Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

stub_tor.exe

windows7-x64

10

stub_tor.exe

windows10-1703-x64

10

stub_tor.exe

windows10-2004-x64

10

stub_tor.exe

windows11-21h2-x64

10

Resubmissions

12/04/2024, 13:18 UTC

240412-qj2nwsdg6z 10

12/04/2024, 13:18 UTC

240412-qj13csdg6y 10

12/04/2024, 13:18 UTC

240412-qj1rladg6x 10

12/04/2024, 13:18 UTC

240412-qjz53aag26 10

12/04/2024, 13:18 UTC

240412-qjzvasag25 10

09/04/2024, 03:59 UTC

240409-ekaq1sea34 10

09/04/2024, 03:58 UTC

240409-ej1aaadh98 10

09/04/2024, 03:58 UTC

240409-ejnw9adh85 10

09/04/2024, 03:55 UTC

240409-eg8tmshd41 10

17/02/2024, 23:58 UTC

240217-31gfhacd52 10

Analysis

  • max time kernel
    300s
  • max time network
    300s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/04/2024, 03:55 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    stub_tor.exe

  • Size

    7.8MB

  • MD5

    c76390d9e1052d9e708940d67b5c135d

  • SHA1

    a370a73a9dd746584428e8a939288ecffd3c80f7

  • SHA256

    caf48b67e7bb94a178426fc7ce6b9ed50ffb2f3813a7c68900f21bfffb24e44f

  • SHA512

    4d2d38d8719cdac8a406cfa96944ee99d2d926511e64d6b6aa964d40d0d9ddb1dc6e4e6253bcb1e77b32613c0b4409ab32ea54c476018fee963574edb043dd3b

  • SSDEEP

    196608:oIRcbH4jSteTGvExwhzav1yo31CPwDv3uFZjeg2EeJUO9WLQkDxtw3iFFrS6XOf:odHsfuExwZ6v1CPwDv3uFteg2EeJUO9E

Score
10/10
bitratpersistencetrojanupx

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

7sbl4dpbubwjjghdquwg47fyq7rookd4bgm2ypm2kjzkivd7tomvczqd.onion:440

Attributes
  • communication_password

    4124bc0a9335c27f086f24ba207a4912

  • install_dir

    Minecraft

  • install_file

    Runtime_Broker

  • tor_process

    tor

Signatures

  • BitRAT

    BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

    trojanbitrat
  • ACProtect 1.3x - 1.4x DLL software 7 IoCs

    Detects file using ACProtect software.

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 12 IoCs
  • Loads dropped DLL 64 IoCs
  • UPX packed file 64 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Looks up external IP address via web service 6 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of NtSetInformationThreadHideFromDebugger 9 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: RenamesItself 53 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 36 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\stub_tor.exe
    "C:\Users\Admin\AppData\Local\Temp\stub_tor.exe"
    1⤵
    • Checks computer location settings
    • Adds Run key to start application
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: RenamesItself
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1156
    • C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe
      "C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe" -f torrc
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:1236
    • C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe
      "C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe" -f torrc
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:704
    • C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe
      "C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe" -f torrc
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:4568
    • C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe
      "C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe" -f torrc
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:1292
    • C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe
      "C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe" -f torrc
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:2644
    • C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe
      "C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe" -f torrc
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:3044
    • C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe
      "C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe" -f torrc
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:3552
    • C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe
      "C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe" -f torrc
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:3396
    • C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe
      "C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe" -f torrc
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:2260
    • C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe
      "C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe" -f torrc
      2⤵
      • Executes dropped EXE
      PID:1876
    • C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe
      "C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe" -f torrc
      2⤵
      • Executes dropped EXE
      PID:1816
    • C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe
      "C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe" -f torrc
      2⤵
      • Executes dropped EXE
      PID:4216

