

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
                  Filesize

                  28KB

                  MD5

                  192779cda057187b7efcea4fd0374914

                  SHA1

                  a60602248c5a67dec946a83d83acbf7277167e01

                  SHA256

                  822bf00da7f57e4f40a0aac9aaf3c249bef40d39bc8fa6695532da1c9d18ed03

                  SHA512

                  87183d97b3959ce2798f45096c33187ac619d72270d86907cc9a11ad97a89ac6c295d818b267c388eff913e36807e0a5b5cd247db9117f94a2f3a11b9c111122

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
                  Filesize

                  28KB

                  MD5

                  192779cda057187b7efcea4fd0374914

                  SHA1

                  a60602248c5a67dec946a83d83acbf7277167e01

                  SHA256

                  822bf00da7f57e4f40a0aac9aaf3c249bef40d39bc8fa6695532da1c9d18ed03

                  SHA512

                  87183d97b3959ce2798f45096c33187ac619d72270d86907cc9a11ad97a89ac6c295d818b267c388eff913e36807e0a5b5cd247db9117f94a2f3a11b9c111122

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0BMP3ERH\Eternity[1].rar
                  Filesize

                  526KB

                  MD5

                  763838789e63681b46fceb8f01f5515c

                  SHA1

                  2186d68551b76d765099d3ba02d492430ecf6cdc

                  SHA256

                  a63e61e1d52cb2d1476b9daf46c217ca743d6668aafbe62873f9dde77924d0ee

                  SHA512

                  ee6c8d84cc2208d3c0c742268127a675348137c720923c6a1a9207a0e5580f81826997f3422809f8ad90d2671921c2afdda640502e1a2684172ec4ca7197c3c6

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0BMP3ERH\suggestions[1].en-US
                  Filesize

                  17KB

                  MD5

                  5a34cb996293fde2cb7a4ac89587393a

                  SHA1

                  3c96c993500690d1a77873cd62bc639b3a10653f

                  SHA256

                  c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

                  SHA512

                  e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\0BMP3ERH\theme[1].css
                  Filesize

                  2KB

                  MD5

                  b7db1fee30a0c7c9fe810163caac52bc

                  SHA1

                  8177d29fb1cb7c1a1caff6fb7ea77b41ba2ab8cf

                  SHA256

                  c41ef6486d6bd5e90ef66fce11b89a0c312cc81ade80093ca4519cb30bc48456

                  SHA512

                  12704a9a29c04d7bf968abb621b61f012ba146b01e27e0d163b4173b826d378017d6f400f46c49d18def3f44e79dc850f85df325d4fabb19918e2332dbb71072

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\V6GB5GU8\layout[1].css
                  Filesize

                  13KB

                  MD5

                  cd0d637a8961831d10aa7fc49bcfa507

                  SHA1

                  96e0a949718d42085edce6a5f8948298a2226ea4

                  SHA256

                  7343607aeeb6d2eedeea5d0c60cb49c4369ce08c5cd43bc36d984a7bd8d5c1a0

                  SHA512

                  20ce98c43dbdac58f74f530baf1dad5bceb6148232b83541b80a2b65455cafe1fed2f4cc8d2d0824a590864d0532267c5ff13ff4afe33c9072d6ace179327084

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\V6GB5GU8\pixeldrain_32[1].png
                  Filesize

                  1KB

                  MD5

                  c12563aae9ed51b8d876ea939e41e3e3

                  SHA1

                  d48f4c7e6ab60d83729e756208a8ff390357d6ff

                  SHA256

                  74687b1cbd9ea90486306538a02ed5d32749d9b889d3327f4c53a803777fff49

                  SHA512

                  52e4d7f4f599dcdc17ccbd6178ac4a708ba1ddb01c5d20a4e801c02b29eb7858d48857f47a1dbfffbb7c04b78b596fadf4fb210219435e57332ecb8f524e2687

                  Download Submit

                • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\Y624AVVJ\plausible[1].js
                  Filesize

                  1KB

                  MD5

                  8210a7fad4cf5a22ec34f49fd6cfa0a4

                  SHA1

                  46cae8011201b868af95b9d91a76839a2ac51a18

                  SHA256

                  ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c

                  SHA512

                  2c9edbb4ecbcf22ed614b3707c4b8c30f6f6b23700b48df3ac23f3b3a029d6f28f51def075a918f596812a61a49a479bbd26326acef472133531fd5e1e919f17

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\7zO0D3512E7\Eternity.exe
                  Filesize

                  894KB

                  MD5

                  4ad5be8df04cccacdce2e2b831ced605

                  SHA1

                  4b2550e9d417c5087ecf905e75453802958f793e

                  SHA256

                  9bb36572e3776058b18428d777ef645256463521dea900c79471ddf8c995fdab

                  SHA512

                  3427cc1dfadda6c1a886b719c609a6c3488d4b39031e5d0ac21de15d8af4c702a9de4ee8fea8a9f8762d9fb599321308543707e3ea08df77165f834606855bcf

