Analysis Overview
SHA256
d58416aa991d70de03d3d80c8ea1290107222cfa1d4d1714047f878b559d3c11
Threat Level: Known bad
The file ClientAppSettings.json was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer
Executes dropped EXE
Accesses cryptocurrency files/wallets, possible credential harvesting
Suspicious use of SetThreadContext
Enumerates physical storage devices
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Modifies registry class
Enumerates system info in registry
Checks SCSI registry key(s)
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-07-06 17:54
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-06 17:54
Reported
2024-07-06 17:57
Platform
win10v2004-20240704-en
Max time kernel
159s
Max time network
159s
Command Line
Signatures
Lumma Stealer
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\tmptfxga5ww\update.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\tmp7eadhxqs\update.exe | N/A |
Accesses cryptocurrency files/wallets, possible credential harvesting
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 4848 set thread context of 2604 | N/A | C:\Users\Admin\AppData\Local\Temp\tmptfxga5ww\update.exe | C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe |
| PID 1996 set thread context of 3620 | N/A | C:\Users\Admin\AppData\Local\Temp\tmp7eadhxqs\update.exe | C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133647621252786578" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000_Classes\Local Settings | C:\Windows\system32\cmd.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\ClientAppSettings.json
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe5140ab58,0x7ffe5140ab68,0x7ffe5140ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2292 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2860 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2876 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3668 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4692 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4832 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4956 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5000 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3364 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2636 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4260 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3376 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\AppData\Local\Temp\Temp1_setup.zip\setup\setup.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_setup.zip\setup\setup.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\tmptfxga5ww\update.exe
C:\Users\Admin\AppData\Local\Temp\tmptfxga5ww\update.exe
C:\Users\Admin\AppData\Local\Temp\tmptfxga5ww\update.exe
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8
C:\Users\Admin\Downloads\setup\setup\setup.exe
"C:\Users\Admin\Downloads\setup\setup\setup.exe"
C:\Users\Admin\Downloads\setup\setup\setup.exe
"C:\Users\Admin\Downloads\setup\setup\setup.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\tmp7eadhxqs\update.exe
C:\Users\Admin\AppData\Local\Temp\tmp7eadhxqs\update.exe
C:\Users\Admin\AppData\Local\Temp\tmp7eadhxqs\update.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2924 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:2
C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 172.217.16.238:443 | clients2.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.238:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.111.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.204.74:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.113.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | private-user-images.githubusercontent.com | udp |
| US | 185.199.108.133:443 | private-user-images.githubusercontent.com | tcp |
| GB | 216.58.204.74:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| DE | 194.28.224.2:21 | tcp | |
| DE | 194.28.224.2:52548 | tcp | |
| US | 8.8.8.8:53 | 2.224.28.194.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bannngwko.shop | udp |
