Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://cdn.discorda...

windows10-2004-x64

1

Analysis

  • max time kernel
    113s
  • max time network
    109s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/08/2023, 14:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://cdn.discordapp.com/attachments/860376196634509322/913307612051804170/Muscle_Memory.mp4

Score
1/10

Malware Config

Signatures

  • Modifies registry class 1 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 28 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://cdn.discordapp.com/attachments/860376196634509322/913307612051804170/Muscle_Memory.mp4
    1⤵
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4852
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbe0bb46f8,0x7ffbe0bb4708,0x7ffbe0bb4718
      2⤵
        PID:1940
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2028,14751394631620729250,2670237486036061437,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2040 /prefetch:2
        2⤵
          PID:2240
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2028,14751394631620729250,2670237486036061437,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2400 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2652
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2028,14751394631620729250,2670237486036061437,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
          2⤵
            PID:4280
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,14751394631620729250,2670237486036061437,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
            2⤵
              PID:4756
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,14751394631620729250,2670237486036061437,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
              2⤵
                PID:2280
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2028,14751394631620729250,2670237486036061437,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5008 /prefetch:8
                2⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:3664
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2028,14751394631620729250,2670237486036061437,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5008 /prefetch:8
                2⤵
                  PID:3236
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,14751394631620729250,2670237486036061437,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
                  2⤵
                    PID:1532
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,14751394631620729250,2670237486036061437,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1
                    2⤵
                      PID:4052
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,14751394631620729250,2670237486036061437,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
                      2⤵
                        PID:2764
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,14751394631620729250,2670237486036061437,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1
                        2⤵
                          PID:3368
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2028,14751394631620729250,2670237486036061437,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5084 /prefetch:8
                          2⤵
                            PID:4584
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,14751394631620729250,2670237486036061437,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1
                            2⤵
                              PID:4460
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2028,14751394631620729250,2670237486036061437,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5868 /prefetch:8
                              2⤵
                              • Suspicious behavior: EnumeratesProcesses
                              PID:3132
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,14751394631620729250,2670237486036061437,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3004 /prefetch:1
                              2⤵
                                PID:448
                              • C:\Program Files\VideoLAN\VLC\vlc.exe
                                "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Downloads\Muscle_Memory.mp4"
                                2⤵
                                • Suspicious behavior: AddClipboardFormatListener
                                • Suspicious behavior: GetForegroundWindowSpam
                                • Suspicious use of AdjustPrivilegeToken
                                • Suspicious use of FindShellTrayWindow
                                • Suspicious use of SendNotifyMessage
                                • Suspicious use of SetWindowsHookEx
                                PID:4692
                            • C:\Windows\System32\CompPkgSrv.exe
                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                              1⤵
                                PID:1416
                              • C:\Windows\System32\CompPkgSrv.exe
                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                1⤵
                                  PID:2208
                                • C:\Windows\system32\AUDIODG.EXE
                                  C:\Windows\system32\AUDIODG.EXE 0x4c0 0x498
                                  1⤵
                                  • Suspicious use of AdjustPrivilegeToken
                                  PID:2256

                                Network

                                MITRE ATT&CK Matrix

                                Replay Monitor

                                Loading Replay Monitor...

                                Downloads

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\33469a43-25df-4dc9-80d8-1917a1babf92.tmp
                                  Filesize

                                  12KB

                                  MD5

                                  8c358f84bed9b39e38070406c6d7834d

                                  SHA1

                                  d7ea35b7bdae9e26929c0c45424bb88e66dd68a4

                                  SHA256

                                  ed8a7358e6cf3e65df03d631fe796d48946907a9b6aa2335129d250a3081077e

                                  SHA512

                                  84b331d9166546fcb6f2392e68998304cc1c3a11825a143f850a65b26a94bcb90f441eb5178917ccd7aa9badd26ff71c88c4161b7a9c60a6d5c19db5bc010b61

