Analysis

  • max time kernel
    150s
  • max time network
    149s
  • platform
    windows10-1703_x64
  • resource
    win10-20240611-en
  • resource tags

    arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system
  • submitted
    21-06-2024 09:11

General

  • Target

    https://www.youtube.com/watch?v=2dthCcDtjpY

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 6 IoCs
  • Modifies Internet Explorer settings 1 TTPs 2 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: MapViewOfSection 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Windows\system32\LaunchWinApp.exe
    "C:\Windows\system32\LaunchWinApp.exe" "https://www.youtube.com/watch?v=2dthCcDtjpY"
    1⤵
      PID:4132
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:4584
    • C:\Windows\system32\browser_broker.exe
      C:\Windows\system32\browser_broker.exe -Embedding
      1⤵
      • Modifies Internet Explorer settings
      PID:4720
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Modifies registry class
      • Suspicious behavior: MapViewOfSection
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1916
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:2204
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      PID:1840
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      PID:3428
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      PID:4892
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      PID:2852

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\BU0KRETY\edgecompatviewlist[1].xml

      Filesize

      74KB

      MD5

      d4fc49dc14f63895d997fa4940f24378

      SHA1

      3efb1437a7c5e46034147cbbc8db017c69d02c31

      SHA256

      853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

      SHA512

      cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\Z1V34DXS\suggestions[1].en-US

      Filesize

      17KB

      MD5

      5a34cb996293fde2cb7a4ac89587393a

      SHA1

      3c96c993500690d1a77873cd62bc639b3a10653f

      SHA256

      c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

      SHA512

      e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AP5HIIJS\spf[1].js

      Filesize

      38KB

      MD5

      bf025ef658ddb27110200e1687069834

      SHA1

      da4204f7adab89b2805b193ff5e843be51e692c0

      SHA256

      bd0aa35d6b45603af59c4d945dc2e8a672827aca624ae6e8e7b8e9b212b1bf72

      SHA512

      f6a1f96709144d14d1964a4de8df900e908a2d146cf7ea38f38fbe5d00e2eecdce7808d556661188b769ad64327378a1e4a50edfffafabc1df66da5282cf166d

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GVR39UQM\base[1].js

      Filesize

      2.5MB

      MD5

      20a6965855a7c43eabdfa4e13e87c343

      SHA1

      1055de5c6c5aed5cff9bdf8250eb6f485f383298

      SHA256

      d871e5af176dd2ba77703d5ad0f288c4eafc54fe73342a6cc27a0258b8af7345

      SHA512

      c891ae352368ed967b901354ab1c7dd7ef9974e23abc34f1b74c033e95c9b1dccbe7dd46fe04e74a5a67a4fd25adaee0e3c1c154740b083298dc027245579ba3

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GVR39UQM\intersection-observer.min[1].js

      Filesize

      5KB

      MD5

      e02d881229f4e5bcee641ed3a2f5b980

      SHA1

      29093656180004764fc2283a6565178eb91b5ef3

      SHA256

      8037c1f1e0e4d3d7955f591a14a4b4d090141f1d210ef8b793ce5b345f08f7f5

      SHA512

      f4e8e21b91ee33879a2295215cba91e12851891165fe3f9f98913022280ef8192fd3f5def06aa8ac1fbe6d43d09034b0bb8e29e8703366a012e1fde6ff2828db

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GVR39UQM\network[1].js

      Filesize

      14KB

      MD5

      6084f9dde4da508b0dd3876d3a560286

      SHA1

      900498368c448fca108b3e259babd629a3430a96

      SHA256

      30171bb40dfd302f11fe055cbae26c0afa1a1066412962cfb37c027b64e90ad4

      SHA512

      6679b32664bd0885abb1223ec2ae7d8b4c7c448452f554b3edc28b05af73eb979bdabac598f5c95e83629a8cf6c9deeb1b57fa19ce719f2cce36f66187832f5b

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GVR39UQM\rs=AGKMywFY77f1TzpLyTIcSzp8vcIrAReDtw[1].css

      Filesize

      2.8MB

      MD5

      1d869fb06a6ea934a32e4bfcfdf8fe1b

      SHA1

      07049098f51738d7c288b8bb897a2617c122cccf

      SHA256

      6d225c50b525355eac6d22e6fd288443d09538e2f1147076d1ef31bd4c9f48bc

      SHA512

      5542ef1ef98fa797cf5cbb72f1d898338c3cfbfb170a0563b3d79209ab8d7250c9c519aac0e43c0436f15e466b737f1eb6f82b53b1715978673b1672e8ee9a8a

