0f87fe2577ecff0b8b24158c8bebd88bd37c338c6f48111c1c284017e6cc58da

Analysis

max time kernel
137s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
29/12/2023, 18:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

AJAZZ_AK33 RGB_Keyboard Driver.rar
Size

6.1MB
MD5

8c163c22750f1555e94e4587c87d4782
SHA1

2cd0f5f239e354714c1a3f7281eb664808319621
SHA256

0f87fe2577ecff0b8b24158c8bebd88bd37c338c6f48111c1c284017e6cc58da
SHA512

1fbf6a5b6f9bb63e193bc15a758099578b0efcc3c58ae616d1ac6a7d41b2c9b9c6beb574bbec3d2a31b7101415949ca517c13ac4a2245d2c6c4b04b78ef15914
SSDEEP

98304:lWAh57+/Wmgo0gUa3b/KDiB3tTM8Waebu0wd+4c07nEhRi5kU7thKTsGkX+0Nhn:3q/BgolUariD6hdWJXwd+AEeth9X+0Hn

Score

7^/10

discovery persistence

Malware Config

Signatures

Checks computer location settings 2 TTPs 2 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-983843758-932321429-1636175382-1000\Control Panel\International\Geo\Nation	cmd.exe
Key value queried	\REGISTRY\USER\S-1-5-21-983843758-932321429-1636175382-1000\Control Panel\International\Geo\Nation	AJAZZ AK33 RGB Keyboard Driver.exe

Executes dropped EXE 5 IoCs

pid	Process
3916	AJAZZ AK33 RGB Keyboard Driver.exe
4628	ISBEW64.exe
2548	AJAZZ AK33 Driver.exe
2796	AJAZZ AK33 Driver.exe
4756	AJAZZ AK33 Driver.exe

Loads dropped DLL 9 IoCs

pid	Process
3916	AJAZZ AK33 RGB Keyboard Driver.exe
3916	AJAZZ AK33 RGB Keyboard Driver.exe
3916	AJAZZ AK33 RGB Keyboard Driver.exe
3916	AJAZZ AK33 RGB Keyboard Driver.exe
3916	AJAZZ AK33 RGB Keyboard Driver.exe
3916	AJAZZ AK33 RGB Keyboard Driver.exe
3916	AJAZZ AK33 RGB Keyboard Driver.exe
3916	AJAZZ AK33 RGB Keyboard Driver.exe
2548	AJAZZ AK33 Driver.exe

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Launch 0 FwCustom = "C:\\Program Files (x86)\\AJAZZ AK33 Driver\\AJAZZ AK33 Driver.exe /Start"	AJAZZ AK33 RGB Keyboard Driver.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\InstallShield Installation Information\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\data1.hdr	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\key_287.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\function_over.jpg	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\macr361.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\macr3a0.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\1.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\Comp267.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\lanok.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\macro_disable.jpg	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\leftdown.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\user1up.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\AJAZZ AK33 Driver.exe	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\3.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\huang.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\main_down.jpg	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\main_over.jpg	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\sjsd49a.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\AJAZ1ea.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\2248.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\7.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\medi2b5.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\macro_over.jpg	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\InstallShield Installation Information\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\setup.inx	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\6.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\key_mask.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\medi47b.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\InstallShield Installation Information\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\_Setup.dll	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\10.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\3248.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\Composite.ini	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\media_mask.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\medi2b5.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\func2c5.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\key_2d5.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\key_313.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\func296.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\key_304.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\kuos332.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\lan.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\InstallShield Installation Information\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\setu12f.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\InstallShield Installation Information\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\setup.exe	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\media_normal.jpg	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\InstallShield Installation Information\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\layout.bin	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\7258.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\lvok.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\main3bf.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\righ49a.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\10248.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\4.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\macro_down.jpg	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\main_disable.jpg	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\HidServ.dll	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\8.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\main3af.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\InstallShield Installation Information\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\setu13e.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\key_over.jpg	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\left332.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\main3de.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\4248.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\deng277.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\function_down.jpg	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\hong.bmp	AJAZZ AK33 RGB Keyboard Driver.exe
File created	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\huan313.rra	AJAZZ AK33 RGB Keyboard Driver.exe
File opened for modification	C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\user1down.bmp	AJAZZ AK33 RGB Keyboard Driver.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks SCSI registry key(s) 3 TTPs 8 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Set value (data)	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 0000000004000000237a6c0e57fb805f0000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff000000002701010000080000237a6c0e0000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff000000000700010000680900237a6c0e000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1d237a6c0e000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000237a6c0e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000	vssvc.exe
Set value (data)	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000	vssvc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters	vssvc.exe
Key queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters	vssvc.exe
Key created	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Device Parameters\Partmgr	vssvc.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	taskmgr.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-983843758-932321429-1636175382-1000_Classes\Local Settings	cmd.exe

Suspicious behavior: EnumeratesProcesses 21 IoCs

pid	Process
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
2796	AJAZZ AK33 Driver.exe
2796	AJAZZ AK33 Driver.exe
4756	AJAZZ AK33 Driver.exe
4756	AJAZZ AK33 Driver.exe
3036	7zFM.exe
3036	7zFM.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3036	7zFM.exe

Suspicious use of AdjustPrivilegeToken 19 IoCs

description	pid	Process
Token: SeRestorePrivilege	3036	7zFM.exe
Token: 35	3036	7zFM.exe
Token: SeSecurityPrivilege	3036	7zFM.exe
Token: SeBackupPrivilege	1612	vssvc.exe
Token: SeRestorePrivilege	1612	vssvc.exe
Token: SeAuditPrivilege	1612	vssvc.exe
Token: SeDebugPrivilege	4496	taskmgr.exe
Token: SeSystemProfilePrivilege	4496	taskmgr.exe
Token: SeCreateGlobalPrivilege	4496	taskmgr.exe
Token: 33	4496	taskmgr.exe
Token: SeIncBasePriorityPrivilege	4496	taskmgr.exe
Token: SeBackupPrivilege	2708	srtasks.exe
Token: SeRestorePrivilege	2708	srtasks.exe
Token: SeSecurityPrivilege	2708	srtasks.exe
Token: SeTakeOwnershipPrivilege	2708	srtasks.exe
Token: SeBackupPrivilege	2708	srtasks.exe
Token: SeRestorePrivilege	2708	srtasks.exe
Token: SeSecurityPrivilege	2708	srtasks.exe
Token: SeTakeOwnershipPrivilege	2708	srtasks.exe

Suspicious use of FindShellTrayWindow 44 IoCs

pid	Process
3036	7zFM.exe
3036	7zFM.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
2548	AJAZZ AK33 Driver.exe

