fantom | 2eaccf2ffad0c83282b940b5ed1e65f38acacc9e002b48e3bf4f852e1097232a

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
15-03-2024 21:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ransomwares/Fantom/Fantom.exe
Size

261KB
MD5

7d80230df68ccba871815d68f016c282
SHA1

e10874c6108a26ceedfc84f50881824462b5b6b6
SHA256

f4234a501edcd30d3bc15c983692c9450383b73bdd310059405c5e3a43cc730b
SHA512

64d02b3e7ed82a64aaac1f74c34d6b6e6feaac665ca9c08911b93eddcec66595687024ec576e74ea09a1193ace3923969c75de8733859835fef45335cf265540
SSDEEP

3072:vDKW1LgppLRHMY0TBfJvjcTp5XxG8pt+oSOpE22obq+NYgvPuCEbMBWJxLRiUgV:vDKW1Lgbdl0TBBvjc/M8n35nYgvKjdzi

Score

10^/10

fantom evasion ransomware

Malware Config

Extracted

Path

C:\Program Files\7-Zip\Lang\DECRYPT_YOUR_FILES.HTML

Ransom Note

<html> <head> <style> body{ background-color: #3366CC; } h1 { background-color: RGB(249, 201, 16); } p { background-color: maroon; color: white; } </style> </head> <body> <center> <h1><b> Attention ! All your files </b> have been encrypted. </h1></br> <p> Due encrypting was used algoritm RSA-4096 and AES-256, used for protection military secrets.</br> That means > RESTORE YOU DATA POSIBLE ONLY BUYING decryption passwords from us.</br> Getting a decryption of your files is - SIMPLY task.</br></br> That all what you need:</br> 1. Sent Your ID_KEY on mailbox [email protected] or [email protected] </br> 2. For test, decrypt 2 small files, to be sure that we can decrypt you files.</br> 3. Pay our services. </br> 4. GET software with passwords for decrypt you files.</br> 5. Make measures to prevent this type situations again.</br></br> IMPORTANT(1)</br> Do not try restore files without our help, this is useless, and can destroy you data permanetly.</br></br> IMPORTANT(2) </br> We Cant hold you decryption passwords forever. </br>ALL DECRYPTION PASSWORDS, for what wasn`t we receive reward, will destroy after week of moment of encryption. </p> <p> Your ID_KEY: <br> </p> <table width="1024" border="0"> <tbody> <tr> <td><p>KhI8FoWWoP4BalLuSCLZHINfRZEsjn9ulXl4JYEELILlONueye2htXSfzMsovIUDVOIHM5cdQf9GKkhO+TDPrKqG2fW49DniNng3w2H4tLS3t5E57XCVyD7LN6S/06CoECpYaxjedytrLFgAzzbbEDh0SyRZwY2GjtHRyXg6OuAITDn8j5brj+7IdR2DBJOvfTsDBPhH2YkC7Mbyp9JX5nU5kAM8PXg6p1PhT3NgMGi8vwapoxJNYmmq5qzH2bQtEudcFT62708wSGQqYM6NEO4QkqnBAenEURq+p0RO32PvJArt7ekFJyhv1laqr498oY1T4PNMXMZJ2xbng0MxXA==ZW4tVVM=</p></td> </tr> </tbody> </table> </center></html></body>

Emails

[email protected]

Signatures

Fantom
Ransomware which hides encryption process behind fake Windows Update screen.
ransomware fantom
Renames multiple (1186) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware
Disables Task Manager via registry modification
evasion

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000\Control Panel\International\Geo\Nation	Fantom.exe

