bc747e3bf7b6e02c09f3d18bdd0e64eef62b940b2f16c9c72e647eec85cf0138

Analysis

max time kernel
393s
max time network
397s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
19-10-2023 16:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

AnyDesk (1).exe
Size

5.2MB
MD5

37e172be64b12f3207300d11b74656b8
SHA1

1895d7c4f785f92e48b5191fd812822593cbc73f
SHA256

bc747e3bf7b6e02c09f3d18bdd0e64eef62b940b2f16c9c72e647eec85cf0138
SHA512

98cf7a591beb4af2066ddd9d17caee69b3cbb42343cb4dc0d517fb99983159ae8e960c315030487b3ea22b2512359f108a6cfe15ec3b725c040ac06b877c88ff
SSDEEP

98304:pgBOLscYr9NrQO6lSdAd7qvlyBhbUhrZsTY3ycd8izlxGhzAqK3:KOoc+dQO6+Ad7qdriTYlfzlIhMt

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	AnyDesk (1).exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	AnyDesk (1).exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3092	AnyDesk (1).exe
3092	AnyDesk (1).exe

Suspicious use of FindShellTrayWindow 3 IoCs

pid	Process
4928	AnyDesk (1).exe
4928	AnyDesk (1).exe
4928	AnyDesk (1).exe

Suspicious use of SendNotifyMessage 3 IoCs

pid	Process
4928	AnyDesk (1).exe
4928	AnyDesk (1).exe
4928	AnyDesk (1).exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 4944 wrote to memory of 3092	4944	AnyDesk (1).exe	85
PID 4944 wrote to memory of 3092	4944	AnyDesk (1).exe	85
PID 4944 wrote to memory of 3092	4944	AnyDesk (1).exe	85
PID 4944 wrote to memory of 4928	4944	AnyDesk (1).exe	86
PID 4944 wrote to memory of 4928	4944	AnyDesk (1).exe	86
PID 4944 wrote to memory of 4928	4944	AnyDesk (1).exe	86

C:\Users\Admin\AppData\Local\Temp\AnyDesk (1).exe
"C:\Users\Admin\AppData\Local\Temp\AnyDesk (1).exe"
1⤵
- Checks processor information in registry
- Suspicious use of WriteProcessMemory
PID:4944
- C:\Users\Admin\AppData\Local\Temp\AnyDesk (1).exe
  "C:\Users\Admin\AppData\Local\Temp\AnyDesk (1).exe" --local-service
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3092
- C:\Users\Admin\AppData\Local\Temp\AnyDesk (1).exe
  "C:\Users\Admin\AppData\Local\Temp\AnyDesk (1).exe" --local-control
  2⤵
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  PID:4928

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\gcapi.dll

Filesize
385KB

MD5
1ce7d5a1566c8c449d0f6772a8c27900

SHA1
60854185f6338e1bfc7497fd41aa44c5c00d8f85

SHA256
73170761d6776c0debacfbbc61b6988cb8270a20174bf5c049768a264bb8ffaf

SHA512
7e3411be8614170ae91db1626c452997dc6db663d79130872a124af982ee1d457cefba00abd7f5269adce3052403be31238aecc3934c7379d224cb792d519753

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\ad.trace

Filesize
7KB

MD5
f65ee16eb61ed89c2e59eb24e7ca5d6f

SHA1
9e7d2bb35a6e51e97530723c26de6f6c9b292524

SHA256
4d0ea9fad2846d159841f3c135bc87b6370f78d6e7064a2a8eb71ad201f8fc96

SHA512
a54877835122a0a992d7ce76af4b33a7b35dcd706555c1fca51b11c130e4a9e02efe676f12e94bd86c06c8299ba4572e5653d16e1123a00e213292b446102f5e

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\ad.trace

Filesize
7KB

MD5
f65ee16eb61ed89c2e59eb24e7ca5d6f

SHA1
9e7d2bb35a6e51e97530723c26de6f6c9b292524

SHA256
4d0ea9fad2846d159841f3c135bc87b6370f78d6e7064a2a8eb71ad201f8fc96

SHA512
a54877835122a0a992d7ce76af4b33a7b35dcd706555c1fca51b11c130e4a9e02efe676f12e94bd86c06c8299ba4572e5653d16e1123a00e213292b446102f5e