Suspicious use of SendNotifyMessage 41 IoCs

pid	Process
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
4496	taskmgr.exe
2548	AJAZZ AK33 Driver.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
2548	AJAZZ AK33 Driver.exe
2548	AJAZZ AK33 Driver.exe
2796	AJAZZ AK33 Driver.exe
4756	AJAZZ AK33 Driver.exe

Suspicious use of WriteProcessMemory 10 IoCs

description	pid	Process	procid_target
PID 4432 wrote to memory of 3036	4432	cmd.exe	89
PID 4432 wrote to memory of 3036	4432	cmd.exe	89
PID 3036 wrote to memory of 3916	3036	7zFM.exe	106
PID 3036 wrote to memory of 3916	3036	7zFM.exe	106
PID 3036 wrote to memory of 3916	3036	7zFM.exe	106
PID 3916 wrote to memory of 4628	3916	AJAZZ AK33 RGB Keyboard Driver.exe	109
PID 3916 wrote to memory of 4628	3916	AJAZZ AK33 RGB Keyboard Driver.exe	109
PID 3916 wrote to memory of 2548	3916	AJAZZ AK33 RGB Keyboard Driver.exe	122
PID 3916 wrote to memory of 2548	3916	AJAZZ AK33 RGB Keyboard Driver.exe	122
PID 3916 wrote to memory of 2548	3916	AJAZZ AK33 RGB Keyboard Driver.exe	122

Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\AJAZZ_AK33 RGB_Keyboard Driver.rar"
1⤵
- Checks computer location settings
- Modifies registry class
- Suspicious use of WriteProcessMemory
PID:4432
- C:\Program Files\7-Zip\7zFM.exe
  "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\AJAZZ_AK33 RGB_Keyboard Driver.rar"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:3036
- - C:\Users\Admin\AppData\Local\Temp\7zOCDBBC028\AJAZZ AK33 RGB Keyboard Driver.exe
    "C:\Users\Admin\AppData\Local\Temp\7zOCDBBC028\AJAZZ AK33 RGB Keyboard Driver.exe"
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Loads dropped DLL
    - Adds Run key to start application
    - Drops file in Program Files directory
    - Suspicious use of WriteProcessMemory
    PID:3916
  - - C:\Users\Admin\AppData\Local\Temp\{E34FAA17-794C-45A5-A8C5-4A87FB731978}\ISBEW64.exe
      C:\Users\Admin\AppData\Local\Temp\{E34FAA17-794C-45A5-A8C5-4A87FB731978}\ISBEW64.exe {EFB7539B-24F3-46B6-AF6E-3B021B51EFEF}:{A12DA5CE-CE47-45D6-8096-BB3BB15B2AAE}
      4⤵
      Executes dropped EXE
      PID:4628
  - - C:\Program Files (x86)\AJAZZ AK33 Driver\AJAZZ AK33 Driver.exe
      "C:\Program Files (x86)\AJAZZ AK33 Driver\AJAZZ AK33 Driver.exe" /Start
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious use of FindShellTrayWindow
      Suspicious use of SendNotifyMessage
      Suspicious use of SetWindowsHookEx
      PID:2548

C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
1⤵
- Checks SCSI registry key(s)
- Suspicious use of AdjustPrivilegeToken
PID:1612

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
1⤵
- Checks SCSI registry key(s)
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4496

C:\Windows\system32\srtasks.exe
C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2708

C:\Program Files (x86)\AJAZZ AK33 Driver\AJAZZ AK33 Driver.exe
"C:\Program Files (x86)\AJAZZ AK33 Driver\AJAZZ AK33 Driver.exe"
1⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:2796

C:\Program Files (x86)\AJAZZ AK33 Driver\AJAZZ AK33 Driver.exe
"C:\Program Files (x86)\AJAZZ AK33 Driver\AJAZZ AK33 Driver.exe"
1⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:4756

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\AJAZZ AK33 Driver\AJAZZ AK33 Driver.exe

Filesize
3.1MB

MD5
91161631ba0945350e4e1a015026b9f6

SHA1
64ae8a166c2d2c94fe637837c3c1a1a566f1f689

SHA256
d1d51e20c3426a69a22209ec94fdce593048f5652916ceaa4def99bf4ac117cd

SHA512
1dd3187a74052eca684d83485a973a63853408fc63d3dcaa02da3bbd5e6cafac4c21fdbbbb865bf3c39f2fd753cd7666f6ed9e9cf06b3154153c7bf758d776ab

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\HidServ.dll

Filesize
35KB

MD5
0464773a9715c5cd08273e4fde7563d1

SHA1
d97af6af92ca5b2a7b614bfb2b65c6cbfcf5cd4c

SHA256
efbafe30a73b55ac3e3d9c1ad06bf92368760194f34e744b3f54698e39b48038

SHA512
0330d551440d4b9fe4c42e042e51dfee9eebfa60dfcb70591ce23c6cc582e417faf54772a541356a399ee1a12e3cc3171d29a9f948dc6f81728971a07953e668

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\0.bmp

Filesize
4KB

MD5
4eb8cd31330e220faa46b0c06b894f5b

SHA1
16a5e1085e62910859f53df4af5b182f5db39abf

SHA256
7e5d723de52143f7340aeaa2039b29c6632c03e634041c00277e134a2d60b003

SHA512
0f5e3edea256644c9d6363d2ba26eaefe295f43d7d40c82975ff8dd60533137fdec644fe6184563d4570d88cae6c0dae172316e70d40c75d6080140d61299cf9

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\1.bmp

Filesize
4KB

MD5
189429bc2b757c2c3075f2d6be88f033

SHA1
93ad245a756fb2f8ef62c36b4ba90b0b05d33466

SHA256
c190d71bc4ee7cf117a507ff0c384a071ab5eadae23da64de68485ca619cd9ba

SHA512
8a944645987a4869ce17a0b8f444705190585187673293b2b9e60c4fc4fbb2b1b2ac67308e4bb1ccbba30f125231bf6817990fdd0ee2e2b54214a0a56de6434e

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\10.bmp

Filesize
6KB

MD5
92f26d3bb5b9781aa6faa822715dff67

SHA1
537b11384b63b78145f269c12abab326e79d86ab

SHA256
ec029b08c26861b5311be3ef87ef0cf901f613ff783f005375f8dbbeadfdf833

SHA512
c76238a93211e37e8bdb949ec5c648c8ebdc9c2c1ad9437301978e04a57de23fdd979d28b7a75122a2afdafd6046fa75c535565b6094fc401c0ee5ded565889d

