hxxps://youtube[.]com

Resubmissions

29-03-2024 11:57

240329-n4j88sgh75 1

28-03-2024 17:14

27-03-2024 09:26

26-03-2024 10:44

25-03-2024 13:29

Analysis

max time kernel
257s
max time network
257s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
29-03-2024 11:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://youtube.com

Score

1^/10

Malware Config

Signatures

Checks SCSI registry key(s) 3 TTPs 3 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	taskmgr.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	taskmgr.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133561870338897322"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1497073144-2389943819-3385106915-1000\{586F17BC-9F4E-407A-AE4A-B77216548AE0}	chrome.exe

Suspicious behavior: EnumeratesProcesses 36 IoCs

pid	Process
4088	chrome.exe
4088	chrome.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2512	chrome.exe
2512	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: 33	3168	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3168	AUDIODG.EXE
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeDebugPrivilege	2952	taskmgr.exe
Token: SeSystemProfilePrivilege	2952	taskmgr.exe
Token: SeCreateGlobalPrivilege	2952	taskmgr.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe
Token: SeCreatePagefilePrivilege	4088	chrome.exe
Token: SeShutdownPrivilege	4088	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
4088	chrome.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe
2952	taskmgr.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4088 wrote to memory of 1896	4088	chrome.exe	84
PID 4088 wrote to memory of 1896	4088	chrome.exe	84
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 3028	4088	chrome.exe	86
PID 4088 wrote to memory of 5024	4088	chrome.exe	87
PID 4088 wrote to memory of 5024	4088	chrome.exe	87
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88
PID 4088 wrote to memory of 5096	4088	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://youtube.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0x9c,0x108,0x7fffe7699758,0x7fffe7699768,0x7fffe7699778
  2⤵
  PID:1896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1456 --field-trial-handle=1784,i,6516250733172918220,12146289142716469296,131072 /prefetch:2
  2⤵
  PID:3028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1784,i,6516250733172918220,12146289142716469296,131072 /prefetch:8
  2⤵
  PID:5024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2200 --field-trial-handle=1784,i,6516250733172918220,12146289142716469296,131072 /prefetch:8
  2⤵
  PID:5096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2816 --field-trial-handle=1784,i,6516250733172918220,12146289142716469296,131072 /prefetch:1
  2⤵
  PID:3652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2860 --field-trial-handle=1784,i,6516250733172918220,12146289142716469296,131072 /prefetch:1
  2⤵
  PID:376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4576 --field-trial-handle=1784,i,6516250733172918220,12146289142716469296,131072 /prefetch:1
  2⤵
  PID:4624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4740 --field-trial-handle=1784,i,6516250733172918220,12146289142716469296,131072 /prefetch:1
  2⤵
  PID:2788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5036 --field-trial-handle=1784,i,6516250733172918220,12146289142716469296,131072 /prefetch:8
  2⤵
  PID:3036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5088 --field-trial-handle=1784,i,6516250733172918220,12146289142716469296,131072 /prefetch:8
  2⤵
  PID:1420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5096 --field-trial-handle=1784,i,6516250733172918220,12146289142716469296,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:5040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 --field-trial-handle=1784,i,6516250733172918220,12146289142716469296,131072 /prefetch:8
  2⤵
  PID:1272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5436 --field-trial-handle=1784,i,6516250733172918220,12146289142716469296,131072 /prefetch:8
  2⤵
  PID:4444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4660 --field-trial-handle=1784,i,6516250733172918220,12146289142716469296,131072 /prefetch:1
  2⤵
  PID:4888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3732 --field-trial-handle=1784,i,6516250733172918220,12146289142716469296,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2512

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3488

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x294 0x4f0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3168

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
1⤵
- Checks SCSI registry key(s)
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2952

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
216KB

MD5
3c0dc8ddf3adbc684f63dbd30f0e45f2

SHA1
80f8ee035aacaa8657ad14da85f79a4e98c7388c

SHA256
ba5ee8d786d03919172492087ca52accba04471392724bc594a480fb7ee1b60f

SHA512
1d0ee73206dd85787469c32427ca908fb525a4c1b668f63eec372d12e9c7b3a62b182e9c4eda834970534f432fe2a98fb78b52b9f0a6c9d70a85e79ae091e07c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
47KB