Network

  • flag-us
    DNS
    13.86.106.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    13.86.106.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    22.160.190.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    22.160.190.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    49.78.31.31.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    49.78.31.31.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    148.132.4.185.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    148.132.4.185.in-addr.arpa
    IN PTR
    Response
    148.132.4.185.in-addr.arpa
    IN PTR
    onion1libreopscc
  • flag-us
    DNS
    52.164.247.84.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    52.164.247.84.in-addr.arpa
    IN PTR
    Response
    52.164.247.84.in-addr.arpa
    IN PTR
    ip-52-164-247-84staticcontabonet
  • flag-us
    DNS
    148.26.31.193.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    148.26.31.193.in-addr.arpa
    IN PTR
    Response
    148.26.31.193.in-addr.arpa
    IN PTR
    v220231079589241419hotsrvde
  • flag-us
    DNS
    149.220.183.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    149.220.183.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    26.165.165.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    26.165.165.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    56.126.166.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    56.126.166.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    65.139.73.23.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    65.139.73.23.in-addr.arpa
    IN PTR
    Response
    65.139.73.23.in-addr.arpa
    IN PTR
    a23-73-139-65deploystaticakamaitechnologiescom
  • flag-us
    DNS
    188.12.59.146.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    188.12.59.146.in-addr.arpa
    IN PTR
    Response
    188.12.59.146.in-addr.arpa
    IN PTR
    funsafexyz
  • flag-us
    DNS
    172.210.232.199.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    172.210.232.199.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    203.63.201.195.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    203.63.201.195.in-addr.arpa
    IN PTR
    Response
    203.63.201.195.in-addr.arpa
    IN PTR
    static20363201195clients your-serverde
  • flag-us
    DNS
    213.152.163.89.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    213.152.163.89.in-addr.arpa
    IN PTR
    Response
    213.152.163.89.in-addr.arpa
    IN PTR
    Germany2 OtterRelaysnet
  • flag-us
    DNS
    249.197.17.2.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    249.197.17.2.in-addr.arpa
    IN PTR
    Response
    249.197.17.2.in-addr.arpa
    IN PTR
    a2-17-197-249deploystaticakamaitechnologiescom
  • flag-us
    DNS
    23.236.111.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    23.236.111.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    243.112.217.95.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    243.112.217.95.in-addr.arpa
    IN PTR
    Response
    243.112.217.95.in-addr.arpa
    IN PTR
    tessa-b arbitrarych
  • flag-us
    DNS
    myexternalip.com
    stub_tor.exe
    Remote address:
    8.8.8.8:53
    Request
    myexternalip.com
    IN A
    Response
    myexternalip.com
    IN A
    34.117.118.44
  • flag-us
    GET
    https://myexternalip.com/raw
    stub_tor.exe
    Remote address:
    34.117.118.44:443
    Request
    GET /raw HTTP/1.1
    User-Agent: gTzrCl3HB5Jk5WELfhxcxWCInzCuKgOA
    Host: myexternalip.com
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    server: fasthttp
    date: Tue, 09 Apr 2024 04:00:00 GMT
    content-type: text/plain; charset=utf-8
    Content-Length: 14
    access-control-allow-origin: *
    via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    44.118.117.34.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    44.118.117.34.in-addr.arpa
    IN PTR
    Response
    44.118.117.34.in-addr.arpa
    IN PTR
    4411811734bcgoogleusercontentcom
  • flag-us
    DNS
    11.97.55.23.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    11.97.55.23.in-addr.arpa
    IN PTR
    Response
    11.97.55.23.in-addr.arpa
    IN PTR
    a23-55-97-11deploystaticakamaitechnologiescom
  • flag-us
    DNS
    171.101.63.23.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    171.101.63.23.in-addr.arpa
    IN PTR
    Response
    171.101.63.23.in-addr.arpa
    IN PTR
    a23-63-101-171deploystaticakamaitechnologiescom
  • flag-us
    DNS
    203.116.158.51.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    203.116.158.51.in-addr.arpa
    IN PTR
    Response
    203.116.158.51.in-addr.arpa
    IN PTR
    203-116-158-51 instancesscwcloud
  • flag-us
    GET
    https://myexternalip.com/raw
    stub_tor.exe
    Remote address:
    34.117.118.44:443
    Request
    GET /raw HTTP/1.1
    User-Agent: mEuc341mUisAIjpNZa2rZQtClyE3DwPL
    Host: myexternalip.com
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    server: fasthttp
    date: Tue, 09 Apr 2024 04:00:40 GMT
    content-type: text/plain; charset=utf-8
    Content-Length: 14
    access-control-allow-origin: *
    via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    168.117.168.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    168.117.168.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    136.149.23.94.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    136.149.23.94.in-addr.arpa
    IN PTR
    Response
    136.149.23.94.in-addr.arpa
    IN PTR
    ip136 ip-94-23-149eu
  • flag-us
    GET
    https://myexternalip.com/raw
    stub_tor.exe
    Remote address:
    34.117.118.44:443
    Request
    GET /raw HTTP/1.1
    User-Agent: jPS2qruPtJ8SIrdUNRXMKlaCgrFV4Mkp
    Host: myexternalip.com
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    server: fasthttp
    date: Tue, 09 Apr 2024 04:01:16 GMT
    content-type: text/plain; charset=utf-8
    Content-Length: 14
    access-control-allow-origin: *
    via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    3.155.96.198.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    3.155.96.198.in-addr.arpa
    IN PTR
    Response
    3.155.96.198.in-addr.arpa
    IN PTR
    exittor uwaterlooca
  • flag-us
    GET
    https://myexternalip.com/raw
    stub_tor.exe
    Remote address:
    34.117.118.44:443
    Request
    GET /raw HTTP/1.1
    User-Agent: gaUx7AG1mvrEJTR6AI1K6bGC6GFUwl5J
    Host: myexternalip.com
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    server: fasthttp
    date: Tue, 09 Apr 2024 04:01:53 GMT
    content-type: text/plain; charset=utf-8
    Content-Length: 14
    access-control-allow-origin: *
    via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    2.229.47.212.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    2.229.47.212.in-addr.arpa
    IN PTR
    Response
    2.229.47.212.in-addr.arpa
    IN CNAME
    2.1-24.229.47.212.in-addr.arpa
    2.1-24.229.47.212.in-addr.arpa
    IN PTR
    tor3terjannet
  • flag-us
    GET
    https://myexternalip.com/raw
    stub_tor.exe
    Remote address:
    34.117.118.44:443
    Request
    GET /raw HTTP/1.1
    User-Agent: g7BzlILxyMDDsxfLUL3kzd8LXWwgSSJh
    Host: myexternalip.com
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    server: fasthttp
    date: Tue, 09 Apr 2024 04:02:32 GMT
    content-type: text/plain; charset=utf-8
    Content-Length: 14
    access-control-allow-origin: *
    via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    2.207.70.166.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    2.207.70.166.in-addr.arpa
    IN PTR
    Response
    2.207.70.166.in-addr.arpa
    IN PTR
    thisisatornodexmissioncom
  • flag-us
    DNS
    2.207.70.166.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    2.207.70.166.in-addr.arpa
    IN PTR
    Response
    2.207.70.166.in-addr.arpa
    IN PTR
    thisisatornodexmissioncom
  • 127.0.0.1:50399
    tor.exe
  • 31.31.78.49:443
    www.kmh7auur.com
    tls
    tor.exe
    795 B
     3.6kB
     7
    7
  • 5.196.23.64:9001
    tor.exe
    260 B
     5
  • 185.4.132.148:443
    www.n6do4mfnl4bawl.com
    tls
    tor.exe
    50.4kB
     770.9kB
     541
    569
  • 127.0.0.1:45808
    stub_tor.exe
  • 84.247.164.52:8916
    www.wppwlfzu5meitmzvgktpw5c.com
    tls
    tor.exe
    611.5kB
     6.9MB
     4757
    5130
  • 193.31.26.148:9001
    www.66uwyovoqe7zbrul.com
    tls
    tor.exe
    564.5kB
     6.3MB
     4323
    4789
  • 127.0.0.1:45808
    stub_tor.exe
  • 84.247.164.52:8916
    www.cvwtoqbgiu5c55l.com
    tls
    tor.exe
    18.9kB
     21.5kB
     46
    64
  • 193.31.26.148:9001
    tor.exe
    260 B
     5
  • 146.59.12.188:9001
    www.xqio3muorgs2mct2l5ag.com
    tls
    tor.exe
    12.0kB
     13.7kB
     32
    42
  • 127.0.0.1:50520
    tor.exe
  • 195.201.63.203:443
    www.l6oug5gjodej.com
    tls
    tor.exe
    23.5kB
     32.2kB
     54
    73
  • 89.163.152.213:443
    www.jio4uln5ughljntpfa.com
    tls
    tor.exe
    10.7kB
     13.3kB
     28
    36
  • 127.0.0.1:50553
    tor.exe
  • 127.0.0.1:45808
    stub_tor.exe
  • 95.217.112.243:443
    www.jivvmaevtsj6w623dcs4b.com
    tls
    tor.exe
    3.6kB
     5.5kB
     12
    12
  • 34.117.118.44:443
    https://myexternalip.com/raw
    tls, http
    stub_tor.exe
    961 B
     4.1kB
     12
    9

