Overview

overview

6

Static

static

3

VisionRO Patcher.exe

windows7-x64

6

VisionRO Patcher.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    14/06/2023, 19:52 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    VisionRO Patcher.exe

  • Size

    4.2MB

  • MD5

    fbdfa78608134420cbb317d78ae77559

  • SHA1

    0d3374a121ca2092b6d79e01d785223084743121

  • SHA256

    4f064bd9f51946198a629ad30029010ac5338f34cb3524d3c1f2ea53d10034a2

  • SHA512

    83ec3cffc7b2b3042e71adfb9d3cfd91c4fceea0210cec6c6c4503a414d7c867e02166bb58de4bbdd85f380aa1fb8ff762770be1d9aabb678c15bc1aa0f9987d

  • SSDEEP

    49152:LY6Me5IyWwCLP1ckpkSN5qor7t4JqjQTcGhH7iTElT0dzAuWiwF8M9sY6v+2HwPZ:06MvtbdcaFBk3TcGQdDWiwF8C6v+P0u1

Score
6/10

Malware Config

Signatures

  • Drops desktop.ini file(s) 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 3 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\VisionRO Patcher.exe
    "C:\Users\Admin\AppData\Local\Temp\VisionRO Patcher.exe"
    1⤵
    • Drops desktop.ini file(s)
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:1048

