hxxps://google[.]com

max time kernel
17s
max time network
133s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
23/08/2023, 10:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://google.com

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
532	chrome.exe
532	chrome.exe

Suspicious use of AdjustPrivilegeToken 32 IoCs

description	pid	Process
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe
Token: SeShutdownPrivilege	532	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe
532	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 532 wrote to memory of 1700	532	chrome.exe	28
PID 532 wrote to memory of 1700	532	chrome.exe	28
PID 532 wrote to memory of 1700	532	chrome.exe	28
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 3020	532	chrome.exe	30
PID 532 wrote to memory of 2244	532	chrome.exe	31
PID 532 wrote to memory of 2244	532	chrome.exe	31
PID 532 wrote to memory of 2244	532	chrome.exe	31
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32
PID 532 wrote to memory of 2708	532	chrome.exe	32

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://google.com
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7389758,0x7fef7389768,0x7fef7389778
  2⤵
  PID:1700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1152 --field-trial-handle=1376,i,13807800364463579226,9743426586860245512,131072 /prefetch:2
  2⤵
  PID:3020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1528 --field-trial-handle=1376,i,13807800364463579226,9743426586860245512,131072 /prefetch:8
  2⤵
  PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1608 --field-trial-handle=1376,i,13807800364463579226,9743426586860245512,131072 /prefetch:8
  2⤵
  PID:2708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2292 --field-trial-handle=1376,i,13807800364463579226,9743426586860245512,131072 /prefetch:1
  2⤵
  PID:2776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2308 --field-trial-handle=1376,i,13807800364463579226,9743426586860245512,131072 /prefetch:1
  2⤵
  PID:1244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3184 --field-trial-handle=1376,i,13807800364463579226,9743426586860245512,131072 /prefetch:1
  2⤵
  PID:1992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1416 --field-trial-handle=1376,i,13807800364463579226,9743426586860245512,131072 /prefetch:2
  2⤵
  PID:1736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3556 --field-trial-handle=1376,i,13807800364463579226,9743426586860245512,131072 /prefetch:8
  2⤵
  PID:1424

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2252

C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe
"C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe"
1⤵
PID:3020

C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe
"C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe"
1⤵
PID:1896

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
ff934f07c90e8a28a8213bdb96e37ded

SHA1
2a84889778cc4d1f80a47d3ad28cd84d095a917b

SHA256
8fb4147495f118adf3f8d7276909ab56c761314957246fcf47fe26b0ae88eb6b

SHA512
f4af427f985d9c0411b6719d4fcd50085b9f18aa3a0b2d83af6f3f3f87c6cdda18521f2fcdebf401587d148d158743917bb7969e3582719620769808acf35344

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
ffc618376b1bd2f976d851857aa12990

SHA1
4e811587934db753aeb41fb25704257f0c4705b9

SHA256
5a5d9c291a81c72b2a930d703dcc526d66d67d8c20dd99ac892b7eaf72930a5c

SHA512
46481941889bda28f144ee7cca7cc156b86ccbd3ecfe8017a8ee16fca355bc21c2f3220ffe79540da21927c198d3103f3faa7c8f50b08d2e705b43108a590762

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
55c4346089d9a114e4c6dc982b7c1eb8

SHA1
3637d8847037ed866e13c8e37a522e212dd3fc04

SHA256
4a8ff3def9bdf477821ce3afa10599d89b23c2660a3a7295fe91b68185b038a8

SHA512
03e737d442f0da645be27896e55dff16b44de5c05139223caaf13050ad370d4c275582a40f5b2fb4e20a38d0ceee045c7096b1325b54c425bda035d159669777

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
55f5d42dda561e4ee9619b8fb21042f8

SHA1
178cc83385a9a413c74a24193388d4dd5c436864

SHA256
ffb5ec92272a596126e2c976832443feee9bdd203e01928db86a7fd0a5b71ad2

SHA512
d92eb1320d4d41305ff424a1cf8cf2409e23b16d3b079cbcb9611244d05e62aaeea4dc21426e709e033078947978c754491bae06d7891b0312e4398ee87bfb32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft Games\Purble Place\ComfyCakesScoresAndSettings.xml