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                  Filesize

                                  152B

                                  MD5

                                  3423d7e71b832850019e032730997f69

                                  SHA1

                                  bbc91ba3960fb8f7f2d5a190e6585010675d9061

                                  SHA256

                                  53770e40359b9738d8898520d7e4a57c28498edddbadf76ec4a599837aa0c649

                                  SHA512

                                  03d5fee4152300d6c5e9f72c059955c944c7e6d207e433e9fdd693639e63ea699a01696d7bbf56d2033fd52ad260c9ae36a2c5c888112d81bf7e04a3f273e65d

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                  Filesize

                                  186B

                                  MD5

                                  094ab275342c45551894b7940ae9ad0d

                                  SHA1

                                  2e7ce26fe2eb9be641ae929d0c9cc0dfa26c018e

                                  SHA256

                                  ef1739b833a1048ee1bd55dcbac5b1397396faca1ad771f4d6c2fe58899495a3

                                  SHA512

                                  19d0c688dc1121569247111e45de732b2ab86c71aecdde34b157cfd1b25c53473ed3ade49a97f8cb2ddc4711be78fa26c9330887094e031e9a71bb5c29080b0d

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                  Filesize

                                  111B

                                  MD5

                                  285252a2f6327d41eab203dc2f402c67

                                  SHA1

                                  acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                  SHA256

                                  5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                  SHA512

                                  11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                  Filesize

                                  5KB

                                  MD5

                                  fe7730f93ccafeb116da405ecc11cc5d

                                  SHA1

                                  09169c86cfcfb0457a81fd507c1d4e143267bac5

                                  SHA256

                                  986b0f73dfc2fcb7f96a3fdc4ca463d1f354268b21d5aa6e78de2f39e9f08a67

                                  SHA512

                                  2523207d912673e5c32ad70a32b631a7821ad724fc3679b5a06bc94ebcaa190fc9b546fc9a5a4d8fdca8153c3af6e292258f622f2d21e97320b8995d7eddf9b5

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                  Filesize

                                  5KB

                                  MD5

                                  4da6a895256bfdac91cdaa7589a9fb16

                                  SHA1

                                  acbd14ad0247145d000b52d3e0b8baf9e949f7c6

                                  SHA256

                                  f5671b2d0f9cfa640db081b346a400720384b4304b04d97599a1a187960693cf

                                  SHA512

                                  b97031f9006f296af88cde0240f35aa3da356e32970ab31bdbb15ca0c70158b6523553c0fc0a04fcbb2813da9532287576b3c8dff28866b09783e8ed3b8045b1

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                  Filesize

                                  5KB

                                  MD5

                                  2ae92ad9c2ed2889e888773c712286e7

                                  SHA1

                                  9a7a12ae592b3666af5725b1ba1c6b0d38adc3a3

                                  SHA256

                                  1e78c1eea6302f134c1cbd436d3bdbe2822240381276c043f7c9d0c09718d5be

                                  SHA512

                                  42900ae44e3cadf11642d7d05979af1e76b1ff4a21097858f5dc9c9cdcdab51842fd0a45cc274a93648cabe41d1451b0d9db9fa54f096dabe3f9569c6dc98085

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                  Filesize

                                  24KB

                                  MD5

                                  0e78f9a3ece93ae9434c64ea2bff51dc

                                  SHA1

                                  a0e4c75fe32417fe2df705987df5817326e1b3b9

                                  SHA256

                                  5c8ce4455f2a3e5f36f30e7100f85bdd5e44336a8312278769f89f68b8d60e68

                                  SHA512

                                  9d1686f0b38e3326ad036c8b218b61428204910f586dccf8b62ecbed09190f7664a719a89a6fbc0ecb429aecf5dd0ec06de44be3a1510369e427bde0626fd51d

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                  Filesize

                                  16B

                                  MD5

                                  6752a1d65b201c13b62ea44016eb221f

                                  SHA1

                                  58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                  SHA256

                                  0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                  SHA512

                                  9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                  Download Submit

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                  Filesize

                                  12KB

                                  MD5

                                  d2594aba80bfad88e630188cf163e882

                                  SHA1

                                  408c91066b4ee76253f96e13bd0658f96b535880

                                  SHA256

                                  3f996336a5001afbc7de28f109f0d29217d8b3c3f1e4da724006207771425eec

                                  SHA512

                                  385cc0c93e6a5f965e75f89c07cdbe7293678edf04d8044bb8abb4ce2cc5277a8abfa38f8c404380032b2b3e3f702c5de0d1eeae2c712af669fd07b33b60816b

