cb24072bce898dbc50be7242ce0d71df2159e1ee98f0d8dabb21067a47810acf

Analysis

max time kernel
839s
max time network
725s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
11/04/2024, 12:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

18KB
MD5

9667d1da8f042a7a90c200e65a246edf
SHA1

e03f5cc672475a09924dc1b8c2f9d414b734bd6e
SHA256

cb24072bce898dbc50be7242ce0d71df2159e1ee98f0d8dabb21067a47810acf
SHA512

6ebf4dc9b253a166d0c0470e62eb2f07219aa8070c071e42f2d837bbd3a0400f0e06599a029711c6a4f2ac014dd4353b2ad0766036bc9f6e0487fe3b3b99225a
SSDEEP

384:rh9gkADpmReVoOs4CwN9ylKeGMZU8Hhhb1wc7X5S2LjFrSj+zVJCBXQL:rh9gtBVoOs4bryI1MNBhb+qRFrS6JQQL

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133573125098219869"	chrome.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe
Key created	\REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000_Classes\Local Settings	chrome.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\LOIC-1.0.8-binary.zip:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4760	chrome.exe
4760	chrome.exe
872	chrome.exe
872	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3484	LOIC.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe
Token: SeShutdownPrivilege	4760	chrome.exe
Token: SeCreatePagefilePrivilege	4760	chrome.exe

Suspicious use of FindShellTrayWindow 41 IoCs

pid	Process
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe

Suspicious use of SendNotifyMessage 16 IoCs

pid	Process
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe
4760	chrome.exe

Suspicious use of SetWindowsHookEx 5 IoCs

pid	Process
4496	MiniSearchHost.exe
3484	LOIC.exe
3484	LOIC.exe
4696	LOIC.exe
4696	LOIC.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4760 wrote to memory of 2212	4760	chrome.exe	76
PID 4760 wrote to memory of 2212	4760	chrome.exe	76
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1980	4760	chrome.exe	78
PID 4760 wrote to memory of 1552	4760	chrome.exe	79
PID 4760 wrote to memory of 1552	4760	chrome.exe	79
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80
PID 4760 wrote to memory of 3060	4760	chrome.exe	80

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fff9a729758,0x7fff9a729768,0x7fff9a729778
  2⤵
  PID:2212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1636 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:2
  2⤵
  PID:1980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:8
  2⤵
  PID:1552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2136 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:8
  2⤵
  PID:3060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2956 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:1
  2⤵
  PID:3284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2968 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:1
  2⤵
  PID:2712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4720 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:8
  2⤵
  PID:1528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4788 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:8
  2⤵
  PID:124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4856 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:1
  2⤵
  PID:496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=916 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:1
  2⤵
  PID:4756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4540 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3048 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:8
  2⤵
  PID:1016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5156 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:1
  2⤵
  PID:4476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5440 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:1
  2⤵
  PID:2280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5268 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:8
  2⤵
  PID:1124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5908 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:8
  2⤵
  PID:2764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6080 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:8
  2⤵
  - NTFS ADS
  PID:2124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5660 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5696 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:1
  2⤵
  PID:1996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5296 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:1
  2⤵
  PID:1124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6260 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:8
  2⤵
  PID:3788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6508 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:8
  2⤵
  PID:3492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6688 --field-trial-handle=1816,i,9623596252815223203,6820071220250273473,131072 /prefetch:1
  2⤵
  PID:2724

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4656

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4496

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4964

C:\Users\Admin\Downloads\LOIC-1.0.8-binary\LOIC.exe
"C:\Users\Admin\Downloads\LOIC-1.0.8-binary\LOIC.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3484

C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\97f3a06bf5e84bc5af6da1f280c55866 /t 2824 /p 3484
1⤵
PID:668

C:\Users\Admin\Downloads\LOIC-1.0.8-binary\LOIC.exe
"C:\Users\Admin\Downloads\LOIC-1.0.8-binary\LOIC.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4696

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\9c8ac3c2-d106-457f-b632-64b87867c3b7.tmp

Filesize
105KB

MD5
8112afbd8fee0522a5b0ce4edf196142

SHA1
638f2ed35e75f4ad99ea0a3dadc899e656786aba

SHA256
7008b51f1f7b8019d16e5cde95883353d54578488cc1e42f757668d964f255e8

SHA512
002ed321e13b940cebbc3353ebe7e64bff003def5bc49612dfb16ad51cf733de4e7ebe597f1a64fbef79051e703868818bac06f4294aeb08517624462baad642

