Overview

overview

7

Static

static

3

f7c5c1bdc8...18.exe

windows7-x64

7

f7c5c1bdc8...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/04/2024, 10:08 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f7c5c1bdc864f26de17d3476cdad2afc_JaffaCakes118.exe

  • Size

    189KB

  • MD5

    f7c5c1bdc864f26de17d3476cdad2afc

  • SHA1

    b27ad10df04b9183473cc351887e30f5b5d74d6a

  • SHA256

    50fc7cf932afde372c99253d7c377e9b520051641577a8ca53a0c32f4bfa16c9

  • SHA512

    7f55c1b8d474786328d0545e8b6a0fbf8963cc57f986a312d9e6b7f910a758553b9fc33e545466e130300ab8c298f6e2faf1d9c0554ec5ac3da335ebf80dcb32

  • SSDEEP

    3072:ocUcm0X3qDOUwUNvo8Hj/64qDuibRsksL7I:ocUK3qDpvTT6LDuib2PA

Score
7/10
persistence

Malware Config

Signatures

  • Executes dropped EXE 2 IoCs
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Suspicious use of SetThreadContext 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 19 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f7c5c1bdc864f26de17d3476cdad2afc_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\f7c5c1bdc864f26de17d3476cdad2afc_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1940
    • C:\Users\Admin\AppData\Local\Temp\f7c5c1bdc864f26de17d3476cdad2afc_JaffaCakes118.exe
      "C:\Users\Admin\AppData\Local\Temp\f7c5c1bdc864f26de17d3476cdad2afc_JaffaCakes118.exe"
      2⤵
      • Adds Run key to start application
      • Suspicious use of WriteProcessMemory
      PID:1168
      • C:\Users\Admin\AppData\Local\Temp\sesdessecetra.exe
        "C:\Users\Admin\AppData\Local\Temp\sesdessecetra.exe"
        3⤵
        • Executes dropped EXE
        • Suspicious use of SetThreadContext
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:4644
        • C:\Users\Admin\AppData\Local\Temp\sesdessecetra.exe
          "C:\Users\Admin\AppData\Local\Temp\sesdessecetra.exe"
          4⤵
          • Executes dropped EXE
          PID:3396
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3896 --field-trial-handle=2744,i,16362475727591565961,3676688664819797550,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:3104

    Network

    • flag-us
      DNS
      196.249.167.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      196.249.167.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      0.205.248.87.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      0.205.248.87.in-addr.arpa
      IN PTR
      Response
      0.205.248.87.in-addr.arpa
      IN PTR
      https-87-248-205-0lgwllnwnet
    • flag-us
      DNS
      urcdw.zavoddebila.com
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      23.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      23.159.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      tux.shannen.cc
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      tux.shannen.cc
      IN A
      Response
      tux.shannen.cc
      IN A
      199.2.137.20
    • flag-us
      DNS
      20.137.2.199.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      20.137.2.199.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      217.106.137.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      217.106.137.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      86.23.85.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      86.23.85.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      171.39.242.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      171.39.242.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      17.143.109.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      17.143.109.104.in-addr.arpa
      IN PTR
      Response
      17.143.109.104.in-addr.arpa
      IN PTR
      a104-109-143-17deploystaticakamaitechnologiescom
    • flag-us
      DNS
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      fghfg.translate-google-cache.com
      IN A
      Response
      fghfg.translate-google-cache.com
      IN A
      199.2.137.20
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      172.210.232.199.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      172.210.232.199.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      14.227.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      14.227.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      18.24.18.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      18.24.18.2.in-addr.arpa
      IN PTR
      Response
      18.24.18.2.in-addr.arpa
      IN PTR
      a2-18-24-18deploystaticakamaitechnologiescom
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • flag-us
      DNS
      25.73.42.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      25.73.42.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      urcdw.zavoddebila.com
      sesdessecetra.exe
      Remote address:
      8.8.8.8:53
      Request
      urcdw.zavoddebila.com
      IN A
      Response
    • 172.217.169.74:443
      46 B
       40 B
       1
      1
    • 199.2.137.20:5900
      tux.shannen.cc
      sesdessecetra.exe
      1.2kB
       52 B
       12
      1
    • 13.107.253.64:443
      46 B
       40 B
       1
      1
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       252 B
       7
      6
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       212 B
       7
      5
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      906 B
       212 B
       7
      5
    • 199.2.137.20:5900
      fghfg.translate-google-cache.com
      sesdessecetra.exe
      860 B
       172 B
       6
      4
    • 8.8.8.8:53
      196.249.167.52.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      196.249.167.52.in-addr.arpa

