a7c997ba3c3e91c048f80f96f08754948428f6d3fe4001bab79c4ae09d06c5e0

Analysis

max time kernel
162s
max time network
180s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
12/10/2023, 12:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

LegacyLauncher_Installer_legacy.exe
Size

112.3MB
MD5

53eea8664d54198e1989301b12f795da
SHA1

00bddca8bba387a76d6f18fc942859acf9ff5a60
SHA256

a7c997ba3c3e91c048f80f96f08754948428f6d3fe4001bab79c4ae09d06c5e0
SHA512

e05bd2e369b19b818f715a14ceb2c35b2f8409e5524d347d3093ef82667675bf719af17ab77412156aa62748aa17572d622b163bb6d187d917282f49e56ff831
SSDEEP

3145728:kNS0yY1k/bQS8yJQZI3XeKBPKi2O3hE4AGzUVeQgnFV:koqcQ+3XHD2OxEfPQQgnFV

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 3 IoCs

pid	Process
3804	LegacyLauncher_Installer_legacy.tmp
2320	TL.exe
2076	javaw.exe

Loads dropped DLL 8 IoCs

pid	Process
2076	javaw.exe
2076	javaw.exe
2076	javaw.exe
2076	javaw.exe
2076	javaw.exe
2076	javaw.exe
2076	javaw.exe
2076	javaw.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	javaw.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	javaw.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3804	LegacyLauncher_Installer_legacy.tmp
3804	LegacyLauncher_Installer_legacy.tmp

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
3804	LegacyLauncher_Installer_legacy.tmp

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 3532 wrote to memory of 3804	3532	LegacyLauncher_Installer_legacy.exe	92
PID 3532 wrote to memory of 3804	3532	LegacyLauncher_Installer_legacy.exe	92
PID 3532 wrote to memory of 3804	3532	LegacyLauncher_Installer_legacy.exe	92
PID 3804 wrote to memory of 2320	3804	LegacyLauncher_Installer_legacy.tmp	105
PID 3804 wrote to memory of 2320	3804	LegacyLauncher_Installer_legacy.tmp	105
PID 3804 wrote to memory of 2320	3804	LegacyLauncher_Installer_legacy.tmp	105
PID 2320 wrote to memory of 2076	2320	TL.exe	106
PID 2320 wrote to memory of 2076	2320	TL.exe	106

C:\Users\Admin\AppData\Local\Temp\LegacyLauncher_Installer_legacy.exe
"C:\Users\Admin\AppData\Local\Temp\LegacyLauncher_Installer_legacy.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3532
- C:\Users\Admin\AppData\Local\Temp\is-2GV6P.tmp\LegacyLauncher_Installer_legacy.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-2GV6P.tmp\LegacyLauncher_Installer_legacy.tmp" /SL5="$402FE,115841256,1202688,C:\Users\Admin\AppData\Local\Temp\LegacyLauncher_Installer_legacy.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:3804
- - C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\TL.exe
    "C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\TL.exe"
    3⤵
    - Executes dropped EXE
    - Suspicious use of WriteProcessMemory
    PID:2320
  - - C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\javaw.exe
      "C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\javaw.exe" -Xmx128m -Dtlauncher.bootstrap.restartExec=TL.exe -jar "C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\launcher\bootstrap.jar"
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Checks processor information in registry
      PID:2076

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\is-2GV6P.tmp\LegacyLauncher_Installer_legacy.tmp

Filesize
3.4MB

MD5
07b96c2d1823a0a548832c1062799d85

SHA1
65a35826b0e6d93700256fd8a4710cc039bd7b8d

SHA256
c5ba29e4c82fca9adfcd3a6b60b3bf786abe7178928f80cb60eca3564e35b3de

SHA512
abf2ba63976bd6622f3a1cda816c8f2267b59c079d6092ff60e7f52be893a993e3b457a174092c74056628e9694fa9efc8d823d14b4d658a9eb59c622d992f65

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-2GV6P.tmp\LegacyLauncher_Installer_legacy.tmp

