Overview

overview

4

Static

static

1

watch.html

windows10-2004-x64

1

watch.html

windows7-x64

1

watch.html

windows10-1703-x64

4

watch.html

windows10-2004-x64

1

watch.html

windows11-21h2-x64

1

watch.html

android-10-x64

watch.html

android-11-x64

watch.html

android-13-x64

watch.html

android-9-x86

watch.html

macos-10.15-amd64

4

watch.html

macos-10.15-amd64

4

watch.html

debian-12-armhf

watch.html

debian-12-mipsel

watch.html

debian-9-armhf

watch.html

debian-9-mips

watch.html

debian-9-mipsel

watch.html

ubuntu-18.04-amd64

watch.html

ubuntu-20.04-amd64

Analysis

  • max time kernel
    149s
  • max time network
    147s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    25-04-2024 09:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    watch.html

  • Size

    849KB

  • MD5

    a515415ea58d351c022a45e4041fbaa3

  • SHA1

    59a01c20ed7fd08fb4b10c9df7b089f28362fb2c

  • SHA256

    9ef3604a3ac4cd3f25794c6578938dcbe54ce1df7e5aa780c6695865d636e2dc

  • SHA512

    c364fcd9e29e344ba62cca3bed02b856e4c58d99828e6c4aae748deb2549ff9727caac3bf7f3fb8e446af92ab627dfea86840c5dd179e495822086370e9a5f75

  • SSDEEP

    12288:ZWcUcic7cycnctcZcKc0c+2guqrqNlUK331T:ZW2g6

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 6 IoCs
  • Modifies Internet Explorer settings 1 TTPs 3 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Suspicious behavior: MapViewOfSection 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 7 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\system32\LaunchWinApp.exe
    "C:\Windows\system32\LaunchWinApp.exe" "C:\Users\Admin\AppData\Local\Temp\watch.html"
    1⤵
      PID:2644
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:2472
    • C:\Windows\system32\browser_broker.exe
      C:\Windows\system32\browser_broker.exe -Embedding
      1⤵
      • Modifies Internet Explorer settings
      PID:1380
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Modifies registry class
      • Suspicious behavior: MapViewOfSection
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:3808
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:4288
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      PID:4720
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      PID:1624
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      PID:5068

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\2TT8RSZ7\edgecompatviewlist[1].xml
      Filesize

      74KB

      MD5

      d4fc49dc14f63895d997fa4940f24378

      SHA1

      3efb1437a7c5e46034147cbbc8db017c69d02c31

      SHA256

      853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

      SHA512

      cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!121\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
      Filesize

      4KB

      MD5

      1bfe591a4fe3d91b03cdf26eaacd8f89

      SHA1

      719c37c320f518ac168c86723724891950911cea

      SHA256

      9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8

      SHA512

      02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\H57TUCVU\suggestions[1].en-US
      Filesize

      17KB

      MD5

      5a34cb996293fde2cb7a4ac89587393a

      SHA1

      3c96c993500690d1a77873cd62bc639b3a10653f

      SHA256

      c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

      SHA512

      e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\MicrosoftEdge\Cache\8W1LAK52\spf[1].js
      Filesize

      38KB

      MD5

      9df260ef5f689e597011f8a110bf0156

      SHA1

      7cf9959f50ee5c0eb7653cd7b9d56e9e13c61325

      SHA256

      8e184352e6a0026e43c829910615fc408a900dad2f388d1b284756d1a7b0b62e

      SHA512

      099ea70bc08630b933e83c3033ae049c19940ca9e8f0eb42eb764552a9649493606eab56f683aa72df356ef53a9b37a63493a349e86a098fa82aa0ef75387cd8

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\MicrosoftEdge\Cache\8W1LAK52\www-main-desktop-watch-page-skeleton[1].css
      Filesize

      5KB

      MD5

      81b422570a4d648c0517811dfeb3273d

      SHA1

      c150029bf8cebfc30e3698ae2631a6796a77ecf1

      SHA256

      3c8b38d9b8a3301c106230e05beeedbcd28b12681f22fd9b09af9e52dc08635d

      SHA512

      1d4966a88d7cf6be31b8f53547a12db92cabb4c05176abe995c75c8889765ec68b7210c3be75f60954ceb2938412fbdeb94d4d25ddc927f3a89eca76a84a9ebc

