Analysis

  • max time kernel
    120s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14/03/2024, 07:30

General

  • Target

    c80db7be3925bada310f7467433a7922.html

  • Size

    185KB

  • MD5

    c80db7be3925bada310f7467433a7922

  • SHA1

    b3426990dbb9cb11ca5301b8013e18d5997023c4

  • SHA256

    d6dc3745cdf9d06e242ce8929576f8923ad3b07bf5b722c57859728b2e0b906b

  • SHA512

    e7f9e9b1e4294a216ab946112416c63d127d6d44403dedb6a2755257242ebbcdc14127118e551a4bc01bece2accae172b6f210a1316fb8cb5593530e78cc8fb4

  • SSDEEP

    3072:WyfkMY+BES09JXAnyrZalI+Y6XXI6EyA8:TsMYod+X3oI+YS1tA8

Malware Config

Signatures

  • Ramnit

    Ramnit is a versatile family that holds viruses, worms, and Trojans.

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Drops file in Program Files directory 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious behavior: MapViewOfSection 23 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\wininit.exe
    wininit.exe
    1⤵
      PID:372
      • C:\Windows\system32\services.exe
        C:\Windows\system32\services.exe
        2⤵
          PID:468
          • C:\Windows\system32\svchost.exe
            C:\Windows\system32\svchost.exe -k DcomLaunch
            3⤵
              PID:600
              • C:\Windows\system32\DllHost.exe
                C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
                4⤵
                  PID:1096
              • C:\Windows\system32\svchost.exe
                C:\Windows\system32\svchost.exe -k RPCSS
                3⤵
                  PID:676
                • C:\Windows\System32\svchost.exe
                  C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                  3⤵
                    PID:764
                  • C:\Windows\System32\svchost.exe
                    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                    3⤵
                      PID:816
                      • C:\Windows\system32\Dwm.exe
                        "C:\Windows\system32\Dwm.exe"
                        4⤵
                          PID:1228
                      • C:\Windows\system32\svchost.exe
                        C:\Windows\system32\svchost.exe -k netsvcs
                        3⤵
                          PID:856
                        • C:\Windows\system32\svchost.exe
                          C:\Windows\system32\svchost.exe -k LocalService
                          3⤵
                            PID:992
                          • C:\Windows\system32\svchost.exe
                            C:\Windows\system32\svchost.exe -k NetworkService
                            3⤵
                              PID:300
                            • C:\Windows\System32\spoolsv.exe
                              C:\Windows\System32\spoolsv.exe
                              3⤵
                                PID:272
                              • C:\Windows\system32\svchost.exe
                                C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                                3⤵
                                  PID:1040
                                • C:\Windows\system32\taskhost.exe
                                  "taskhost.exe"
                                  3⤵
                                    PID:1124
                                  • C:\Windows\system32\svchost.exe
                                    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                                    3⤵
                                      PID:1980
                                    • C:\Windows\system32\sppsvc.exe
                                      C:\Windows\system32\sppsvc.exe
                                      3⤵
                                        PID:3020
                                    • C:\Windows\system32\lsass.exe
                                      C:\Windows\system32\lsass.exe
                                      2⤵
                                        PID:484
                                      • C:\Windows\system32\lsm.exe
                                        C:\Windows\system32\lsm.exe
                                        2⤵
                                          PID:492
                                      • C:\Windows\system32\csrss.exe
                                        %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
                                        1⤵
                                          PID:388
                                        • C:\Windows\system32\winlogon.exe
                                          winlogon.exe
                                          1⤵
                                            PID:424
                                          • C:\Windows\Explorer.EXE
                                            C:\Windows\Explorer.EXE
                                            1⤵
                                              PID:1284
                                              • C:\Program Files\Internet Explorer\iexplore.exe
                                                "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c80db7be3925bada310f7467433a7922.html
                                                2⤵
                                                • Modifies Internet Explorer settings
                                                • Suspicious use of FindShellTrayWindow
                                                • Suspicious use of SetWindowsHookEx
                                                • Suspicious use of WriteProcessMemory
                                                PID:1500
                                                • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                                                  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1500 CREDAT:275457 /prefetch:2
                                                  3⤵
                                                  • Loads dropped DLL
                                                  • Modifies Internet Explorer settings
                                                  • Suspicious use of SetWindowsHookEx
                                                  • Suspicious use of WriteProcessMemory
                                                  PID:2828
                                                  • C:\Users\Admin\AppData\Local\Temp\svchost.exe
                                                    "C:\Users\Admin\AppData\Local\Temp\svchost.exe"
                                                    4⤵
                                                    • Executes dropped EXE
                                                    • Drops file in Program Files directory
                                                    • Suspicious behavior: EnumeratesProcesses
                                                    • Suspicious behavior: MapViewOfSection
                                                    • Suspicious use of AdjustPrivilegeToken
                                                    • Suspicious use of WriteProcessMemory
                                                    PID:2612

                                            Network

                                                  MITRE ATT&CK Enterprise v15

                                                  Replay Monitor

                                                  Loading Replay Monitor...