    HTTP Request

    GET https://myexternalip.com/raw

    HTTP Response

    200
  • 51.158.116.203:443
    www.7e2n5gsj.com
    tls
    tor.exe
    14.9kB
     22.5kB
     40
    54
  • 195.201.63.203:443
    www.p7znnmyrxyt6aravnqqs7gake.com
    tls
    tor.exe
    22.9kB
     27.6kB
     53
    73
  • 127.0.0.1:50629
    tor.exe
  • 127.0.0.1:50668
    tor.exe
  • 127.0.0.1:45808
    stub_tor.exe
  • 34.117.118.44:443
    https://myexternalip.com/raw
    tls, http
    stub_tor.exe
    1.0kB
     651 B
     9
    6

    HTTP Request

    GET https://myexternalip.com/raw

    HTTP Response

    200
  • 127.0.0.1:50729
    tor.exe
  • 127.0.0.1:50756
    tor.exe
  • 94.23.149.136:9100
    www.keg5fjrdwji.com
    tls
    tor.exe
    27.5kB
     33.4kB
     61
    85
  • 195.201.63.203:443
    www.ddigzhxthyc.com
    tls
    tor.exe
    9.5kB
     11.6kB
     25
    32
  • 127.0.0.1:45808
    stub_tor.exe
  • 34.117.118.44:443
    https://myexternalip.com/raw
    tls, http
    stub_tor.exe
    1.0kB
     651 B
     9
    6