Executes dropped EXE 1 IoCs

pid	Process
4064	WindowsUpdate.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-black\Weather_TileSmallSquare.scale-200.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.Getstarted_8.2.22942.0_neutral_split.scale-200_8wekyb3d8bbwe\Assets\GetStartedLargeTile.scale-200_contrast-black.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Common.View.UWP\Strings\km-KH\View3d\DECRYPT_YOUR_FILES.HTML	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\OneNoteNewNoteWideTile.scale-200.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\images\contrast-white\OneNoteSectionSmallTile.scale-400.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1906.2182.0_x64__8wekyb3d8bbwe\Assets\AlarmsAppList.contrast-white_targetsize-64_altform-unplated.png	Fantom.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\sdxs\FA000000027\assets\Icons\[email protected]	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe\Assets\Store\AppIcon.altform-unplated_targetsize-24.png	Fantom.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\ExchangeWideTile.scale-200.png	Fantom.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\jre\legal\jdk\relaxngom.md	Fantom.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\LogoImages\ExcelLogo.contrast-black_scale-140.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\Assets\Square44x44Logo.targetsize-96.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_neutral_split.scale-100_kzf8qxf38zg5c\Assets\Images\SkypeLogo.scale-100.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_neutral_split.scale-100_kzf8qxf38zg5c\Assets\Images\SkypeTile.scale-100_contrast-white.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.XboxApp_48.49.31001.0_x64__8wekyb3d8bbwe\Assets\IDPValueAssets\GameDVRValueProp.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherImages\423x173\3.jpg	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.MixedReality.Portal_2000.19081.1301.0_x64__8wekyb3d8bbwe\Assets\Background_RoomTracing_Success.jpg	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\ReactAssets\assets\node_modules\reactxp-experimental-navigation\NavigationExperimental\assets\[email protected]	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Images\Ratings\Yelp7.scale-200.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.30251.0_x64__8wekyb3d8bbwe\Assets\AppPackageWideTile.scale-125.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.HEIFImageExtension_1.0.22742.0_x64__8wekyb3d8bbwe\Assets\contrast-white\MedTile.scale-200_contrast-white.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_10.1907.2471.0_x64__8wekyb3d8bbwe\Assets\FileAssociation\FileAssociation.targetsize-20.png	Fantom.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\EmptyView-Dark.scale-200.png	Fantom.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\HxAccountsStoreLogo.scale-100.png	Fantom.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\LinkedInboxBadge.scale-200.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsSoundRecorder_10.1906.1972.0_x64__8wekyb3d8bbwe\Assets\VoiceRecorderAppList.contrast-black_targetsize-40_altform-unplated.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_neutral_split.scale-100_8wekyb3d8bbwe\Assets\AppTiles\AppIcon.scale-100.png	Fantom.exe
File opened for modification	C:\Program Files\7-Zip\Lang\id.txt	Fantom.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Integration\C2RManifest.PowerPoint.PowerPoint.x-none.msi.16.x-none.xml	Fantom.exe
File created	C:\Program Files\WindowsApps\DeletedAllUserPackages\Microsoft.WindowsAlarms_10.1906.2182.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\TimerMedTile.contrast-white_scale-125.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.12026.20112.0_x64__8wekyb3d8bbwe\AppxMetadata\DECRYPT_YOUR_FILES.HTML	Fantom.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\HxA-Exchange.scale-250.png	Fantom.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\HxMailAppList.scale-150.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Collections\contrast-black\SmallTile.scale-125_contrast-black.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19071.19011.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppList.targetsize-96_altform-unplated_contrast-black.png	Fantom.exe
File opened for modification	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ef8c08_256x240.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_neutral_~_8wekyb3d8bbwe\microsoft.system.package.metadata\DECRYPT_YOUR_FILES.HTML	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.ScreenSketch_10.1907.2471.0_x64__8wekyb3d8bbwe\Assets\ScreenSketchSquare44x44Logo.targetsize-96_contrast-black.png	Fantom.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ja.txt	Fantom.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\THEMES16\JOURNAL\DECRYPT_YOUR_FILES.HTML	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.MSPaint_6.1907.29027.0_x64__8wekyb3d8bbwe\Assets\StartScreen\DECRYPT_YOUR_FILES.HTML	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.WebpImageExtension_1.0.22753.0_x64__8wekyb3d8bbwe\Assets\AppList.targetsize-48.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe\Assets\SecondaryTiles\Directions\Car\LTR\contrast-black\SmallTile.scale-125.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.WebpImageExtension_1.0.22753.0_x64__8wekyb3d8bbwe\Assets\contrast-black\LargeTile.scale-150_contrast-black.png	Fantom.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\LinkedInboxLargeTile.scale-200.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1907.3152.0_x64__8wekyb3d8bbwe\Assets\MediumGray.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.XboxApp_48.49.31001.0_x64__8wekyb3d8bbwe\AppxBlockMap.xml	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19071.19011.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppList.targetsize-80_altform-unplated_contrast-white.png	Fantom.exe
File created	C:\Program Files\Microsoft Office\root\Office16\FPA_FA000000050\DECRYPT_YOUR_FILES.HTML	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.Microsoft3DViewer_6.1908.2042.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata\DECRYPT_YOUR_FILES.HTML	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\AppTiles\contrast-white\MapsAppList.targetsize-80_altform-unplated_contrast-white.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe\Assets\contrast-black\AppUpdate.svg	Fantom.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Tw Cen MT.xml	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.VP9VideoExtensions_1.0.22681.0_x64__8wekyb3d8bbwe\Assets\contrast-black\BadgeLogo.scale-125_contrast-black.png	Fantom.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-white\OutlookMailBadge.scale-400.png	Fantom.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Arial Black-Arial.xml	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.VP9VideoExtensions_1.0.22681.0_x64__8wekyb3d8bbwe\Assets\BadgeLogo.scale-100.png	Fantom.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\contrast-black\HxA-Google.scale-100.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19071.19011.0_x64__8wekyb3d8bbwe\Assets\contrast-white\AppList.targetsize-72_contrast-white.png	Fantom.exe
File created	C:\Program Files\Common Files\microsoft shared\MSInfo\de-DE\DECRYPT_YOUR_FILES.HTML	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe\Assets\AppTiles\WeatherIcons\30x30\15.png	Fantom.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\bg4_thumb.png	Fantom.exe
File created	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\PreviewMailList.png	Fantom.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\SecondaryTiles\Home\contrast-black\WideTile.scale-200.png	Fantom.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2980	Fantom.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2980	Fantom.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 2980 wrote to memory of 4064	2980	Fantom.exe	92
PID 2980 wrote to memory of 4064	2980	Fantom.exe	92