MD5
01431d5302bb16297a9b547f001cb900

SHA1
c467acd763351b69244967088b9b961a1f6e63a4

SHA256
f80fbe6eeab5aff01dadbedc2e67de991b753da360d76741267ac7f6165a40ec

SHA512
df0a98466ad16d48a4a53436ca3a35ec5e6cf57177377748c51d8ce3bf8c67da78233e0b03beb2251c5ca0dbae97a5fbf601fa9225541ba74c3e186f6c902eb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
784KB

MD5
ad98878f27b516a0194840c45845d69a

SHA1
405e69432b172319b5f6519245701bf1e03116ed

SHA256
a7160e67f2722ceb69a20f04167731a39c501b3c0444b8cc7faff168f30d7a36

SHA512
5b34225af563a47565935eb30db11b79741937ec50c93b8e9a9db9d85e022ae4c824c8b7391ce9013627dd2c601095455dc0874a80b12cccf20e603c90f2355e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
31KB

MD5
33e3dd1d17d6bb961bf6ad1af0110ba1

SHA1
70dce63112f7bfd4b1854f3e2b5a0b55519986fa

SHA256
f4cfe06cf4f1a1b15acec42f0f7a62f86eae9b97df06c38474c014c2590ba3e6

SHA512
8cf53be0c1fe4b0c9d2592580af7a6da1cb2def1d5af0013de266e5355fbecf509c024480733f538f1d604618a0435aad2537ac97c8f0ad5f7761ddd46b45075

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
33KB

MD5
0c0ab95d1c165a6656102cc23db9e2f5

SHA1
bd6f3a4330e1ffb2087a41b42677a1f04e839153

SHA256
0f2e7ac4c4aff799101178dcecf2dbac3d00a8209009f2137cc425a0f2b0db3c

SHA512
2becd3b0322e3b9c1386edaf1ed6919e2bedb4f4c1fc6c9b8d474b1d469a5643289267fb34ca031fdde7211267529c472f1bb0c85b128026f322c497241ca287

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
672B

MD5
7e3343c0c8f49a9b45e147946f8754b3

SHA1
2aa7350b7f6bd4449481adfd84c718f63a95d988

SHA256
f7266ff7e1ada33aa22c7fc14cfac4a04412d4c0ff5f5b84ed47ca7295216422

SHA512
0065e3d11001e0442f630df6c93b7e642779245c7e1774711a16d22b99cb9294a260638e2ea460e946119001bfcb47f64220aafca1bb01790009ec0de2928102

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
1cc54a97aad95744ef650b62033dedeb

SHA1
6dee5948c28056a4ffce910e2041ed64dcefda62

SHA256
507ab903f54225446eaa44e9d428103b64a29751d38737dab3d62303bb5617a4

SHA512
d5995b55adb6ca164f6b9ad0fa62dbc91522777febbfac61812e1dfea5a2d5f7002ac8d9b04571971b4a3c12150da5a5cc7ebdbd88a11f7ec4ed4c44280e407c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
4e0bfdf57ddc9adbcb371ad9df902b27

SHA1
5e96954eecf492b4291166ab18dc755f32026a7f

SHA256
9a0da2c2ee510bb0de4e43cc9e1887365ed08a4d0929ff1d0f0bc39776e6b462

SHA512
6a422bd3d5ee39a9cd3be21e951a81f558501d69fa0214e7d3e439889f4051da7424447b6152951f7bc5c84507da1f8471208ad2ae7040ecf417d6dceaefc250

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
272b9fd3c226e2d72a6dab2953294e3d

SHA1
ce4f99ec496f9483842943711b88c49b6d0be550

SHA256
65b1473f7ea497ec5ae52c5aa1e3db9e1d024b75c8f08a179cf82952b55f6d6d

SHA512
ed6b8a248ccf38684e8600b3c551b5b67b3b464a11cae3cbfe83fcae4c39f0fe9aee2fd8ed1319ac3832a57f7981335a4472441582de63914928c49c26a3c550