    HTTP Request

    GET https://myexternalip.com/raw

    HTTP Response

    200
  • 127.0.0.1:50809
    tor.exe
  • 127.0.0.1:50834
    tor.exe
  • 198.96.155.3:5001
    www.htau7tdyh2p2eogcxs.com
    tls
    tor.exe
    3.1kB
     9.2kB
     13
    14
  • 94.23.149.136:9100
    www.mjs7epwuhthpdvdpb7f.com
    tls
    tor.exe
    20.8kB
     27.1kB
     52
    72
  • 195.201.63.203:443
    www.xolbezcfbtboasgas.com
    tls
    tor.exe
    14.6kB
     18.5kB
     34
    47
  • 127.0.0.1:45808
    stub_tor.exe
  • 34.117.118.44:443
    https://myexternalip.com/raw
    tls, http
    stub_tor.exe
    1.0kB
     651 B
     9
    6

    HTTP Request

    GET https://myexternalip.com/raw

    HTTP Response

    200
  • 127.0.0.1:50887
    tor.exe
  • 212.47.229.2:9001
    www.fxwcbybcaut44h4265w.com
    tls
    tor.exe
    3.1kB
     9.1kB
     12
    13
  • 127.0.0.1:50913
    tor.exe
  • 195.201.63.203:443
    www.effxaisopiisg5v45ush.com
    tls
    tor.exe
    22.3kB
     28.0kB
     51
    70
  • 94.23.149.136:9100
    www.66d4ug6yy6cwpfkm3vns54.com
    tls
    tor.exe
    11.9kB
     14.5kB
     30
    39
  • 127.0.0.1:45808
    stub_tor.exe
  • 34.117.118.44:443
    https://myexternalip.com/raw
    tls, http
    stub_tor.exe
    1.0kB
     651 B
     9
    6

    HTTP Request

    GET https://myexternalip.com/raw

    HTTP Response

    200
  • 127.0.0.1:50971
    tor.exe
  • 166.70.207.2:9101
    www.7bkcg43rg.com
    tls
    tor.exe
    3.1kB
     9.1kB
     12
    12
  • 195.201.63.203:443
    www.cxef4a3zlefr62vksr7yxcjgq.com
    tls
    tor.exe
    6.7kB
     11.5kB
     22
    28
  • 94.23.149.136:9100
    www.zezrqexoaqd2busxm4dbispi.com
    tls
    tor.exe
    11.4kB
     14.6kB
     31
    40
  • 127.0.0.1:45808
    stub_tor.exe
  • 8.8.8.8:53
    13.86.106.20.in-addr.arpa
    dns
    71 B
     157 B
     1
    1

    DNS Request

    13.86.106.20.in-addr.arpa

  • 8.8.8.8:53
    22.160.190.20.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    22.160.190.20.in-addr.arpa

  • 8.8.8.8:53
    49.78.31.31.in-addr.arpa
    dns
    70 B
     133 B
     1
    1

    DNS Request

    49.78.31.31.in-addr.arpa

  • 8.8.8.8:53
    148.132.4.185.in-addr.arpa
    dns
    72 B
     104 B
     1
    1

    DNS Request

    148.132.4.185.in-addr.arpa

  • 8.8.8.8:53
    52.164.247.84.in-addr.arpa
    dns
    72 B
     121 B
     1
    1

    DNS Request

    52.164.247.84.in-addr.arpa

  • 8.8.8.8:53
    148.26.31.193.in-addr.arpa
    dns
    72 B
     115 B
     1
    1

    DNS Request

    148.26.31.193.in-addr.arpa

  • 8.8.8.8:53
    149.220.183.52.in-addr.arpa
    dns
    73 B
     147 B
     1
    1

    DNS Request

    149.220.183.52.in-addr.arpa

  • 8.8.8.8:53
    26.165.165.52.in-addr.arpa
    dns
    72 B
     146 B
     1
    1

    DNS Request

    26.165.165.52.in-addr.arpa

  • 8.8.8.8:53
    56.126.166.20.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    56.126.166.20.in-addr.arpa

  • 8.8.8.8:53
    65.139.73.23.in-addr.arpa
    dns
    71 B
     135 B
     1
    1

    DNS Request

    65.139.73.23.in-addr.arpa

  • 8.8.8.8:53
    188.12.59.146.in-addr.arpa
    dns
    72 B
     97 B
     1
    1

    DNS Request

    188.12.59.146.in-addr.arpa

  • 8.8.8.8:53
    172.210.232.199.in-addr.arpa
    dns
    74 B
     128 B
     1
    1

    DNS Request

    172.210.232.199.in-addr.arpa

  • 8.8.8.8:53
    203.63.201.195.in-addr.arpa
    dns
    73 B
     131 B
     1
    1

    DNS Request

    203.63.201.195.in-addr.arpa

  • 8.8.8.8:53
    213.152.163.89.in-addr.arpa
    dns
    73 B
     111 B
     1
    1