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\11.bmp

Filesize
6KB

MD5
151111c8084d777a22455456023b2af1

SHA1
bbe485450d989018125438da18f9868d6e002164

SHA256
d711d28684cde452431873197b640ec055ec4534411716c1d80d9a7776ce5b80

SHA512
d375344fdaa7ac029592f0011661cdef8013310f069341b3b886431e73d972fb94a912144eddd929e76c97db45e8cb21b024256fccaff3075bd1857cf2fc4886

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\2.bmp

Filesize
4KB

MD5
31294e4abb205c923776053f96a20d44

SHA1
cc9a82ac7f23b838cb24bb53b5706006394a6bd4

SHA256
b8a81143402513a46f614fe85d03dd0bc3a41ffc3ee59dbd6e8ae2c2b0929a2f

SHA512
dbf4c4ce1296e6a2dc5e4335facb42794f7caafdf33c51ffccb9f0251cfbbce9c417dd6307f1acf007c8a85bacbc3a15596b97c70d614cfc55e89fb40cd2ec08

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\3.bmp

Filesize
4KB

MD5
631a6304ae75e970fb2d1cd3f2cc1146

SHA1
17f1909bf7d304ebf376e3ecf5fab6c159db5d6a

SHA256
4092f5d336585fd1f65522442b0cfe832a2a6898cf1e9fa5129cc9bf8411b9ce

SHA512
b1a4fbaa83f58b1dc068253732dabbfefdbada8755f8bf723d8b885420d967a46f0f5a97fe95111de1034b5dd1739de38ca3cf88dc737286be86ddef3f77a6e9

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\4.bmp

Filesize
4KB

MD5
e2535d1f5de7520cdf50077bea323446

SHA1
322b6034a763e0517b8f9d8d37bbc335d077f611

SHA256
c6184b0fb1a8871c33463ae9927553c2b49182f908db9ac2896cf0b841cc493d

SHA512
56bd1d8c1cf93da0e7cf1c1443b8d99b47c99584c1ded9482b5eebbfab000eb51b769cbfe9dedd85c58dd544dd066c6f51ae7a9d907d75dd4a3375e5819894ab

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\5.bmp

Filesize
6KB

MD5
965c3615cb1bbd929253cdff939a1d10

SHA1
984a6714e9c241a874349cf0ae4a9d92dab44431

SHA256
a7d8e495db537ae8a8d544505762c110b67498cb07fe6be5695bd83079ba40c2

SHA512
008b0092f85235e1cabc8b9e9f137e08a0da53d13a77c6ab42ce7eb9d492af24cf5c031690a7c1ee0924e1fabdf2cb86fe3fb2412ef9c0a12912a4b3a1e10e33

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\6.bmp

Filesize
4KB

MD5
fbac45714c2f980ac929b7cd912cefa0

SHA1
b17522aa928b71f12a0aace11f1920d6c235a518

SHA256
7918794a06bcf56c94b38558cd8dcbddb479bbd7fd15e42ca6b34ad30eca01e8

SHA512
ac2ec03708f76ba614a158bbc4e2dc8d4a60ce27665b80b24a2d55ddf52b41947ac41465e730cc40d35c164ee1ee60fe8ad2089dd1e3bfa32b501b425b1a46e3

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\7.bmp

Filesize
4KB

MD5
e406f82523892d46a9dba49740082e8f

SHA1
7e61e96916b9eb4a8054b63c8b810d935af31355

SHA256
e6767dfd7915d390336f5e9cfca024e151a5567f4078f44ce522090743e48843

SHA512
b538aa0a039c42bcf6ade856729c09eb06153c0d7bc37eae680fc499ac3df717784f46e36643e29fb59d8a904b868d629eabf914a12fdff4dc7db799e7159a96

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\8.bmp

Filesize
4KB

MD5
14c0d9784c2c8d16d893a3aa95627a9e

SHA1
d8d5521de966507f7b59b6e4ffbf5147dd7e10e2

SHA256
5b96930145c9b795fb37ae82d9d59399b526becb74e64d84fa9a4e36a72b1923

SHA512
64f1d7d80fe2032f21cf665ef4460db2fb4ae6eba72d9804df58ec888ba97fa6b3e4f0123668a1fbba88a0d279f232370d6677a96b63924868d9afaa3b0a4b6d

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\9.bmp

Filesize
4KB

MD5
b8c643d35ea8123af5617defcac21cff

SHA1
33be880492d5c1a916df7b6f8ad377b0ed6649b0

SHA256
9705e2a1f68dffea3f695b52f82a16dd5bd183a96e4a32996d63dd9c438c75c1

SHA512
3c6ed0f38ef77ae2e60cea38fdd19fdff312602bc9df2e8b786aac94564068446d90a60b58488428527eb7693a66aceaada59d2c0509d1514c6e0c2bda0efe8b

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\Main.ini

Filesize
17KB

MD5
1721019135a54381fa66bf3b05939a32

SHA1
1e71b95831440c5ef4f2430d1f61a323d1076e32

SHA256
c04803cde58555cd26da6312c2735ea325b4589811cb2ac63f6e7aec932e5452

SHA512
c0c851e044bd6264aa9409337ce8ff3a8b215bdcdba995b0fbef7c6da1d1b8a734917eb590fd79385bf3d0ed92519578c24457cb81223170033ff0a4db6445a1

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\Main_Mask.bmp

Filesize
2.5MB

MD5
8b1584bf4db79b035c3bd0745802cf85

SHA1
78e582a763f8bac081239cb1916fc80ed3b453fc

SHA256
dc92fa3b966495f53daa2d1a7b643c537c55a96964c2f44147b82e16a7ddcd41

SHA512
2519346bf838dcf737ebbfd972cdd86dbfe90b548e55ebeec081127298e906bcc3fb38fb75e7937f31cc9f46bfc3b018fea03639530cc10bc4ce0c2674f5d982

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\dengdown.bmp

Filesize
7KB

MD5
b71e13552ad1d2bb0e47ed1eb60d8121

SHA1
26a29975d1050ebe99db80d829336bb890bb0030

SHA256
6c52ae2a516b0daeebaa5b77e8282cb55c7bf79e24cd4b147d5a10a878b35ee7

SHA512
f4806b116eb29925507f2adb2383b4222c28d56bffa13425449be818282e001396b3180217df951c85aff8927ec434a1caae7053a80ed4d5f0d548c4a3a4d18a