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
5a75fbe5ea8ca0606899787db4dcf30c

SHA1
aa7c80a30c4e66d930e627737dc04c667c0eda3a

SHA256
0b47ad3c7df0022308dbdc653d7bb45e90485809cf380eb61cf9d19a2c3a6648

SHA512
a0ad032e087b8baf1468c3d0ae3e8ac4a569094c3b489b073c9643a1ef07dd69929a5d680924499548a38c8a60c8fb30c11808d6461d55a1f23d92acc125d004

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
4b4a5b6cb9ddb6e589f63918dd87e113

SHA1
8d3d7be4acc981ad2d277cec902c0abe49681e94

SHA256
c57c55d375d5d5979ed3ede95f62263a6737f70887df8f76715cc9ab7b0b0b9c

SHA512
792bd8fcc0d94e92c1e093d43e5db9984e3fc7dc96f08038259a45473d36e1cb34c38a83b7d00478634d143e2c2de67c78315e53cff452cad9f6d6b1f0975fa5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
4a64e541018ee2a84ba1bc32ba950b5c

SHA1
e8a749a6436140459b98a46c6cfdcb5c00b8c0e3

SHA256
55193906d2d3a2007806ac6189cb75e466454cea0d9b771f73cc8542de9b95ac

SHA512
941cba839c767f78a3119b25d9960f4b85ca28fb50960f9c7bf030e530bd4b6fd47c1001a2b4443c0ecbf9d429d60b20c1063a61ab704ed6a57fcc7d03f6395d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
5b215d3e08dd70f6ef75eafe52788c25

SHA1
8b32b0d383032aeccb076b03cacb20bbf621dce5

SHA256
4173509fbda70a98da20014c871c5caea9b197836028c653210a57af4091a449

SHA512
277d4029f42fe862100bd9fded4ca7cee9bda15d00cf501d1ec7594d722d7e2b3279b2080dbbbe9650176444cd89cceb6465f7d999f57f739ea6e2de63289c20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c4c626a6ba2622e2a566234084af2162

SHA1
41b5d5ca04e24f8301effbc93319d121e1426328

SHA256
10e79d317579042342c615438177bed91af4df9ad986357ed79669c4e10f9652

SHA512
bb2e9d6f0785474077c07c5dbc6f3011389c0f135f75e952d8c566077d28787df8711a6b519185564ff7fe3a483b0b96de971ecbf685623bbe7d7f3ed29cc72e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2d6811fc-5670-40de-8119-66bf40ea29f9\index-dir\the-real-index

Filesize
2KB

MD5
fdabc561157a7443f9af3a897b8c62c7

SHA1
c0d13e656635a24e882f1b690d9a2b4d90bd2ccc

SHA256
94abc55af15f99ac827feb753de386e728d7acaab80b5a1845b60a67489706b6

SHA512
8cfa4fdb6bced0602f5e48bf9f1894f761de08eb57ee3619c99a84b7b5512a08e586ac2355a12eac1499349d9ddc4edbcb4024173e5ab4ccc9fd1c4c29ef3048

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2d6811fc-5670-40de-8119-66bf40ea29f9\index-dir\the-real-index~RFe57a6cf.TMP

Filesize
48B

MD5
8e320bcd4c58d5695e5d1b18b186f438

SHA1
5c2908a9b21269f4d6f5897a30a29b3650f2d469

SHA256
7dec76f5d1a03f2e233144f35496d7092a49527f672c75903d65efbdb8082874

SHA512
04f75e41abac98013d51780271171503da2c1a5d894c63aa2cdc0bf8a03084c3b8f9942a6095068c79f080ca3278aef4c8ef21a7618c89e9d4d1efcd50f9a1e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a9d6fdbb-13b9-4df2-a279-01d2cf01db52\index-dir\the-real-index

