d45d4e3b4b4a1111e052bdc90440074e3f3a3b3159a395c2f88a447e4e986c4b

Analysis

max time kernel
149s
max time network
124s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
01/07/2024, 08:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
Size

132KB
MD5

1a8b9dff4ca6cd978202164a0248b5ca
SHA1

a7d29039620cb24ac542bc8de635784ff7f07062
SHA256

d45d4e3b4b4a1111e052bdc90440074e3f3a3b3159a395c2f88a447e4e986c4b
SHA512

e10d44f11930a5fda44aea96d437d7646406eb6bb7de45899d469f8d9b0c9dd34b9288325d8199b1c80ef6d96c19654caa95a074d34443a6a83077487b285e59
SSDEEP

3072:NhArP4ys/i3clhYWlbgZPF3JOblDX4gJdGJnQ3BTe:NhAr4yn3clhjl+PlJ4X4+dGJQRC

Score

6^/10

persistence

Malware Config

Signatures

Adds Run key to start application 2 TTPs 2 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\MicrosoftInstaller41 = "C:\\Users\\Admin\\AppData\\Local\\Temp\\1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe"	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunServices\miniinstallerOneDrive = "C:\\Users\\Admin\\AppData\\Local\\Temp\\1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe"	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe

Drops file in System32 directory 1 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\ntdll.dll.dll	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\NPPDF32AcrobatAdobe19.10.20064.310990.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\System\msadc\en-US\msaddsrmsadcor.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\microsoftshellintegrationvcruntime140.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\System\ado\WindowsWindows10.0.19041.746.160101.0800.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\ja\resourcesMicrosoft.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Windows Media Player\it-IT\WMPMediaSharingoperativo12.0.19041.1.160101.0800.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\fr\PowerShellPackageManagement10.0.19041.1.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\Java\Java Update\RegistrationUpdate.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Browser\AcrobatNPPDF32.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\System\msadc\de-DE\Windowsmsadcer.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\ControlAdobe.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\de\WindowsPresentation.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Internet Explorer\it-IT\Explorerieinstal.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\OperatingOperating.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\System\es-ES\operativoWAB32res.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\libsmartscreenelevationserviceexe.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Windows Portable Devices\sqmapiSystem.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.187.41\UpdateMicrosoftEdgeUpdateSetup1.3.187.41.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\ja\resourcesWindowsR.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Windows NT\Accessories\SystemWordpadFilterWordpadFilter.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\ja\PackageManagementSystem.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\ExplorerInternet11.00.19041.746.160101.0800.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\Microsoft Shared\VC\MSDIA100Studio.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Windows Media Player\ja-JP\SystemWindows.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\PublicAssemblies\StudioVisual.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\Contracts\MicrosoftOffice.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Internet Explorer\de-DE\Internetiexplore.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\de\MicrosoftPowerShell.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Windows Media Player\uk-UA\setupwmwmplayer.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFrameworkPrinting.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\WindowsPowerShell\Modules\PackageManagement\1.0.0.1\fr\dexploitationPowerShell.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Windows Defender\ja-JP\SystemWindows.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Windows Media Player\en-US\WMPNSSUIWindows.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\System\WindowsWAB32res.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\System\ado\msadrh15msadrh15.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\System\ja-JP\WAB32resWindows.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\Adobe\Reader\DC\Linguistics\Providers\Plugins2\AdobeHunspellPlugin\AdobeHunspellPluginAdobeHunspellPlugin.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Internet Explorer\es-ES\iexploreieinstal.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\Microsoft Shared\ink\uk-UA\SystemTipRes.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\System\Ole DB\de-DE\WindowsWindows.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\Studiolibrary.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Windows Media Player\de-DE\MicrosoftWindows.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Common Files\System\WindowsWAB32res.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\ReachFrameworkPresentationFramework.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Google\Update\Install\{939A4C0B-9326-4B5C-9760-544EC9BBB40C}\InstallerChrome.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\AcrobatAdobe.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\es\MicrosoftSystem.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstallerVSTOMessageProvider.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Common Files\Microsoft Shared\VC\MSDIA100Studio.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\System\ado\es-ES\msader15Microsoft.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Multimedia\MPP\WindowsMediaWindowsMedia.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Internet Explorer\InternetInternet.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File opened for modification	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\es\resourcesresources.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\importedMicrosoft.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\System\msadc\msdaremmsadcer.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoaderVSTOMessageProvider.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\Microsoft Shared\ink\fr-FR\SystmeSystme.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Windows NT\Accessories\SystemWordpadFilter.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Windows Media Player\fr-FR\WMPNSSUIWMPNSSUI.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\AcrobatAdobe15.0.0.0.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFrameworkMicrosoft.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_108875\javawsjava.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Common Files\System\ado\it-IT\SystemMicrosoft10.0.19041.1.160101.0800.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
File created	C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\PlayReadyCdm\_platform_specific\win_x64\Edgeplayreadycdm.exe	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
1352	1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\1a8b9dff4ca6cd978202164a0248b5ca_JaffaCakes118.exe"
1⤵
- Adds Run key to start application
- Drops file in System32 directory
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
PID:1352

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Common Files\Microsoft Shared\ink\fr-FR\SystmeSystme.exe

Filesize
132KB

MD5
1a8b9dff4ca6cd978202164a0248b5ca

SHA1
a7d29039620cb24ac542bc8de635784ff7f07062

SHA256
d45d4e3b4b4a1111e052bdc90440074e3f3a3b3159a395c2f88a447e4e986c4b

SHA512
e10d44f11930a5fda44aea96d437d7646406eb6bb7de45899d469f8d9b0c9dd34b9288325d8199b1c80ef6d96c19654caa95a074d34443a6a83077487b285e59

Download Submit
memory/1352-0-0x0000000000400000-0x0000000000449000-memory.dmp

Filesize
292KB

Download
memory/1352-1-0x00000000005B0000-0x00000000005CF000-memory.dmp

Filesize
124KB

Download
memory/1352-4-0x0000000000400000-0x0000000000449000-memory.dmp

Filesize
292KB

Download
memory/1352-3-0x0000000000416000-0x000000000043D000-memory.dmp

Filesize
156KB

Download
memory/1352-2-0x0000000000610000-0x0000000000611000-memory.dmp

Filesize
4KB

Download
memory/1352-59-0x0000000000400000-0x0000000000449000-memory.dmp

Filesize
292KB

Download
memory/1352-144-0x00000000005B0000-0x00000000005CF000-memory.dmp

Filesize
124KB

Download
memory/1352-167-0x0000000000610000-0x0000000000611000-memory.dmp

Filesize
4KB

Download