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\dengup.bmp

Filesize
7KB

MD5
945f67069c1aae5ea12619dcf58aae62

SHA1
f42754df241a8ba23993629f0ea38a3fe1a05e2b

SHA256
0f019c8cc34f18acab061ba17f8f6843fdd2b210ff89966418533b93aed910ad

SHA512
ebef8931d6cc2043c0d24219e9191825ffeebd680f959a0432be07b90ddfe9bd1f015338dbe1d0091d7d7165d736834767a0983e2385738022525679397bbd4b

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\function_down.jpg

Filesize
91KB

MD5
d688b507c893bc4d53b322a5a23a39e3

SHA1
6cddb7502ab861f22069287e59e119ecf1062f6f

SHA256
90bd44b6a9cad8187574625236a90889080398e66f37aaed3909890941b246f7

SHA512
9414df72c880f61336276812cf3b3e702160a205c49e7dbd87c5da14cce7424b3efea8b276a65e319ac0f8d45bd50ef59936ec834dbeb3a91d9e288cc6e23ef8

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\function_mask.bmp

Filesize
384KB

MD5
ae93e0b8035f7ad87aa247b12e3efbc2

SHA1
219e9f4040833af9ccf03e9c05fb3855d1381afa

SHA256
666c57f76aea17bd8b5014da7b00445459ad7c7a2907db6557a32997b085ad16

SHA512
13c833e11cfb39bd246f40fa7e8519c25ea28adeb9e470cf7a28f97584472ba0110b791b7bc5ee22f8f88eff462a0a45fe7b7f788ba446fb5ad3a8ad60434cc0

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\function_normal.jpg

Filesize
76KB

MD5
25a0f475a36ca5a3b6114f053829402c

SHA1
9904474b33b0a1ccc664a8079a3e442fa7cd9d21

SHA256
8b1a9b512e1dd4917c1eeeddbaf9f6e4aa3136c3a5cf02625f66a3e2fb7da2f6

SHA512
490eae9ea205ed94991d4354236e2555917c5cddb845ddba6b46e1bf4401f9f063889eabe94c3b0967226c0725aea92350ce0732e8dc6335b8ea9c493f13df8e

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\function_over.jpg

Filesize
18KB

MD5
8facd5b0cf2cb7d7ac35779298e4c1a5

SHA1
8d748d481dbaaa3c8b4dc0254db54fcc89c2a3c8

SHA256
f6bd620dcdbfd4c146920b60f9a1d1e8f88f7ceb45404997c5e6b97013caa530

SHA512
453fc5d85ed450fb2a704f5f29038bed600699bb4b29595b41881e4f0b6ee198517a0d65e0090c6cc55e7ec44887ecbeb4362658a98450738302de72931f7b0f

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\hong.bmp

Filesize
10KB

MD5
49ce416e7e1ffecd72af896f4f76e4d7

SHA1
1461f91c5d561e1f0b8673a7b12b646f7efcd87c

SHA256
d9916ec232c67ccfcdbceee27c4a3260fa6f148ea7ddafcb5afea5f9b9c3a2aa

SHA512
4152f21e6c8d4bae34dd9d461a9dd64dbc58e71e5bfe1d9ad58f791004349625675770abc0aac3b0c73856710040e5dda5ed5fda6444dec51db197e2ac686717

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\hongok.bmp

Filesize
10KB

MD5
e231defb1bff30e6d584c6fc2f6e83bf

SHA1
b394ab8e1f976cc7783a522343460cdf308be027

SHA256
a1c90b8690c0fb48a8822e411bb8aac82419fe6e3962029fa01f97d2e359a0c6

SHA512
02b79848086de6bc24cd4f0e2a69eae0a156d128de8fb07de895ad8aade4aef759b03370e6fd4ff8862231301f6ea5acbd9d7a62912dbed3d1f1d801fa58b239

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\huang.bmp

Filesize
9KB

MD5
7e504b852600d5a36170f4cd88e76e97

SHA1
b6fcd679975b6693e94ca336b4bc64cef31c8b75

SHA256
20d679756d402b60818a79264a81c6e8ec7f5adcad0e2eaf295aebb92055df94

SHA512
eaa048870f9b57bda0c9aed26782edf8419ba23789204be5a7bd3106da3cf539e74ceb76fc1619946d9e23232ec979bf9a805906de31d1ba90f7db006b0a78da

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\huangok.bmp

Filesize
9KB

MD5
9193a2c1285da888979fd83ddb22aa5a

SHA1
5346f45c28fa218a368ed1404f83a1b9e2f2404b

SHA256
009e98a77628ea35ee327b55a45925bcb8c2dd06b3f92595af0538642084f479

SHA512
b6ef91392c7111ec1c965c1dadd65a56ceca6abe6504239082afe35b6667c708ec1bde707023d2442db08dfbcd401dc016004a6d4c0b83ef07bef6c29ee5dd4c

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\julong.bmp

Filesize
7KB

MD5
689ad84b56e27e4fcde585413b009c54

SHA1
3a24e3e00fba5e4a75f30a1232e963d1b1714d33

SHA256
b1f43bc793bcf4fe31e51d8a1419c0f6a17a9bbb7b075976dbf074a201bfa952

SHA512
9a399c62df39fc97a8907d866b85b3f4c8fceb2905be0c9505dd4a1415f7bd9693dc23729a61cd08390b74e9db50aea7ddf1711e0b2b940ece50df7b4a867fb7

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\julongdown.bmp

Filesize
7KB

MD5
c431e5100658e666f3fd2616cba88749

SHA1
4776a329557028527b26298d0dd10f24dfcb1802

SHA256
45a94693dbaf5efb63516033856927dd17ed56a068e40554e66ac354c46a9d9e

SHA512
4ef7abf9f833bd75a27bbcffbfa455e5b8eb9777a1a240494d9bcf4054c6be5daff0c1e0c87aa86ab768a36c56c2a5627460530f0821b5ad8ce3078a30e364a8

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\kuosan.bmp

Filesize
3KB

MD5
98cf846c0ccea9ef3470775dc9c6b563

SHA1
90c4bf6c36b55b3eaf1e005b9e5dd7ed4c86edf8

SHA256
8985e08c950b2e086d2f38ece0e1f05a063e7ea3c7efed8977cf6307534e47b7

SHA512
7a0a0881906aa58c295f60a76d9cbd8d072a14567493fd0a2bcaec3a713ab3f1cd6411a13d015c7748f4ece7103485293f95d4428d9cf67d8b693cbe4d2b7c3e

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\kuosandown.bmp

Filesize
3KB

MD5
bf5eb83bd6a13dd6ef6bcdd5b16d7bae

SHA1
ee63b08f351c71e657a882802df04b9b51363bd5

SHA256
0c0815a7610b16f2297ae6d954b2567fdf73a3155dbd7e352e171806776d995d

SHA512
54e96ca78f9361c98c0694516f430e3dd14bd3fed4f1595a42536524a340f6c75e158fccfd3e36b1481efb24bf55ea688da0545bb16aaa9824f2187c3857dc38