Network

  • flag-sg
    GET
    http://15.235.166.58/patcher/main.ini
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/main.ini HTTP/1.0
    Host: 15.235.166.58
    Keep-Alive: 300
    Connection: keep-alive
    User-Agent: Thor Patcher
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:53:12 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Thu, 20 Apr 2023 16:22:18 GMT
    ETag: "68d-5f9c6f1c091c8"
    Accept-Ranges: bytes
    Content-Length: 1677
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
  • flag-sg
    GET
    http://15.235.166.58/patcher/plist.txt
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/plist.txt HTTP/1.0
    Host: 15.235.166.58
    Keep-Alive: 300
    Connection: keep-alive
    User-Agent: Thor Patcher
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:53:14 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Sun, 11 Jun 2023 20:31:20 GMT
    ETag: "1cf-5fde07c236c00"
    Accept-Ranges: bytes
    Content-Length: 463
    Vary: Accept-Encoding
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
    Content-Type: text/plain
  • flag-sg
    GET
    http://15.235.166.58/patcher/data/data_042823.thor
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/data/data_042823.thor HTTP/1.0
    Host: 15.235.166.58
    Keep-Alive: 300
    Connection: keep-alive
    User-Agent: Thor Patcher
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:53:15 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Fri, 28 Apr 2023 07:17:53 GMT
    ETag: "203bbd-5fa60458895d8"
    Accept-Ranges: bytes
    Content-Length: 2112445
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
  • flag-sg
    GET
    http://15.235.166.58/patcher/notice.php
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/notice.php HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: 15.235.166.58
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:53:16 GMT
    Server: Apache/2.4.25 (Debian)
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 566
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
    Content-Type: text/html; charset=UTF-8
  • flag-sg
    GET
    http://15.235.166.58/patcher/css/normalize.css
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/css/normalize.css HTTP/1.1
    Accept: */*
    Referer: http://15.235.166.58/patcher/notice.php
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: 15.235.166.58
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:53:17 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Thu, 20 Apr 2023 16:22:20 GMT
    ETag: "180c-5f9c6f1e02f88-gzip"
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 1753
    Keep-Alive: timeout=5, max=99
    Connection: Keep-Alive
    Content-Type: text/css
  • flag-sg
    GET
    http://15.235.166.58/patcher/js/jquery.min.js
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/js/jquery.min.js HTTP/1.1
    Accept: */*
    Referer: http://15.235.166.58/patcher/notice.php
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: 15.235.166.58
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:53:18 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Thu, 20 Apr 2023 16:22:22 GMT
    ETag: "16dc4-5f9c6f1ff40a8-gzip"
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 33430
    Keep-Alive: timeout=5, max=98
    Connection: Keep-Alive
    Content-Type: application/javascript
  • flag-sg
    GET
    http://15.235.166.58/patcher/img/bg.png
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/img/bg.png HTTP/1.1
    Accept: */*
    Referer: http://15.235.166.58/patcher/notice.php
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: 15.235.166.58
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:53:21 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Thu, 20 Apr 2023 16:22:22 GMT
    ETag: "342be-5f9c6f1fc71e8"
    Accept-Ranges: bytes
    Content-Length: 213694
    Keep-Alive: timeout=5, max=97
    Connection: Keep-Alive
    Content-Type: image/png
  • flag-sg
    GET
    http://15.235.166.58/patcher/css/style.css
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/css/style.css HTTP/1.1
    Accept: */*
    Referer: http://15.235.166.58/patcher/notice.php
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: 15.235.166.58
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:53:18 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Thu, 20 Apr 2023 16:22:20 GMT
    ETag: "6a8-5f9c6f1e02f88-gzip"
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 730
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
    Content-Type: text/css
  • flag-sg
    GET
    http://15.235.166.58/img/bg.png
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /img/bg.png HTTP/1.1
    Accept: */*
    Referer: http://15.235.166.58/patcher/notice.php
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: 15.235.166.58
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 14 Jun 2023 19:53:21 GMT
    Server: Apache/2.4.25 (Debian)
    Content-Length: 275
    Keep-Alive: timeout=5, max=99
    Connection: Keep-Alive
    Content-Type: text/html; charset=iso-8859-1
  • flag-sg
    GET
    http://15.235.166.58/patcher/data/sprite_042823.thor
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/data/sprite_042823.thor HTTP/1.0
    Host: 15.235.166.58
    Keep-Alive: 300
    Connection: keep-alive
    User-Agent: Thor Patcher
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:53:18 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Fri, 28 Apr 2023 07:41:07 GMT
    ETag: "1765b3-5fa6098950a77"
    Accept-Ranges: bytes
    Content-Length: 1533363
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
  • flag-sg
    GET
    http://15.235.166.58/patcher/data/secure_042823.thor
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/data/secure_042823.thor HTTP/1.0
    Host: 15.235.166.58
    Keep-Alive: 300
    Connection: keep-alive
    User-Agent: Thor Patcher
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:53:21 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Fri, 28 Apr 2023 07:23:01 GMT
    ETag: "3b14e20-5fa6057e404b3"
    Accept-Ranges: bytes
    Content-Length: 61951520
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
  • flag-sg
    GET
    http://15.235.166.58/patcher/data/desc_042923.thor
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/data/desc_042923.thor HTTP/1.0
    Host: 15.235.166.58
    Keep-Alive: 300
    Connection: keep-alive
    User-Agent: Thor Patcher
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:53:42 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Sat, 29 Apr 2023 10:04:45 GMT
    ETag: "a46a3-5fa76b81a1b8e"
    Accept-Ranges: bytes
    Content-Length: 673443
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
  • flag-sg
    GET
    http://15.235.166.58/patcher/data/sprite_050623.thor
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/data/sprite_050623.thor HTTP/1.0
    Host: 15.235.166.58
    Keep-Alive: 300
    Connection: keep-alive
    User-Agent: Thor Patcher
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:53:45 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Sat, 06 May 2023 05:01:52 GMT
    ETag: "2277e-5faff4dd38bc3"
    Accept-Ranges: bytes
    Content-Length: 141182
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
  • flag-sg
    GET
    http://15.235.166.58/patcher/data/secure_050623.thor
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/data/secure_050623.thor HTTP/1.0
    Host: 15.235.166.58
    Keep-Alive: 300
    Connection: keep-alive
    User-Agent: Thor Patcher
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:53:47 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Sat, 06 May 2023 05:07:10 GMT
    ETag: "3e8c195-5faff60bb8b0a"
    Accept-Ranges: bytes
    Content-Length: 65585557
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
  • flag-sg
    GET
    http://15.235.166.58/patcher/data/desc_050923.thor
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/data/desc_050923.thor HTTP/1.0
    Host: 15.235.166.58
    Keep-Alive: 300
    Connection: keep-alive
    User-Agent: Thor Patcher
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:54:18 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Mon, 08 May 2023 19:58:59 GMT
    ETag: "a8ee5-5fb3411d367e3"
    Accept-Ranges: bytes
    Content-Length: 691941
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
  • flag-sg
    GET
    http://15.235.166.58/patcher/data/card_050923.thor
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/data/card_050923.thor HTTP/1.0
    Host: 15.235.166.58
    Keep-Alive: 300
    Connection: keep-alive
    User-Agent: Thor Patcher
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:54:21 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Mon, 08 May 2023 20:11:14 GMT
    ETag: "9b06-5fb343da66929"
    Accept-Ranges: bytes
    Content-Length: 39686
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
  • flag-sg
    GET
    http://15.235.166.58/patcher/data/map_051323.thor
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/data/map_051323.thor HTTP/1.0
    Host: 15.235.166.58
    Keep-Alive: 300
    Connection: keep-alive
    User-Agent: Thor Patcher
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:54:22 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Fri, 12 May 2023 16:25:29 GMT
    ETag: "1d2323-5fb818daeff86"
    Accept-Ranges: bytes
    Content-Length: 1909539
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
  • flag-sg
    GET
    http://15.235.166.58/patcher/data/gepard_051323.thor
    VisionRO Patcher.exe
    Remote address:
    15.235.166.58:80
    Request
    GET /patcher/data/gepard_051323.thor HTTP/1.0
    Host: 15.235.166.58
    Keep-Alive: 300
    Connection: keep-alive
    User-Agent: Thor Patcher
    Response
    HTTP/1.1 200 OK
    Date: Wed, 14 Jun 2023 19:54:26 GMT
    Server: Apache/2.4.25 (Debian)
    Last-Modified: Fri, 12 May 2023 16:50:11 GMT
    ETag: "1365a065-5fb81e5fc6d76"
    Accept-Ranges: bytes
    Content-Length: 325427301
    Keep-Alive: timeout=5, max=100
    Connection: Keep-Alive
  • 15.235.166.58:80
    http://15.235.166.58/patcher/main.ini
    http
    VisionRO Patcher.exe
    398 B
     2.1kB
     6
    5