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
198KB

MD5
319e0c36436ee0bf24476acbcc83565c

SHA1
fb2658d5791fe5b37424119557ab8cee30acdc54

SHA256
f6562ea52e056b979d6f52932ae57b7afb04486b10b0ebde22c5b51f502c69d1

SHA512
ad902b9a010cf99bdedba405cad0387890a9ff90a9c91f6a3220cdceec1b08ecb97a326aef01b28d8d0aacb5f2a16f02f673e196bdb69fc68b3f636139059902

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
24KB

MD5
344ee6eaad74df6b72dec90b1b888aab

SHA1
490e2d92c7f8f3934c14e6c467d8409194bb2c9a

SHA256
a3cf4861c7d0c966f0ed6564f6aad6b28cbd3421a9ca4f60e2246848d249f196

SHA512
2a9a9162d610376512a8fae2cf9eb7e5146cc44c8ebde7a12e9a3985da1718c62ae517c25b00de7c0269efab61b4850a0becfbf04382a25730dbe9cf59825a62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
24KB

MD5
5366c57b20a86f1956780da5e26aac90

SHA1
927dca34817d3c42d9647a846854dad3cbcdb533

SHA256
f254eb93b015455a3c89aaf970631bc989fe2bd387f79e871b514992359651aa

SHA512
15d7127970436f2510344600f3acecc19c39a05f8e82c8a7950095386382b2e2da55883a5a9faa97b84452e67315b9ac1693b6592274c8c1c35c813dfeb543a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
64KB

MD5
d33eb4c3eb6927b888477070ca405d64

SHA1
4d3e26dfe72ea4f3f45b1fe5fe859c59696965ad

SHA256
617f39f87e2e1d7439baf4aabf95dcdfee0f44ef9d3d6774dd9118e26251bf06

SHA512
48319a82df406e193d22e9c83984cff72148c6d452b1fe3c93b57744cfaa3751c92325113a96c276041efd14ceb5f75ea0bee10c7755d91cf4220def6ed3ecc0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
e63d64bd4d02e1c83c2521618fb1258a

SHA1
0ec57c1992710a1ad50922b8ee546b66e508b91d

SHA256
475cfaf03e0a5f16012bc559ed6e42bdfec823ff705a35ae480a7604d8fed617

SHA512
2e5972731c15e3017124238a16c76a1e02c1d9d4735a6bdee606845c475c7e881c33fe6d64760c09880b2ed8ec44791356985262bb224b2ad4af95ce0825dba3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
dc2f21aa0597f8f5d83ef772ae486814

SHA1
ec09923e40ab7d6161694c390ddf2a8b7ed8a4e3

SHA256
97b7559d54c43fc392d516d4c460ff063eaa620f9f370305ca226c9bf9253a14

SHA512
83a79b37cde2b97cdc7cb974305245efac2d0cbc4350fcaf58b2a571e99ee9c0b8850f7c6af010fea850622122d46fd6f3c8dadbfd2c57640a88c3203482087d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
1a8fb10e5e73fa6e8209ca7fc088dd24

SHA1
86c6930d138053568fdbbb6bd54876817d1ec0b8

SHA256
3b250d576eee166318ada5631f91fa27893e5faeafba2efe7b7623ee7d1a836e

SHA512
c3133e1fbf3af3ecbd3e24e3844aec1adaf549e30beff40aefc98e3b8dbfebb101ebc96fd67cda32ef296d57f8d05339c936b60d7ddbc0d22dac8d0f1e3de2ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
309285def4f055f9311cec334eaf0687

SHA1
31df663c0dd93491eb493279981b12657b7908d4

SHA256
5770f4e542898fd8cac5a1a31b3a3708ee096891eb544c7c153b4f94c2949578

SHA512
30c926fceaad79d742628df0462e2449c99c72bca358bc04902a6e72404b66c0f71058f32f4d85db04c3c6748aad13b0c3daf573b0cc649c2c3a8a3ce0919063

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
ac247c429a8f7a2c65256a029646e5db

SHA1
edbd3f7d19fe7962312aee3d3893a130f4940905

SHA256
c754455097ce41f9b7b0e59a074a9c85e4ed1b66c4851bab78742b20e8fdfeb6

SHA512
cdc39ff0cbab1abeac62973b5e6fe8ca45568a486e8bd57333090620c4edf5cd455429c8550f468af7e9773c8ecc8a540b7b6b65e736807ee7b6e8c33290bb9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
b9c146af309d3faf78dee2a5d581e890