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\service.conf

Filesize
2KB

MD5
d1360e5ef53bcc104e895a102db73ebc

SHA1
81418464e187ae3004a902f6738063059202702a

SHA256
59ac5589a11ff07f171335684d1836fa97988c38af1d9a07872051f41cf60181

SHA512
00fdc772507f67325634cda9c293b3813cfd8f436ef1d16f65537508e8b297ba501192c04a793f31bba7fd94c93766cd2095cda2036233ca41b4f3afd616fca5

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\service.conf

Filesize
2KB

MD5
181945a6ed32b28ffbf9b4aad56f493b

SHA1
e8b92bcb50f5325cc7361e3d62786c2f2e0a20ff

SHA256
903522d3bf6a1483795e2118a0f8432a9672d46fcc7d85ce191b68a96e81634c

SHA512
f12352d8e3b5deffa88a88200a63cee2db7753d31d0107749de7579be4502b011b3b53b498d5d2abf33b2b034d6b65a57b7aa633e891f17066305e41a960746d

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\service.conf

Filesize
2KB

MD5
181945a6ed32b28ffbf9b4aad56f493b

SHA1
e8b92bcb50f5325cc7361e3d62786c2f2e0a20ff

SHA256
903522d3bf6a1483795e2118a0f8432a9672d46fcc7d85ce191b68a96e81634c

SHA512
f12352d8e3b5deffa88a88200a63cee2db7753d31d0107749de7579be4502b011b3b53b498d5d2abf33b2b034d6b65a57b7aa633e891f17066305e41a960746d

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf

Filesize
611B

MD5
256d6e0f424420253bd5bf9f2efb6404

SHA1
787130a62a196acb389303d68fbd924cb9ae5886

SHA256
34fcaf54ced88f0dbd0ee26bd18fade1f7caaa100e9beb5e39b1894b01c6912f

SHA512
c580244afe8128d6004ee533364ca121c6b2cf7eb0109809eef614883b717756bd35a463a0904c0bf10e5ef4938c106bd41482cc73b8ce00f3f327e3340f0331

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf

Filesize
611B

MD5
256d6e0f424420253bd5bf9f2efb6404

SHA1
787130a62a196acb389303d68fbd924cb9ae5886

SHA256
34fcaf54ced88f0dbd0ee26bd18fade1f7caaa100e9beb5e39b1894b01c6912f

SHA512
c580244afe8128d6004ee533364ca121c6b2cf7eb0109809eef614883b717756bd35a463a0904c0bf10e5ef4938c106bd41482cc73b8ce00f3f327e3340f0331

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf

Filesize
732B

MD5
0e2d34c40d11d563fbdd19b86c77f093

SHA1
c7dbbe5ac6f0ff3e2d8589b4165600152c6debff

SHA256
a56455db885596897845fd7c68f3769a830cc08cb1785065330c754e0fcfef07

SHA512
a904c12890236a0d8db5d628598798988ccbf427e342f483c094e9f74e5ad493fb71bc460cf1577cdc1e6031eccb669f5aef9fa65db62a2e33cb932f8d97f255

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf

Filesize
801B

MD5
47bc9dc035d0c5140075d7c50e9a0686

SHA1
d0e2941ce5453b645b8338b48161141335355f9b

SHA256
5b5f516c330f2b5427e96b1f26030eaac13d1462e58bd9cf6a224e304803307c

SHA512
b84418d8fd289e950fd41a8cef2b870fdc94f4b8cbe277f2f96f601d510df8aa89d7487e1d7193fe8677b9e33f923c319a2f7623ea5c69cc7c29b7de81d47bd4

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf

Filesize
312B

MD5
0c04ad1083dc5c7c45e3ee2cd344ae38

SHA1
f1cf190f8ca93000e56d49732e9e827e2554c46f

SHA256
6452273c017db7cbe0ffc5b109bbf3f8d3282fb91bfa3c5eabc4fb8f1fc98cb0

SHA512
6c414b39bbc1f1f08446c6c6da6f6e1ceb9303bbf183ae279c872d91641ea8d67ec5e5c4e0824da3837eca73ec29fe70e92b72c09458c8ce50fa6f08791d1492

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf

Filesize
424B

MD5
81bd0b2da625ac1052579761109e9f30

SHA1
38b35946c214629836259e2f0ac84c07d4c9d327

SHA256
b9ba2e90aa927595cb25bc523cf50a7b7ec932013345b36bfcfc349c8b99ae50

SHA512
5dafa1917534f83c4d5936771a42ed964362a601d30c2736cd978fd408c85c8d8db9a48dff4c48632af5f236c97c8060c2e98cd6ba79fc1e7add01b9aaaffa31