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\lan.bmp

Filesize
9KB

MD5
d10f0eea6401c3e7cdbc641e08bf4a8d

SHA1
1ed195e7844122b1c564fa6913633b11202bd267

SHA256
51b648046a4bf08fb886087181576c2ce7c1459b39674cad6a9a0658a5c8ba97

SHA512
d5431a8385bd0eda55c73e1f82557cc24bef586e7397d2518b8f17eff7f96880d5af896c5dba9dccc2a3264987681fbc7afadec63287a2864e5d73d1d95a403b

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\lanok.bmp

Filesize
9KB

MD5
15127e81790f2dd39f385ed30c1a7059

SHA1
0784ab38812064594471de9c9c2b5d64161338df

SHA256
4d1aeed860da279a2291261893e91e0ff571b29dce5046d971500551df07527a

SHA512
f1634e9534217bc4d5802e31e91ecbac0a1e52def37180bb25745df3e551967f824aabd373f44f0eb80f58baa32b0a360d0d42550ce887fe4f600a5782a7865c

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\leftdown.bmp

Filesize
7KB

MD5
d8ca26b3220b7bbdcd2e78518672a1e8

SHA1
bf3b6acdb209b019bc2ff2b7751e9efcdba1d8c7

SHA256
f939ca9e67429b01d195e37204c42b5838489108d94e4ef8968fb4431507d2ed

SHA512
8128ff47b14f1735096d0826123db46a710d5ac329a24572c76b34df404f2556ecc4e2d9d8291adc468ff45ca361fa53d5ea36dc8abe995dd6f06cf6339d9dd5

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\leftup.bmp

Filesize
7KB

MD5
b7279ebda2baa3f02c8817a96be95c13

SHA1
7168e0ee08b26447c1a8204e07d245162cf33e9a

SHA256
1859546c796c96bfdbc96453e350fdcde8e7ca44b1a956bf52a296195c1a5a5a

SHA512
c38faf701b6421a18dc37bbeb2b0e8c5304a0595149628552c3b2e0c9584d5135622f34bdd0420f86d1f1820ef7c26993e6ef176d1c6c1654f10074d2273b7cb

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\lv.bmp

Filesize
9KB

MD5
ced3af0b01c4b79b01e810df757d9bd3

SHA1
a8f9f180421261f865963a1625abda1c43534b7c

SHA256
20ecda6a71dae7a0f96d30eb63b8e8f310e19dcdb59ffb0965bc16235326ff05

SHA512
257bdbf87cdd01eb413c259b45ee680e5191c3c3c82eff33b1c1f473092a51377959a2fc917afccb0c1c8b8b13121b71b6bc1a8fe1e9c717aa733f58ba4e3035

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\lvok.bmp

Filesize
9KB

MD5
295a3aac725b5fb555424205abd2d68f

SHA1
f767961a49280657cbd43d925c8a8519c2e223f1

SHA256
9f9252b102a401eef5ec951443bc19c36468e884ebf62e119ab49099cd76ff4b

SHA512
13907ab33ef8c1e0113aa5815e8319956a5636ea3753fe9e3004977437857093fe7904187049c41da1b453f892aa96dbf98117b7b0337876ebc63f1cb7bf32c6

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\main_disable.jpg

Filesize
450KB

MD5
a30e9a378425e3468b5020bc0cd8ba74

SHA1
873426aa6af2b7a5bb52cec1ab34495a3a70e7ba

SHA256
ad40e3935d92579db62ea54ee57d0746e8a050178560bb704976da27350a6bc7

SHA512
f84565627ab140a364601fc7b04cec1aedfa6b2f45f763f4a1205036a658e0589c6cd7ff2f0b5226a445dbe8fae28a00e94ce792b1ffa68ce5ccc7f4fd6479c6

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\main_normal.jpg

Filesize
479KB

MD5
dd181a0a70559cfe54ec2b1e41413271

SHA1
4047b6db6840464c20eab667465f3ba3a177666a

SHA256
99be4c3cebf1e5707e0bb4ed4fd2539374dc156d7413dd780eda62886c5c7117

SHA512
4a263fb6d7b1a4050c346f5a1f797402f2de81d1d329d798cb2ca5b585a8edd3a1e563aac007bea06140a2da22b839db9d5c7701adbb564cead123cbb4dddf74

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\main_over.jpg

Filesize
461KB

MD5
1fee16eec3c7a249de2ef54487eb6b65

SHA1
3fb0d8bf60c12a51e7bb1e5966ca2da050cbf1b2

SHA256
e6517a78971fd5f17037d76c72a4a202d579ce5a3ee5f01fe711bf7d73f602ff

SHA512
fae4ce721a5b10b436177852361d1b7cdc338bf5bdcf835c5e543da4a976ac52e6e3b10d9be229d50fe4969830a213965bd8909b3f31398e7c97e26259bd5e1d

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\rightdown.bmp

Filesize
3KB

MD5
09b7e8bcea10b692e8e215e56fa4d6f7

SHA1
5a5626a09cb875b4c49bc086a2d67f2df0523ac9

SHA256
cd66a4af946a5353fcfe8389f78d747a08a983b92b8d8ab948edb9d4b251c506

SHA512
ec21a7d4a4df76ecb04393f703c6a12fbd0df4a6ba4ec7926ec8b15f054b7ff37ed0f0a779b642671e61b8a5b154d5ecaf542284c43d41ffd598186f27951e79

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\rightup.bmp

Filesize
3KB

MD5
113003798aa8fd2ca851ef6be6546cd6

SHA1
595ab3eb6b6887446f0f3a69831764c3371931ea

SHA256
243bd862a3d57e90d7f81fab9b5bf4eddf4706c3fb39e7990700550eb1e1fb04

SHA512
be68ff04475cb2c500cda63220bddd095af2a74ca6fc237f73ac025aa43d3bda7c721493466881c45d2098dd251fc78470c4e1a607b260443ac8126f6c729947

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\sjsdown.bmp

Filesize
4KB

MD5
5d127ae0e40f440a82266216e317250c

SHA1
876f2e13ae6831666cd514005df883366758fc26

SHA256
71a91da73b88059de1295be6b90fe79bcd8cbc93133a03501ad0349a700cf0f9

SHA512
a9bb086ba3dfac4e9e15101197c6c4e8e87c46f76cfec30caf9cbdc8ed8e3587a5e0c7a7e6c4c34d32f33054e0627416e53e3d700cc4553b4d89d5e64b37e138