Filesize
3.4MB

MD5
07b96c2d1823a0a548832c1062799d85

SHA1
65a35826b0e6d93700256fd8a4710cc039bd7b8d

SHA256
c5ba29e4c82fca9adfcd3a6b60b3bf786abe7178928f80cb60eca3564e35b3de

SHA512
abf2ba63976bd6622f3a1cda816c8f2267b59c079d6092ff60e7f52be893a993e3b457a174092c74056628e9694fa9efc8d823d14b4d658a9eb59c622d992f65

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\TL.exe

Filesize
399KB

MD5
96c64d11cf26ebd227ad754b62d480ae

SHA1
cb40090b892c34feb8ceb995a0d0b90ecfe54acf

SHA256
2b11f487e853e952dc677071202cbe25d6800ccaf3f93a3232c5eed715a1c033

SHA512
0be0c2b657ba8814112a9ea075e1ec6c6a0fb965c7308ba24e40b98ec90e9e60afbe09328c0f6c3aa27b54762bf880dfec4aee5f20d24c3b644288e0be311d5f

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\TL.exe

Filesize
399KB

MD5
96c64d11cf26ebd227ad754b62d480ae

SHA1
cb40090b892c34feb8ceb995a0d0b90ecfe54acf

SHA256
2b11f487e853e952dc677071202cbe25d6800ccaf3f93a3232c5eed715a1c033

SHA512
0be0c2b657ba8814112a9ea075e1ec6c6a0fb965c7308ba24e40b98ec90e9e60afbe09328c0f6c3aa27b54762bf880dfec4aee5f20d24c3b644288e0be311d5f

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\TL.exe

Filesize
399KB

MD5
96c64d11cf26ebd227ad754b62d480ae

SHA1
cb40090b892c34feb8ceb995a0d0b90ecfe54acf

SHA256
2b11f487e853e952dc677071202cbe25d6800ccaf3f93a3232c5eed715a1c033

SHA512
0be0c2b657ba8814112a9ea075e1ec6c6a0fb965c7308ba24e40b98ec90e9e60afbe09328c0f6c3aa27b54762bf880dfec4aee5f20d24c3b644288e0be311d5f

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\VCRUNTIME140.dll

Filesize
94KB

MD5
a87575e7cf8967e481241f13940ee4f7

SHA1
879098b8a353a39e16c79e6479195d43ce98629e

SHA256
ded5adaa94341e6c62aea03845762591666381dca30eb7c17261dd154121b83e

SHA512
e112f267ae4c9a592d0dd2a19b50187eb13e25f23ded74c2e6ccde458bcdaee99f4e3e0a00baf0e3362167ae7b7fe4f96ecbcd265cc584c1c3a4d1ac316e92f0

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\java.dll

Filesize
140KB

MD5
0fe24d48daeb2dbd44c5971545ff4387

SHA1
e43792d276ba212ad84cfbef6d6b5405fc4b76c0

SHA256
86b0f15814202f36fbcb4d220bb37445aec6c03d5473744ab4f567670c142adb

SHA512
e9fd5c87832063a040acc77043d88fae198b7d1d664142144b24954305b2191051bcdca1bd0ad067dc80ef3c9b4cb45f2fc9be1a2c4087407ce883c8c9fd96ca

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\java.dll

Filesize
140KB

MD5
0fe24d48daeb2dbd44c5971545ff4387

SHA1
e43792d276ba212ad84cfbef6d6b5405fc4b76c0

SHA256
86b0f15814202f36fbcb4d220bb37445aec6c03d5473744ab4f567670c142adb

SHA512
e9fd5c87832063a040acc77043d88fae198b7d1d664142144b24954305b2191051bcdca1bd0ad067dc80ef3c9b4cb45f2fc9be1a2c4087407ce883c8c9fd96ca

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\javaw.exe

Filesize
46KB

MD5
d5b6b6976511114000dfaea05c8a9c8a

SHA1
122df7bfbc5b058242e0c18fee9d9bc6489d512c

SHA256
3850d4f443b2a97014a1dcb94db893f0b3396201a8573aa4c4b967ff61528ac6

SHA512
cebaee71e2813670534c18a8363a127c6f8ca759b86262d3e69f6d2ee180ed0fc34bfcde63bf1fd3e91088f09c5950cac22be4cb5d875f2901a7b323ebe2f739