Filesize
624B

MD5
e5994bc1de2565e32c9363992b543ce3

SHA1
491ccb26e42c51b5c6ccee5833a589851cb1fd49

SHA256
7b8dd08836282519a2406a6c8369617bbdb4453896c3adbdf29215575b3da7b8

SHA512
b875feae17be5c271bd67495e12e4aa2836e05d18eef197ce9b0b578500c18a5e7f95ec38a37bd86cbf2be988c59637aefb31337fb439a00ef65c2fab1549de2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a9d6fdbb-13b9-4df2-a279-01d2cf01db52\index-dir\the-real-index~RFe585f03.TMP

Filesize
48B

MD5
113d0f2f5a36a405976fc559d2dbeace

SHA1
39e3e13ed5c5a9ca485987afcea2d6beec8a7307

SHA256
ea43fb917c377c55b1990b1f109f7e4e8c68fb34a5e78ef8dbead8f3cfa902e4

SHA512
f0a9d4f48902abd45b9f81a8bd1952a3ceae201ee76e1883d300a69d223d53e3407cc90a4fa229e0dd62009ca1de0db896e40eeedbb6bb80d8997b5aeedb8044

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\de81ff6c-8a3c-4fad-89d7-f03868419d9f\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
65277c8c14bb7517b01f73ac1c18e513

SHA1
39db7d9cee40db779ff7b6c525aa6e95d40c85d9

SHA256
1aafe7df2aaf00858ccee9f225b0ab85cf81694a91ee7caf80e3847b6cf0fc31

SHA512
0b28d3d161a80e9034d6c4a8709e98961b946787841baaa8a7c2d0fd57a0d2117fe26f9e7444ace4328d97ec268c118320714f3156b3dd9af4ec9998c9415f6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
5a9d701683b338c66d9243c1e8570917

SHA1
9e3823b5b6449059210e87521141270865f91458

SHA256
228c9f00acf8a6751fda84778a301be214d6017fc3ac38508b01e5b879ae4056

SHA512
18991a867468b5b4ab324b15b04c17bc2e418b59ef9fcebeb1d41a27a008d749674b3b272111319e1acef4dea53532e54794921a2da38cc96cabf138e1b185c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
187B

MD5
fc43996a0a5272c5b5e8422ee54a75e8

SHA1
86dd4baf33a716cc0be62c94b47b11882a658158

SHA256
2f59227f68a495d6310b20e570d67455921e67720937e5098248f67e54a7cf33

SHA512
837b0e719d6c339f832d3d3af4f402dcd843f95ac206ebc5821c19de77434643d04baef56be31b2ed766d6be227fe83f215b4fbbf2c57eb2e66400e7988226d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
2ad58dcc2adc0430b1840625f06842fd

SHA1
ea2788a39bc383ff4636b70088358b8e121ccd53

SHA256
7ab9dabaa8efe882a15bcab34b462a50a58c2d5cd6fd84e98d99ef6d4915aa06

SHA512
89c346e24dbdf968846d9dfb7712f57b8b1d50ef0601dd0273a04b34e95464340f645c33491e7640edd8dec29a32993d13de99569653832f9e1d7fcf18ff1c0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
071e590899602751bdfafdea21a96e12

SHA1
753859a1d82476676189a204f4bafecf1db743fe

SHA256
5ea5ac8d66dffeca347b4228a466c5c94a6e66dd4f8553328cc34eac93e8e6d3

SHA512
0ebac7b456b9d277904a08d68ce542b5ef63a578e1fa428079632113f57f9c825c4802f66e6cab879a5ed64f51233c2ae29e1c05899d3d6ca9964513db66d845

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
178B

MD5
3c6f1159b3dd3ba7fddb2b7a29d125aa

SHA1
b3e2b6cf5598b2c2eeae506a7c7dcbcecb2ae6f1

SHA256
5674c5a988e5bd40b6a461861717e0e1abb00aa1c3a04c0511e46a603dc6f880

SHA512
1be3e839d89080d7822496130e0d60eae63d530d679cf824a44b435d40e1314961933c3a2570a88614f352d9c5d2c2eb19fffc4ec617791388123a5d8e0a9a48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe575266.TMP