Filesize
12KB

MD5
ab9c8d94233550dd82c3090c247df0d8

SHA1
384cc6b46daf073cc69677052a19bcedff8cb54f

SHA256
ef29359acb44029c4eb8fcc788bf40f1c9f4ed3d3d3d5ed380385f035932a50d

SHA512
c1ba1407da6521025a10ad5d5a497561284e0a915dd14e2af50aa4c72cf546753b2d53b54a7e7cd0b0213ab127eebdd941abcee7583121d4eb8a2cf6b2464b8c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft Games\Purble Place\PurblePlaceSettings.xml

Filesize
8KB

MD5
931eca380819be3d823ff45f04681475

SHA1
1ef271e4e7a77aee95cad050fc34ecf967b8b0d4

SHA256
316198b5bce70bda834d4a8c1d63368b6b56269d9e43c838ecc2e6a6f6fcc8ac

SHA512
dcccc00f34804855652d9c7a3a7d1b3399583b0bdd8dc9a011cdd2dee7896fb515f2ea56006c478f94002e00a272368c52639126577a3aa1027355d503759a30

Download Submit
C:\Users\Admin\AppData\Local\Microsoft Games\Purble Place\windowprefs.xml

Filesize
520B

MD5
98926db843d5ed93f1cc6f0f014fcc5b

SHA1
469947281dc44e96f30b49777d9cdbe2998f10dd

SHA256
6f526a2e107b6bcb87347d03ea9178178a9a8d6473b8dabd73018b52a725ad6a

SHA512
7d8c0ff1f4cac321840b984c7addabf34e6730441bdca294af9cdc0ba5d9f02d3469c2dea208676b4a98569bc04e4659c974fd688a37ec1922a1b56289acb4eb

Download Submit
C:\Users\Admin\Saved Games\Microsoft Games\Purble Place\Comfy Cakes.ComfyCakesSave-ms

Filesize
12KB

MD5
53886def9548e96fb9dc87a15c5e62af

SHA1
b8964ac39047c55bfaf26211ddd966b14daf8c1c

SHA256
0a60cf57dea02850b2cecf2c8a321e5b71cb5115eec6a37cf8624827eeb2ba19

SHA512
b05b3992fbd4775cc39148d323d7498d7348be0b48ba6d555b320a508a43d83413bfb9fb19f5360fd7e1c63b3cd2da2bca389c8684b8a12e7806a8132246387d

Download Submit
C:\Users\Admin\Saved Games\Microsoft Games\Purble Place\Comfy Cakes.ComfyCakesSave-ms

Filesize
12KB

MD5
53886def9548e96fb9dc87a15c5e62af

SHA1
b8964ac39047c55bfaf26211ddd966b14daf8c1c

SHA256
0a60cf57dea02850b2cecf2c8a321e5b71cb5115eec6a37cf8624827eeb2ba19

SHA512
b05b3992fbd4775cc39148d323d7498d7348be0b48ba6d555b320a508a43d83413bfb9fb19f5360fd7e1c63b3cd2da2bca389c8684b8a12e7806a8132246387d

Download Submit
C:\Users\Admin\Saved Games\Microsoft Games\Purble Place\desktop.ini

Filesize
94B

MD5
5fee8c846e9b919705407a20885194ab

SHA1
a1aa27e0366ae24c0c5f3a92bb38817615437080

SHA256
ea27260dffe170fc8c7987da31e3b5536795a9e30c76a2e6d4047db474a9617d

SHA512
e39ea9473731e201caef09ac448cc333ac7377df6deec1781b54e7d51af41a7e5717725db56088cb2adbe0c647eea2bba91e8a95ad77eaa8d6446c7aea890c11