    HTTP Request

    GET http://15.235.166.58/patcher/main.ini

    HTTP Response

    200
  • 15.235.166.58:80
    http://15.235.166.58/patcher/plist.txt
    http
    VisionRO Patcher.exe
    353 B
     944 B
     5
    4

    HTTP Request

    GET http://15.235.166.58/patcher/plist.txt

    HTTP Response

    200
  • 15.235.166.58:80
    http://15.235.166.58/patcher/data/data_042823.thor
    http
    VisionRO Patcher.exe
    36.9kB
     2.2MB
     799
    1559

    HTTP Request

    GET http://15.235.166.58/patcher/data/data_042823.thor

    HTTP Response

    200
  • 15.235.166.58:80
    http://15.235.166.58/patcher/img/bg.png
    http
    VisionRO Patcher.exe
    6.7kB
     258.3kB
     111
    190

    HTTP Request

    GET http://15.235.166.58/patcher/notice.php

    HTTP Response

    200

    HTTP Request

    GET http://15.235.166.58/patcher/css/normalize.css

    HTTP Response

    200

    HTTP Request

    GET http://15.235.166.58/patcher/js/jquery.min.js

    HTTP Response

    200

    HTTP Request

    GET http://15.235.166.58/patcher/img/bg.png

    HTTP Response

    200
  • 15.235.166.58:80
    http://15.235.166.58/img/bg.png
    http
    VisionRO Patcher.exe
    1.5kB
     3.4kB
     14
    7

    HTTP Request

    GET http://15.235.166.58/patcher/css/style.css

    HTTP Response

    200

    HTTP Request

    GET http://15.235.166.58/img/bg.png

    HTTP Response

    404
  • 15.235.166.58:80
    http://15.235.166.58/patcher/data/sprite_042823.thor
    http
    VisionRO Patcher.exe
    26.7kB
     1.6MB
     577
    1131

    HTTP Request

    GET http://15.235.166.58/patcher/data/sprite_042823.thor

    HTTP Response

    200
  • 15.235.166.58:80
    http://15.235.166.58/patcher/data/secure_042823.thor
    http
    VisionRO Patcher.exe
    1.2MB
     63.9MB
     25048
    45647

    HTTP Request

    GET http://15.235.166.58/patcher/data/secure_042823.thor

    HTTP Response

    200
  • 15.235.166.58:80
    http://15.235.166.58/patcher/data/desc_042923.thor
    http
    VisionRO Patcher.exe
    12.1kB
     693.7kB
     260
    499

