Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17-04-2024 01:59

General

  • Target

    Infected - Copy.exe

  • Size

    63KB

  • MD5

    2c40ce53a2c2805462f0be056ed82d58

  • SHA1

    400fe214fa8ddbb9745bfe293678c4d41c234cad

  • SHA256

    a2f0e4af244f31133cf9a0d50e643e5989792a5b77af1284b94f91f68d318ea7

  • SHA512

    d105d7b237c938b52edab95c62ea72c5fb2b81cd8746a27bc7738da5c98418dbf836431f5c166eeec16c836dc8a3e5535d2db1cdb2e11c30bf7aa5d6a7629bda

  • SSDEEP

    768:VFVsjkUAON78iHC8A+XuqazcBRL5JTk1+T4KSBGHmDbD/ph0oXw6xo4JISuDdpqM:VwAOJ9dSJYUbdh9TBuDdpqKmY7

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

127.0.0.1:23638

147.185.221.19:23638

teen-modes.gl.at.ply.gg:23638

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

  • Renames multiple (1274) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

  • Drops file in Program Files directory 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Infected - Copy.exe
    "C:\Users\Admin\AppData\Local\Temp\Infected - Copy.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of AdjustPrivilegeToken
    PID:1712

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\Java\jdk-1.8\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif

    Filesize

    160B

    MD5

    4e92058ec101e0dac2471e6e27d21d22

    SHA1

    f8563bcaefbab106481aac6e29e0a148288f14e4

    SHA256

    cb2da209446c1011f63f95b2e0c7efd91a056f3ca15b2e667455ad00c5923781

    SHA512

    5db1e636e326f92bc74b86e8b22ce806d37be3d07fadec20641623174c17db848ca93d231b58465b4b379b921d9a86d361188825d9e83f6c25f4b55f5db41be9

  • C:\Program Files\Java\jre-1.8\COPYRIGHT

    Filesize

    3KB

    MD5

    b6a210d2da749a0af8b2433d4428c04c

    SHA1

    cec8a3212e88bc778348eb7464cae60f4634d691

    SHA256

    c4a455986f992297d668f44e729d582ada5571ec4fe8e4e1fce13d2b1e6d05be

    SHA512

    c72b34af9fd021455ef3c1443a4db1f3702d19fc546a9b3d6ca46b3d4883154caed9ebf182360eab778e3f4c892c34555b1754e276634b7191d28c453b9f57f4

  • C:\Program Files\Java\jre-1.8\LICENSE

    Filesize

    48B

    MD5

    65e9c05d29bbeb2d1fc87d9e96fcadfb

    SHA1

    1214ddc6d654d4fbdda2c761e37b0b2202548bd3

    SHA256

    c820b57187e68896fd0cd59fbf3e002bfc137380c814cc0198821786db4beca7

    SHA512

    79065c28e8d4f66b20968bde71b160e5b0153c33a268eac62fde2d8756373f485cb1ed2cf435566900bf7842ad08bef19888dfa6d6c807ad0a39a26e2ba9f835

  • C:\Program Files\Java\jre-1.8\THIRDPARTYLICENSEREADME-JAVAFX.txt

    Filesize

    192B

    MD5

    3f76d1d4efff23e66a25be39a8903d6b

    SHA1

    f17817cd8652ca17be6486da6b5ce389b454646b

    SHA256

    ee4e21f70ea55bd076f4121d8ffdd2362ae099f825d2138e7544409b7e9cf765

    SHA512

    7ffedff8e409f464128311a355d2d474bc6ac6587d9bdd58544bee220b16baee687a1acbae5cfe450f3a8430276194c1d47776343df1165c13f7efa4e145bc03

  • C:\Program Files\Java\jre-1.8\legal\javafx\directshow.md

    Filesize

    1KB

    MD5

    8d1609256f9e0b0e6e3bf75560970492

    SHA1

    6912eb0b4bc08979cb50ffb2772f0760be4a24f9

    SHA256

    a811605be9331ade5b8905f0be5ae54b9c93f5a5b1f35a6a3cb74727a59c2212

    SHA512

    1214f94314aebdddc076cd9e48bdba9c13f74c2acd728a1f2a73f8d724b3f1d413efe75a54eca158c1fad7d30cc97ca2753abae7389ef4222452fdf63cba216a