                                                  Downloads

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    67KB

                                                    MD5

                                                    753df6889fd7410a2e9fe333da83a429

                                                    SHA1

                                                    3c425f16e8267186061dd48ac1c77c122962456e

                                                    SHA256

                                                    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

                                                    SHA512

                                                    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    9a5a0d7da535ce8154acda02d7500199

                                                    SHA1

                                                    186f753c316abd94e9ec079af646c8a7550bc6d6

                                                    SHA256

                                                    2c1c1568d6e608bfb19870cf53c104f30afcf5a43886153c4eabba9daeedd31a

                                                    SHA512

                                                    73a86ae0c1da6f6b89b6a61d7e59ca3d8dad459fdf2788b9b68e0a070698eeed1643a4d51022effbecfb1234d91f686d71500b6f34d23fe66af374fef9f833a8

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    4808fab5425109ac41db780a2e9629c7

                                                    SHA1

                                                    a7a3e75026707843d0b755db2b3902f09388d38a

                                                    SHA256

                                                    badfc6c8f3215f268b431af8b3b5870d5a36c07d8c4601090319e2f85a0fd2d4

                                                    SHA512

                                                    7170c35acfe56f2be0f997e37ed185f573e743e0f1e82aef30eecb5fea6fb6cf7e8134963b2e0ba070a5651eb0f63a45e6cbb4d00e342564c2201fc70a0b745a

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    acb0b018b43049fd255a83a1d026a774

                                                    SHA1

                                                    9ae3e9261a0413b3ce8aecfd33980c36fe3446ca

                                                    SHA256

                                                    037c7dc47b56c856f52dda3c9769462960905a9d9b9ba1b815333700f8c6de82

                                                    SHA512

                                                    84fb5924b7b663bdba7ad5ed5f4ca77d1b94cb05ce78d2d8d90d6484f3d99a7ad76b67a954b060034f804c40f8405497cb214dfbf90cb9bcf1165fa105019e51

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    ed2a7381c9fcba9b7c8299674881b91f

                                                    SHA1

                                                    7743eb4442c33a9071b432b4462d7f352045cd93

                                                    SHA256

                                                    2ab581cbaf13249d3bec4375f33bcb2eba6f883d95a8c55201d4268c3a9622ac

                                                    SHA512

                                                    6115b62f6dc2bc418c09e2e72146053cda74a1ceb8653f383623f4e43220c5dc7b80bca4dffe274e391ff599f92dc2d9a94f5bd2af7d1e1eaf51cd37b12d74f8

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    74b223aebe2583f7d17ec34a13352e81

                                                    SHA1

                                                    d7c101539074605591e87f13d345418ed6586151

                                                    SHA256

                                                    68d771a548b4675aff0df15f74f7247e59a242cc3c1c7c000aa42162f5311383

                                                    SHA512

                                                    3af1499a1b03868e901080a13a201df82ad112b45376301b50575c4efa1043c7b99b5a5728f552a5eb16b43c984b0f883889345cf2cb92aec36d6d3a79af54cd

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    2d8f3ccd71d4f94bed11ed272d858772

                                                    SHA1

                                                    9da57915a513440353609b11691ce69b9bb3ac5a

                                                    SHA256

                                                    3aacde057182b95d54fb91e57d239127ffcdce40675a0b346dfabd03a8844a93

                                                    SHA512

                                                    adf9c688040262b14965575d9f7cabcf31959e8fc76824c537e62ce25aa37bd113f80814a7bfb0f52355327af45e4b2154befb6ece056958ec28502e21821df9

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    8e00c994e0a4a82b315210e38d3bab1b

                                                    SHA1

                                                    1109aa106b0f2dd8761f0ed5b0eaecc0c3760671

                                                    SHA256

                                                    637aebc573968586d52be67b849485b038dd10bfca89ee031a552d99a076db5c

                                                    SHA512

                                                    55a5d7cf355c7e869058a005588c4b112b235a03e045e02d2f5f195a01f5451592e7a16b11ff215fe15defab1044e4ce6dcf1837387e4a16596eb43d3039bf42