    HTTP Request

    GET http://15.235.166.58/patcher/data/desc_042923.thor

    HTTP Response

    200
  • 15.235.166.58:80
    http://15.235.166.58/patcher/data/sprite_050623.thor
    http
    VisionRO Patcher.exe
    3.0kB
     145.8kB
     62
    108

    HTTP Request

    GET http://15.235.166.58/patcher/data/sprite_050623.thor

    HTTP Response

    200
  • 15.235.166.58:80
    http://15.235.166.58/patcher/data/secure_050623.thor
    http
    VisionRO Patcher.exe
    1.3MB
     67.7MB
     26113
    48351

    HTTP Request

    GET http://15.235.166.58/patcher/data/secure_050623.thor

    HTTP Response

    200
  • 15.235.166.58:80
    http://15.235.166.58/patcher/data/desc_050923.thor
    http
    VisionRO Patcher.exe
    12.5kB
     712.7kB
     269
    512

    HTTP Request

    GET http://15.235.166.58/patcher/data/desc_050923.thor

    HTTP Response

    200
  • 15.235.166.58:80
    http://15.235.166.58/patcher/data/card_050923.thor
    http
    VisionRO Patcher.exe
    1.1kB
     41.3kB
     21
    33

    HTTP Request

    GET http://15.235.166.58/patcher/data/card_050923.thor

    HTTP Response

    200
  • 15.235.166.58:80
    http://15.235.166.58/patcher/data/map_051323.thor
    http
    VisionRO Patcher.exe
    33.7kB
     2.0MB
     730
    1411

    HTTP Request

    GET http://15.235.166.58/patcher/data/map_051323.thor

    HTTP Response

    200
  • 15.235.166.58:80
    http://15.235.166.58/patcher/data/gepard_051323.thor
    http
    VisionRO Patcher.exe
    3.6MB
     188.6MB
     73549
    134696

    HTTP Request

    GET http://15.235.166.58/patcher/data/gepard_051323.thor

    HTTP Response

    200
No results found

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\System\itemInfo_EN.lub
    Filesize

    7.3MB

    MD5

    7a6c94cbfa2505d052272f5734fc7609

    SHA1

    32515012e40790b247748b2cf71729e103692727

    SHA256

    1fddaebeffe2ae870df45f5e431d6622ebb80f72b58eaab79332967a6dd7293f

    SHA512

    ecba63b90a9d1ce83eb189d28e2b56253c095da5efbe9d5c50b81a112d417507b623227e74e95267a076a9b988d0b8d35fc1eb6fcd9f9db6f15b8a75ba1065ff

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\desktop.ini
    Filesize

    114B

    MD5

    5e0f0213dcdfa7239e97f3a420ec90aa

    SHA1

    498c03b2b0da99b123aecf938d3706299a072846

    SHA256

    b397593dfc5b783bfd64b605f7ef6447c69ffd70bb57cc9f90016f01a1ab8fa0

    SHA512

    e61a0ad79d83b38cb243453275e70d60908fc0dae4874299e9d83384c4736286abb5969ab4763fda82e09b8fc9fd01ebde271ff6a5a7d12ef73334b0bbe08552

    Download Submit

  • memory/1048-90-0x0000000000400000-0x0000000000877000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/1048-55-0x0000000003440000-0x0000000003480000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1048-89-0x0000000000400000-0x0000000000877000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/1048-54-0x0000000000240000-0x0000000000241000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1048-119-0x0000000000400000-0x0000000000877000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/1048-120-0x0000000000400000-0x0000000000877000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/1048-121-0x0000000000400000-0x0000000000877000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/1048-136-0x0000000000400000-0x0000000000877000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/1048-71-0x0000000000400000-0x0000000000877000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/1048-88-0x0000000003440000-0x0000000003480000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1048-164-0x0000000000400000-0x0000000000877000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/1048-165-0x0000000000400000-0x0000000000877000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/1048-166-0x0000000000400000-0x0000000000877000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/1048-167-0x0000000000400000-0x0000000000877000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/1048-168-0x0000000000400000-0x0000000000877000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/1048-169-0x0000000000400000-0x0000000000877000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/1048-170-0x0000000000400000-0x0000000000877000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/1048-171-0x0000000000400000-0x0000000000877000-memory.dmp

    Filesize

    4.5MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.