Download Submit
memory/1896-196-0x0000000001DD0000-0x0000000001DDA000-memory.dmp

Filesize
40KB

Download
memory/1896-205-0x0000000001C90000-0x0000000001C9A000-memory.dmp

Filesize
40KB

Download
memory/1896-217-0x000007FEF3EB0000-0x000007FEF3FE1000-memory.dmp

Filesize
1.2MB

Download
memory/1896-210-0x000007FEF3EB0000-0x000007FEF3FE1000-memory.dmp

Filesize
1.2MB

Download
memory/1896-209-0x0000000001DD0000-0x0000000001DDA000-memory.dmp

Filesize
40KB

Download
memory/1896-208-0x0000000001DD0000-0x0000000001DDA000-memory.dmp

Filesize
40KB

Download
memory/1896-201-0x0000000001C80000-0x0000000001C81000-memory.dmp

Filesize
4KB

Download
memory/1896-202-0x0000000001C90000-0x0000000001C9A000-memory.dmp

Filesize
40KB

Download
memory/1896-204-0x0000000001C90000-0x0000000001C9A000-memory.dmp

Filesize
40KB

Download
memory/1896-203-0x0000000001C90000-0x0000000001C9A000-memory.dmp

Filesize
40KB

Download
memory/1896-195-0x0000000001DD0000-0x0000000001DDA000-memory.dmp

Filesize
40KB

Download
memory/1896-194-0x0000000001C90000-0x0000000001C9A000-memory.dmp

Filesize
40KB

Download
memory/1896-193-0x0000000001C90000-0x0000000001C9A000-memory.dmp

Filesize
40KB

Download
memory/1896-192-0x0000000001C90000-0x0000000001C9A000-memory.dmp

Filesize
40KB

Download
memory/1896-191-0x0000000001C90000-0x0000000001C9A000-memory.dmp

Filesize
40KB

Download
memory/1896-188-0x0000000001C80000-0x0000000001C81000-memory.dmp

Filesize
4KB

Download
memory/1896-189-0x0000000001C90000-0x0000000001C9A000-memory.dmp

Filesize
40KB

Download
memory/1896-190-0x0000000001C90000-0x0000000001C9A000-memory.dmp

Filesize
40KB

Download
memory/3020-149-0x000007FEF3C60000-0x000007FEF3D91000-memory.dmp

Filesize
1.2MB

Download
memory/3020-137-0x0000000001D00000-0x0000000001D01000-memory.dmp

Filesize
4KB

Download
memory/3020-132-0x0000000001E50000-0x0000000001E5A000-memory.dmp

Filesize
40KB

Download
memory/3020-144-0x0000000001E50000-0x0000000001E5A000-memory.dmp

Filesize
40KB

Download
memory/3020-128-0x0000000001D40000-0x0000000001D4A000-memory.dmp

Filesize
40KB

Download
memory/3020-152-0x000007FEF3C60000-0x000007FEF3D91000-memory.dmp

Filesize
1.2MB

Download
memory/3020-126-0x0000000001D40000-0x0000000001D4A000-memory.dmp

Filesize
40KB

Download
memory/3020-127-0x0000000001D40000-0x0000000001D4A000-memory.dmp

Filesize
40KB

Download
memory/3020-130-0x0000000001E50000-0x0000000001E5A000-memory.dmp

Filesize
40KB

Download
memory/3020-129-0x0000000001E50000-0x0000000001E5A000-memory.dmp

Filesize
40KB

Download
memory/3020-131-0x0000000001E50000-0x0000000001E5A000-memory.dmp

Filesize
40KB

Download
memory/3020-146-0x0000000001E50000-0x0000000001E5A000-memory.dmp

Filesize
40KB

Download
memory/3020-147-0x0000000001E50000-0x0000000001E5A000-memory.dmp

Filesize
40KB

Download
memory/3020-125-0x0000000001D40000-0x0000000001D4A000-memory.dmp

Filesize
40KB

Download
memory/3020-145-0x0000000001E50000-0x0000000001E5A000-memory.dmp

Filesize
40KB

Download
memory/3020-140-0x0000000001D40000-0x0000000001D4A000-memory.dmp

Filesize
40KB

Download
memory/3020-139-0x0000000001D40000-0x0000000001D4A000-memory.dmp

Filesize
40KB

Download
memory/3020-124-0x0000000001D00000-0x0000000001D01000-memory.dmp

Filesize
4KB

Download
memory/3020-138-0x0000000001D40000-0x0000000001D4A000-memory.dmp

Filesize
40KB

Download