    DNS Request

    213.152.163.89.in-addr.arpa

  • 8.8.8.8:53
    249.197.17.2.in-addr.arpa
    dns
    71 B
     135 B
     1
    1

    DNS Request

    249.197.17.2.in-addr.arpa

  • 8.8.8.8:53
    23.236.111.52.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    23.236.111.52.in-addr.arpa

  • 8.8.8.8:53
    243.112.217.95.in-addr.arpa
    dns
    73 B
     107 B
     1
    1

    DNS Request

    243.112.217.95.in-addr.arpa

  • 8.8.8.8:53
    myexternalip.com
    dns
    stub_tor.exe
    62 B
     78 B
     1
    1

    DNS Request

    myexternalip.com

    DNS Response

    34.117.118.44

  • 8.8.8.8:53
    44.118.117.34.in-addr.arpa
    dns
    72 B
     124 B
     1
    1

    DNS Request

    44.118.117.34.in-addr.arpa

  • 8.8.8.8:53
    11.97.55.23.in-addr.arpa
    dns
    70 B
     133 B
     1
    1

    DNS Request

    11.97.55.23.in-addr.arpa

  • 8.8.8.8:53
    171.101.63.23.in-addr.arpa
    dns
    72 B
     137 B
     1
    1

    DNS Request

    171.101.63.23.in-addr.arpa

  • 8.8.8.8:53
    203.116.158.51.in-addr.arpa
    dns
    73 B
     121 B
     1
    1

    DNS Request

    203.116.158.51.in-addr.arpa

  • 8.8.8.8:53
    168.117.168.52.in-addr.arpa
    dns
    73 B
     147 B
     1
    1

    DNS Request

    168.117.168.52.in-addr.arpa

  • 8.8.8.8:53
    136.149.23.94.in-addr.arpa
    dns
    72 B
     107 B
     1
    1

    DNS Request

    136.149.23.94.in-addr.arpa

  • 8.8.8.8:53
    3.155.96.198.in-addr.arpa
    dns
    71 B
     106 B
     1
    1

    DNS Request

    3.155.96.198.in-addr.arpa

  • 8.8.8.8:53
    2.229.47.212.in-addr.arpa
    dns
    71 B
     121 B
     1
    1

    DNS Request

    2.229.47.212.in-addr.arpa

  • 8.8.8.8:53
    2.207.70.166.in-addr.arpa
    dns
    142 B
     232 B
     2
    2

    DNS Request

    2.207.70.166.in-addr.arpa

    DNS Request

    2.207.70.166.in-addr.arpa

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\data\cached-certs
    Filesize

    20KB

    MD5

    ebaf0dae7d5e4ed6ed18c1f636fd4262

    SHA1

    0ba18f289d7d053951f9d6772e8802e5f34be7eb

    SHA256

    2354976994145d42c1656f78d306a1df79e9ccfde9cb47dd2ac7df7cadf9efd5

    SHA512

    e27de01072fe36eeec52e091dc54851655199caf2df7b5ffad303ff89ac43c808d9b72c3f1d8102a5fc1e3234d031626f62944e62951fa48970fd03b3b8fc2f7

    Download Submit

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\data\cached-microdesc-consensus.tmp
    Filesize

    2.6MB

    MD5

    d4dfff132a935ecda7a5a6a32522a37f

    SHA1

    339a56e3e87ff64e3d956f1523b40087de3c4910

    SHA256

    1994d6d7b4f22815ab1b58cd593049f5139e9339de08f38cf152e546b2e329c2

    SHA512

    9d2aa6ff53076a59855e26076e75bcd802ad14b3791d8c57b9fa715d24d2decf76bd0cdbb0a25dd3616217a4419a12780914cdbf615c90084f86fbcc69ea130f

    Download Submit

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\data\cached-microdescs
    Filesize

    20.4MB

    MD5

    2d5cb1c324783540f879fed1b8501ffe

    SHA1

    29a7eb0b8a52fd9a6042a6a7f9ce25bc899745ab

    SHA256

    6a9033e984079534260c4bbf83c5fc6ac2c440cf88b6619f8a52b8659a5f3ca8

    SHA512

    0d76af0e87d3e1757198cb76bb3f51c68db3923a724a2dda0f0c7e5e0b48d3cc8bc5d448c5df687a045e0746b26be777b496f640d5ae7abdbeea4a61db251f60

    Download Submit

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\data\cached-microdescs.new
    Filesize

    20.4MB

    MD5

    6a49864e1bd52b2a4e65e8640f1aaf13

    SHA1

    f486369b11d73a379453ae11eb2788863dd572ef

    SHA256

    0c25fa937151897e161cdd1b5ea0d291dbd002e50ace2c1a597675b0871290ff

    SHA512

    1f7c6290d3c20381b83527bba03f791f904db29a261b09d5b4e6164a4503fcd1115f1f1ec98757487f5f14293e651e27d0b52f5e779a2eaf34432c194ee5a714