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\sjsup.bmp

Filesize
4KB

MD5
5f3f5f8e40582fa8b9d173bbf3400175

SHA1
8a6fb78aed27ecdc55fe6688dd7a9a97ca1eca59

SHA256
d5b175b48b32c92444eec1e28f43cf58a2ebb9bc891e994549d1dff222d90bf2

SHA512
862a8f8865d321937c24f5ef0db26b01e27ce07f1109e74395bc1c8d9ee7ce059c6736901e8247ec768f7437da0adc0f7e7c7043b6be81fb0372f646d4e01cbe

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\user1down.bmp

Filesize
7KB

MD5
211db7d1ed95dcc776f644cd32e5b6f9

SHA1
ff19161ba1a757eb827f2073750484fa5cc1bb48

SHA256
dd5352b873b3ccfd35c5344f1a8ef57d1fb6cd5ae8ee3f4dd29a8141e8ef4eb4

SHA512
46b8ff0533bede75e22b905c980d3aef4bed3b78b72ef6142808da419bfd036ade94cc221046e922191ce973382ec6e32ffc6c6fc7a41a702360efc71a579169

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\user1up.bmp

Filesize
5KB

MD5
f825e5f63dd8befac491665b519f22b4

SHA1
a127a7a5e15f4887fd3c57cb887cad79d8ef8183

SHA256
e1c2c67212bcec0d1c2bed4e3c926dcac6e14960f617261491688f56474bbb37

SHA512
2f42dc9b57ebcabbd6086c1b1c9c5d2b9e3024cfeb101555a4d4dcfe0af4c539255b779d68ff2a04205c3aa4814db52f905797c1c6e5dda902fef7c9a8dc6cc4

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\user2down.bmp

Filesize
3KB

MD5
778dcbb4e3d285825e7af2caa9d888bd

SHA1
2143dd3c8d9d5624792d056e6d0b5c713f21065e

SHA256
8e4cb277434bbeb35e1828860d4a1c3c7f709a4c48147ed7f81cbfc4ed48acb3

SHA512
46497a6f06f2b2d8998ae34866f7197348afe6bbf6882c0f720962702594696743ee041cb2ac71bbd6d39d09c45d97ce044c4fc78015d939021247ca0fa989ed

Download Submit
C:\Program Files (x86)\AJAZZ AK33 Driver\Skins\user2up.bmp

Filesize
3KB

MD5
2033661aeedc5f454c44bc972ea7f4d8

SHA1
a9c5e6e903c0379ae5beccbd7587a977ff6b652e

SHA256
ccb8bdf6f439518b64bd5d8b9dd41e8c06ed8b59085e935a33de1ceabe3f6d75

SHA512
d9fcaa0b8827905e7d4294186aebaf513da5c41baa4e2ca45915e598cb054f9520dc0781b6fc936b9ad3b03d17ce2f0d10dbf7c0b0f98a77b159319935b9c306

Download Submit
C:\Program Files (x86)\InstallShield Installation Information\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\data1.cab

Filesize
588KB

MD5
41faea5a9bd0f773fecce741e2db476d

SHA1
1fa2f302c3d76812c63a94bb1045abe22dc19269

SHA256
d20717b241a695a7b0f0019f6c41c9f50687d433296573689133e70ae85620f3

SHA512
6947cc778fb4b21d7c53e1ed07bc39dd054c916174492889cf636f5f6eb16ea87ddc346eb5c32108c88a8b3e54be9515abeede30014aadadeca2dbb0a14de204

Download Submit
C:\Program Files (x86)\InstallShield Installation Information\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\data12f.rra

Filesize
18KB

MD5
832d863f721a26d6ee0bfb8bc4df9cea

SHA1
996658f081f998b382adbe15869314cc3424a13f

SHA256
b9e5d4c74dc7b9a99a48e6906ecab223f6be682255fa999988635e00ac1843e3

SHA512
fc338c9deacfae95b460c78f8990ba00c0ad1c4a8ff3eff9f015f2241bb3839104c54c96456be7f213abc955aa08d23f854bca1d42deed4b0e0ed3d2b4f45160

Download Submit
C:\Program Files (x86)\InstallShield Installation Information\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\layout.bin

Filesize
455B

MD5
1e6d1dbd5cb5369063f0e52e8d1eec7f

SHA1
57d885d97abd043d401d3e3513133c0174a537ef

SHA256
61ecad3c46efd28b40da335871fbaf0c47add3453f4c32f0ac542d6ea0b06f97

SHA512
328d0a62481b0a67093c9c7575e943fe97ff61ccc29b0e832eb0e290b324612f793a24572706c904a263d1a5d0fd477ee20425a7260460951d65097712bc4aee

Download Submit
C:\Program Files (x86)\InstallShield Installation Information\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\setu12f.rra

Filesize
384KB

MD5
8d699c26857440661fad1aed839ffc79

SHA1
7c38f49f874da346a4a3e4f3850d7cc287d83576

SHA256
350e4cfc8a692fc8382571d64ef00f6f4d4f997b85bb687e67ea222cdb2556ac

SHA512
4053a6cefe15cd29dfc4ece4d5521e1473dfc8af6275dfb7cca8863722b3807fc3ee7cdba33f0ba6ef417b3530b2cabe8d74e6235dab0554f00201305b465b9c

Download Submit
C:\Program Files (x86)\InstallShield Installation Information\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\setup.ini

Filesize
567B

MD5
b6508a2fc401d0f24ce5005b854b57dc

SHA1
3729160989606d25e39b72f5d5bc71698f28fd7d

SHA256
ff39156de477139f183ed6a01e02424d6ad5772f086eaa1b06440773dc6d26fc

SHA512
7a25b1b408903eceae9e1fe765e1bf9995456c3bf2f1f88e3ec79a06611e9a9f7446f0dbd08a5909e38831b22b006236c11645db94b929587e1d0a1d14ed8839

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zOCDBBC028\AJAZZ AK33 RGB Keyboard Driver.exe

Filesize
1.6MB

MD5
541bfacc167b74592d825cde232fee48

SHA1
9c5b7ba776ae4d47b85028eb51b94be4b101238a

SHA256
3ad8eee97d91e82943aee1aae2adf705eed176009e53cb38cf6ef1a14257bc58

SHA512
6e4fc6f1192dec810f85876a236e4d1bdcf4d70df835f678d7325e5f1348428885375f0d813f764df5d4f24dd22c51f42ae957e6e1aa79142ee379cec4fa3c00