  • C:\Program Files\Java\jre-1.8\legal\javafx\glib.md

    Filesize

    31KB

    MD5

    6989820c49bca95aff0adaa052fd7f2c

    SHA1

    df3760ebf2c39a77dd3d1f992bc2256f6f578a29

    SHA256

    13cc20f82bb6a7d7b65d53c576d2e86cb27ef8fae1fc94eef288ad46ca2ded40

    SHA512

    736c547d7904825ae076c238b900b50dc6905e1bc120a55fd5b295ab02e507af5a966c8ab830a66ac182360565f1e8948121cd5aa7067569cc83b22c8a1739de

  • C:\Program Files\Java\jre-1.8\legal\javafx\gstreamer.md

    Filesize

    34KB

    MD5

    0f4f17890809a567079487938e2a2e47

    SHA1

    c467dc5cb1f34a00601487abf97816fcf4b04258

    SHA256

    2418c584f7542a606c5b5bfd297e3b1ee861c7d56747418ecbb51fca6075503b

    SHA512

    34b150bae47a7e84f81b2886b78776ca4e6edf935f078cb12d50d5d5780b9ed0dc22cc4f09fba338ac67ddb1ce32e670ca021ed4f98abb9ae826695063d09223

  • C:\Program Files\Java\jre-1.8\legal\javafx\icu_web.md

    Filesize

    23KB

    MD5

    2ec51e10032b5d3030df85531bfade98

    SHA1

    d4c8ea4f049f1d977c76b310f137978a155c1297

    SHA256

    3f168fb7b34c88d94004c1e8add93dba4722e974fafe9f185702c81b078857b7

    SHA512

    0dc488c7b9caac28355efe1c669c8b4e18bfa7d6f82f70cbbce30b76c88c202dd0455b37af79f889a8d3b03a57a823e16ab89ef211e522a2971f1e3ba7c36554

  • C:\Program Files\Java\jre-1.8\legal\javafx\jpeg_fx.md

    Filesize

    2KB

    MD5

    46aac4a31892e7d615c6ba8880385e0c

    SHA1

    7c99045cbc1c7aa178c4ecb317df6c74707c9273

    SHA256

    e4ef6277d01d1f2f3292f60ebe7ac64a34fe02ec0bc80c4675f2eb1805bcc853

    SHA512

    8258ca8672b7c7b56b35a5804efeb0d3fbaf3f9e22584085506a317107d66b37f0a91ca4b0395d7d9bbd1025ed86f30d54eaeafdbf6036f8a47d1f1b3cdbe879

  • C:\Program Files\Java\jre-1.8\legal\javafx\libxml2.md

    Filesize

    3KB

    MD5

    31fb43787a2eab8924e1032de13de8e5

    SHA1

    3db6eeeaf8c8dcc9b9414771c955950669b0df1f

    SHA256

    954b0e5dae89e1ed08b1a7dc6da9b291a41d467da9ff7cf2f3a721843368bb5a

    SHA512

    c59015af02144fb2778ae35a29d4470cffb0a706612368e7450fcb378ec2070d6fa96da2922a35ca3b562a0133b1c72473d78e446997479171dfe077f0cf58b6

  • C:\Program Files\Java\jre-1.8\legal\javafx\libxslt.md

    Filesize

    2KB

    MD5

    5a691363034b0920cc02a102591148fe

    SHA1

    c6d2f5993a67ef98a3c6a96bf1abd1b31f4884a7

    SHA256

    f73e9756160c9ea719f40d9307a251870bfacb484c6043be126a68cfa1b4a5e7

    SHA512

    9572b4758dcac18eac85ceccac0bae5a1adb3a64658a853ee0a9e1f48e3a70d4842c127c035c109153e274feee25c4014f24788aeda5c9e7d632830afe4e63bc

  • C:\Program Files\Java\jre-1.8\legal\javafx\mesa3d.md

    Filesize

    5KB

    MD5

    e3577d47efa76b34faf081bff3138bb1

    SHA1

    6db727ac2c0c58a6f863b1b8b51e8c8b1b6a8119

    SHA256

    b3c2605d322f8403d7b7a1d0f36b0ceaa736d10b7e63eff351a7a4c9b7716bfc

    SHA512

    9d02ebc7dc452a8f5d370a2a51ef90359235ca6ac726699359fbfedb2caad69fc69bf097ada5d7e5165ba670b2c1b0f024e309ec9fddddc200b3cdacbf19fb79