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    870eafa2e855704dc108f711612707af

                                                    SHA1

                                                    7354ff4238e127095c97462be3015d71e6e356d0

                                                    SHA256

                                                    1265b630c5443310ff06b9fa371d082bb4ba560c8de7ca67d6c86810b50d4518

                                                    SHA512

                                                    13c1b7c0f29b5b0f75ebbcd262e72c306e3903d02eaa3d689aa19751899fb8382b2e0e926416759ee063d58e2a344f79c2aaf5544a0e658193fa5f27113b0965

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    79429579bee1d60349bc8833c9fd8b92

                                                    SHA1

                                                    1a4badf7a5bf3683515d9b138bc9596c11c7ac74

                                                    SHA256

                                                    a92d75f178d90005430dec910f855a91c014c5534c1102140a6618663fe6d705

                                                    SHA512

                                                    21e0d0d642945accbe7bd9c023ebeb49a4a92e9f2dd41c386ff2568aac81f26778d626a3139899fb20bf7435af604e65892ac6fa1c48558ad8d0d52b7920e8c3

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    8d0cd3ec1697a59b48c421346719168b

                                                    SHA1

                                                    a94adf0cfcc1af2c618d2112d6e1d79d751a7a8c

                                                    SHA256

                                                    c39330408fd21726fb64264707255767e1bdb24f9a4e2e5fb1377071f0ab6693

                                                    SHA512

                                                    9884855748c228a58d9ef82676006e16656061ee4fcbe0c842ca55f678bbcb8fae62b718ad9cdecf85bb0babde8ce0900e275279688c0df46c683bc7813f0b93

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    e8ed0a928bb41f491187c414238c000c

                                                    SHA1

                                                    7621a21fb8f1ab870b956fd496b9c9bf3e3ea8bb

                                                    SHA256

                                                    4a82df2ca2695a7ffbe6ce9debe1b048432e8ec079261bc1ed6ffe1b977d0bbe

                                                    SHA512

                                                    9a0c405f10f7ebb1d45dcdeeb748a8b247e5c51867425c90741f018b1d114a9338a657503e88f55c3bde40b91b92bfcb4a3b43a983cd9d908d71723f0ed22bd3

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    e34517684d52229e96d8ad52809ff80f

                                                    SHA1

                                                    f2e7d33b7e40cca6bcd6319364beaba868475688

                                                    SHA256

                                                    13e0092c35f91abaed51121bf07c52932283df90880e2d6cba810fdaae0c3f3d

                                                    SHA512

                                                    4752294a303a072888eeaad2177d967acc5f708e0ee1ccb716d79944b0ecedc40ddef8c43e03d9fc2ac8e96714495ac5a86405807edc9b78ef857d8dcbcc2014

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    d693fb7d5c6aa826f83c7777edcacea7

                                                    SHA1

                                                    0fe3b5c99b61e6014691acad21328f038a00f38f

                                                    SHA256

                                                    7033098d42a04b9212462e29884142736d115994ae6858bbc1090343a1f0a731

                                                    SHA512

                                                    debcac6a8761e011cfcea0b8bc9eafe94c9aa87bb392f3e2c686709be1a93139f5196dad38015086155d1c5392523f5da623e74f0cda107bdbf598dccf0f0d6c

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    1a99245f818706d536f3dc5089996bc4

                                                    SHA1

                                                    63d2fb098f25c003579abf6ac4f233d18159569c

                                                    SHA256

                                                    82f33e88ca57689a139bf1fc90d5d7ba1c8ec8150ca3d6cb83b51081aeeb79ab

                                                    SHA512

                                                    d034fa91c607c54e11762aa9de7124d8ad9327cf344e2f9d88b2fac8d1f198f3f25cfb13861244d71408d62ded28fd0f829f33ac34c0e758088ea7b70c7def25

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    12413b623110a2939abff6100c3685b8

                                                    SHA1

                                                    78acf9d6cd7e2011a5dc3342c7aed8d4f96d1faf

                                                    SHA256

                                                    f5978af91bbf754a4ba0dc01ebe7b7ccc2e4b2e231924653b332e98af99be047

                                                    SHA512

                                                    a4c340c73dd5c30c8265102ecaed7a11856e77e123e3121df12ac15dbbe3ad8c780ce35862e456130e90b1df77bd7f0165f8e246dbb43757317564f35a04adbf

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    4d9b73ad7b00482dc303f7a9ca55f4f9