SHA1
756fa4a85dae48772131ef426429adf32841a897

SHA256
d6c939e1ee4fa2fbc55815618f7c41da2909b927241456c078c3116ba7db5326

SHA512
a7bc0411f93486c86b9db20d6f90413eacd0f45c680c2b6189d7a8d5526aa8f9e73f73a8ac951f42ec945e363b9ead7bbf749e94ebf2b8d81effe1dc95097ca3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
2607dedeabcd2aa172a3134ab1bdedb9

SHA1
b3e1faec6d3d0e4e2dbcd65edca84fd5e8485d05

SHA256
3bafbeb91db8018925c20ba237bd5151f416baaf03bcd87f6d647afdce75a287

SHA512
c27f4f4643d9a8c183234a01c45a31b3205022ac24732b832a8c08708ecd9a9853c64e406a114dcbce36a8ff19bf43cebefd8d9413071351bea9f79a826ebccc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
0a0bd6790c0811e3ebbd278817b4bf5e

SHA1
5edc24d0e4e372f4bb1bfed8f6ba69adb1726e43

SHA256
ad90a80688a4b17e1234f3cea7c2586ce1faf8661757a5dfc0b1baaa3d65140c

SHA512
c618dda62778cd1c7db2b431d37514500fb39faedf8d621911fd1321686180bd42a2dbe23e4f5db29ef3827cf581756558bf5e31e7cc37acf3f9965be3cecb27

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
872B

MD5
be26d0692b2fea9c1166790e4e4820e2

SHA1
31bc116f89edb1f5e23cdfe0f0f7d725b9b2adb2

SHA256
0bfb14efbfa92f192a5fc7df1272bece0a6694180cbb43d4f1950e7bb8c091e0

SHA512
23095d7bdfaf541e2f6264f186ebbb37ffbadc09a4871fe9fd55a1a372dcd4fa23983443f04d5b40e78a68b474460c2fc6339ce26c55a16086cb92514111140f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8a862f8387572dba9a6de17d47bf0ffb

SHA1
cc44b5072987d6833b4d3df186fb7ef7b0b4e5be

SHA256
1dd636a834833130e99f59a1f54b9b860c9c8c534120df3bef12e7579e084b82

SHA512
c4eea33163d12f9be2a063eef55a17ab4922a9bc6ac45dfaee08bb6a74c2b6153e695a6ad2be5e494225bf260e3e9d4c1ef1d95ea2ddf4e4384f732f5c3563da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
bfbda7837dc5f334f0f4e2b15108bf07

SHA1
1b81b855dafc8447cd0a1dbca345ea4fbc67144f

SHA256
ef8fd58434f039bfe748ee9c3da40aa53f3c9d12f1ae7f9e7e59cc2ae0f28ee1

SHA512
56dcc60d91efc4a4df37289549a3f6173498e14a7bcd8a1d591f0b7d8985cf13e05db9932a6acd7552a630065c936c07df2d3f2a9bd108c50120730cd478b561

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
35cbd5f61d84014c63171949afeb6d0e

SHA1
5c06030b3d3f74acb7a9e4dc3cafad7c79e689cc

SHA256
3b1f3f4d8602924c33440462119747dc32e4154904f86d44408179f74db6654a

SHA512
cb235986bd56bf60aba6ff21f559009e21ac9309a3d3108ea239fee7cddcf2b9c23808d73e51e7dae553b5860374cd12ac5ca4c5acfc6151dde3d1acf3baf6a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
1d0eb34d23ea7952a4666a0f6eaeece9

SHA1
e7f7866bc8dd7dd0c07b209a371048d3f7c1e3d4

SHA256
7960ef97ea0ed1a7f645e18a09df3e708ceebfe6a186c27e12c94ca96035686f

SHA512
cfc32e60195084db38475f2bba98f4df84bd5e8b51df84e624d4c90c5275b8ce421d19c034adec8c79aadc9b2fd74da7bc454ea86554a801552c3cade8902056

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
410497fdfdafa36c315a311a33b88dfd

SHA1
1d06587c0b195ced258693b759354ba6a762f8e5

SHA256
71669f38e0f71850918cfcd446f2d04c29bd556654361d3e93c8b1513ea4b9ce

SHA512
27ac740f9284959489cfa7c0a58cb8622b08bbabcc8dd087bdc84a297f18e6f8d0bc2fb852b700256f4c54e75726024b0fc1dcd27e55c8abcf048eda2cc3351e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
f9afa9ac289bbe5f20b5ba27d60cd7da

SHA1
330cb6c941a8bcfef7465a7aa585fbaca3025d10

SHA256
37eb5af02750ab73c74f1967032bccf60609ad584497e490c9c912faa0f3bb3b

SHA512
99564dbcceeba7ff78e50555ad7a9842d783c6e387a1dcccd0465d775ddead2429324d34cd2a8d364db36c1f5fdaf57dd28e9e6fe349624756dce3d91966fa8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
435068a13590bb0866a5b37baa347a53