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf

Filesize
424B

MD5
81bd0b2da625ac1052579761109e9f30

SHA1
38b35946c214629836259e2f0ac84c07d4c9d327

SHA256
b9ba2e90aa927595cb25bc523cf50a7b7ec932013345b36bfcfc349c8b99ae50

SHA512
5dafa1917534f83c4d5936771a42ed964362a601d30c2736cd978fd408c85c8d8db9a48dff4c48632af5f236c97c8060c2e98cd6ba79fc1e7add01b9aaaffa31

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf

Filesize
424B

MD5
81bd0b2da625ac1052579761109e9f30

SHA1
38b35946c214629836259e2f0ac84c07d4c9d327

SHA256
b9ba2e90aa927595cb25bc523cf50a7b7ec932013345b36bfcfc349c8b99ae50

SHA512
5dafa1917534f83c4d5936771a42ed964362a601d30c2736cd978fd408c85c8d8db9a48dff4c48632af5f236c97c8060c2e98cd6ba79fc1e7add01b9aaaffa31

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
1KB

MD5
106b5e18b9e4695a7b4c85218851b8b1

SHA1
cc660076dde02882c83bafb8788b83c754a529ad

SHA256
bd6adb791b34ac6707d6bc2753d0e02f6246c9696e7e239bb824b6eb5d0f28f7

SHA512
e00667a8a506f0d07dd22b7911a56e5d7e1a7f6be694a0b140568c11f38741ed6644f50b570d9a29b3e1c71b9936af35f3dda0b2387362aca64cd8807e687c7c

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
1KB

MD5
106b5e18b9e4695a7b4c85218851b8b1

SHA1
cc660076dde02882c83bafb8788b83c754a529ad

SHA256
bd6adb791b34ac6707d6bc2753d0e02f6246c9696e7e239bb824b6eb5d0f28f7

SHA512
e00667a8a506f0d07dd22b7911a56e5d7e1a7f6be694a0b140568c11f38741ed6644f50b570d9a29b3e1c71b9936af35f3dda0b2387362aca64cd8807e687c7c

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
1KB

MD5
106b5e18b9e4695a7b4c85218851b8b1

SHA1
cc660076dde02882c83bafb8788b83c754a529ad

SHA256
bd6adb791b34ac6707d6bc2753d0e02f6246c9696e7e239bb824b6eb5d0f28f7

SHA512
e00667a8a506f0d07dd22b7911a56e5d7e1a7f6be694a0b140568c11f38741ed6644f50b570d9a29b3e1c71b9936af35f3dda0b2387362aca64cd8807e687c7c

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
6KB

MD5
d7095cbece4148f3f5fc9b107e552c9a

SHA1
81f5e132388de10a939d7aef2ffe40983855f2ac

SHA256
2ead7b4f2f2415403d52b70e67f2d5d62e939307670d05dced0bff83a616dfe2

SHA512
8097ba8433c74600ef58b163d5e7fb09f4a1c7ff50c52154254c4a9a2ae1499b3839947a1a90688ccd86dff697bfdea29b8820e68a58f00fcc42be1ff198ec13

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
6KB

MD5
d7095cbece4148f3f5fc9b107e552c9a

SHA1
81f5e132388de10a939d7aef2ffe40983855f2ac

SHA256
2ead7b4f2f2415403d52b70e67f2d5d62e939307670d05dced0bff83a616dfe2

SHA512
8097ba8433c74600ef58b163d5e7fb09f4a1c7ff50c52154254c4a9a2ae1499b3839947a1a90688ccd86dff697bfdea29b8820e68a58f00fcc42be1ff198ec13

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
6KB

MD5
d7095cbece4148f3f5fc9b107e552c9a

SHA1
81f5e132388de10a939d7aef2ffe40983855f2ac

SHA256
2ead7b4f2f2415403d52b70e67f2d5d62e939307670d05dced0bff83a616dfe2

SHA512
8097ba8433c74600ef58b163d5e7fb09f4a1c7ff50c52154254c4a9a2ae1499b3839947a1a90688ccd86dff697bfdea29b8820e68a58f00fcc42be1ff198ec13