Filesize
119B

MD5
5be3575aada7a54083136ea38dae96f4

SHA1
386937c9cb41c01a5dcb76f093b221c5eedbfd4b

SHA256
c7c27e34b7bb0de45ecf67bae83d8e66c0889c24dc5401661b04e8fc4889825d

SHA512
468e01e905bce4131d57502278696223e61f37ad53ee5e64050ac1b0af6f98de4b26de33a615927904d969ae42488fa2695f2c2c7170b257a0429bb0c09f38c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
26b19799f1dcca314f99d929c56363b4

SHA1
9bd64e83acd25d8c20ec58d5e0e1bf2d7ddcd432

SHA256
9afffa3d28f6ba0aa4afc477d7e76871f7aeef75945068249399f8a9661abe56

SHA512
268c9bfa3348e9ac8277e9a1c5be0b1c3aba68b05bc98fb5c9e55a5be6eeab67a3cb0efe5b27ad1f939076ab48380e84011197b7111022b1f8dc2b256ceb8aee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
1ae57e2c06df43cf9d2a43392fa61810

SHA1
4e3a0276d779518f9af43640e991c1b63aab5d52

SHA256
5ab885e9fa589037b808b2f238c8e3b9e7b710d286e00f8f9e4460073819d2d3

SHA512
e01cb110820524a84e330b20f83720878cff3562436f0e2998f83b542efb7d58e79b4bc16ffca5bc2fce20c54ad3f5f3dcd097a142649f71c2aa0d5bc147af36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57a103.TMP

Filesize
48B

MD5
3a1a99428cd8db9c6b1ae4234107e3f4

SHA1
6260d4ca446bca6c534bcaac1099d04be9941dde

SHA256
6c58534cb4cded21bd786e25d3d289a9fc1efef6f8fada92125544bf21adb1f0

SHA512
edb9462d772462863a312ab985e0aee17ec78696a9b657b40b835eb41134a6d177f0858348f631c4b290ee95e51faa7ac2348306beb947e4940bb02a70e07ce5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4088_935983131\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
114KB

MD5
7f636191b6d8298b0e9c78d517ee2da0

SHA1
4ca633bc621de319592ade8316dbcdafb14da1fb

SHA256
63ef5059cfbbce44b285cdcec1301e630d28a7ef1f0d77e21ac559afa430ae14

SHA512
90dbf1e37a95971d506e71de20ebf59ce534d1e2851d62bd6e5166150d02da60568ae5e8a72fd8a55aff2f836b6d870ff02250a03e5f6f112b01d809b4cabff4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
memory/2952-282-0x000001EF7E1C0000-0x000001EF7E1C1000-memory.dmp

Filesize
4KB

Download
memory/2952-271-0x000001EF7E1C0000-0x000001EF7E1C1000-memory.dmp

Filesize
4KB

Download
memory/2952-273-0x000001EF7E1C0000-0x000001EF7E1C1000-memory.dmp

Filesize
4KB

Download
memory/2952-272-0x000001EF7E1C0000-0x000001EF7E1C1000-memory.dmp

Filesize
4KB

Download
memory/2952-277-0x000001EF7E1C0000-0x000001EF7E1C1000-memory.dmp

Filesize
4KB

Download
memory/2952-279-0x000001EF7E1C0000-0x000001EF7E1C1000-memory.dmp

Filesize
4KB

Download
memory/2952-281-0x000001EF7E1C0000-0x000001EF7E1C1000-memory.dmp

Filesize
4KB

Download
memory/2952-278-0x000001EF7E1C0000-0x000001EF7E1C1000-memory.dmp

Filesize
4KB

Download
memory/2952-283-0x000001EF7E1C0000-0x000001EF7E1C1000-memory.dmp

Filesize
4KB

Download
memory/2952-280-0x000001EF7E1C0000-0x000001EF7E1C1000-memory.dmp

Filesize
4KB

Download