  • C:\Program Files\Java\jre-1.8\legal\javafx\public_suffix.md

    Filesize

    17KB

    MD5

    893f24cf89723e24d1c4542897b19f86

    SHA1

    ef90be915867ee5c32f87d6fdb0d7c7337ef3bc7

    SHA256

    d014f7369d4e4199ca474892618d5004fe3aa0fd2e6d421103944d3afa97b43e

    SHA512

    26b5916f70fce3786c3259a899f684e3e7f164719fabd6937e6c28a1fe3075a60598158d304cdab22039bd0e1f6eb00efd21207761e4de7079004e38517653db

  • C:\Program Files\Java\jre-1.8\legal\javafx\webkit.md

    Filesize

    320KB

    MD5

    e4df838c985eb28e67f422103a427b09

    SHA1

    2bdd2591901f32368f918407610c03920aa94ff6

    SHA256

    1c1f5b77ea0b4de9407ef8346ac11f5eec404e85bd373bfd429d4e8351458e59

    SHA512

    f38309e0a3c877cdb6fac01bcbaa47eb14b3de123364352b41acc54c91659cb8d814d67403528cc3c6d68620bcf953ba6cceeba9c8bb7fb56cdeea544aaf1079

  • C:\Program Files\Java\jre-1.8\legal\jdk\bcel.md

    Filesize

    10KB

    MD5

    1af85b151f91e11ba9e27127a3dbe2f1

    SHA1

    9ba638e80b3a19bc6831057aec4633ad089b8295

    SHA256

    764b2d195c06396159f139d564a3da5bc50804a6f0f76787403902fd8196a164

    SHA512

    6e6c3f02fae03fe94a2da1523adffeba2208c48cb141e702058f830da1c371222368be8ddc3d47d93d6c67a815529496a2b76ac9d18cc6a0a674baf865efc450

  • C:\Program Files\Java\jre-1.8\legal\jdk\colorimaging.md

    Filesize

    176B

    MD5

    97266b30aaae42e124702cdc7167d02b

    SHA1

    9db9761280cdbf2e73996c0a6feba271b8fbb8ad

    SHA256

    44c284727f3f267d4bf96aabf4001ec354cdbdb55407284a031faef85b4bf070

    SHA512

    e49d7c1ddfa5718bd85c14fa62974f6b797ebc611d0e3ac09b50669f771212be662a8fb81ba30d1bf9d83ad5de94cee4e890151aa495a6560ddb64c9d218794b

  • C:\Program Files\Java\jre-1.8\legal\jdk\cryptix.md

    Filesize

    1KB

    MD5

    77d35705355112def03678f0a8e65bca

    SHA1

    54d407613ff57e149696a19be25a258d31044623

    SHA256

    13da17adc16d828812636eb473a69069682e2544528dd8a6405c1d4f52320deb

    SHA512

    26d783ec16b078d571bb2356871ba332c86bc8b23da0fee7b5b29871ddc9546e18d8acb7f9e67d31f9a7adb33c7d149acb62aad5688bb5880eb5fd6b9ee1468d

  • C:\Program Files\Java\jre-1.8\legal\jdk\dynalink.md

    Filesize

    1KB

    MD5

    08381e5c2f54328d43b1aad62f0b3bc8

    SHA1

    0563c41b56150f246d5dfabdc80476a258c7f843

    SHA256

    94aeb4eb4e34325087a9e11cacf8ab7db2ed4ffc84fa4c63abf9467e87b0e213

    SHA512

    3693cac52b80dbee4398b5574555db57952607ac4a5143b5582a802bbbf632af24d5fe240d7187df4870fcb4c50c42c8cb8d94f31526d546e5a8bb7210551eb3

  • C:\Program Files\Java\jre-1.8\legal\jdk\freebxml.md

    Filesize

    2KB

    MD5

    60c83a4431c6bbc9ce914103ae80816f

    SHA1

    762e39e7c514b7ff67623af110db621cdd25ffb2

    SHA256

    62b8e124f93dea4b0ddf9061298fab86609676c3b806070f5cfe1956c5cd7254

    SHA512

    fcc21802cdcfe50c731f86398f5eb24d0aee65f0542de94355278d07af0afe6c7781fbdcf374bf3cae2a09bbb8cf62592c18f9d28866782be4e805c7d11bde9e

  • C:\Program Files\Java\jre-1.8\legal\jdk\icu.md

    Filesize

    2KB

    MD5

    4acb71f4dcedd23506b4606844c959cb

    SHA1

    90da79e7be2560dc95355fe59918e51d1dc2201b

    SHA256

    73a7ffe7b6c0e8dc76a842fee9e806dde27aae6f78c289c5ea651cabfb8bf366

    SHA512

    af83b230681a64e9ab9ce998e67949a4054e1a4ddd39888dcb0ebc4ae3b4b0fe2ecc29e34ecb55efa54253e48ec9cf897809009b22d3eeb36c940b6fe13bdf8d