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
6KB

MD5
3a8cb03c7e0fb902da6f757ac20a4d4c

SHA1
e4d59b20ab08e720f3eb54cbc1288a954542a6e0

SHA256
9ba0eaef383f2692c57bbc250461aac0f2790adb6c8d8b188dbb850cd0cb520d

SHA512
748841254601977973f90b2ae7d74a3cfb523d19a4141493e9324bab4d8fef144c81bb8209aa89b28f42897f46112104aa7d14ed391a786afe51c64885c9fa0f

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
1KB

MD5
1a4997bdd6a99b0fca6b378c3ea3c7ad

SHA1
b69e70b68520bd300e372ebaaeb3fd53e06cb983

SHA256
1d54c007f3986427527741ca3afb5ebc0d1f2c90a6969b5e7989eefc48271826

SHA512
8977340d04792244772de7f2b0bb9ad254e6cdd622a970ee03305831d797a29f750ca0f84e25420d1cd0b164a70f20539188a003015699df48a0fa48ccbd9f55

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
6KB

MD5
3a8cb03c7e0fb902da6f757ac20a4d4c

SHA1
e4d59b20ab08e720f3eb54cbc1288a954542a6e0

SHA256
9ba0eaef383f2692c57bbc250461aac0f2790adb6c8d8b188dbb850cd0cb520d

SHA512
748841254601977973f90b2ae7d74a3cfb523d19a4141493e9324bab4d8fef144c81bb8209aa89b28f42897f46112104aa7d14ed391a786afe51c64885c9fa0f

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
6KB

MD5
3a8cb03c7e0fb902da6f757ac20a4d4c

SHA1
e4d59b20ab08e720f3eb54cbc1288a954542a6e0

SHA256
9ba0eaef383f2692c57bbc250461aac0f2790adb6c8d8b188dbb850cd0cb520d

SHA512
748841254601977973f90b2ae7d74a3cfb523d19a4141493e9324bab4d8fef144c81bb8209aa89b28f42897f46112104aa7d14ed391a786afe51c64885c9fa0f

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
6KB

MD5
3a8cb03c7e0fb902da6f757ac20a4d4c

SHA1
e4d59b20ab08e720f3eb54cbc1288a954542a6e0

SHA256
9ba0eaef383f2692c57bbc250461aac0f2790adb6c8d8b188dbb850cd0cb520d

SHA512
748841254601977973f90b2ae7d74a3cfb523d19a4141493e9324bab4d8fef144c81bb8209aa89b28f42897f46112104aa7d14ed391a786afe51c64885c9fa0f

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
6KB

MD5
3a8cb03c7e0fb902da6f757ac20a4d4c

SHA1
e4d59b20ab08e720f3eb54cbc1288a954542a6e0

SHA256
9ba0eaef383f2692c57bbc250461aac0f2790adb6c8d8b188dbb850cd0cb520d

SHA512
748841254601977973f90b2ae7d74a3cfb523d19a4141493e9324bab4d8fef144c81bb8209aa89b28f42897f46112104aa7d14ed391a786afe51c64885c9fa0f

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
6KB

MD5
3a8cb03c7e0fb902da6f757ac20a4d4c

SHA1
e4d59b20ab08e720f3eb54cbc1288a954542a6e0

SHA256
9ba0eaef383f2692c57bbc250461aac0f2790adb6c8d8b188dbb850cd0cb520d

SHA512
748841254601977973f90b2ae7d74a3cfb523d19a4141493e9324bab4d8fef144c81bb8209aa89b28f42897f46112104aa7d14ed391a786afe51c64885c9fa0f

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
6KB

MD5
f88be0ae2e0fff672863137ccc3a3891

SHA1
d15b352bd1a939e4820ba4cb31153ce166f7772c

SHA256
d31ae38de69e61b45bb617aabdf44ecbda52882dcf3f5531111931ea1584eb1b

SHA512
1b3d0932ac63244cbe19efc84ffdf640ffdc7b3b1c65670b5fec058fd56d30633cf5c883c0e004b2e413b48a4bf654f1f937af3655b4678f5740c8fc438ca65a

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
6KB

MD5
f88be0ae2e0fff672863137ccc3a3891

SHA1
d15b352bd1a939e4820ba4cb31153ce166f7772c

SHA256
d31ae38de69e61b45bb617aabdf44ecbda52882dcf3f5531111931ea1584eb1b

SHA512
1b3d0932ac63244cbe19efc84ffdf640ffdc7b3b1c65670b5fec058fd56d30633cf5c883c0e004b2e413b48a4bf654f1f937af3655b4678f5740c8fc438ca65a