                                  Download Submit

                                • C:\Users\Admin\Downloads\Muscle_Memory.mp4
                                  Filesize

                                  16.9MB

                                  MD5

                                  cfca5b8e18a78b44d9325f5d8380e6f4

                                  SHA1

                                  caca2692b89ed19e49ad87e52c1a393c6f4f5933

                                  SHA256

                                  9bc3e60d0cc71717c973f7ac9cb2df9444742547a63d60ea3425a1629221b4b1

                                  SHA512

                                  c130226aa917f4a0ebd25e2b4f34e132c2d766867f11b554ed41e65e0483b8c025eb9a70d57f9510a16a350f3d23df8b25528b148fa4b9004312815ad4fe6a77

                                  Download Submit

                                • C:\Users\Admin\Downloads\Muscle_Memory.mp4
                                  Filesize

                                  16.9MB

                                  MD5

                                  cfca5b8e18a78b44d9325f5d8380e6f4

                                  SHA1

                                  caca2692b89ed19e49ad87e52c1a393c6f4f5933

                                  SHA256

                                  9bc3e60d0cc71717c973f7ac9cb2df9444742547a63d60ea3425a1629221b4b1

                                  SHA512

                                  c130226aa917f4a0ebd25e2b4f34e132c2d766867f11b554ed41e65e0483b8c025eb9a70d57f9510a16a350f3d23df8b25528b148fa4b9004312815ad4fe6a77