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\MicrosoftEdge\Cache\D76JHJ9L\rs=AGKMywEL5K7-A_4pF2tySu6ezb5jv227Tg[1].css
      Filesize

      2.7MB

      MD5

      f0aff14bccc081f9377d6688dc97bcf5

      SHA1

      9e56f3f398498918f967870730b34c2b7f1f2f36

      SHA256

      aa4f967dea0c2d9b349cc0825480f37cc1805fa6c081cccbdc31719cf8374985

      SHA512

      43b388dcd18dd7457f71027a2051eee242b14a7a055f14eab2d863396cb99c6d0cd15c432446f8c9c67ef430612df1f4d7d6347a752c12d2e4b3e811e1ccd740

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\MicrosoftEdge\Cache\D76JHJ9L\scheduler[1].js
      Filesize

      9KB

      MD5

      dac3d45d4ce59d457459a8dbfcd30232

      SHA1

      946dd6b08eb3cf2d063410f9ef2636d648ddb747

      SHA256

      58ae013b8e95b7667124263f632b49a10acf7da2889547f2d9e4b279708a29f0

      SHA512

      4f190ce27669725dac9cf944eafed150e16b5f9c1e16a0bbf715de67b9b5a44369c4835da36e37b2786aaf38103fdc1f7de3f60d0dc50163f2528d514ebe2243

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\MicrosoftEdge\Cache\D76JHJ9L\www-main-desktop-player-skeleton[1].css
      Filesize

      2KB

      MD5

      2a5f27d8d291d864d13eaa1f5cd9cd51

      SHA1

      b39f9b99b924e5251ac48fad818d78999cfd78d4

      SHA256

      056232b6127143e2f8bf4218db355d978e1e96f5dedcce59a9f5d6ab92b437f1

      SHA512

      1b54f1e13cb38e41f2a65db3cdc2bc702a9e963751b1ef0338d67b95816441b0143e1d4dabc99f276a04f9c00570bb8933f1bd87394998b3878c268b08ecf24a

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\MicrosoftEdge\Cache\D76JHJ9L\www-onepick[1].css
      Filesize

      739B

      MD5

      9ace9ca4e10a48822a48955cbd3f94d0

      SHA1

      1f0efa2ee544e5b7a98de5201fb8254b6f3eb613

      SHA256

      f8fdbb9c5cdceb1363bb04c5e89b3288ea30d79ef1a332e7a06c7195dd2e0ec4

      SHA512

      25354aeecb224fd6d863c0253cd7ad382dce7067f4147790ee0ce343f8c3e0efb84e54dd174116e7ad52d4a7e05735039fa1085b739abbe80f9e318e432eed73

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\MicrosoftEdge\Cache\GX070R9J\desktop_polymer_legacy_browsers[1].js
      Filesize

      11.5MB

      MD5

      63f09598758c886c7ba22f21562e647f

      SHA1

      b99ace1b00c10f6feb2cc0e3b206cdda2c4a151c

      SHA256

      0c00d32ff44c9248fb4aa71cd72d9f10d34d66ba9ceb115d30724e0096d0a3ff

      SHA512

      30dfcede27c78a1992873d62a8964f160de96ef4d7d58a05c42b0c7b58da485224405c2f302cc6a3e8fb035c87e83dc43bfcb24fd55c237937ba440bad65f53b

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\MicrosoftEdge\Cache\GX070R9J\network[1].js
      Filesize

      14KB

      MD5

      a36f25447b3d55d31fdfdc30fa31c3f6

      SHA1

      81154e36fdda94a482fb7f079ef683fa3af68f1b

      SHA256

      1432216f926190d39c5e9b17f38a4e075c692650eddb3df32e2a55d6b3eb6f9f

      SHA512

      2b396c5f278953dfb1ffa324e35150cd375218cc993510fc1643df68847d7d951efe2208423fd8f467a46f4b14fd8b3d7af06c7d24ab8f1753789cfc920587fe

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\MicrosoftEdge\Cache\GX070R9J\webcomponents-all-noPatch[1].js
      Filesize

      118KB

      MD5

      cdb51823e23621431f7bea99e1b710af

      SHA1

      71dca4a926c910e4ec3965999f9ea11147172092

      SHA256

      29069dd3d4388d676d9a4c6d04ecf0e9e57362f8385994994e968d977418f41f

      SHA512

      9ca9331c6fedd81157e1363add2acbcff357db8d27171500e5e8641863c234317ba83e4146cd9af8436e2bc82446daf7488ac97fb49eedfdf37ec13ede9062c1