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\javaw.exe

Filesize
46KB

MD5
d5b6b6976511114000dfaea05c8a9c8a

SHA1
122df7bfbc5b058242e0c18fee9d9bc6489d512c

SHA256
3850d4f443b2a97014a1dcb94db893f0b3396201a8573aa4c4b967ff61528ac6

SHA512
cebaee71e2813670534c18a8363a127c6f8ca759b86262d3e69f6d2ee180ed0fc34bfcde63bf1fd3e91088f09c5950cac22be4cb5d875f2901a7b323ebe2f739

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\jimage.dll

Filesize
30KB

MD5
36eaca4b8c0e14921e79a47f91f3a3b3

SHA1
ffdf367e09a2d365de26527b53bf04758b7bfd76

SHA256
8e8903cc2231f28e682df62ec7623fabfa6a2112bcd14cee6f79e6924239b75f

SHA512
32d20959585aea57554f74baa36ea0dd54d47aa9f055cea39182267d70034d99a2d7aa3e8935dcdb2ea32c6b03c0485132404cd9717593e16f7a0ae5b7bda748

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\jimage.dll

Filesize
30KB

MD5
36eaca4b8c0e14921e79a47f91f3a3b3

SHA1
ffdf367e09a2d365de26527b53bf04758b7bfd76

SHA256
8e8903cc2231f28e682df62ec7623fabfa6a2112bcd14cee6f79e6924239b75f

SHA512
32d20959585aea57554f74baa36ea0dd54d47aa9f055cea39182267d70034d99a2d7aa3e8935dcdb2ea32c6b03c0485132404cd9717593e16f7a0ae5b7bda748

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\jli.dll

Filesize
83KB

MD5
e9c6f790d97a491dc6dba58605d0a48f

SHA1
8d39cf612880ab33b4c247997649e12035783c2f

SHA256
d6eae7c72044fdd83eea7ae2c36dfa163b6093df19e360f980980334b14ff934

SHA512
a47c38871f08d47ac4b0e59f8a01dc9865dc730afceb66337f046a28a0e90c34700cffe00dc85be2294713fb507d3d89ab0142797beb490b6394575cde1b2091

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\jli.dll

Filesize
83KB

MD5
e9c6f790d97a491dc6dba58605d0a48f

SHA1
8d39cf612880ab33b4c247997649e12035783c2f

SHA256
d6eae7c72044fdd83eea7ae2c36dfa163b6093df19e360f980980334b14ff934

SHA512
a47c38871f08d47ac4b0e59f8a01dc9865dc730afceb66337f046a28a0e90c34700cffe00dc85be2294713fb507d3d89ab0142797beb490b6394575cde1b2091

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\jsvml.dll

Filesize
847KB

MD5
4eda79660a4a3b38c23dfd5e123c2e76

SHA1
14815b9257142b19530e9a170f6b86e9d7830a01

SHA256
4d08e64796f7b0ecc270952a8bd356c285d0e3645809de5e68e3857a6506ee41

SHA512
04803dfdaea74b891f21bb302e7a126e536eb9f036a6e0ac21a6e3f247bac6e2351e3392f81022e2c19735bb5fb65d2fc0c83800790284fea70ea00687007321

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\jsvml.dll

Filesize
847KB

MD5
4eda79660a4a3b38c23dfd5e123c2e76

SHA1
14815b9257142b19530e9a170f6b86e9d7830a01

SHA256
4d08e64796f7b0ecc270952a8bd356c285d0e3645809de5e68e3857a6506ee41

SHA512
04803dfdaea74b891f21bb302e7a126e536eb9f036a6e0ac21a6e3f247bac6e2351e3392f81022e2c19735bb5fb65d2fc0c83800790284fea70ea00687007321

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\msvcp140.dll

Filesize
552KB

MD5
cb75d6437418afe1a7b52acf75730ff1

SHA1
54c2da9552671b161cc87eb50fbdb86319b00f56

SHA256
7c4ce9d6bfcd6d9db4eef4e75ecdcf5a8e5320106e80f1eca617439fa43f33e8

SHA512
f58abb740a30467e2d8aedd7eed357da020fdc7d966e245890d102a52e96fea296e122c1d2bc112423fc64b6f5e70b7df3f3eb7de1bf5c2f5f0eb3644f1e06d6