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
6KB

MD5
28fd0fb75c3eab39347aec6a59a37203

SHA1
8a0c20f06975e4ace8dec4ad915a13e205d80ae3

SHA256
b23c06fc1fd34ac82b4234fefd7addc4086c1bba4298303f910785108e31d5ef

SHA512
c7d57795c47702dcbb29c017af1c8391167f8e904c1993a9b3d1a1efca744665ea725956ce82407fbc1b3b13e6ae9bed8fde0a1021d7e46a7693f747ad352877

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
1KB

MD5
9b7b5294e90bfa8fa268f2b2961cea0d

SHA1
0bd8ce32944059404f67ca47c4b9b55761c18cef

SHA256
8d808af2e68e2556f5d0f95724c037d9ca1df467778ec4eb0a3128e8efee97c4

SHA512
47302d5fa971929d206d5c5f5ca0aa2cc423e9a08096713319b6b5935131a84c20701ff39f762fa19faa60daa13168c8ef59a80b20c5d658ee161cc2cf26a8e2

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
1KB

MD5
58b4d58e5eff724eff245d6fe2e06f3f

SHA1
78b8c7972a369ad234aa64605fbeeaed8bf4e0ff

SHA256
c7c654bc3780f2f9738dbc8683e8634f17c3dc99239f9473904879bd2372fe1e

SHA512
510555edce867ae5e61b01ffa6418d060055ef9b4ffeeb696770259434e8aab705b94355e47ff2be366da3290082c149b6de9c61e4229ee60da61363a62075f1

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
1KB

MD5
58b4d58e5eff724eff245d6fe2e06f3f

SHA1
78b8c7972a369ad234aa64605fbeeaed8bf4e0ff

SHA256
c7c654bc3780f2f9738dbc8683e8634f17c3dc99239f9473904879bd2372fe1e

SHA512
510555edce867ae5e61b01ffa6418d060055ef9b4ffeeb696770259434e8aab705b94355e47ff2be366da3290082c149b6de9c61e4229ee60da61363a62075f1

Download Submit
C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

Filesize
1KB

MD5
58b4d58e5eff724eff245d6fe2e06f3f

SHA1
78b8c7972a369ad234aa64605fbeeaed8bf4e0ff

SHA256
c7c654bc3780f2f9738dbc8683e8634f17c3dc99239f9473904879bd2372fe1e

SHA512
510555edce867ae5e61b01ffa6418d060055ef9b4ffeeb696770259434e8aab705b94355e47ff2be366da3290082c149b6de9c61e4229ee60da61363a62075f1

Download Submit
memory/3092-12-0x0000000000F20000-0x00000000026BA000-memory.dmp

Filesize
23.6MB

Download
memory/3092-233-0x0000000000F20000-0x00000000026BA000-memory.dmp

Filesize
23.6MB

Download
memory/3092-116-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/3092-32-0x0000000000F20000-0x00000000026BA000-memory.dmp

Filesize
23.6MB

Download
memory/4928-113-0x0000000000A70000-0x0000000000A71000-memory.dmp

Filesize
4KB

Download
memory/4928-11-0x0000000000F20000-0x00000000026BA000-memory.dmp

Filesize
23.6MB

Download
memory/4928-234-0x0000000000F20000-0x00000000026BA000-memory.dmp

Filesize
23.6MB

Download
memory/4944-22-0x0000000006140000-0x0000000006141000-memory.dmp

Filesize
4KB

Download
memory/4944-20-0x0000000000F20000-0x00000000026BA000-memory.dmp

Filesize
23.6MB

Download
memory/4944-23-0x0000000006150000-0x0000000006151000-memory.dmp

Filesize
4KB

Download
memory/4944-0-0x0000000000F20000-0x00000000026BA000-memory.dmp

Filesize
23.6MB

Download
memory/4944-140-0x00000000079D0000-0x00000000079D1000-memory.dmp

Filesize
4KB

Download
memory/4944-120-0x0000000000F20000-0x00000000026BA000-memory.dmp

Filesize
23.6MB

Download
memory/4944-3-0x0000000002840000-0x0000000002841000-memory.dmp

Filesize
4KB

Download
memory/4944-1-0x0000000000F20000-0x00000000026BA000-memory.dmp

Filesize
23.6MB

Download
memory/4944-117-0x0000000008710000-0x0000000008711000-memory.dmp

Filesize
4KB

Download
memory/4944-235-0x0000000000F20000-0x00000000026BA000-memory.dmp

Filesize
23.6MB

Download