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zOCDBBC028\AJAZZ AK33 RGB Keyboard Driver.exe

Filesize
1.3MB

MD5
cb1302e3d030b2167f3f17f53df0c439

SHA1
f9fa5fe4c5101ef60705ae5c7640ee3e1700c290

SHA256
6b583f2a3546e1f7fc99d6c2d5775867da9c67e6a6bb5ca0cc5fb4d675973314

SHA512
022e6ae764804d145b3337fe20aacb7a4c6991d48084e783c4c88b5af635847acb9f9e0fc00b5694409335afe7c7fccfae42959b1b3a83a35286f46afcf8ac87

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zOCDBBC028\AJAZZ AK33 RGB Keyboard Driver.exe

Filesize
3.3MB

MD5
2606fc3fafeb5f5f3ceefca9291fb977

SHA1
25899378dd59038429f519f1f84fea426dba552e

SHA256
eee7a36f8703dee969fab05cafc804b937b45aa7a1bd28104da83a010ae036ac

SHA512
8656d47850e302df15ca0c36c09ebc992ca8728cee1adb1a5b24a0f38c1fbea4bd60edb40700af35d64f81005ff92573d6335f20368095b2792d8824935c69cb

Download Submit
C:\Users\Admin\AppData\Local\Temp\{79AE67B9-F4F4-420E-AB04-4B3071E656FC}\Disk1\ISSetup.dll

Filesize
326KB

MD5
b011da1117f50ef66752aad9e6790d64

SHA1
7c6c8d37d23035692627bea46e7ee72566dec3e3

SHA256
23dc46fb206d2ee3e785bda1ae0c7773c948022902402b33c385460aedd4dff2

SHA512
90327bfc81486a606ed17daf9a144f1b64689fc46df306b8b5d32984084a3f82dc6e8ba6a353d2f80e1e975a03446130ea5b3d0f3cb089776ec3fe8589ba1f70

Download Submit
C:\Users\Admin\AppData\Local\Temp\{79AE67B9-F4F4-420E-AB04-4B3071E656FC}\Disk1\ISSetup.dll

Filesize
430KB

MD5
f61f4b7d68d210e4b2aade62ea97dbe7

SHA1
51d6241aab35e5c9558f6abc9a94ceaa46207817

SHA256
9a4104faeb7898c48d5d0111c7b83a8817e153d2ba294dc59eb354e4a5c847c9

SHA512
2163767d79097255607b74d75737f121e3825bd705a64d1f0bc989a96f0119da7a3224bee118a169ad4d8b027ec66360ca374b2f8ab5c041118d888e8f9e5ca5

Download Submit
C:\Users\Admin\AppData\Local\Temp\{79AE67B9-F4F4-420E-AB04-4B3071E656FC}\Disk1\ISSetup.dll

Filesize
412KB

MD5
25f71e0f627276158bb207bc1c6c0327

SHA1
3ddf583371eebb59d337622e0de62b429c8e6b55

SHA256
fb0b2cc6f0818e9a187454edeb085036cd9736f25f04279abcc4625fd80db216

SHA512
e141e1bbe8f1b05405d9c92dcbb6a65944a0d12ee735b175a2b5aba86bdde579cfa9ad45d1fe4b2292d97cf2b9e038051600fc92f95cdb696c490fbc6f9e3726

Download Submit
C:\Users\Admin\AppData\Local\Temp\{79AE67B9-F4F4-420E-AB04-4B3071E656FC}\_Setup.dll

Filesize
325KB

MD5
7de2d19c870587b8ffc5a446e9b6e29a

SHA1
4818065b55bbe0469cb2135197d69caae359ac63

SHA256
35eef33d1890a6e34d647f86f24c730b4f741c9d33fcce01cfb12d2b8e55b5d1

SHA512
bf2258b84f497e40670aac594e20f5a508cf603235f2cdd73e0c4e74613ece46468571b1beeaab5065ce214675e846a0641c9cb812b8e1fdf33a6ae0237ed3b3

Download Submit
C:\Users\Admin\AppData\Local\Temp\{79AE67B9-F4F4-420E-AB04-4B3071E656FC}\setup.ini

Filesize
493B

MD5
dd4a5e220429a42f2882862ea22cd66f

SHA1
f039887cb4b7c7749e71290c49809da117c7ebd4

SHA256
857ab56d4843c102bd7c157f3de4bcefe2e50444166a1f41686be37a4c4ccd69

SHA512
3b1033c475fd2b01f4382e87f13c4359d483e85d47480b6299af588deeb33d4f749c089c03a7ee806d37ca49ebf15cdc2e1e48ec936ee5f91b7ee734dcaa0d96

Download Submit
C:\Users\Admin\AppData\Local\Temp\{E34FAA17-794C-45A5-A8C5-4A87FB731978}\ISBEW64.exe

Filesize
114KB

MD5
2a276ba2b7782476302c59d0f760f4bc

SHA1
43bbb884a7b65534c417ae5a3f3f17f7e80e2f7d

SHA256
d3294cc8c750c4bd63016e87e9d2c53a501c173567f4edb9a3c6f1bd9836064a

SHA512
6bed8d3291ed422aed187637838bfb957ea59c772be3bc52c12242474712f411e174afe55ed6955b910a8ce3635f1552260063cf6db428a4e34bc76a4e3e01f6

Download Submit
C:\Users\Admin\AppData\Local\Temp\{E34FAA17-794C-45A5-A8C5-4A87FB731978}\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\DIFxData.ini

Filesize
86B

MD5
10baa5b67536f4433f37534b9c8bb828

SHA1
82e5c34b1279afda223b639b49078d03c52875f5

SHA256
1b9fd5c1f18357bd459be20bfcbf47ee18fa0c5d5cc42f6aed2705d5868b65f4

SHA512
49c6798ebb3b6137cafb78b88350d02094367523dcf8f9e580de1941e514b8b3df786d1d817090e5dab80ac4d0d015796b2ce28b296db31d111e0d0bbaeebb37

Download Submit
C:\Users\Admin\AppData\Local\Temp\{E34FAA17-794C-45A5-A8C5-4A87FB731978}\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\FontData.ini

Filesize
39B

MD5
00f313e3e007599349a0c4d81c7807c4

SHA1
f0171f15aab836a1979d3833e46b5e59e4ea32e0

SHA256
766ee687d90b0217eb41cb85aca04375bdc24db986a33536631f864b7ce1a08a

SHA512
8bb25a62c0b1640dec36403a493ed54c05f7cde7b7357c8faea785a79c4b76bbe6a3d6fe78db52b558a37abac90c2b2e8b13868a76294554d51670e9fa8764ad