C:\Users\Admin\AppData\Local\Temp\ransomwares\Fantom\Fantom.exe
"C:\Users\Admin\AppData\Local\Temp\ransomwares\Fantom\Fantom.exe"
1⤵
- Checks computer location settings
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2980
- C:\Users\Admin\AppData\Local\Temp\WindowsUpdate.exe
  "C:\Users\Admin\AppData\Local\Temp\WindowsUpdate.exe"
  2⤵
  - Executes dropped EXE
  PID:4064

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\cef_200_percent.pak

Filesize
16B

MD5
b47df84e2df55d90d47d4c1ba9938f0b

SHA1
faf349547040d99ca89208f132feb45858587d9c

SHA256
cb56ee21424bbe26bc25aefd69494cf0c2e98c4f7d55940de8f9f074fa7b39e6

SHA512
15cb34108fbc32860f52358c43063967b0e6652e8d720ea0ffa21c25fdb13607252466c146710dca70eb04deb8335af2f2b6a46a02537af2b87b7e56fcec947b

Download Submit
C:\Program Files\7-Zip\Lang\DECRYPT_YOUR_FILES.HTML

Filesize
1KB

MD5
784e39e5478080f357e96652d29d4732

SHA1
5f648515863774bfe6fa0ca23975a69a59b315e6

SHA256
3128c3492dae62f76dc1f9d1bbb02af6163e0ab0ec931eca393e892bc3a93d0e

SHA512
19c9123595706cc3f3126630dcb6ac9463d544477f40c0f39133f8ab73b3e97c9ee42c2b7c4277735b232af1764858685494482d794fc45aa26e86a9e1ed7d5f

Download Submit
C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif

Filesize
160B

MD5
edc62e6fc5a5e409c01e88f3e9975761

SHA1
e50ecd59e5fc1beb140469f319010f2292ad240b

SHA256
d8c5b1eb1676307869e0dc4ca66f60f9660ca75d28e8b889dfa2cead55d48838

SHA512
39d71fcc135ff020c4dcf7c0ee3a396c3b351f307273c1af433abc9e386a0b23469be232299e69db7c56d9bcbbc48f92df2463cfa1b1cd70460c8f860fcac009

Download Submit
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME-JAVAFX.txt

Filesize
192B

MD5
c62b9564b0b392c8b16feef1bcb140e5

SHA1
386653f043880cd036c888d1fc7b0b5dc026f6eb

SHA256
59139649e8edc4d80b39e984623ac3d82daf5b5f286343c19edb89c5006b89fa

SHA512
8250eaed37b2652756373d917bd935f44a4735a8aa9f9035061de1b4a27e527856089e9758f97b0df9bfcb3cf774516a142175abb9a863393a43f602225f2ba0

Download Submit
C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME.txt

Filesize
192B

MD5
7cd3ef2dc3c4ec3ee6b5c66e15461020

SHA1
a7c75c28e796aa00db46d8f050af5bb4f2f3e1c0

SHA256
02cf013aa5f65c17dded8b0f037377c4eb603d773904962c8c2575fb5d4e4e98

SHA512
757ac08c3bf8e3ec3a3ffed3651508fdb1ee37507f3d9817f2e315c163c719c3bc34537241ab48c3c3f1376dcf3d66c40afe83edd7d0af3334ec323ecb881ee3

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\directshow.md

Filesize
1KB

MD5
cd16178758adcc6b98e0396762a9536f

SHA1
0bb451557a7bb4ca47e0254943a2847bf4fa715d

SHA256
24b3b87be00ca7b6c59bb250c1298f279bd19395d463aa21be0ca7b5745386a3

SHA512
0838558a425ab9382e6692de64de4d5275cd45f60f4c36d7e583b60a572b75b4a960fde73b28df904e76fc517a169f5d474ca60fa6f1b0055d781adc598b3ac6

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\glib.md

Filesize
31KB

MD5
864d010c6ca44911369a6fabb2175832

SHA1
b3c8bd260e0220cd2d540e60997c7ebcc71b7fcc

SHA256
5cb1c21ec4c10cb7fd0e33048beb0856c918a82bea6d9b308f077948f63e9f63

SHA512
14e8e4d6e7aa1658871d9905d4f8fbe35a883ca72eab446cdf6a45915d0e79bc08ecf0e0fe9a7b954676810c7ec87d536d73c5e44189ae92468dd30cf00bab6d