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\7zO0D3512E7\Eternity.exe
                  Filesize

                  894KB

                  MD5

                  4ad5be8df04cccacdce2e2b831ced605

                  SHA1

                  4b2550e9d417c5087ecf905e75453802958f793e

                  SHA256

                  9bb36572e3776058b18428d777ef645256463521dea900c79471ddf8c995fdab

                  SHA512

                  3427cc1dfadda6c1a886b719c609a6c3488d4b39031e5d0ac21de15d8af4c702a9de4ee8fea8a9f8762d9fb599321308543707e3ea08df77165f834606855bcf

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\7zO0D3E4837\Eternity.exe
                  Filesize

                  894KB

                  MD5

                  4ad5be8df04cccacdce2e2b831ced605

                  SHA1

                  4b2550e9d417c5087ecf905e75453802958f793e

                  SHA256

                  9bb36572e3776058b18428d777ef645256463521dea900c79471ddf8c995fdab

                  SHA512

                  3427cc1dfadda6c1a886b719c609a6c3488d4b39031e5d0ac21de15d8af4c702a9de4ee8fea8a9f8762d9fb599321308543707e3ea08df77165f834606855bcf

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\7zO0D3E4837\Eternity.exe
                  Filesize

                  894KB

                  MD5

                  4ad5be8df04cccacdce2e2b831ced605

                  SHA1

                  4b2550e9d417c5087ecf905e75453802958f793e

                  SHA256

                  9bb36572e3776058b18428d777ef645256463521dea900c79471ddf8c995fdab

                  SHA512

                  3427cc1dfadda6c1a886b719c609a6c3488d4b39031e5d0ac21de15d8af4c702a9de4ee8fea8a9f8762d9fb599321308543707e3ea08df77165f834606855bcf

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\7zO0D3E4837\Eternity.exe
                  Filesize

                  894KB

                  MD5

                  4ad5be8df04cccacdce2e2b831ced605

                  SHA1

                  4b2550e9d417c5087ecf905e75453802958f793e

                  SHA256

                  9bb36572e3776058b18428d777ef645256463521dea900c79471ddf8c995fdab

                  SHA512

                  3427cc1dfadda6c1a886b719c609a6c3488d4b39031e5d0ac21de15d8af4c702a9de4ee8fea8a9f8762d9fb599321308543707e3ea08df77165f834606855bcf

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\7zO0D3FF8C7\Eternity.exe
                  Filesize

                  894KB

                  MD5

                  4ad5be8df04cccacdce2e2b831ced605

                  SHA1

                  4b2550e9d417c5087ecf905e75453802958f793e

                  SHA256

                  9bb36572e3776058b18428d777ef645256463521dea900c79471ddf8c995fdab

                  SHA512

                  3427cc1dfadda6c1a886b719c609a6c3488d4b39031e5d0ac21de15d8af4c702a9de4ee8fea8a9f8762d9fb599321308543707e3ea08df77165f834606855bcf

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\7zO0D3FF8C7\Eternity.exe
                  Filesize

                  894KB

                  MD5

                  4ad5be8df04cccacdce2e2b831ced605

                  SHA1

                  4b2550e9d417c5087ecf905e75453802958f793e

                  SHA256

                  9bb36572e3776058b18428d777ef645256463521dea900c79471ddf8c995fdab

                  SHA512

                  3427cc1dfadda6c1a886b719c609a6c3488d4b39031e5d0ac21de15d8af4c702a9de4ee8fea8a9f8762d9fb599321308543707e3ea08df77165f834606855bcf

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\dcd.exe
                  Filesize

                  227KB

                  MD5

                  b5ac46e446cead89892628f30a253a06

                  SHA1

                  f4ad1044a7f77a1b02155c3a355a1bb4177076ca

                  SHA256

                  def7afcb65126c4b04a7cbf08c693f357a707aa99858cac09a8d5e65f3177669

                  SHA512

                  bcabbac6f75c1d41364406db457c62f5135a78f763f6db08c1626f485c64db4d9ba3b3c8bc0b5508d917e445fd220ffa66ebc35221bd06560446c109818e8e87

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\dcd.exe
                  Filesize

                  227KB

                  MD5

                  b5ac46e446cead89892628f30a253a06

                  SHA1

                  f4ad1044a7f77a1b02155c3a355a1bb4177076ca

                  SHA256

                  def7afcb65126c4b04a7cbf08c693f357a707aa99858cac09a8d5e65f3177669

                  SHA512

                  bcabbac6f75c1d41364406db457c62f5135a78f763f6db08c1626f485c64db4d9ba3b3c8bc0b5508d917e445fd220ffa66ebc35221bd06560446c109818e8e87

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\dcd.exe
                  Filesize