SHA1
80940a07db9e499cc8a73a5317be66593bc13df1

SHA256
321da8b38cb0c19841e6a2b4e82662f559c62b4748a42c6cc17027afd2d1f06b

SHA512
41bbe966f3ad7395d0a2866952456e40012b3db7682362130eb0f7a5aaefb7a16088cf9c4a115f3d5fd7b4aa0c10f4336d01072c4c347ea18b1fa6378c86e533

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7aa3e7d216871983937292c31f755988

SHA1
2a061581084fc85f662988300738bba0bf8d59bd

SHA256
875ed86b2dcf7862caa50e4f5f6bace6f82fe4c52370f6a1732c7dd60d1a690d

SHA512
e98e25fc59688b44685d45cdb13551b1a2febc8b9c8477ebe161b41097763063432999b0fa1346196fb1e42b92c63448655c671f88bbf5d16ff48fae593c2414

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
7e3d5bfd010e6fde90c545b316ad9862

SHA1
0c628058e5e8db4228f61e9cfa930a110575b9ec

SHA256
4356e181145ddde8b06dc8a9ca1e567e773b8e3f56814dff23213ce3f6954115

SHA512
58aada69ce2dac62f33863d8b22272e4a92fdb9461d352e649a50d18a5dafa7d24276f21c2a80508d994056a90dfbd56f7f9191c71919c646ff3193b2bc9c1e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
a77f053687dc425566bd93aae77219c3

SHA1
43493fda08e343a004d897f9109de85bea3d2943

SHA256
4b924013a6a7a445fe6fce260870221cfc979bf0444c53bb16b6c3f2f2ec96d5

SHA512
fb3f908e61b7cd304de1e9fb954ae1fdb5d33546d998b7bdcc45fb123cc5c545678cfcf68fd4592efd9150163d58d628a05631d590e7f243edbdefade4ce7b20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
c6f62c3a89759e927697668f42c87e7a

SHA1
f28aee2a300be0d899551feb8ee6aa0f0b664673

SHA256
ef6c9f914db1f0736b8d4d301adf88746d35f31263ff4cdf7ee88d2bf77fe8c4

SHA512
ee273724ba34d149ee123f5f9689aa61690a7d85c57d835a50cd21361ea11c4c6ab1ec47f89413aa5308b79d74ace3ac687c8e7724a5eb26941871e21b18c765

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
51807801a74baf1c3c7ba99639b74722

SHA1
3111396cb4a6cdf1426955ce277a883c05cb80c7

SHA256
12ded16bd1c3fddb4692a94f27727946157772abf5b27e602fa262e2faa14fb7

SHA512
00d76bb93a899978d3a2c250630f0ec0c22bbdb1325fe22bfb87f22d92ac3409b7b8c43c7fea055147eb364b97eccaef9232d8b74feb9411d33617b499d41f9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
93KB

MD5
74c6be3e3cc008f0e8abab660c580fb3

SHA1
a340834f4e05607ab40f397343c51a99c70e2591

SHA256
17b19fe0b633b36261ca922fd75196c325b52b3e4ff1ac414416053b9f7a305a

SHA512
14a739378c8ab0ed7f300a84695e391c74199ebd12ee49a3bfbfe43a057254222bc0c8d784509320b92876077ca136ee0f41ee0e54fce9e07fe2d6f5ed74d4b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58cc34.TMP

Filesize
88KB

MD5
39cb7fe84ee0ec89b79e66c55e0b98e5

SHA1
f20efb1c94c7329096412ff06a8888896c8923bf

SHA256
03c1bd40568326d4ac08b084780e3a7f23c5f2fb6bfcd91cab70ce4d34546da4

SHA512
4c40fb1132ae83003765f8bd8c0e4b3f6000770235d8da8758f999dcfc0fd48649ba7e2dacfa95c172adaa458cebb73330d0beba0d3003101b20a7147091c7b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
10KB

MD5
eebfb84605e05222e3ad98f4b9f62db2

SHA1
36ddd440df5b2776281ad245a6a57e7a183c09a0

SHA256
4a9b70f7113d5c252937ad9bbfa110031124ffe3643648db3f944111b61bd559

SHA512
90e6f46d36c30783af4032f72beb58eb157849a8197e39945542da8a0c1313cb87e91f18a732f5718ec6a676fcd790458419bcc22c608824416fa6df14bf5ba6