  • C:\Program Files\Java\jre-1.8\legal\jdk\joni.md

    Filesize

    1KB

    MD5

    2125d93be0a5b72120f63ba4729bd0dd

    SHA1

    b2a194398383116968de129086291fdd21eb8144

    SHA256

    7f5217a7e707ea61100b30d2280afc572f3eb608910045ee7deef9e4ade3f980

    SHA512

    a489a29a61067859b110e1239cba71902b24d2da80eb444f0a10c53cc9d91c0ef9972e03d240e253125e7ea44c266fe3121e14ebba7e525688aa0f289221722b

  • C:\Program Files\Java\jre-1.8\legal\jdk\jopt-simple.md

    Filesize

    1KB

    MD5

    e2596755e97786ed71cee8d43853d8d0

    SHA1

    c089d7bdc6c09145ce36ad51f6e2129665f2a8f6

    SHA256

    168f07948a29bb746b5f1a81a14acd49dfdefb455efd2ad65c241a769c7496b1

    SHA512

    f09f853b0f3d7b976291ee42e3674473211b954e3546deebf4990cbe1e30e9efa6f609e4cf5d327903df05193f5d1d46231e5c02cdc79b36136c70e6f396dcae

  • C:\Program Files\Java\jre-1.8\legal\jdk\lcms.md

    Filesize

    2KB

    MD5

    71a84fffc5ce8caff6eec8d2b96d9874

    SHA1

    b43aaf9252bc5272863adeb652d5c97348c6f8f5

    SHA256

    69e6c54f3940374f5cc1a1539712e2f7306849a641955bab5e1d6b88ac4ca846

    SHA512

    47313ff21564b8d29af5d74ce0c9fc68c0c5aa26f90f2f3eca85e45b57698071dad444b021ad6657fb0fea559a2704bdc3067b9c037e1fbf53fd4f72057d7eb0

  • C:\Program Files\Java\jre-1.8\legal\jdk\libpng.md

    Filesize

    6KB

    MD5

    d2595af554d04a3257c34e2ca965f742

    SHA1

    65858e2541388ceca144afd8bc848bfe4e0f4340

    SHA256

    a354a5baa061165fa171e1f5414e4887568ff763234d4b55f7b16cd9c2047fd6

    SHA512

    a48eacd1976467852b2f3bfb63c6d05acb50ca61665599cfa13a37992901d9fb686d3ae2144d952ae1acca4e07477be11a01d7f2c56e5a8404210ae161986e18

  • C:\Program Files\Java\jre-1.8\legal\jdk\mesa3d.md

    Filesize

    5KB

    MD5

    6f892de18fd70831bee22b2ff3268d62

    SHA1

    790d519c668c9c25dfb46f12c07ea7f920765b6c

    SHA256

    fec4df39d45932adebae229c6471f53e6b0304853330d361a7ba2393bd8bd577

    SHA512

    8b27aa4f6a7b4db7f807423da64c6fbf181dbf54f52c0c8bf35b67bf3788aa4ee47abedd09383c4dd26b023cfea7fe3d23963465a03f7c40350c212c93d63f72

  • C:\Program Files\Java\jre-1.8\legal\jdk\pkcs11wrapper.md

    Filesize

    2KB

    MD5

    72dcd79cabf501b2773b680f7e23810f

    SHA1

    b1933503ba624214e0b8de914403d27ac13bcb09

    SHA256

    aaa1f0091824a6ab877b677e40fd3b0690b2e9098a303b28d38b0b6f2621d70c

    SHA512

    b778c88ae5ad4df7efe7ff1671684e14e8f20d723ffb0ab02f14cb6336a14e920bbbc9a6057b9437d74ebc569db4a683674e11457e7f8f411746702bfe7d9a2f

  • C:\Program Files\Java\jre-1.8\legal\jdk\relaxngcc.md.ا̘͜ل̬͓͖̘̜̀ͅف̹̙̖͈̣̀و̠͕͖̀ا̛̲ل̸̘̺ف̶̹و͚̖̗̙̝ض̨͇̮͓̠̠ͅى̹̗̯͡ض̢ى̳̬-aj219sj1Uain