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\gstreamer.md

Filesize
34KB

MD5
00a496d34b3f7c0c548e86d71f774e25

SHA1
e97441547533a1e7acdf371da0c4315db6d92333

SHA256
48bf30b126f1d59b42c3030177c68154a42dc008bd1c4fd2a9cbe9d08a627d8c

SHA512
2c9e13dfbc498c3643351cbf64e6d68f77ea0a203fbf82a99249cb71089b10b41510fb586f33fab4e530cf463b06dd9efccd7388cdad8028e1305fd586198c68

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\icu_web.md

Filesize
23KB

MD5
a3ebb4521d0381be22caf663746e09e1

SHA1
0b06d898b0c8c20bbff5dfb949f36a3c743dccb4

SHA256
2d63d7068d72535cef254ef735938c42a922c009612de0eed1c6006d9f481c14

SHA512
7ec3df0be85255bd35c6b9c1f24b354638aa77d0470ec8ee54167ce8281b5c59b82aef237372509b64edbbaeacbc71aca4ba3246764128a0e0857791ae9aa1ac

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\jpeg_fx.md

Filesize
2KB

MD5
e7ff0e76812bb673f3050cb1a768e068

SHA1
e61212bf49204a9bc971fdde72a9b3d82f6c9915

SHA256
b84f80492abc503f87f8e28bb03f26279da647ada609e92e361d1596536d791d

SHA512
4aebe83bca5cc9f7471629e1bcaf60fa93de0669bd8732eb8df988a4865a2f8e3d35150c7f4d0fad67e23ae0d6f7621fe002c99d1384dad59e267bd3e8f53c6f

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libffi.md

Filesize
1KB

MD5
f5329d8221d4ff7905e96c657354c266

SHA1
8bcd1980190ee7a0d28474b8e5fd7e346a15cf87

SHA256
6a1ecad143b6551d8d68a887886b2ac780cfd1b316a56b936d4eb45771a18e7e

SHA512
76fd049b96ad8fed51daa50d68ed7f7a7d3f7786ee6f70d0de59246c16494ca0b31d5d536b80df2008d1d09cc5ccc6e7188a4e9b2c0e3f3f9f8263311c7b4b6e

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libxml2.md

Filesize
3KB

MD5
a42b2631790fd7e50f51125b95a071dc

SHA1
14571c358d7801351ac6e6103ae9003ac32512d0

SHA256
4d3c077bd80017fcc518555043997f720dc8b70f804412bf14d4fbb52281d868

SHA512
d1fe10b3a68cf222a758c830ed122ad837033c60e17ddfb08316944a769c28b38927580446761be1c450600484df14673650e26c07ad00e629e85bea3cb8687a

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\libxslt.md

Filesize
2KB

MD5
c0b006e2fff7e1134dcfc7de857ceb0c

SHA1
00446a4d12379b53d6b89fb3093a9425b2015ae0

SHA256
4725ef829512bd1c10370594030d1cdafd4d76df41d0d43be845786478d0511d

SHA512
79b8956d141b431fb7dfc2bdd87dba70ba0a655f27013e7616a784c9474286386f0ee7d5334c293ce12bdc1a9d7fa9c2b8777541b66a462d9c7cd7c71e202084

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\mesa3d.md

Filesize
5KB

MD5
b681dd1cb37994be06bea2aac1102bf8

SHA1
1fde57e6e8c91f7010426d1931e871cc044552fb

SHA256
53ddc6411281a2398456ebde72da2c64b4ee797f1b5c202edd189e88400ef3d8

SHA512
41b91fde05e5f42195f929037a2efbe14a47518b25f10a46211b9e6aa05bfd50fd11cc819dbd6f71589835cf34175869032d369656cbea19fbd395317fc98aed

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\public_suffix.md

Filesize
17KB

MD5
ec92983101a26eb2406d2a757b1ac4fc

SHA1
cb0116718ae0a9ad1daae675e8ddce3f66d2c391

SHA256
9be3bb7785c7c2ec99e862afcbd44b9d596cceab463001b18b009d790eaa9154

SHA512
ea398f77a3d0605d76f934f2dcb5a70c43c42dc0ee4a23eb130010aa52209bb4b7f60ae03e65525a01f9ac067ff7941ec3da823521ddc7a13883fc562698ef55

Download Submit
C:\Program Files\Java\jre-1.8\legal\javafx\webkit.md

Filesize
320KB

MD5
27562a0330c4bf0a3215221a6866b896

SHA1
da4baa13946de0be0a27294f287fd1924b90116a

SHA256
0319a9f347bff79222497f5f321c5c51e2bd18a25a3e5c5c265cb3e42d830b9b

SHA512
35321a4d3741f7e2a502738a3873f57cd4b9ec720ec14835d0483fa388ef7997bdb3bb2c0cb28b165af69f6e36def281ba84dec540c82a6f7c34b271f91af83c