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GVR39UQM\scheduler[1].js

      Filesize

      9KB

      MD5

      becb09242ada686cc0548c341c887fea

      SHA1

      7fc1116c1131afdb1cc41bcb0a4456582a25e4f2

      SHA256

      dd3586e5cd0042daabc1530380ad77232b204b1d87280aee384eddd3b5894228

      SHA512

      a4aee486daf473d07d4ecbbd8afa776fe0117523a88487375198e46e2b8fc9605ab4b4e9e8e309bf119114ebdd097eb02a1fc0c2afe53c92f65f1f1801c4bba1

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\R65G7KPZ\css2[1].css

      Filesize

      2KB

      MD5

      5912f3bba71c222672dfa244a60acef0

      SHA1

      317a49729bb8654c3986e6b32278258a1d692d81

      SHA256

      48708ab3b01bc53a736f7f85e0badd9174872faa981e78b32c16c4efcaa59d99

      SHA512

      770f13af0d6ebe7ff9d925efccd05b0b2e5afd5fbe19770562d88936d541a298a49aea028f5122a255fb5026b4a5f37c0cf52831212ecaaf378a5769ff0379f7

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\R65G7KPZ\desktop_polymer[1].js

      Filesize

      8.5MB

      MD5

      0a8d7cfbe9f2c32570bbca348ab3629d

      SHA1

      ca96cb260d2f10846b5876cd4bca3b35621c9ba7

      SHA256

      5b42ddaaee1c726c2d67b9d24f0c8eaf1ead8a6e700ef635439cafd05d3ffba0

      SHA512

      7c82a77e2ba83f0a08b7e21573c3acb74524b487f15f6c678a21dbd4350a0bb627927d87a3cca803f67da78235bdcdc3fd95c89c829b0f486aa6131b8bc4b6a5

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\R65G7KPZ\www-i18n-constants[1].js

      Filesize

      5KB

      MD5

      877a2b1590385d79323ef992abe9e961

      SHA1

      f2f65882785537d6f3eeba7f02ea233f9e55672f

      SHA256

      ff474db3ea4409f034cbae6ae738bc80fb18734ccd38f87fcde90d02e11cfac3

      SHA512

      c7b9bda266c59a19476d7eaa3f6bc10d8d916345ff4195ee5932f5d5d884a487407552a29d576a9dd53dfd2588069c7376f660800f5ab7f8e1bea78cdd146e14

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\R65G7KPZ\www-main-desktop-watch-page-skeleton[1].css

      Filesize

      8KB

      MD5

      64c8e3b11cfffc8ebf2240e4f46ab492

      SHA1

      71276680811731f983502e477a87e87cfe72d75f

      SHA256

      3acc199c41eb3c884ee9884c15e6b78975499be2255aa203dba38ef24440181c

      SHA512

      497a48233bb198e05517e2cba003c2c5ba25183e1654b5b8252b9823f0859497ccab66a77e243238b27ea6eb826ae4fc72efb2f32b2b378edee7f9dfb87f4756

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\R65G7KPZ\www-player[1].css

      Filesize

      371KB

      MD5

      d32700adacd5d982244c69736b87bedf

      SHA1

      813dfe8ce4ee3608ed3580113e3b82730ff03c85

      SHA256

      2c7426a5c6bf00c328c96fb01c89c3e23ba7791e87455cab5aa3b546942f1fc8

      SHA512

      bbe35704822e0a82de2da2890da6c06138514070fe93978823601079a9371386915431f98e613adaa9566112d728f5f0274b3864e8a0c7da538833383ea5d342

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\X2CFSU2S\web-animations-next-lite.min[1].js

      Filesize

      49KB

      MD5

      5ab6c49dc7432d357d58fa452be3bff0

      SHA1

      b818a372657035d83161a32d42db3503b8d64b77

      SHA256

      2a39e309723372fa708ad44312f539e86defc91f28fd36e71a44e3b59c36537c

      SHA512

      33fa611bdde181cf1db7ffffaea01eb1cea240b08b0ee8c9141edc84dabaed419049f78223b305a3ac4c0d2d047971a917bfd2a0215c8845aea9752ca3321745

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\X2CFSU2S\webcomponents-ce-sd[1].js