                  227KB

                  MD5

                  b5ac46e446cead89892628f30a253a06

                  SHA1

                  f4ad1044a7f77a1b02155c3a355a1bb4177076ca

                  SHA256

                  def7afcb65126c4b04a7cbf08c693f357a707aa99858cac09a8d5e65f3177669

                  SHA512

                  bcabbac6f75c1d41364406db457c62f5135a78f763f6db08c1626f485c64db4d9ba3b3c8bc0b5508d917e445fd220ffa66ebc35221bd06560446c109818e8e87

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\dcd.exe
                  Filesize

                  227KB

                  MD5

                  b5ac46e446cead89892628f30a253a06

                  SHA1

                  f4ad1044a7f77a1b02155c3a355a1bb4177076ca

                  SHA256

                  def7afcb65126c4b04a7cbf08c693f357a707aa99858cac09a8d5e65f3177669

                  SHA512

                  bcabbac6f75c1d41364406db457c62f5135a78f763f6db08c1626f485c64db4d9ba3b3c8bc0b5508d917e445fd220ffa66ebc35221bd06560446c109818e8e87

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\dcd.exe
                  Filesize

                  227KB

                  MD5

                  b5ac46e446cead89892628f30a253a06

                  SHA1

                  f4ad1044a7f77a1b02155c3a355a1bb4177076ca

                  SHA256

                  def7afcb65126c4b04a7cbf08c693f357a707aa99858cac09a8d5e65f3177669

                  SHA512

                  bcabbac6f75c1d41364406db457c62f5135a78f763f6db08c1626f485c64db4d9ba3b3c8bc0b5508d917e445fd220ffa66ebc35221bd06560446c109818e8e87

                  Download Submit

                • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Eternity.exe
                  Filesize

                  894KB

                  MD5

                  4ad5be8df04cccacdce2e2b831ced605

                  SHA1

                  4b2550e9d417c5087ecf905e75453802958f793e

                  SHA256

                  9bb36572e3776058b18428d777ef645256463521dea900c79471ddf8c995fdab

                  SHA512

                  3427cc1dfadda6c1a886b719c609a6c3488d4b39031e5d0ac21de15d8af4c702a9de4ee8fea8a9f8762d9fb599321308543707e3ea08df77165f834606855bcf

                  Download Submit

                • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Eternity.exe
                  Filesize

                  894KB

                  MD5

                  4ad5be8df04cccacdce2e2b831ced605

                  SHA1

                  4b2550e9d417c5087ecf905e75453802958f793e

                  SHA256

                  9bb36572e3776058b18428d777ef645256463521dea900c79471ddf8c995fdab

                  SHA512

                  3427cc1dfadda6c1a886b719c609a6c3488d4b39031e5d0ac21de15d8af4c702a9de4ee8fea8a9f8762d9fb599321308543707e3ea08df77165f834606855bcf

                  Download Submit

                • C:\Users\Admin\Downloads\Eternity.rar.g7irw62.partial
                  Filesize

                  526KB

                  MD5

                  763838789e63681b46fceb8f01f5515c

                  SHA1

                  2186d68551b76d765099d3ba02d492430ecf6cdc

                  SHA256

                  a63e61e1d52cb2d1476b9daf46c217ca743d6668aafbe62873f9dde77924d0ee

                  SHA512

                  ee6c8d84cc2208d3c0c742268127a675348137c720923c6a1a9207a0e5580f81826997f3422809f8ad90d2671921c2afdda640502e1a2684172ec4ca7197c3c6

                  Download Submit

                • memory/2676-226-0x000000001B710000-0x000000001B720000-memory.dmp

                  Filesize

                  64KB

                  Download

                • memory/2676-229-0x000000001B710000-0x000000001B720000-memory.dmp

                  Filesize

                  64KB

                  Download

                • memory/2676-228-0x000000001B710000-0x000000001B720000-memory.dmp

                  Filesize

                  64KB

                  Download

                • memory/3512-211-0x000000001BCD0000-0x000000001BCE0000-memory.dmp

                  Filesize

                  64KB

                  Download

                • memory/3512-210-0x000000001BCD0000-0x000000001BCE0000-memory.dmp

                  Filesize

                  64KB

                  Download

                • memory/3512-203-0x000000001BB80000-0x000000001BBD0000-memory.dmp

                  Filesize

                  320KB

                  Download

                • memory/3512-202-0x0000000000FA0000-0x0000000001086000-memory.dmp

                  Filesize

                  920KB

                  Download

                • memory/3512-209-0x000000001BCD0000-0x000000001BCE0000-memory.dmp

                  Filesize

                  64KB

                  Download

                • memory/3512-208-0x00000000016E0000-0x00000000016E1000-memory.dmp

                  Filesize

                  4KB

                  Download

                • memory/4784-252-0x000000001B730000-0x000000001B740000-memory.dmp

                  Filesize

                  64KB

                  Download

                • memory/4784-253-0x000000001B730000-0x000000001B740000-memory.dmp

                  Filesize

                  64KB

                  Download

                • memory/4784-254-0x000000001B730000-0x000000001B740000-memory.dmp

                  Filesize

                  64KB

                  Download