    • 8.8.8.8:53
      0.205.248.87.in-addr.arpa
      dns
      138 B
       256 B
       2
      2

      DNS Request

      0.205.248.87.in-addr.arpa

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      23.159.190.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      23.159.190.20.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      tux.shannen.cc
      dns
      sesdessecetra.exe
      60 B
       76 B
       1
      1

      DNS Request

      tux.shannen.cc

      DNS Response

      199.2.137.20

    • 8.8.8.8:53
      20.137.2.199.in-addr.arpa
      dns
      71 B
       129 B
       1
      1

      DNS Request

      20.137.2.199.in-addr.arpa

    • 8.8.8.8:53
      217.106.137.52.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      217.106.137.52.in-addr.arpa

    • 8.8.8.8:53
      86.23.85.13.in-addr.arpa
      dns
      70 B
       144 B
       1
      1

      DNS Request

      86.23.85.13.in-addr.arpa

    • 8.8.8.8:53
      171.39.242.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      171.39.242.20.in-addr.arpa

    • 8.8.8.8:53
      17.143.109.104.in-addr.arpa
      dns
      73 B
       139 B
       1
      1

      DNS Request

      17.143.109.104.in-addr.arpa

    • 8.8.8.8:53
      fghfg.translate-google-cache.com
      dns
      sesdessecetra.exe
      78 B
       94 B
       1
      1

      DNS Request

      fghfg.translate-google-cache.com

      DNS Response

      199.2.137.20

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      172.210.232.199.in-addr.arpa
      dns
      74 B
       128 B
       1
      1

      DNS Request

      172.210.232.199.in-addr.arpa

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      14.227.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      14.227.111.52.in-addr.arpa

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      18.24.18.2.in-addr.arpa
      dns
      69 B
       131 B
       1
      1

      DNS Request

      18.24.18.2.in-addr.arpa

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    • 8.8.8.8:53
      25.73.42.20.in-addr.arpa
      dns
      70 B
       156 B
       1
      1

      DNS Request

      25.73.42.20.in-addr.arpa

    • 8.8.8.8:53
      urcdw.zavoddebila.com
      dns
      sesdessecetra.exe
      67 B
       140 B
       1
      1

      DNS Request

      urcdw.zavoddebila.com

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\sesdessecetra.exe
      Filesize

      189KB

      MD5

      f7c5c1bdc864f26de17d3476cdad2afc

      SHA1

      b27ad10df04b9183473cc351887e30f5b5d74d6a

      SHA256

      50fc7cf932afde372c99253d7c377e9b520051641577a8ca53a0c32f4bfa16c9

      SHA512

      7f55c1b8d474786328d0545e8b6a0fbf8963cc57f986a312d9e6b7f910a758553b9fc33e545466e130300ab8c298f6e2faf1d9c0554ec5ac3da335ebf80dcb32

      Download Submit

    • memory/1168-3-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/1168-6-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/1168-7-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/1168-15-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/1940-0-0x0000000000400000-0x000000000043A000-memory.dmp

      Filesize

      232KB

      Download

    • memory/1940-5-0x0000000000400000-0x000000000043A000-memory.dmp

      Filesize

      232KB

      Download

    • memory/3396-25-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/3396-29-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/3396-23-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/3396-37-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/3396-26-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/3396-27-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/3396-28-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/3396-22-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/3396-30-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/3396-31-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/3396-32-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/3396-33-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/3396-34-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/3396-35-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/3396-36-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/4644-20-0x0000000000400000-0x000000000043A000-memory.dmp

      Filesize

      232KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.