                                                    SHA1

                                                    6351ce3f9c24154663023ce107266dfb2c8a3f59

                                                    SHA256

                                                    02fe8d879448fe540ac53f562434bd26da7b2c400918cdf50b369587a9c487e0

                                                    SHA512

                                                    73a0a172983a16ddb38f3571e2d946f7f6877b38a06840530c7bc62d71c96a2e8cc1142a6ffad979bdeef24a0bed694e4fe0711446aafd4f15296a5892703dc3

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    3db1f6ed3e67314011025099fba3624e

                                                    SHA1

                                                    70d9221e450d42c28f7d207bacad5be054f297ab

                                                    SHA256

                                                    b0d87ea9ace7795b3939a15602d7022cdc671351c2b7bbe2c6931b85ef489e55

                                                    SHA512

                                                    2a99be7ae7f40a47fe5eca9502a423395afe9e994b0fd5390327a18749e1ef5b2cc7eba5737bb0b86af0959e543544c4b0ff6e721d9cbc0787f35712332f27b7

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    5c3a9cc3ef25929f02edcdf36373c671

                                                    SHA1

                                                    1eb83c01787b5a0b0d0514e054cc06f40d8429e8

                                                    SHA256

                                                    9a693e0c055af9d90df655f4473b790cb9c2d27da742ca3b27094605f24040cf

                                                    SHA512

                                                    5d4831b2592bee67d1a777b95a329c34ba483443697f9db5d364f7e0efa630ca204f59146c0603d6e1511626e5ba2b7320becf6d3e3ac4dbc717c0116bf8c2b0

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    c836b794a2581fc621ccc0687c1880e3

                                                    SHA1

                                                    c2f49e41fda7d50709d5e78c542577682530091a

                                                    SHA256

                                                    8adf74211ced3faca1b9fadfa7af50aa75f699482980468e9d7dc08a866398bd

                                                    SHA512

                                                    acc5b94f43274a7737042b505ecebbdec3e39327982e2582562e7be696a4baaa621d1e25138eb9bf8161f09c878321b4fbde896b0e297db963e06cae5feba732

                                                  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

                                                    Filesize

                                                    344B

                                                    MD5

                                                    eb845be0512cba2afcb7a2fe5deafc27

                                                    SHA1

                                                    6fe9749e2d16f2602467ff3411509fa17936b601

                                                    SHA256

                                                    a592bc600a20d2475a167e8c8e8113729aaec14af2b8c68801440e52318b79fa

                                                    SHA512

                                                    86054cf45ec80afca3e5bffe8c8da7681b85170ea8c6ecea26741d1661c390b33c280c2c8088e6da270b41f84fcecb79cd793bf3153c4c8e376d28e41d108317

                                                  • C:\Users\Admin\AppData\Local\Temp\CabA342.tmp

                                                    Filesize

                                                    65KB

                                                    MD5

                                                    ac05d27423a85adc1622c714f2cb6184

                                                    SHA1

                                                    b0fe2b1abddb97837ea0195be70ab2ff14d43198

                                                    SHA256

                                                    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

                                                    SHA512

                                                    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

                                                  • C:\Users\Admin\AppData\Local\Temp\TarA4A3.tmp

                                                    Filesize

                                                    175KB

                                                    MD5

                                                    dd73cead4b93366cf3465c8cd32e2796

                                                    SHA1

                                                    74546226dfe9ceb8184651e920d1dbfb432b314e

                                                    SHA256

                                                    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

                                                    SHA512

                                                    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

                                                  • C:\Users\Admin\AppData\Local\Temp\svchost.exe

                                                    Filesize

                                                    84KB

                                                    MD5

                                                    df455f0fa8fb3fa4e6699ad57ef54db6

                                                    SHA1

                                                    51a06248c251d614d3a81ac9d842ba807204d17c

                                                    SHA256

                                                    15068b86edc0473a4f96f109830318e0540af348197e2b65f2e90ff32cfb14a1

                                                    SHA512

                                                    f69dea5b68e4fc8737fc0e6ef48476d3ed0a5ebd2f9dccc9d966df137f9ffdbb51e413a0852c22399afab53ea8a2755664afdcee6897a1cf387a9a620481b2a6

                                                  • memory/2612-10-0x0000000000400000-0x0000000000436000-memory.dmp

                                                    Filesize

                                                    216KB

                                                  • memory/2612-9-0x0000000077D60000-0x0000000077D61000-memory.dmp

                                                    Filesize

                                                    4KB

                                                  • memory/2612-6-0x0000000000400000-0x0000000000436000-memory.dmp

                                                    Filesize

                                                    216KB