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\MicrosoftEdge\Cache\GX070R9J\www-i18n-constants[1].js
      Filesize

      5KB

      MD5

      f3356b556175318cf67ab48f11f2421b

      SHA1

      ace644324f1ce43e3968401ecf7f6c02ce78f8b7

      SHA256

      263c24ac72cb26ab60b4b2911da2b45fef9b1fe69bbb7df59191bb4c1e9969cd

      SHA512

      a2e5b90b1944a9d8096ae767d73db0ec5f12691cf1aebd870ad8e55902ceb81b27a3c099d924c17d3d51f7dbc4c3dd71d1b63eb9d3048e37f71b2f323681b0ad

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\MicrosoftEdge\Cache\YK5QRPA0\fetch-polyfill[1].js
      Filesize

      9KB

      MD5

      61087064c449660bd5d85ec1b3cfcf52

      SHA1

      88306690d0b3d8f99a3c79bf46f00755d03e7548

      SHA256

      3b97880e54ee3e8c796392eb66b8ee99f550391e574b782444da49550e4e42fb

      SHA512

      f4e2b445d9ace5ef59a2905fb25c5ad63be2231d4ce3b0e29ddb157acccfee62fb30cbc84fd338490dc346fa890bb07fed980d85fe1bec9e6f5c60020edb2784

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\MicrosoftEdge\Cache\YK5QRPA0\intersection-observer.min[1].js
      Filesize

      5KB

      MD5

      936a7c8159737df8dce532f9ea4d38b4

      SHA1

      8834ea22eff1bdfd35d2ef3f76d0e552e75e83c5

      SHA256

      3ea95af77e18116ed0e8b52bb2c0794d1259150671e02994ac2a8845bd1ad5b9

      SHA512

      54471260a278d5e740782524392249427366c56b288c302c73d643a24c96d99a487507fbe1c47e050a52144713dfeb64cd37bc6359f443ce5f8feb1a2856a70a

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\MicrosoftEdge\Cache\YK5QRPA0\web-animations-next-lite.min[1].js
      Filesize

      49KB

      MD5

      44ca3d8fd5ff91ed90d1a2ab099ef91e

      SHA1

      79b76340ca0781fd98aa5b8fdca9496665810195

      SHA256

      c12e3ac9660ae5de2d775a8c52e22610fff7a651fa069cfa8f64675a7b0a6415

      SHA512

      a5ce9d846fb4c43a078d364974b22c18a504cdbf2da3d36c689d450a5dc7d0be156a29e11df301ff7e187b831e14a6e5b037aad22f00c03280ee1ad1e829dac8

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
      Filesize

      1KB

      MD5

      cb9e9c73d3688b51ee1899e25cd1cc7e

      SHA1

      b2d472d87ac099a708b7536b5c30e5e6f0d28b7e

      SHA256

      382e6d80f80afb665a9c3065602a8fb4a6c3ff73c06a0a6937ffc178466d97a2

      SHA512

      74f1d7c3c68c0ae4ebc7b1c270c2138f578b78b591d8c6af4b7bb56fd4f23e5cebdf9748e7045521c72c000e5a4f35adce8e62951470e65c531f95b26b52a54e

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
      Filesize

      724B

      MD5

      ac89a852c2aaa3d389b2d2dd312ad367

      SHA1

      8f421dd6493c61dbda6b839e2debb7b50a20c930

      SHA256

      0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

      SHA512

      c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\Microsoft\CryptnetUrlCache\Content\F2DDCD2B5F37625B82E81F4976CEE400_7E7F4B35EBB8B416ACCF24B4769F575F
      Filesize

      471B

      MD5

      b603241d78e7844b553c22013e5c7165

      SHA1

      53a0a2942e39da5b4952826d3e34eaa2a61e6c8e

      SHA256

      90dbeb0481d3a9c8630e136304332670f8b2a1b2193ccac9bff030bda73ff2d2

      SHA512

      362db93ad33275947e33dfa22594fcdf2d99ad8e22c56e96657fdb17d9c7c96af43fca25fe827216903a12b8c4790fe246c5bd60f017b49e447d629b51a0ba50