    Filesize

    2KB

    MD5

    8dd3213bdab0e0a11f8fe61266f91f8f

    SHA1

    346e36b738242980955b57b96754483d8df61ed3

    SHA256

    cec64a2e3536277076ace7bbd0d0baa5aab93c4ee1a4c72bff35072900048543

    SHA512

    06c5e1130cebdc23fe043e12870d25bc3ccd869538be64588f98272c2b473bfbaa606cbcfa24d341beda2bf22ee097c1132e6f41e72ac11193d9350f45fdd779

  • C:\Program Files\Java\jre-1.8\legal\jdk\relaxngdatatype.md

    Filesize

    1KB

    MD5

    19e94f1654b1be44d3c8775f0f7afbf4

    SHA1

    9fc44fc8163ec7881a0fa1580e83a249644ee2e0

    SHA256

    f26cf11208d73d855f0f40a00ef5bbd1afa37bdd0a396efd69cbb75ec0ce4c8f

    SHA512

    1a2a4858b5115705af22162cfff170803a588e9c1500610aaef07678d9e577d873ffd6672d436b33464dcfdbf454210dd287d9865cde251f5546c284388293dc

  • C:\Program Files\Java\jre-1.8\legal\jdk\relaxngom.md

    Filesize

    1KB

    MD5

    de6e47d6f0f414992c6fe99c9040d487

    SHA1

    6914c049db8cfdf335491cd6edc73b8046891557

    SHA256

    ff78cd731dc70aa75c47a9e0c5de2417fc8e7284aff73d2d0e0802db3dc15e07

    SHA512

    d888845164eb0cfc5753d1cc7b03d519f7ffec0fa7d110e424f91cb7bc2c708d149732378c20d7e18d9aa48e4671941b010b59bcd2d47514a4e45a67f66c0cad

  • C:\Program Files\Java\jre-1.8\legal\jdk\thaidict.md

    Filesize

    1KB

    MD5

    4e9489987fb5b780e08ee230aebad13f

    SHA1

    991d68308ec33b6a3a025095614dff990038e565

    SHA256

    a7c32577240ce62879ad610032163aa3e060ac1d0e8fa3264ecac958ca6995f4

    SHA512

    041e116fbfc749389f5d001f55a827ec460f1cf174e073b5fbb6a47dcc4ed0dbd709a995e8f5aef01b22181c2c98bfaa4db7f5478d7e7b81844dfae0a8c982cc

  • C:\Program Files\Java\jre-1.8\legal\jdk\unicode.md

    Filesize

    2KB

    MD5

    742c809a990b6e5b102d4f992f8f9918

    SHA1

    159192964c6126329d7a77076b89702ec29dc949

    SHA256

    51a4f21ea62da96266b06cdc07a8f94aa5bbf92f9896af55e77ecdbed7bcaca3

    SHA512

    2bbe80da3c43018b9318c5addf5abfe0f09daef1976579986133790344814ad67746e6cb2a2bbbcd6a2392944186e66b95c0031e0e69187cbd3ab71f6ba15924

  • C:\Program Files\Java\jre-1.8\legal\jdk\xmlresolver.md

    Filesize

    11KB

    MD5

    4694cedc723aece518c6b3815c2f24bf

    SHA1

    8b467ed3226245de94737c934854c8527d6180ec

    SHA256

    11f1fb1cd8e6cadb8d1dbc09f123bd440b9dce4177753c08cdd435639206a136

    SHA512

    a82bab0ffe8d7171acb28e4e93fe6b6831e1a88f809f05a21a79b23f1bf80ad3d067292b1271e98e3870ea0d1994218b885bb1eaed12053aab46412c3e26fc9d

  • C:\Program Files\Java\jre-1.8\lib\images\cursors\win32_CopyNoDrop32x32.gif

    Filesize

    160B

    MD5

    7e922c2b104736dd8e27ae9856315a71

    SHA1

    409fd216405e74f844fa02618ba28d4a09c1506b

    SHA256

    fda2c11b05f4569913fdfe1932796d281c4f42a41d31452faf5664e2233e2833

    SHA512

    a7d56122c3e8c690b5c360cbf19539ed278a90415763bb548efecad5f8c07ed8199e030ad7e51f8c165b319b6f3180593b0ec88731e8bf2ce87c3617893c4a19