Download Submit
C:\Users\Admin\Downloads\LOIC-1.0.8-binary.zip.crdownload

Filesize
100KB

MD5
c615da1584cf050cf81a08d40309d735

SHA1
ff00f68b03f7bbc785284abd95a54d5b98f7db9b

SHA256
b6d6e0d1dce867836a684a0af278e46ed4a50be49a784ab7bfcb3ed59841c9d0

SHA512
127429a243595b572a3bc9153243f39e4bdb088b72ca5b9d3962fb36c031bd42ae7a8a326aaae76e11bb33df56925e3591a4c07a7cbe2459b336a1074b8e9113

Download Submit
C:\Users\Admin\Downloads\LOIC-1.0.8-binary.zip:Zone.Identifier

Filesize
162B

MD5
8633e5e587a63c9164f9ca57d9630ffe

SHA1
f33df0aa1ff91c5f15b707794cf1a2d3f7b7e309

SHA256
04af77af0721e5c29317868b60e73da9c07ce7031423aed874a062de359d2789

SHA512
ec7331a6c9d57b0eb58a743b27e1e0e4140eabed6e53945901206083bc9436ecf1d7f27780aaace65ea1b647a3ed23e2ab92b4b04e090b99af21a0d01d1391b7

Download Submit
memory/3484-564-0x000000001DE10000-0x000000001E5CA000-memory.dmp

Filesize
7.7MB

Download
memory/3484-482-0x0000000002DC0000-0x0000000002DD0000-memory.dmp

Filesize
64KB

Download
memory/3484-419-0x0000000002DC0000-0x0000000002DD0000-memory.dmp

Filesize
64KB

Download
memory/3484-469-0x0000000002DC0000-0x0000000002DD0000-memory.dmp

Filesize
64KB

Download
memory/3484-418-0x0000000002DC0000-0x0000000002DD0000-memory.dmp

Filesize
64KB

Download
memory/3484-480-0x0000000002DC0000-0x0000000002DD0000-memory.dmp

Filesize
64KB

Download
memory/3484-481-0x0000000002DC0000-0x0000000002DD0000-memory.dmp

Filesize
64KB

Download
memory/3484-447-0x000000001DE10000-0x000000001E5CA000-memory.dmp

Filesize
7.7MB

Download
memory/3484-417-0x0000000002DC0000-0x0000000002DD0000-memory.dmp

Filesize
64KB

Download
memory/3484-415-0x00007FFF84F90000-0x00007FFF85A52000-memory.dmp

Filesize
10.8MB

Download
memory/3484-416-0x0000000002DC0000-0x0000000002DD0000-memory.dmp

Filesize
64KB

Download
memory/3484-589-0x00007FFF84F90000-0x00007FFF85A52000-memory.dmp

Filesize
10.8MB

Download
memory/3484-450-0x0000000002DC0000-0x0000000002DD0000-memory.dmp

Filesize
64KB

Download
memory/3484-444-0x00007FFF84F90000-0x00007FFF85A52000-memory.dmp

Filesize
10.8MB

Download
memory/3484-414-0x0000000000C40000-0x0000000000C68000-memory.dmp

Filesize
160KB

Download
memory/4696-619-0x0000000002F00000-0x0000000002F10000-memory.dmp

Filesize
64KB

Download
memory/4696-591-0x0000000002F00000-0x0000000002F10000-memory.dmp

Filesize
64KB

Download
memory/4696-592-0x0000000002F00000-0x0000000002F10000-memory.dmp

Filesize
64KB

Download
memory/4696-593-0x0000000002F00000-0x0000000002F10000-memory.dmp

Filesize
64KB

Download
memory/4696-595-0x0000000002F00000-0x0000000002F10000-memory.dmp

Filesize
64KB

Download
memory/4696-594-0x0000000002F00000-0x0000000002F10000-memory.dmp

Filesize
64KB

Download
memory/4696-607-0x00007FFF850B0000-0x00007FFF85B72000-memory.dmp

Filesize
10.8MB

Download
memory/4696-617-0x0000000002F00000-0x0000000002F10000-memory.dmp

Filesize
64KB

Download
memory/4696-618-0x0000000002F00000-0x0000000002F10000-memory.dmp

Filesize
64KB

Download
memory/4696-590-0x00007FFF850B0000-0x00007FFF85B72000-memory.dmp

Filesize
10.8MB

Download
memory/4696-620-0x0000000002F00000-0x0000000002F10000-memory.dmp

Filesize
64KB

Download
memory/4696-621-0x0000000002F00000-0x0000000002F10000-memory.dmp

Filesize
64KB

Download