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\asm.md

Filesize
1KB

MD5
fd463e9c050144d7e48129a7e265c2c2

SHA1
cf99a8f094c8f871238783205e5fe8033fd0b79d

SHA256
4817e6d2094939cc6557cfab0a676cdaef080891c4f84fe53f1642c2cb64e56d

SHA512
8dbf3f2efeb2464d2455509cdacbc4dc6276f3cc72bdae0e59eb3b73d0643edec16d4d8bffa02b56e939c6a7d1534be616ef0472a7fd008e4d528029d31abc3d

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\bcel.md

Filesize
10KB

MD5
c7d8cec4fd8399bb4f5aec14108cc90e

SHA1
f7513d3bb11c96f997af8fa26cd7c166ba3a0670

SHA256
023718e32c6d5bdd4ea74e8b9dbf9a1db286bf90384310e2296da390556df473

SHA512
007d76195974c21a31a28804f0ce2225205064a98e0dee3115451b982a099204b93cd53cf076abdcb3f444d20cfa97b6b49f1860fbffa91644e779bf77e38294

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\cldr.md

Filesize
3KB

MD5
60379b482d335fc89da8ac8bdfc7776f

SHA1
ec8e9bd74854e21acc7ca014d16e5308571ed178

SHA256
d5d566372c446ff70356e351c81f2a91a0b4f6a5528de24495b12051e30da00b

SHA512
8915052dff09590c8248624432cff4101166087676e5794ceb6d50b5e0a4bc7f75e5230715e7861555bd89e49bbc18212b1634b1c75cf3047d1062db72e02ed8

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\colorimaging.md

Filesize
176B

MD5
d4b541c899a7ec9be3016ba837118460

SHA1
811d5af6197e8e58d6fb327959b1a8f4da8d831c

SHA256
d1beefaad705ddf9f1b1e3b721f72f1235517f78cbb0ae4a613274902a79f63c

SHA512
a5d4eb24ce47ea3a262188571a5a1be98a8ea3882447b2dfd34627d647318aadfbbc042960e19219b317a60055a2c391755d5ab09314fe8cc40c292f2360f046

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\cryptix.md

Filesize
1KB

MD5
eeb4c2d7f37a683cba64e56cc3638248

SHA1
9485f8ead74858db4b779c8e1bbcf3bfdb33645e

SHA256
3d814acfe399f62d2701862dbf451e536dd811cf91d63e12d88c1c3bc3859316

SHA512
3efccd79678a226df21f0ffe4528de1abadbe53078810a3683c4e7e069b385276309d86a2adb63e6775354bee8a6d93c7bc0b01c1561657bd93c10f19be0bbd2

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\dom.md

Filesize
3KB

MD5
ae66b0389a3fd6ebaf45e2772a65447c

SHA1
0501df93fc2dfe20a6e2081fa7a17b10d1104f3f

SHA256
f8ace6433f55fbb597710be71bbb3888163f453c933a6940f0259ee9aff7813b

SHA512
4d34c8e3520f8387e28857789821720658ff38afedc6eb2ec28416a6bc48e7a006a8648924f742fd1c20c32e6bd43c955c5ed1be78d9137e770def170c522bee

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\dynalink.md

Filesize
1KB

MD5
6093da3f731be4a7659a6608542af6ea

SHA1
d392603db85287c6e48818fd9cf7df79eaa50214

SHA256
20cdd7a1fd5f538de4f0cb27c6c64af0a624de2686510cda8a1a01e5102475af

SHA512
b9ff2d6803b9f9cf876f4ad217b52c06fa3ed7cc68697bacc435db28522182f84f3b3c3feb987014113045fc2fef986034d206c184a97ee86d94ba28def702af

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\ecc.md

Filesize
28KB

MD5
f504475b654e744b7316c7841eecaa6d

SHA1
9f32e02aca37a2e0bde125ecfabe8fd7f1ac18c9

SHA256
226416cf65e6ec38edd030e3736b34392f715003062950fd781b5e46bd837114

SHA512
c411f7f4268e0edbd3bce83dc855e38c04aadc323c7f048df7e2ae6ff1426acbbc250c86f4916c99078a25a26d8d0453be6fa442ebb0fe5bd9fe38d92bc18711

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\freebxml.md

Filesize
2KB

MD5
260ac74f7e2d88bb7e887347d1c2a38a

SHA1
099d61691fc60c51ec0a01ab2977ff2afabab94c

SHA256
95a483391b37159a3aac469206ff27b6cf487e7d56391fbbb7b1b48f21465ddc

SHA512
80a505ccc81cea5fa71e3adb54bc04ebf507d923504080f6cd967c6714ae50d41bf8c9be9978fbdd4540a49667a21aca1a34f1eed655c832c7c13d5c575d77d5

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\giflib.md

Filesize
1KB

MD5
ed27b7fc8fe319f88ba227a0fa51a498

SHA1
988db9d22565857c34b8a1313df420f40da0a17c

SHA256
9df21f9a6529f449b1d17333169a8fc98c245130d821e761bd0325812618cd6d

SHA512
ec2bab425237a4358273764937efea9f11f2350bf448774ea8cd99800c8bee7aab9090516252e884a0d23416f1e7ef70f84b4777d7906f27de09399a5bd3adc3