  • C:\Program Files\Microsoft Office\root\Office16\1033\ClientSub2019_eula.txt

    Filesize

    48B

    MD5

    f5222fc3c78f4b186d22f3da94db6448

    SHA1

    d78721cd30d47f5d1c7146bc4402adecfe7ba0dc

    SHA256

    732e9300e655455d408f7cbaf931e1d0bd903891b9594e312722d0018bd0a717

    SHA512

    b0098c949a5fbde5746dde57feaeba62d4ca523bd697e4867b889e1c0e9d1e7c053b28c17113ea240b897b83eaf338a45b0f484d62967f0cc5527a4c1393211d

  • C:\Program Files\Microsoft Office\root\Office16\1033\WacLangPack2019Eula.txt

    Filesize

    48B

    MD5

    fb4f83682b95cbcf7af00a66476be4df

    SHA1

    e6bbb863485a25428088d5d69c6e6a57cf171edc

    SHA256

    e6d85de28fff326cb4c1292a27a0ff8bc83664ec746990cfa3a9be2fc0a37497

    SHA512

    8dfcaa91cccb0112b32c3b9c14be1780c0e01e502e0c3a5190bb1a48fac3292412ce6c2c1b55f5e5af517c2bc080969875f79acfa8f108bed58574fbde5ced20

  • C:\Program Files\VideoLAN\VLC\locale\da\LC_MESSAGES\vlc.mo

    Filesize

    584KB

    MD5

    f0bab0aede84fcc235206a4de32664bd

    SHA1

    d4ae739a15ecfb8db12bfdfca919820d2475cc5d

    SHA256

    6a1398e049a0175fc5521996de1e9ceca02aaedc48471f7f194f22ef30ef2e3a

    SHA512

    0e3f9da76019e8f6430e65489ab0358255acb9f7cc6c1c2c7901fc37214df3265fcddb18be47282867cc8cecd9a8b0965e77cbf68bc181811a3fb8e619e9dc3c

  • C:\Program Files\VideoLAN\VLC\locale\el\LC_MESSAGES\vlc.mo

    Filesize

    831KB

    MD5

    a0dd6b2a567a94dbd654a4882645cbaa

    SHA1

    aded12a72cac7ef0dc8a17a562a6ca798a882e54

    SHA256

    80dfec4558b1ef3d6617a1057705adea2e608bacb3b10f60f788a3cc5a25c90a

    SHA512

    22dc3770a6841b558b7743111d5b9fc273c12b08d55a8ce6274d1a4771d11bb22143d61c51caff27f0ca5f12eebeb9e47f12eda2dda987e572ce2fa7cedc6de6

  • memory/1712-7-0x00007FFA6EFF0000-0x00007FFA6FAB1000-memory.dmp

    Filesize

    10.8MB

  • memory/1712-8-0x0000000001270000-0x0000000001280000-memory.dmp

    Filesize

    64KB

  • memory/1712-0-0x0000000000A50000-0x0000000000A66000-memory.dmp

    Filesize

    88KB

  • memory/1712-2-0x0000000001270000-0x0000000001280000-memory.dmp

    Filesize

    64KB

  • memory/1712-3-0x00007FFA8D3D0000-0x00007FFA8D5C5000-memory.dmp

    Filesize

    2.0MB

  • memory/1712-4-0x000000001D680000-0x000000001D6F6000-memory.dmp

    Filesize

    472KB

  • memory/1712-5-0x0000000001280000-0x00000000012B4000-memory.dmp

    Filesize

    208KB

  • memory/1712-6-0x0000000002C10000-0x0000000002C2E000-memory.dmp

    Filesize

    120KB

  • memory/1712-404-0x0000000001270000-0x0000000001280000-memory.dmp

    Filesize

    64KB

  • memory/1712-1-0x00007FFA6EFF0000-0x00007FFA6FAB1000-memory.dmp

    Filesize

    10.8MB

  • memory/1712-9-0x00007FFA8D3D0000-0x00007FFA8D5C5000-memory.dmp

    Filesize

    2.0MB

  • memory/1712-10-0x000000001EA30000-0x000000001EE38000-memory.dmp

    Filesize

    4.0MB

  • memory/1712-239-0x00000000375D0000-0x0000000037A9C000-memory.dmp

    Filesize

    4.8MB

  • memory/1712-3464-0x0000000001270000-0x0000000001280000-memory.dmp

    Filesize

    64KB

  • memory/1712-3463-0x0000000001270000-0x0000000001280000-memory.dmp

    Filesize

    64KB

  • memory/1712-262-0x000000001AF40000-0x000000001AF72000-memory.dmp

    Filesize

    200KB

  • memory/1712-403-0x0000000001270000-0x0000000001280000-memory.dmp

    Filesize

    64KB