Download Submit
C:\Users\Admin\AppData\Local\Temp\{E34FAA17-794C-45A5-A8C5-4A87FB731978}\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\VASData.ini

Filesize
30B

MD5
b16ff78e4420d4049da82fffe3026d31

SHA1
612be1fde59d3d4534a4d8e0947b65060ed6146b

SHA256
029f695d7a558a0070bdb42c07d35c7ae436fbd0688079b7ada58093505d9579

SHA512
8042f5a1f12ef644b7def42c52c90a252ff4a6c099956530cff8147daf2edd8934f5bc79bb560f550d47755fead71a1d0fbe7d52fdc0fb30a0ad64471beaaf7a

Download Submit
C:\Users\Admin\AppData\Local\Temp\{E34FAA17-794C-45A5-A8C5-4A87FB731978}\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\_IsRes.dll

Filesize
242KB

MD5
d78849f4838597d0b50c2c3d1bc2c325

SHA1
6f51b207051827b941c5389850dee54c7d7d0454

SHA256
9b774c2f52af214823edda2974ca47acaf5572fce6bd0a3d79069e5eaa56ad9d

SHA512
af6504caac2bc830f4f65afaee831238ca246d421220d573fa4b3a9ac7b37eacea8b298d683e82b833a69302b4fb1037bdd2cf129c3aadec5ceb9ef97ce7cf39

Download Submit
C:\Users\Admin\AppData\Local\Temp\{E34FAA17-794C-45A5-A8C5-4A87FB731978}\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\_IsRes.dll

Filesize
214KB

MD5
5b6f82fcf2fc56393a8e87365d8e74d3

SHA1
d4ec3e621496233251aad803dc097dedec817461

SHA256
5cfd62ec61169b0296b08c7e4581f2c6145c5327711871cc6ae5357d7aa6fd2f

SHA512
47bc2ab39bd93a8ed3d702d99f106a5ab86488ada8e0ec49249da1b1043aae5e800e501ec64e0bc17c2be80ff978da6b4520a998204293f9f04dd2061f9b5901

Download Submit
C:\Users\Admin\AppData\Local\Temp\{E34FAA17-794C-45A5-A8C5-4A87FB731978}\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\_IsRes.dll

Filesize
543KB

MD5
f7177810a12818ff8ba998c8e8a46e9a

SHA1
bcb879682e8d95b3782e00f85319b3a57ab28a24

SHA256
fac568b17bea1a1f0c8332e21b7ba33a3084c0a8a43307aa9a69aa3028d23d7d

SHA512
8658871f70afb5595129114249dbaa2b1152770abccb560d491ee650caa8515758b394133e5d91a09168d2dd7cb5ff225ed704f0b4208eca611658040d5cf03a

Download Submit
C:\Users\Admin\AppData\Local\Temp\{E34FAA17-794C-45A5-A8C5-4A87FB731978}\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\isrt.dll

Filesize
217KB

MD5
0f68d760fb480a1b039ca7d6b877d24c

SHA1
259d101a49646c3abe17114111ff9aa7df1b8fc2

SHA256
5974ce20a780d384383cfc24af4dc62bc22ca67ce1d76ea9981c42631480ab63

SHA512
d551553ceca5b9ba86f7422893df78ce71167096cbeae65319c344abf57601e8e6c8f9779a9a45ed28ce32c3e1c477b843d8ad4437e0643c0fabf56ab7f586d1

Download Submit
C:\Users\Admin\AppData\Local\Temp\{E34FAA17-794C-45A5-A8C5-4A87FB731978}\{0F3CC95E-A12C-4DEB-BCD2-0089B8A6B162}\setup.inx

Filesize
227KB

MD5
dbc61f288f5733e13ee6a250da4491af

SHA1
18815421a5c740e487a3fc7aea4459621cf0896b

SHA256
8b6855b47ac670e4a247a951e8199be26e55bb8172bd90fd9d181bef2c816156

SHA512
6c8571f75ca1b8d6e9d26d980db1c9cc6e520c00de650724a04e3c41d6de486a18548c3cdd980e475d308057a8f4fb69c40bfd75813a95b516abff8c45a08376

Download Submit
memory/3916-107-0x0000000004FA0000-0x0000000005028000-memory.dmp

Filesize
544KB

Download
memory/3916-39-0x0000000002730000-0x00000000028CA000-memory.dmp

Filesize
1.6MB

Download
memory/3916-141-0x0000000004FA0000-0x0000000005028000-memory.dmp

Filesize
544KB

Download
memory/3916-432-0x0000000002730000-0x00000000028CA000-memory.dmp

Filesize
1.6MB

Download
memory/3916-140-0x0000000002730000-0x00000000028CA000-memory.dmp

Filesize
1.6MB

Download
memory/3916-113-0x00000000052C0000-0x0000000005349000-memory.dmp

Filesize
548KB

Download
memory/3916-108-0x00000000047E0000-0x00000000047E2000-memory.dmp

Filesize
8KB

Download
memory/3916-204-0x0000000002730000-0x00000000028CA000-memory.dmp

Filesize
1.6MB

Download
memory/3916-106-0x0000000004FA0000-0x0000000005028000-memory.dmp

Filesize
544KB

Download
memory/3916-40-0x0000000000720000-0x0000000000722000-memory.dmp

Filesize
8KB

Download
memory/4496-157-0x000001A2FAE00000-0x000001A2FAE01000-memory.dmp

Filesize
4KB

Download
memory/4496-156-0x000001A2FAE00000-0x000001A2FAE01000-memory.dmp

Filesize
4KB

Download
memory/4496-152-0x000001A2FAE00000-0x000001A2FAE01000-memory.dmp

Filesize
4KB

Download
memory/4496-151-0x000001A2FAE00000-0x000001A2FAE01000-memory.dmp

Filesize
4KB

Download
memory/4496-159-0x000001A2FAE00000-0x000001A2FAE01000-memory.dmp

Filesize
4KB

Download
memory/4496-158-0x000001A2FAE00000-0x000001A2FAE01000-memory.dmp

Filesize
4KB

Download
memory/4496-161-0x000001A2FAE00000-0x000001A2FAE01000-memory.dmp

Filesize
4KB

Download
memory/4496-160-0x000001A2FAE00000-0x000001A2FAE01000-memory.dmp

Filesize
4KB

Download
memory/4496-162-0x000001A2FAE00000-0x000001A2FAE01000-memory.dmp

Filesize
4KB

Download
memory/4496-150-0x000001A2FAE00000-0x000001A2FAE01000-memory.dmp

Filesize
4KB

Download