                                  Download Submit

                                • memory/4692-162-0x00007FFBCDA30000-0x00007FFBCDA7C000-memory.dmp

                                  Filesize

                                  304KB

                                  Download

                                • memory/4692-149-0x00007FFBCDFD0000-0x00007FFBCDFEB000-memory.dmp

                                  Filesize

                                  108KB

                                  Download

                                • memory/4692-140-0x00007FFBCF390000-0x00007FFBCF3A1000-memory.dmp

                                  Filesize

                                  68KB

                                  Download

                                • memory/4692-139-0x00007FFBCF3B0000-0x00007FFBCF3CD000-memory.dmp

                                  Filesize

                                  116KB

                                  Download

                                • memory/4692-138-0x00007FFBCF3D0000-0x00007FFBCF3E1000-memory.dmp

                                  Filesize

                                  68KB

                                  Download

                                • memory/4692-137-0x00007FFBCF3F0000-0x00007FFBCF407000-memory.dmp

                                  Filesize

                                  92KB

                                  Download

                                • memory/4692-136-0x00007FFBCF410000-0x00007FFBCF421000-memory.dmp

                                  Filesize

                                  68KB

                                  Download

                                • memory/4692-135-0x00007FFBD02A0000-0x00007FFBD02B7000-memory.dmp

                                  Filesize

                                  92KB

                                  Download

                                • memory/4692-134-0x00007FFBD2750000-0x00007FFBD2768000-memory.dmp

                                  Filesize

                                  96KB

                                  Download

                                • memory/4692-141-0x00007FFBCE2E0000-0x00007FFBCF38B000-memory.dmp

                                  Filesize

                                  16.7MB

                                  Download

                                • memory/4692-142-0x00007FFBCE0E0000-0x00007FFBCE2E0000-memory.dmp

                                  Filesize

                                  2.0MB

                                  Download

                                • memory/4692-143-0x00007FFBCE0A0000-0x00007FFBCE0DF000-memory.dmp

                                  Filesize

                                  252KB

                                  Download

                                • memory/4692-144-0x00007FFBCE070000-0x00007FFBCE091000-memory.dmp

                                  Filesize

                                  132KB

                                  Download

                                • memory/4692-146-0x00007FFBCE030000-0x00007FFBCE041000-memory.dmp

                                  Filesize

                                  68KB

                                  Download

                                • memory/4692-147-0x00007FFBCE010000-0x00007FFBCE021000-memory.dmp

                                  Filesize

                                  68KB

                                  Download

                                • memory/4692-150-0x00007FFBCDFB0000-0x00007FFBCDFC1000-memory.dmp

                                  Filesize

                                  68KB

                                  Download

                                • memory/4692-151-0x00007FFBCDF90000-0x00007FFBCDFA8000-memory.dmp

                                  Filesize

                                  96KB

                                  Download

                                • memory/4692-153-0x00007FFBCDEF0000-0x00007FFBCDF57000-memory.dmp

                                  Filesize

                                  412KB

                                  Download

                                • memory/4692-155-0x00007FFBCDE60000-0x00007FFBCDE71000-memory.dmp

                                  Filesize

                                  68KB

                                  Download

                                • memory/4692-156-0x00007FFBCDE00000-0x00007FFBCDE56000-memory.dmp

                                  Filesize

                                  344KB

                                  Download

                                • memory/4692-152-0x00007FFBCDF60000-0x00007FFBCDF90000-memory.dmp

                                  Filesize

                                  192KB

                                  Download

                                • memory/4692-158-0x00007FFBCDC60000-0x00007FFBCDC77000-memory.dmp

                                  Filesize

                                  92KB

                                  Download

                                • memory/4692-160-0x00007FFBCDAD0000-0x00007FFBCDAE2000-memory.dmp

                                  Filesize

                                  72KB

                                  Download

                                • memory/4692-159-0x00007FFBCDAF0000-0x00007FFBCDC60000-memory.dmp

                                  Filesize

                                  1.4MB

                                  Download

                                • memory/4692-161-0x00007FFBCDA80000-0x00007FFBCDAC2000-memory.dmp

                                  Filesize

                                  264KB

                                  Download

                                • memory/4692-132-0x00007FFBCF6F0000-0x00007FFBCF724000-memory.dmp

                                  Filesize

                                  208KB

                                  Download

                                • memory/4692-164-0x00007FFBCD860000-0x00007FFBCD8B7000-memory.dmp

                                  Filesize

                                  348KB

                                  Download

                                • memory/4692-165-0x00007FFBCD610000-0x00007FFBCD85B000-memory.dmp

                                  Filesize

                                  2.3MB

                                  Download

                                • memory/4692-163-0x00007FFBCD8C0000-0x00007FFBCDA2B000-memory.dmp

                                  Filesize

                                  1.4MB

                                  Download

                                • memory/4692-157-0x00007FFBCDC80000-0x00007FFBCDDF8000-memory.dmp

                                  Filesize

                                  1.5MB

                                  Download

                                • memory/4692-154-0x00007FFBCDE80000-0x00007FFBCDEEF000-memory.dmp

                                  Filesize

                                  444KB

                                  Download

                                • memory/4692-133-0x00007FFBCF430000-0x00007FFBCF6E4000-memory.dmp

                                  Filesize

                                  2.7MB