    Download Submit

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\data\cached-microdescs.new
    Filesize

    9.8MB

    MD5

    2c968bca2b44b9cc983ca7d5022aec3d

    SHA1

    8ecc5f1bc133b058e83f6afc6110dd2f115e5c6e

    SHA256

    e8e35dc6efa5582b10d7f30c543099f65b89856350dda12e2beec67eb7b54f99

    SHA512

    4750d11c4bab3fbd30388dd0691948ff9f4f55b6a929b6eba6a93c28655a8aba21cf84d4612ed3d1b7af84567037786e68ebebc977c1ac3f7fcf7eeb0cc4687d

    Download Submit

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\data\state
    Filesize

    232B

    MD5

    1f91a1f19c2bdf7b3b1db00adb52391e

    SHA1

    12f6872c634f0c3543daeb9842198d4c470e1f0b

    SHA256

    c50fb8fd5510da03c5ded9f85d103c1c1337c1a8136ee3bdff7fc4a232a0c57e

    SHA512

    b8daacdc26a3b04c3cbbea7c49f7bd6cfea4cd461dd180ff5ed8638c429d34ca0092daf00526d2fea28272fa9576b73fa27a6bd01f0a85e93d46c6fde1e0444d

    Download Submit

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\data\state
    Filesize

    3KB

    MD5

    5b0a4a3d508c316194484de60f3409be

    SHA1

    2f2f5dd8d9b8c161f682b725e5ebed67ba080ba0

    SHA256

    cbef39411f155fa620e06b8247a9180e97a2d1be62b1199af62656b71048bded

    SHA512

    56c4efeccc24d093086f9cd9189067c2ba5d1dc31e24d7bef91d9a26ae8670def88042be3b3a3eac2ba18d6deffc75252d28d47af152a3ad24732a8a534c7fee

    Download Submit

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\libcrypto-1_1.dll
    Filesize

    1.7MB

    MD5

    2384a02c4a1f7ec481adde3a020607d3

    SHA1

    7e848d35a10bf9296c8fa41956a3daa777f86365

    SHA256

    c8db0ff0f7047ed91b057005e86ad3a23eae616253313aa047c560d9eb398369

    SHA512

    1ac74dd2d863acd7415ef8b9490a5342865462fbabdad0645da22424b0d56f5e9c389a3d7c41386f2414d6c4715c79a6ddecb6e6cff29e98319e1fd1060f4503

    Download Submit

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\libevent-2-1-6.dll
    Filesize

    366KB

    MD5

    099983c13bade9554a3c17484e5481f1

    SHA1

    a84e69ad9722f999252d59d0ed9a99901a60e564

    SHA256

    b65f9aa0c7912af64bd9b05e9322e994339a11b0c8907e6a6166d7b814bda838

    SHA512

    89f1a963de77873296395662d4150e3eff7a2d297fb9ec54ec06aa2e40d41e5f4fc4611e9bc34126d760c9134f2907fea3bebdf2fbbd7eaddad99f8e4be1f5e2

    Download Submit

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\libgcc_s_sjlj-1.dll
    Filesize

    286KB

    MD5

    b0d98f7157d972190fe0759d4368d320

    SHA1

    5715a533621a2b642aad9616e603c6907d80efc4

    SHA256

    2922193133dabab5b82088d4e87484e2fac75e9e0c765dacaf22eb5f4f18b0c5

    SHA512

    41ce56c428158533bf8b8ffe0a71875b5a3abc549b88d7d3e69acc6080653abea344d6d66fff39c04bf019fcaa295768d620377d85a933ddaf17f3d90df29496

    Download Submit

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\libssl-1_1.dll
    Filesize

    439KB

    MD5

    c88826ac4bb879622e43ead5bdb95aeb

    SHA1

    87d29853649a86f0463bfd9ad887b85eedc21723

    SHA256

    c4d898b1a4285a45153af9ed88d79aa2a073dcb7225961b6b276b532b4d18b6f

    SHA512

    f733041ef35b9b8058fbcf98faa0d1fea5c0858fea941ecebbe9f083cd73e3e66323afffd8d734097fcdd5e6e59db4d94f51fca5874edbcd2a382d9ba6cd97b3

    Download Submit

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\libssp-0.dll
    Filesize

    88KB

    MD5

    2c916456f503075f746c6ea649cf9539

    SHA1

    fa1afc1f3d728c89b2e90e14ca7d88b599580a9d

    SHA256

    cbb5236d923d4f4baf2f0d2797c72a2cbae42ef7ac0acce786daf5fdc5b456e6

    SHA512

    1c1995e1aa7c33c597c64122395275861d9219e46d45277d4f1768a2e06227b353d5d77d6b7cb655082dc6fb9736ad6f7cfcc0c90e02776e27d50857e792e3fd