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\msvcp140.dll

Filesize
552KB

MD5
cb75d6437418afe1a7b52acf75730ff1

SHA1
54c2da9552671b161cc87eb50fbdb86319b00f56

SHA256
7c4ce9d6bfcd6d9db4eef4e75ecdcf5a8e5320106e80f1eca617439fa43f33e8

SHA512
f58abb740a30467e2d8aedd7eed357da020fdc7d966e245890d102a52e96fea296e122c1d2bc112423fc64b6f5e70b7df3f3eb7de1bf5c2f5f0eb3644f1e06d6

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\server\classes.jsa

Filesize
6.1MB

MD5
13955903b64b9d55e9aedfa70c4dc1f9

SHA1
0561458803f0eb3afb9e983a5bb60a8cbda49d4f

SHA256
3fcf8b4cb838cd671958205b4e11d75e1d909ec05fbde667c052915b9f15c1cd

SHA512
cd22cf81ead4ef9685efab3b07f39d95d02ccc1a89b86055c18f36538e4890ed3014c4ba3b060de2aeb004ac9bb0875512e5f2294526432b47edd1c16d4de752

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\server\jvm.dll

Filesize
4.9MB

MD5
3dd51f3dd34c1ef5cc54f6a6c83d71e9

SHA1
76282d68683c8c1a31c909d9d608cf3b83207db3

SHA256
6df9a08a3db582455e208c306e884cae28816a8e05e393835af3478125446711

SHA512
43b5c8dadd9f276103c7557dd3d2c676d00aab6c30b9473f6f85e7fe8e95e277408faae8b4b7c38a3b7c430d79729bc1efdd749b12f3fd85955d2f39e69b3ace

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\server\jvm.dll

Filesize
5.8MB

MD5
4917134ed95b141af0b8c4313d9ad421

SHA1
d3fa1fa7f3b91e99281bdadf553d047010602b2e

SHA256
3b2acf3e92cf6df53943fb4e0cab019d370c6743df9087c71c6871bd1f82b7d1

SHA512
ec36e1f5483fd7b660955780ecfa3755953c694eafca39056cdfdb1a1dce0df0476a471837a00bc2868d5c81aae988e45ac579f4847e88ea8f6e877e4ec706f2

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\vcruntime140.dll

Filesize
94KB

MD5
a87575e7cf8967e481241f13940ee4f7

SHA1
879098b8a353a39e16c79e6479195d43ce98629e

SHA256
ded5adaa94341e6c62aea03845762591666381dca30eb7c17261dd154121b83e

SHA512
e112f267ae4c9a592d0dd2a19b50187eb13e25f23ded74c2e6ccde458bcdaee99f4e3e0a00baf0e3362167ae7b7fe4f96ecbcd265cc584c1c3a4d1ac316e92f0

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\vcruntime140_1.dll

Filesize
36KB

MD5
37c372da4b1adb96dc995ecb7e68e465

SHA1
6c1b6cb92ff76c40c77f86ea9a917a5f854397e2

SHA256
1554b5802968fdb2705a67cbb61585e9560b9e429d043a5aa742ef3c9bbfb6bf

SHA512
926f081b1678c15dc649d7e53bfbe98e4983c9ad6ccdf11c9383ca1d85f2a7353d5c52bebf867d6e155ff897f4702fc4da36a8f4cf76b00cb842152935e319a6

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\bin\vcruntime140_1.dll

Filesize
36KB

MD5
37c372da4b1adb96dc995ecb7e68e465

SHA1
6c1b6cb92ff76c40c77f86ea9a917a5f854397e2

SHA256
1554b5802968fdb2705a67cbb61585e9560b9e429d043a5aa742ef3c9bbfb6bf

SHA512
926f081b1678c15dc649d7e53bfbe98e4983c9ad6ccdf11c9383ca1d85f2a7353d5c52bebf867d6e155ff897f4702fc4da36a8f4cf76b00cb842152935e319a6

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\legal\java.compiler\is-0NVSU.tmp

Filesize
49B

MD5
19c9d1d2aad61ce9cb8fb7f20ef1ca98

SHA1
2db86ab706d9b73feeb51a904be03b63bee92baf

SHA256
ebf9777bd307ed789ceabf282a9aca168c391c7f48e15a60939352efb3ea33f9

SHA512
7ec63b59d8f87a42689f544c2e8e7700da5d8720b37b41216cbd1372c47b1bc3b892020f0dd3a44a05f2a7c07471ff484e4165427f1a9cad0d2393840cd94e5b