                                  Download

                                • memory/4692-148-0x00007FFBCDFF0000-0x00007FFBCE001000-memory.dmp

                                  Filesize

                                  68KB

                                  Download

                                • memory/4692-145-0x00007FFBCE050000-0x00007FFBCE068000-memory.dmp

                                  Filesize

                                  96KB

                                  Download

                                • memory/4692-166-0x00007FFBB6F80000-0x00007FFBB8730000-memory.dmp

                                  Filesize

                                  23.7MB

                                  Download

                                • memory/4692-167-0x00007FFBE0EA0000-0x00007FFBE0EB0000-memory.dmp

                                  Filesize

                                  64KB

                                  Download

                                • memory/4692-168-0x00007FFBCD5E0000-0x00007FFBCD60F000-memory.dmp

                                  Filesize

                                  188KB

                                  Download

                                • memory/4692-169-0x00007FFBCD5C0000-0x00007FFBCD5D1000-memory.dmp

                                  Filesize

                                  68KB

                                  Download

                                • memory/4692-170-0x00007FFBCD5A0000-0x00007FFBCD5B6000-memory.dmp

                                  Filesize

                                  88KB

                                  Download

                                • memory/4692-172-0x00007FFBCD450000-0x00007FFBCD4C5000-memory.dmp

                                  Filesize

                                  468KB

                                  Download

                                • memory/4692-173-0x00007FFBCD3E0000-0x00007FFBCD442000-memory.dmp

                                  Filesize

                                  392KB

                                  Download

                                • memory/4692-176-0x00007FFBCD330000-0x00007FFBCD344000-memory.dmp

                                  Filesize

                                  80KB

                                  Download

                                • memory/4692-175-0x00007FFBCD350000-0x00007FFBCD363000-memory.dmp

                                  Filesize

                                  76KB

                                  Download

                                • memory/4692-178-0x00007FFBCD2C0000-0x00007FFBCD2D5000-memory.dmp

                                  Filesize

                                  84KB

                                  Download

                                • memory/4692-179-0x00007FFBCD0A0000-0x00007FFBCD2BD000-memory.dmp

                                  Filesize

                                  2.1MB

                                  Download

                                • memory/4692-177-0x00007FFBCD2E0000-0x00007FFBCD330000-memory.dmp

                                  Filesize

                                  320KB

                                  Download

                                • memory/4692-182-0x00007FFBCCB30000-0x00007FFBCCB43000-memory.dmp

                                  Filesize

                                  76KB

                                  Download

                                • memory/4692-181-0x00007FFBCCB50000-0x00007FFBCCB73000-memory.dmp

                                  Filesize

                                  140KB

                                  Download

                                • memory/4692-183-0x00007FFBCCA30000-0x00007FFBCCB24000-memory.dmp

                                  Filesize

                                  976KB

                                  Download

                                • memory/4692-185-0x00007FFBCC280000-0x00007FFBCC293000-memory.dmp

                                  Filesize

                                  76KB

                                  Download

                                • memory/4692-186-0x00007FFBCC260000-0x00007FFBCC27B000-memory.dmp

                                  Filesize

                                  108KB

                                  Download

                                • memory/4692-187-0x00007FFBCC240000-0x00007FFBCC252000-memory.dmp

                                  Filesize

                                  72KB

                                  Download

                                • memory/4692-189-0x00007FFBCC1A0000-0x00007FFBCC1B3000-memory.dmp

                                  Filesize

                                  76KB

                                  Download

                                • memory/4692-192-0x00007FFBCC080000-0x00007FFBCC095000-memory.dmp

                                  Filesize

                                  84KB

                                  Download

                                • memory/4692-194-0x00007FFBCC040000-0x00007FFBCC051000-memory.dmp

                                  Filesize

                                  68KB

                                  Download

                                • memory/4692-193-0x00007FFBCC060000-0x00007FFBCC075000-memory.dmp

                                  Filesize

                                  84KB

                                  Download

                                • memory/4692-191-0x00007FFBCC0F0000-0x00007FFBCC102000-memory.dmp

                                  Filesize

                                  72KB

                                  Download

                                • memory/4692-190-0x00007FFBCC180000-0x00007FFBCC194000-memory.dmp

                                  Filesize

                                  80KB

                                  Download

                                • memory/4692-188-0x00007FFBCC1C0000-0x00007FFBCC1D5000-memory.dmp

                                  Filesize

                                  84KB

                                  Download

                                • memory/4692-184-0x00007FFBCCA00000-0x00007FFBCCA2A000-memory.dmp

                                  Filesize

                                  168KB

                                  Download

                                • memory/4692-180-0x00007FFBCCB80000-0x00007FFBCCB95000-memory.dmp

                                  Filesize

                                  84KB

                                  Download

                                • memory/4692-174-0x00007FFBCD370000-0x00007FFBCD3DD000-memory.dmp

                                  Filesize

                                  436KB

                                  Download

                                • memory/4692-171-0x00007FFBCD4D0000-0x00007FFBCD595000-memory.dmp

                                  Filesize

                                  788KB

                                  Download

                                • memory/4692-131-0x00007FF6D4510000-0x00007FF6D4608000-memory.dmp

                                  Filesize

                                  992KB

                                  Download