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
      Filesize

      410B

      MD5

      b8796159f993e6422e88073d24c8c221

      SHA1

      da6d95751a521073b6494c70a73adc147a5fdfa6

      SHA256

      23cbacdbde4860e5f7b2848fc2716ddb99e08b432d13ad4f14fd6b59e4b0abee

      SHA512

      cbb395650c7136fb7717811e0999c86a7694dcd6ff2a2e63ab3f0337d0e0c8a1c9cffffa073a6319b484ec6fd88c98aa4f80f0477d2b09a5c347768496a521ad

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
      Filesize

      392B

      MD5

      22ae8f5515ca77b4ca8b56caebfa1f2a

      SHA1

      772b75bab1b8364443f54ffd9f546325eab88303

      SHA256

      9576a2cf8fe7c7f16e67f8148987aec8da0ee4c394f38c42923f5a98de62ae0e

      SHA512

      9707fdf9b39d1a11545327e107408120fdb90653a0e4ee2e42e6ae1dc5f0b2abc0da17dc3922618fce06a4c9538b41a7877e6e026d1209957fc2657114a710ce

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\Microsoft\CryptnetUrlCache\MetaData\F2DDCD2B5F37625B82E81F4976CEE400_7E7F4B35EBB8B416ACCF24B4769F575F
      Filesize

      410B

      MD5

      abaf2de0bef2a644e2d08b58528d4f6e

      SHA1

      a3163ebfd3ea364c02661cb8e60165b86d3ec2d7

      SHA256

      bbd54696cef17ab146d23fd7cf1fbcae5af88fde9292bd821122114a11fbaa5d

      SHA512

      55ddf12284fe71f9e041fc44e69b1a9bc7e7925a61ce6ae789ec557e513d743740d78172cc18a04d30591cc134f41c6faddda9762ba477bf5faaeaef31a78344

      Download Submit
    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!121\Microsoft\Windows\3720402701\1568373884.pri
      Filesize

      218KB

      MD5

      13e8857c11c103c86af5a010ba171f66

      SHA1

      dd8f6ee3cd8b1ac01c480e0843c323805c3cf2ae

      SHA256

      8b69fd5d6b540b3080b438f3cf0d42f3266654e786ce7dc5e85855d309e962ac

      SHA512

      8454d4a02c15e12428628aaf9df2f5ec48d261e692a8b4f2e7e81d83c3acd6921bfb2d3ebc76f78f124fd0065852af348bec56a91e7ba9c54525615d6b7804b0

      Download Submit
    • memory/1624-157-0x000002753F830000-0x000002753F850000-memory.dmp
      Filesize

      128KB

      Download
    • memory/1624-159-0x0000027540780000-0x0000027540880000-memory.dmp
      Filesize

      1024KB

      Download
    • memory/2472-194-0x000001C33D470000-0x000001C33D471000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2472-35-0x000001C335030000-0x000001C335032000-memory.dmp
      Filesize

      8KB

      Download
    • memory/2472-16-0x000001C335780000-0x000001C335790000-memory.dmp
      Filesize

      64KB

      Download
    • memory/2472-0-0x000001C334F20000-0x000001C334F30000-memory.dmp
      Filesize

      64KB

      Download
    • memory/2472-195-0x000001C33D480000-0x000001C33D481000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4720-105-0x00000146B7320000-0x00000146B7420000-memory.dmp
      Filesize

      1024KB

      Download
    • memory/4720-91-0x00000146B66A0000-0x00000146B66C0000-memory.dmp
      Filesize

      128KB

      Download
    • memory/5068-181-0x0000029CA0C10000-0x0000029CA0C12000-memory.dmp
      Filesize

      8KB

      Download
    • memory/5068-187-0x0000029CB16F0000-0x0000029CB16F2000-memory.dmp
      Filesize

      8KB

      Download
    • memory/5068-185-0x0000029CB16D0000-0x0000029CB16D2000-memory.dmp
      Filesize

      8KB

      Download
    • memory/5068-183-0x0000029CA0CF0000-0x0000029CA0CF2000-memory.dmp
      Filesize

      8KB

      Download
    • memory/5068-179-0x0000029CA08E0000-0x0000029CA08E2000-memory.dmp
      Filesize

      8KB

      Download
    • memory/5068-176-0x0000029CA08C0000-0x0000029CA08C2000-memory.dmp
      Filesize

      8KB

      Download