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\legal\java.compiler\is-EEH0D.tmp

Filesize
44B

MD5
7caf4cdbb99569deb047c20f1aad47c4

SHA1
24e7497426d27fe3c17774242883ccbed8f54b4d

SHA256
b998cda101e5a1ebcfb5ff9cddd76ed43a2f2169676592d428b7c0d780665f2a

SHA512
a1435e6f1e4e9285476a0e7bc3b4f645bbafb01b41798a2450390e16b18b242531f346373e01d568f6cc052932a3256e491a65e8b94b118069853f2b0c8cd619

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\legal\java.compiler\is-S18P0.tmp

Filesize
33B

MD5
16989bab922811e28b64ac30449a5d05

SHA1
51ab20e8c19ee570bf6c496ec7346b7cf17bd04a

SHA256
86e0516b888276a492b19f9a84f5a866ed36925fae1510b3a94a0b6213e69192

SHA512
86571f127a6755a7339a9ed06e458c8dc5898e528de89e369a13c183711831af0646474986bae6573bc5155058d5f38348d6bfdeb3fd9318e98e0bf7916e6608

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\lib\jvm.cfg

Filesize
29B

MD5
7ce21bdcfa333c231d74a77394206302

SHA1
c5a940d2dee8e7bfc01a87d585ddca420d37e226

SHA256
aa9efb969444c1484e29adecab55a122458090616e766b2f1230ef05bc3867e0

SHA512
8b37a1a5600e0a4e5832021c4db50569e33f1ddc8ac4fc2f38d5439272b955b0e3028ea10dec0743b197aa0def32d9e185066d2bac451f81b99539d34006074b

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\jre\lib\modules

Filesize
7.0MB

MD5
dda8ce94081f5e98d33dbf125d9d6618

SHA1
714adfea06b66712357b9385f5498fac12363748

SHA256
ee78bfa3f5324d0d54d78d92d03eaaa3fbeb0e528945686f8e333338782b654a

SHA512
82664835bd43b57c9d630b6a61df52951e9f03ec2cc93a072c63851c83f77178843065b62c335e70a65a6ad81257af117c5b389040e8d73efb341f22512137a0

Download Submit
C:\Users\Admin\AppData\Roaming\.tlauncher\legacy\Minecraft\launcher\bootstrap.jar

Filesize
7.0MB

MD5
8a7911b9018f0cb33828c069b9901197

SHA1
60bb271287029e72f5f3c3433127cf0410e9f97b

SHA256
9e7dc8c94fd479ea7cbca4ac87c7cc7df14473d7a6ff5601c86688db37f6703b

SHA512
5b68b4cd45c233d9a6e64dbf358d51b641532b10cf7b1d540db4e41dcd1a6a78d49b7d937ea4bdbf2be8e59b95fdbbf788ace2ef38b997bc17da2ff63ae84ad1

Download Submit
memory/2320-888-0x0000000000400000-0x0000000000472000-memory.dmp

Filesize
456KB

Download
memory/3532-2-0x0000000000400000-0x0000000000533000-memory.dmp

Filesize
1.2MB

Download
memory/3532-8-0x0000000000400000-0x0000000000533000-memory.dmp

Filesize
1.2MB

Download
memory/3532-11-0x0000000000400000-0x0000000000533000-memory.dmp

Filesize
1.2MB

Download
memory/3532-0-0x0000000000400000-0x0000000000533000-memory.dmp

Filesize
1.2MB

Download
memory/3532-16-0x0000000000400000-0x0000000000533000-memory.dmp

Filesize
1.2MB

Download
memory/3804-17-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/3804-865-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/3804-15-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/3804-12-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/3804-19-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/3804-21-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/3804-25-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/3804-10-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/3804-9-0x00000000009A0000-0x00000000009A1000-memory.dmp

Filesize
4KB

Download
memory/3804-441-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download
memory/3804-856-0x0000000000400000-0x0000000000776000-memory.dmp

Filesize
3.5MB

Download