      Filesize

      95KB

      MD5

      8a3c79faed4aafeb6f033759270f4009

      SHA1

      2c5d1a5ccd7b4378a98e29d6c1a9a513fd700b77

      SHA256

      ef2634fa681d36decb5bed34ec4a9e7d330de160020e2d7566273e71284993c1

      SHA512

      a40a76b91a30626488848eb40a9b95ddc4e880574b1cdbda8dd397f4fac25c2315e95e2851b81210b6263529250e9b7f5780d1f796a603a9658a7e15d19b5a71

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\X2CFSU2S\www-main-desktop-player-skeleton[1].css

      Filesize

      2KB

      MD5

      bc588241af4924efd9dc6e3e76c0ea4a

      SHA1

      1d24b3fb1f653b08999657bce3e4ce37edcf29d1

      SHA256

      e855dcb4953fc7357621b64ac3958176b51b59e830a30430d7ade498e99a200d

      SHA512

      3ed41d10ed476a2a7347bf2d798efac48eef8b5223e3633b225719e32224a5b4337697ab64259fed8b64319cc453376cc207a02975b981152ead5e06b79f0573

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\X2CFSU2S\www-onepick[1].css

      Filesize

      739B

      MD5

      9ace9ca4e10a48822a48955cbd3f94d0

      SHA1

      1f0efa2ee544e5b7a98de5201fb8254b6f3eb613

      SHA256

      f8fdbb9c5cdceb1363bb04c5e89b3288ea30d79ef1a332e7a06c7195dd2e0ec4

      SHA512

      25354aeecb224fd6d863c0253cd7ad382dce7067f4147790ee0ce343f8c3e0efb84e54dd174116e7ad52d4a7e05735039fa1085b739abbe80f9e318e432eed73

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\ZKGZQ396.cookie

      Filesize

      266B

      MD5

      9a2c26dc7c41fa175fd79bb9b9e1c6ef

      SHA1

      6d77f9db6aef3a7d69f288ad0ceaa68440243f0f

      SHA256

      7b2bcae36e8c9d0adf4819f6e49c4615f85dca8f6d445fb1d5aa80301ab29efa

      SHA512

      673a02a7d80fe9647efb64de61134b9d8be2d4c6b97c64890bdcafc8b75d8832cda465284c92045bad98dad8f88bf1de50e28cd6cec02e66c3ac77c8e0ce62b9

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

      Filesize

      1KB

      MD5

      1337c07f18644e4581ba0e7139655ad0

      SHA1

      18bbda029ed23cd13fe0c3c896bf79d5ce257c22

      SHA256

      d7dae5c92f13fb943992dc8a74940d73f90639ecb7d01f71721e29402d8f46ac

      SHA512

      3fc00274cd972e0857a0efb5e191add54adefd3ae69feb630855589ba74dda0abcc67936ede50793dceb2e51e4f64a9189f70cad3c22f15b19e68e2dd4e8a8e6

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_7F59143B4A71C2B2929C3F5A2A0337CD

      Filesize

      472B

      MD5

      0dafbaf56375f1f4068328d1e1830dcf

      SHA1

      a41e3c6af415fbbe65dd8c5ec138bec5520421b9

      SHA256

      6320c3d2561599420e2cb30ab2f2ecf7b94e0af4ede193b1c26e91b083168e72

      SHA512

      226ace47f469e337e586308389e02f98cbf3a108c0c491495944e6ccedceaffe6fd5b34be011f9b2c1058dbc8e0900c3371479fc521b15930e7d57c1f26af347

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

      Filesize

      724B

      MD5

      ac89a852c2aaa3d389b2d2dd312ad367

      SHA1

      8f421dd6493c61dbda6b839e2debb7b50a20c930

      SHA256

      0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

      SHA512

      c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_61C09DF1C88E9FAC26BDA537331B8625

      Filesize

      471B

      MD5

      e1911d22c97c5a65b18ec9f37687f90f

      SHA1

      39b0df83f57302a08352568ba74f8d3581e26fbf

      SHA256

      e12b8ca8b3193982dc29b7bf0b58a016d9efae532a2e780ec8159f29415270bb

      SHA512

      1373262d16a2f1fc425a7719dc670162a0b105b1fee399b544339e2e5da9ac965fd03c048451325330bcb90a02c3c331d087c9f5878eca06c0bdbaf953c0f367