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\icu.md

Filesize
2KB

MD5
2525b35b25be1fb8a745f6dcf047e38a

SHA1
3c1b70a1d80fd4ebb195a177079aeced2989e2d9

SHA256
4efc45b5bd70ffdb9c5de181025687973f24a6d61921af9585c0e65364506aa4

SHA512
46ce25491d4dc5350bb602fb9cba9c5df87b2011b1cee3ea196244c2291f9eb87de89444a8cb7ab75e1212757f439cb4d7b428ec900a0cf013fe98c046054e06

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jcup.md

Filesize
1KB

MD5
9c5be56e789bf96a465b8c003f029dfc

SHA1
ea6ccba658af3054e1a7bd60514ec5adfd648e12

SHA256
6e86bd2541c0604768a2b2a002a64622da343ed2a78243755f9482c5c8e260ea

SHA512
9c39c3aa5f22b15763b630a12f6e8234263580aca9aa685177a2b2c3086214a0572a676cc55d1e0bb8cca2999c9da3e03b5da881c3b4ed31ad4730866c719f1b

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\joni.md

Filesize
1KB

MD5
dc2ed1c4d86765aefaf025591be7f206

SHA1
234111917905f266bf3e41b70d763b2bc30a064f

SHA256
e2cb839f7189bf95dba841aa65a02917f9af09e095d2ac2998e0ec7195cffb24

SHA512
b5e986523fd1a2abb2ba9fbb0e3a4a5d113b7d5bd32b666851a1d89121fb4765540839ae713d0f852a1f88fbc2e0496a23845964177f6d985730c17183b15f30

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jopt-simple.md

Filesize
1KB

MD5
27b71aa7f35d29b2e1bd04e36166c37f

SHA1
2b105e2c1b26891f5da0aef0bd62fdea73c645b5

SHA256
2548a8046a7ecf7d2259f72639449024f72f60cc0e471042b542c642f1dd2a4a

SHA512
93eb29faacace43859e520426e6abc91e6265084646c1d2e1a8890c36e3fe1d623580674a2c6929cf1334e2fc8f9fcf318e6da3600685824698b2fba212cc3a4

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\jpeg.md

Filesize
3KB

MD5
300c96e210ac1e0d5b19664b1d67bc44

SHA1
6636a466161610bd05ecec5461642dced01de37d

SHA256
d51266b54ca8730593fa49df77b433dbdc0466b5e660d16585d193542f73a489

SHA512
f5e696fe22b0dc6ecc813a308c00f477807be1816b18175e614dbf529fbdd6cc27bf46825a7f56fba38d84b7059409833f5138a323ac6295e10ff0e5de9ecf6c

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\lcms.md

Filesize
2KB

MD5
035ac69506c82f2a3bc11738a5bdbc39

SHA1
57c2e03b6a5eb6b35f11832b526119a6b78900fc

SHA256
6b8627677f1771f81b2c930235c787ae00fc21f5973d3445ae94b64be013a87b

SHA512
b9beb5fe16e1ea9310f7b99124d3a9e35fbc8cd12d8bae7494cf56ca8d369e4323919fc995a073fa414144e8761829f32758bc1c89146ebf9c9220385b5fd1e2

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\libpng.md

Filesize
6KB

MD5
fecbc10c484bf3abbe6e1fec31164572

SHA1
457912015d4e9aa5aebf9997afc3c71e556198f1

SHA256
78a685da4cacfa2c480d8853ad168419882e2f1fd665645a3ae4bb32fcba315d

SHA512
96477ebbda9b914301f218d2c21e630dd09e39cc59b7198d5ad473901f5db2ede142c90551ced15f3b8930c0ffef9a9a61924f11e3c2227698350626ac35cb67

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\mesa3d.md

Filesize
5KB

MD5
8984a360a885d34543091c06f77046eb

SHA1
7eea283fbf46f1cc9cdf7b344998e74a01be91e5

SHA256
1f20596dc17e4d921e5601387c563df87a5c22da32bc9e327475b35f729460eb

SHA512
b89184fbaa1227e8bf27d82229ba174c96480dbb662629210e9808e8d44327590025a48f3adee135c418f5a0e885ebb322fe482873d1beb92f481e62f85a7bb6

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11cryptotoken.md

Filesize
3KB

MD5
d1122f3eac03013dea1f3725b9c666d0

SHA1
75a355fcf7e0e3bf50174b49a0d310d5ee11ec1b

SHA256
a5af521c0dd3a7b4fb0cc88b9b854e036443678c6365df45b532d1e420fb1fe7

SHA512
2a06946d9b05661f4133653922113e3886ae594bd9abbb4f09ddbd1e77ebae2b2517185930c9a1e4dd31997109905699535b8361d2e7acff1e3e0cb5ac1fc36a