    Download Submit

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\libwinpthread-1.dll
    Filesize

    188KB

    MD5

    d407cc6d79a08039a6f4b50539e560b8

    SHA1

    21171adbc176dc19aaa5e595cd2cd4bd1dfd0c71

    SHA256

    92cfd0277c8781a15a0f17b7aee6cff69631b9606a001101631f04b3381efc4e

    SHA512

    378a10fed915591445d97c6d04e82d28008d8ea65e0e40c142b8ee59867035d561d4e103495c8f0d9c19b51597706ce0b450c25516aa0f1744579ffcd097ae0c

    Download Submit

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\tor.exe
    Filesize

    973KB

    MD5

    5cfe61ff895c7daa889708665ef05d7b

    SHA1

    5e58efe30406243fbd58d4968b0492ddeef145f2

    SHA256

    f9c1d18b50ce7484bf212cb61a9035602cfb90ebdfe66a077b9f6df73196a9f5

    SHA512

    43b6f10391a863a21f70e05cee41900729c7543750e118ff5d74c0cac3d1383f10bcb73eade2a28b555a393cada4795e204246129b01ad9177d1167827dd68da

    Download Submit

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\torrc
    Filesize

    157B

    MD5

    8ea874223f853aac5ea469ccc164a8f9

    SHA1

    70d31011547870c9f930496dbf9fb7ec296a8c28

    SHA256

    95e134044f370b2a96408d581f3c0381fe95388dae27c6d9598f44dc7d72b9ed

    SHA512

    fd1dc20219fbf4863926d90b5a2127b65e165656eac4493a80288d0c57fc309ed998b5d30fe8ce313987ee367fc4fe9b6026ff32d4391950d7f26ca7b6fdcdf2

    Download Submit

  • C:\Users\Admin\AppData\Local\a5b260eb\tor\zlib1.dll
    Filesize

    52KB

    MD5

    add33041af894b67fe34e1dc819b7eb6

    SHA1

    6db46eb021855a587c95479422adcc774a272eeb

    SHA256

    8688bd7ca55dcc0c23c429762776a0a43fe5b0332dfd5b79ef74e55d4bbc1183

    SHA512

    bafc441198d03f0e7fe804bab89283c389d38884d0f87d81b11950a9b79fcbf7b32be4bb16f4fcd9179b66f865c563c172a46b4514a6087ef0af64425a4b2cfa

    Download Submit

  • memory/704-147-0x0000000073F50000-0x0000000073FD8000-memory.dmp

    Filesize

    544KB

    Download

  • memory/704-146-0x0000000073FE0000-0x00000000740EA000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/704-140-0x00000000741F0000-0x00000000742BE000-memory.dmp

    Filesize

    824KB

    Download

  • memory/704-143-0x00000000740F0000-0x0000000074114000-memory.dmp

    Filesize

    144KB

    Download

  • memory/704-138-0x0000000074120000-0x00000000741E8000-memory.dmp

    Filesize

    800KB

    Download

  • memory/704-141-0x00000000742C0000-0x0000000074309000-memory.dmp

    Filesize

    292KB

    Download

  • memory/704-137-0x0000000073C80000-0x0000000073F4F000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/704-148-0x00000000741F0000-0x00000000742BE000-memory.dmp

    Filesize

    824KB

    Download

  • memory/704-142-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/704-135-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/704-145-0x0000000074120000-0x00000000741E8000-memory.dmp

    Filesize

    800KB

    Download

  • memory/704-144-0x0000000073C80000-0x0000000073F4F000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/1156-0-0x0000000000400000-0x0000000000BD8000-memory.dmp

    Filesize

    7.8MB

    Download

  • memory/1156-191-0x0000000073AE0000-0x0000000073B19000-memory.dmp

    Filesize

    228KB

    Download

  • memory/1156-45-0x0000000073870000-0x00000000738A9000-memory.dmp

    Filesize

    228KB

    Download

  • memory/1156-1-0x0000000074DC0000-0x0000000074DF9000-memory.dmp

    Filesize

    228KB

    Download

  • memory/1236-57-0x0000000074120000-0x00000000741E8000-memory.dmp

    Filesize

    800KB

    Download

  • memory/1236-37-0x0000000073F50000-0x0000000073FD8000-memory.dmp

    Filesize

    544KB

    Download

  • memory/1236-103-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1236-111-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1236-120-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1236-80-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1236-63-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1236-62-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1236-61-0x0000000073C80000-0x0000000073F4F000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/1236-60-0x0000000073FE0000-0x00000000740EA000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/1236-59-0x0000000073F50000-0x0000000073FD8000-memory.dmp