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

      Filesize

      410B

      MD5

      58986012c3ce7a3217cddfe66dee1009

      SHA1

      4df30354d9bc6fbbfc4fe0410ba07e8c4ba5b24f

      SHA256

      0f33ce353d31ec76dd0891db09f1b61fb94522c1c13f231727f52988f4ee774b

      SHA512

      9e58e07b1ec959f8c0e18e4d3a611f4476eca21a541124b104dbe844c6227a3a73aef088a7423673d1ce1494cf1cf82df0c6257a9dac32f3a0cf4e3740a799f0

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_7F59143B4A71C2B2929C3F5A2A0337CD

      Filesize

      402B

      MD5

      85dbc68d7a44638b08ec1766b1413cd0

      SHA1

      0651d361c4cd2021943c86ae7ce10798b334a89c

      SHA256

      cc10fe56900b65349c15ed7aecc45a5ee3e25e6b85eb8cc36dca7307c02f2883

      SHA512

      e08cb552fdcb7eef1724c01e3b11a9ff21d387b66bf36d1a90a9585e282b8fbaa2dcd50ad16da09defc5a8a3db1c0c5e7deb16622a3b1f09d94b4e54871a9b42

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

      Filesize

      392B

      MD5

      4fa772d842bec822a2e184368f1ebcc7

      SHA1

      e2445e55d3432935a58e376809260cc977f07e77

      SHA256

      6bbfaac5658c13e5a4b7d8df4d2d422161290f30d829a055f02357163e6c6adc

      SHA512

      2a46e1ce73661ab78ab81a51abe87296ff526ad5780a22019d016e14b32642709796735b08fb22a7af9d65363bc2a8a5c06b46ae8bedcee7adb2bbeb48e81953

    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_61C09DF1C88E9FAC26BDA537331B8625

      Filesize

      406B

      MD5

      fdf70cce2ed8d518c9b20098c90546d8

      SHA1

      7bb32905b051b2b1444faf06a24d75678f2710d0

      SHA256

      c1ca8320e67913baaf5a2f2beaa2625932b330a895293d568c8b1085fc55ad5e

      SHA512

      a6ab17ef3514261cc7dd39bd49a68ca33b31fd70c0a14196943d643396acfe9fc0c5654b32e120ded5115ae48c1a678616e1decd77da22512191314d8b4b22ec

    • memory/1840-95-0x000001AAB3090000-0x000001AAB3092000-memory.dmp

      Filesize

      8KB

    • memory/1840-66-0x000001AAA2700000-0x000001AAA2800000-memory.dmp

      Filesize

      1024KB

    • memory/1840-93-0x000001AAB3070000-0x000001AAB3072000-memory.dmp

      Filesize

      8KB

    • memory/1840-99-0x000001AAB2FE0000-0x000001AAB3000000-memory.dmp

      Filesize

      128KB

    • memory/1840-97-0x000001AAB30B0000-0x000001AAB30B2000-memory.dmp

      Filesize

      8KB

    • memory/2204-45-0x0000022AEE470000-0x0000022AEE570000-memory.dmp

      Filesize

      1024KB

    • memory/2852-209-0x0000021EDAD80000-0x0000021EDAE80000-memory.dmp

      Filesize

      1024KB

    • memory/2852-211-0x0000021EDAD80000-0x0000021EDAE80000-memory.dmp

      Filesize

      1024KB

    • memory/2852-217-0x0000021EEB550000-0x0000021EEB552000-memory.dmp

      Filesize

      8KB

    • memory/2852-215-0x0000021EEB530000-0x0000021EEB532000-memory.dmp

      Filesize

      8KB

    • memory/2852-213-0x0000021EEB510000-0x0000021EEB512000-memory.dmp

      Filesize

      8KB

    • memory/3428-179-0x0000020CAAC40000-0x0000020CAAC60000-memory.dmp

      Filesize

      128KB

    • memory/4584-16-0x0000020E97D20000-0x0000020E97D30000-memory.dmp

      Filesize

      64KB

    • memory/4584-35-0x0000020E950B0000-0x0000020E950B2000-memory.dmp

      Filesize

      8KB

    • memory/4584-234-0x0000020E9E400000-0x0000020E9E401000-memory.dmp

      Filesize

      4KB

    • memory/4584-233-0x0000020E9E3F0000-0x0000020E9E3F1000-memory.dmp

      Filesize

      4KB

    • memory/4584-0-0x0000020E97C20000-0x0000020E97C30000-memory.dmp

      Filesize

      64KB