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11wrapper.md

Filesize
2KB

MD5
fbdbb148ca8b4af0ab984bded62b1b0b

SHA1
3e446a7ba36b7c5d9b4e5de7ba958f62e8e8b76f

SHA256
11fce4391a3ddcae1807691b28da848fc08427df50126c0ce442bac92fb42a64

SHA512
9b0b92c0fff7ad2f258347dcaee4137ba2752a01f39be7247cb2292b282777fc8383bffb23b568eb4f58fb8831b392d42ad45d487c2b182ed64df97d9af95aa0

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngcc.md

Filesize
2KB

MD5
9d68b35741e944a9a2c2f884f6c3bb54

SHA1
502ab80a0954571e881c4804ae69582185e621eb

SHA256
a50eb0e65b3b7456fa29a48b584adc27191141725508de84e73b38c054aafb09

SHA512
315a716dac6b72e95b477869b91f015099fa6b3ed85fc944e74c4d7e627f356e1702713efbfa2cb6b1eea30f1aea779ccc7c1334dbc26765df43ffa0c43da202

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngdatatype.md

Filesize
1KB

MD5
027025bad48fc5a805dacb5375f40fce

SHA1
245d12142812a77e3206b6bff5a2c2e051b63277

SHA256
c4faf315f72d67df961ed56352359b9c5b0a93ef155c95b8c169a1eb40d57389

SHA512
fde0d577120f3291b9fd42de0fad045341a729a5b0c06eb54208a792ebb0d6c57cc82fae513d1fb8f3649550136af1579b0b1170045bf47da10d7fc76db621fd

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\relaxngom.md

Filesize
1KB

MD5
620e363de5b25744646867dec4f92e25

SHA1
edc700b046895972aeef95bb65722c0ef2d1c251

SHA256
d986d9fdb603a2997296430cd6cff8c8b949d5251c4056bf8c0937c62883afeb

SHA512
4d24d9b7bbca5eb18b34b1a48af668c9206894f443683fb6333b5b8a3169353fc03a67a89412a0767718ca563b15f229228ede0b9d6245a8b300564b21ada017

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\santuario.md

Filesize
11KB

MD5
88c423050e297e3a81498f9bc890222a

SHA1
b79f953aec8825c96b9e516b39d4ccd33b9555b7

SHA256
6182677943c47e3650c6075418ac7cfd69b58c69e5f49fa1d8da2a19a0f7649a

SHA512
293c4b0587720b6a202ab7860e78db8d1c497a8a202cf9737bb745a83d64b858f6b176a71f28ef8d4bd09a94fa7d99a0bbf632f1eaba4c7e86732ab2d6c596ee

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\thaidict.md

Filesize
1KB

MD5
5f4ea2f4315df7152b0a12738e641291

SHA1
509bf6830ad705bf986a51560bc1d2e7fe5bee89

SHA256
a845426fb045a256c8961696af4fc4dd247aa24206df0dd2ede84470967bd72b

SHA512
f3573ce10f2d416a64163f5a3a85a157f7269b9bb847e4d519c0fedc5cde603fdf27a57f03ff31501c96057e365c03a00843e06238ba932d221e7d5ed0b8018a

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\unicode.md

Filesize
2KB

MD5
4f7a23ae22b76d6f9279250aa0b8feda

SHA1
5580433124b6ef7c11e268a4e890f2c9fbbdd075

SHA256
9f232429556223426403791f94d083a54f607e8a06020fe093554f04def45d29

SHA512
9a6a4da14b2f84f82074f81d3a5aa7646800b88743fe17d1b5c4e4f1c42d466cb141b5898001f947f994968924ccbb3b49418bb5df58b98bc841c2e15b29c326

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xalan.md

Filesize
11KB

MD5
3a0592f5ef14be518cd22b53f7e01c3f

SHA1
0d2da49fccc2fcaebd7f1aafcdf0ac9d7804470c

SHA256
3f833e8979b6029d671af20c59528b10f24a28f44520e51de7fbc807898293dd

SHA512
d41e43404fb71f24ad4b4200a85fd844fa57d9691eea6c80d62e8d55036c1ee1f6fddde1b9c785e2330c74208360ae1a8d41a36e6d6bb08b14d26960c338a470

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xerces.md

Filesize
11KB

MD5
a58e469c21ecace7255338aef1588f50

SHA1
3a3df3e033745583d54b0b3389cfab89739ab084

SHA256
24eb61d9ac85c894029794420f8f3d2c6d5941b8dd77c1831efdae8be23abe24

SHA512
7ffca06f2e472e21ed812e3b797e6f17a085dc38e3ceb53241f1e224286e7bd53d0422af3e056f5c09c9a1cb525bd1a05cf3c71547795adb8ce3e0fd07d28e03