    Filesize

    544KB

    Download

  • memory/1236-58-0x00000000740F0000-0x0000000074114000-memory.dmp

    Filesize

    144KB

    Download

  • memory/1236-56-0x00000000741F0000-0x00000000742BE000-memory.dmp

    Filesize

    824KB

    Download

  • memory/1236-54-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1236-44-0x00000000015B0000-0x000000000187F000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/1236-40-0x0000000073C80000-0x0000000073F4F000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/1236-43-0x00000000742C0000-0x0000000074309000-memory.dmp

    Filesize

    292KB

    Download

  • memory/1236-33-0x00000000741F0000-0x00000000742BE000-memory.dmp

    Filesize

    824KB

    Download

  • memory/1236-27-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1236-38-0x0000000073FE0000-0x00000000740EA000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/1236-34-0x0000000074120000-0x00000000741E8000-memory.dmp

    Filesize

    800KB

    Download

  • memory/1236-95-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1236-36-0x00000000740F0000-0x0000000074114000-memory.dmp

    Filesize

    144KB

    Download

  • memory/1292-231-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1292-234-0x0000000074010000-0x00000000740D8000-memory.dmp

    Filesize

    800KB

    Download

  • memory/1292-252-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1292-253-0x00000000740E0000-0x00000000743AF000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/1292-254-0x0000000074010000-0x00000000740D8000-memory.dmp

    Filesize

    800KB

    Download

  • memory/1292-249-0x0000000073D20000-0x0000000073DA8000-memory.dmp

    Filesize

    544KB

    Download

  • memory/1292-246-0x0000000073DB0000-0x0000000073EBA000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/1292-240-0x0000000073EF0000-0x0000000073F39000-memory.dmp

    Filesize

    292KB

    Download

  • memory/1292-243-0x0000000073EC0000-0x0000000073EE4000-memory.dmp

    Filesize

    144KB

    Download

  • memory/1292-233-0x00000000740E0000-0x00000000743AF000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/1292-237-0x0000000073F40000-0x000000007400E000-memory.dmp

    Filesize

    824KB

    Download

  • memory/2644-267-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/2644-298-0x00000000740E0000-0x00000000743AF000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/2644-324-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/2644-300-0x0000000001AD0000-0x0000000001B58000-memory.dmp

    Filesize

    544KB

    Download

  • memory/2644-299-0x0000000074010000-0x00000000740D8000-memory.dmp

    Filesize

    800KB

    Download

  • memory/2644-297-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/2644-268-0x00000000740E0000-0x00000000743AF000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/2644-269-0x0000000074010000-0x00000000740D8000-memory.dmp

    Filesize

    800KB

    Download

  • memory/2644-276-0x0000000073D20000-0x0000000073DA8000-memory.dmp

    Filesize

    544KB

    Download

  • memory/2644-277-0x0000000001AD0000-0x0000000001B58000-memory.dmp

    Filesize

    544KB

    Download

  • memory/2644-271-0x0000000073F90000-0x0000000073FB4000-memory.dmp

    Filesize

    144KB

    Download

  • memory/2644-270-0x0000000073FC0000-0x0000000074009000-memory.dmp

    Filesize

    292KB

    Download

  • memory/2644-275-0x0000000073DB0000-0x0000000073E7E000-memory.dmp

    Filesize

    824KB

    Download

  • memory/2644-274-0x0000000073E80000-0x0000000073F8A000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/3044-316-0x00000000740E0000-0x00000000743AF000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/3044-323-0x0000000073F90000-0x0000000073FB4000-memory.dmp

    Filesize

    144KB

    Download

  • memory/3044-321-0x0000000073FC0000-0x0000000074009000-memory.dmp

    Filesize

    292KB

    Download

  • memory/3044-319-0x0000000073DB0000-0x0000000073E7E000-memory.dmp

    Filesize

    824KB

    Download

  • memory/3044-318-0x0000000074010000-0x00000000740D8000-memory.dmp

    Filesize

    800KB

    Download

  • memory/3044-314-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/4568-160-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/4568-192-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/4568-174-0x0000000073D20000-0x0000000073DA8000-memory.dmp

    Filesize

    544KB

    Download

  • memory/4568-242-0x0000000000AD0000-0x0000000000ED4000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/4568-201-0x0000000074010000-0x00000000740D8000-memory.dmp

    Filesize

    800KB

    Download

  • memory/4568-169-0x0000000073DB0000-0x0000000073EBA000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/4568-168-0x0000000073EC0000-0x0000000073EE4000-memory.dmp

    Filesize

    144KB

    Download

  • memory/4568-175-0x00000000740E0000-0x00000000743AF000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/4568-167-0x0000000073EF0000-0x0000000073F39000-memory.dmp

    Filesize

    292KB

    Download

  • memory/4568-165-0x0000000074010000-0x00000000740D8000-memory.dmp

    Filesize

    800KB

    Download

  • memory/4568-202-0x0000000073F40000-0x000000007400E000-memory.dmp

    Filesize

    824KB

    Download

  • memory/4568-166-0x0000000073F40000-0x000000007400E000-memory.dmp

    Filesize

    824KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.