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\xmlresolver.md

Filesize
11KB

MD5
4426f409cc2c94c08a819b4e2cd7a05d

SHA1
14bea7d3d6809298ee69d422692ba4729885a7fe

SHA256
9d7bc91fe143613e75a4ea18f4cfd0d09a64c5d643a12ee236147307df051eb0

SHA512
5efff00df5c26d9f239cfa128fa9c61af8bb78554711619e8539fa881be5b7af0265c3fc60de61f28ed944edc339b271f0c5af2b831839155542cbe776979461

Download Submit
C:\Program Files\Java\jre-1.8\legal\jdk\zlib.md

Filesize
1024B

MD5
22adaa2bad5d5a8e34586013cae6a3cd

SHA1
db971d34eb42f941ae1a1578e763ede6c9e96fb9

SHA256
bf9f6880214330801af98ac23d544ddccc5c583f49881dbd484b9e63fd8f9aa0

SHA512
aa113142a853216efe27d1f4662bbbdbc45e7218460339008fb14c453f8fe808104564431608d27c699afa531792b00ea02bb827bbd45da60dd2f70a6a841ca1

Download Submit
C:\Program Files\Microsoft Office\root\Office16\1033\ClientSub2019_eula.txt

Filesize
48B

MD5
0cfe7a1248434b49c3af90d369142e1a

SHA1
70693e074bfa2bf28185ba590a00304b303a2439

SHA256
1631868a1ab327749140ec3e14de5e782eb55570c68a47a36e62ead3f570f3af

SHA512
a2f2560f36b0d870ea1b9ba6ab12279d699efce0afa49f6222af8064f790e2b985ef33efa635a11266eb95c5557833169e258f9c1f8ab6511c621b4afdb2bfc9

Download Submit
C:\Users\Admin\AppData\Local\Temp\WindowsUpdate.exe

Filesize
21KB

MD5
fec89e9d2784b4c015fed6f5ae558e08

SHA1
581fd9fb59bd42fbe7bd065cf0e6ff6d4d0daba2

SHA256
489f2546a4ad1e0e0147d1ca2fd8801785689f67fb850171ccbaa6306a152065

SHA512
e3bbf89cc0a955a2819455137e540952c55f417732a596ef314a46d5312b3bed644ac7595f75d3639ebc30e85f0f210dba0ef5b013d1b83bafd2c17a9d685a24

Download Submit
memory/2980-52-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-0-0x0000000004900000-0x0000000004932000-memory.dmp

Filesize
200KB

Download
memory/2980-1-0x0000000074470000-0x0000000074C20000-memory.dmp

Filesize
7.7MB

Download
memory/2980-2-0x0000000004980000-0x0000000004990000-memory.dmp

Filesize
64KB

Download
memory/2980-137-0x0000000005630000-0x000000000563E000-memory.dmp

Filesize
56KB

Download
memory/2980-136-0x0000000004980000-0x0000000004990000-memory.dmp

Filesize
64KB

Download
memory/2980-135-0x0000000004980000-0x0000000004990000-memory.dmp

Filesize
64KB

Download
memory/2980-134-0x0000000074470000-0x0000000074C20000-memory.dmp

Filesize
7.7MB

Download
memory/2980-133-0x0000000005220000-0x000000000522A000-memory.dmp

Filesize
40KB

Download
memory/2980-132-0x0000000004FF0000-0x0000000005082000-memory.dmp

Filesize
584KB

Download
memory/2980-131-0x00000000049D0000-0x0000000004F74000-memory.dmp

Filesize
5.6MB

Download
memory/2980-130-0x00000000049C0000-0x00000000049C1000-memory.dmp

Filesize
4KB

Download
memory/2980-129-0x0000000004980000-0x0000000004990000-memory.dmp

Filesize
64KB

Download
memory/2980-30-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-32-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-42-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-44-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-50-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-58-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-60-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-62-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-64-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-66-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-68-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-56-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-3-0x0000000004980000-0x0000000004990000-memory.dmp

Filesize
64KB

Download
memory/2980-54-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-46-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-48-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-40-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-34-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-38-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-36-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-28-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-26-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-24-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-14-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-20-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-22-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-16-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-18-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-12-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-10-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-5-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-6-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-8-0x0000000004990000-0x00000000049BB000-memory.dmp

Filesize
172KB

Download
memory/2980-4-0x0000000004990000-0x00000000049C2000-memory.dmp

Filesize
200KB

Download
memory/4064-150-0x00007FFFB7440000-0x00007FFFB7F01000-memory.dmp

Filesize
10.8MB

Download
memory/4064-1548-0x00007FFFB7440000-0x00007FFFB7F01000-memory.dmp

Filesize
10.8MB

Download
memory/4064-149-0x0000000000BD0000-0x0000000000BDC000-memory.dmp

Filesize
48KB

Download
memory/4064-2617-0x0000000001530000-0x0000000001540000-memory.dmp

Filesize
64KB

Download
memory/4064-151-0x0000000001530000-0x0000000001540000-memory.dmp

Filesize
64KB

Download