| US | 172.67.146.61:443 | bannngwko.shop | tcp |
| US | 8.8.8.8:53 | 61.146.67.172.in-addr.arpa | udp |
| US | 172.67.146.61:443 | bannngwko.shop | tcp |
| US | 172.67.146.61:443 | bannngwko.shop | tcp |
| US | 172.67.146.61:443 | bannngwko.shop | tcp |
| US | 172.67.146.61:443 | bannngwko.shop | tcp |
| US | 172.67.146.61:443 | bannngwko.shop | tcp |
| DE | 194.28.224.2:21 | tcp | |
| DE | 194.28.224.2:52554 | tcp | |
| US | 172.67.146.61:443 | bannngwko.shop | tcp |
| US | 172.67.146.61:443 | bannngwko.shop | tcp |
| US | 172.67.146.61:443 | bannngwko.shop | tcp |
| US | 172.67.146.61:443 | bannngwko.shop | tcp |
| US | 172.67.146.61:443 | bannngwko.shop | tcp |
| US | 172.67.146.61:443 | bannngwko.shop | tcp |
Files
\??\pipe\crashpad_4400_IQXSUCQDKBRJHXJV
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b211cf8459293fd400fc61320f6e31ae |
| SHA1 | b3910950e7222bdd550544b3bc4b4095c6dc3904 |
| SHA256 | 6bb393188e50458c3b7c14ce861f7d6a37d553a4fd2c67a7d4d37fdec7c7e176 |
| SHA512 | 9eb11bc4a3413353c09c1e9a7e9eff9b45df289b515894d9e1ca710b5cf11ec9afe19e9272f6da2e476b21c5f0df5889943c4a7142a57247989d87355d47b402 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\26448488-a6c6-4932-be44-8046b9f6b82c.tmp
| MD5 | b684eb69db85440a95e91e4ef3868fef |
| SHA1 | f0edf82a9206fb188a52e3c3f43b0bdadcfaf9ee |
| SHA256 | bd3a7df28606bd899040db0f2b0c6fb4a853947c53eb8c17657194618bcb283a |
| SHA512 | 3b064bb53815c1b41726115b249a2eb6f90ed3371552cd0dd0fc91bcfaa38c5639f0b730dbc80007e0c1f67cdf835484c5c8201da2b4bb8aea9f86803fe45c4b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 30c12e49c97d8dc877bd94f2bb93089a |
| SHA1 | 2141c4f29beeb016541581e42a78f262c16794b4 |
| SHA256 | bbfdccb71cdf0165558ec0c3f2326efc9579c559f0abe1349305f42dadf1ea98 |
| SHA512 | 5574d3a821ecfd9eabf6336fbdba9fdad25207251ee853728be6b6761b0f213e1cdd51c3a78ebfc5c7ac00664c640ea57be7c2e7e576c4ec9b7c9b2602efd300 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | c99bb59bcd1c7c798a74af330388bd5d |
| SHA1 | c534429d7f45e12cc1393c29cb5a59a767904398 |
| SHA256 | 2164db2d3799623c914d08c7dc8fd0564855f24c86cd0e92ea65efe0a60438ad |
| SHA512 | be89d933b37414ff74b09f0425317fb8e7f27561c987cc9276a054962f14f3e2ddefecd518a8bcd9804d4f838be43c9ae66cf435fd54f47bb1d5dcc8458a6f39 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e243fa9aead0ae4b9837cf05ebf8af7f |
| SHA1 | 3f2c2bc0bc6d75c0f01c00c1f580f915604e0b86 |
| SHA256 | 3b1fa0e0c0741b4844127dc03f5df36164c57df6bac026e034484b00ef8743e2 |
| SHA512 | 8f11adaa6f48004fd619f87381d472a8f86a12002464dc9b452b16b326d68a5217a25435746eedb80429354955bbc0d9eb79a7b504562c1e661c8c308bbacbdc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 469230944097a0d7f355578be5345d12 |
| SHA1 | 5bfede06e83aba45d68504e5b494faaa7dc99ebe |
| SHA256 | 76e38855f66dd2aac31d627092da0d243cb8b2535f06e2c8e32daa0d47e9c2f2 |
| SHA512 | 16f8c4d211255bdeec7104def295e48135844c36526ddbccf2c128e0f6b50294380120281a0d767395f79f025827c6c9a33e9d91df8f45fbd87315fa3c8f0b37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | b031670b41d0f7441a311c98841928ad |
| SHA1 | abed019c066a5a01b5709f4a192402f86bb9b9d3 |
| SHA256 | 92443a92bd23f1922d9dcafd0d17e0ad87ed104294f7bc56c435a63572aef9ef |
| SHA512 | b9293a1ccbac6489bf55ffdae946145b9f0cf7b0aec50d6578cbd45fdecf7eba273be98a135bff6860f88cbd4182917f292e6ac9b3f08f3f384dd6a3df20e474 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58657b.TMP
| MD5 | ffd450fee1f47184a466ce47cc708a1e |
| SHA1 | 672ff9e669145c82784b1a2cdb0aa49a36602b68 |
| SHA256 | 5de51d2dc79880bc7d7a0276d789d1776614cdf02df0826b444abb723d300e5d |
| SHA512 | 67a7fdea7d83afa4fd2aeddc143885b58afbfde91ae6e5f6548adafe18547baf560a5fce63cfa1a570ef9e42eaf74ef224481f7738cee4d79de01c116aade9a4 |
C:\Users\Admin\Downloads\setup.zip.crdownload
| MD5 | a1af1192eed791d7c1657202eaae7297 |
| SHA1 | e5e52b46b67d32609cb7ef961399336697f29d45 |
| SHA256 | b334f7430886e3ba64d87482182e23a6f028a0c744b12a9950fdeeacd67ee825 |
| SHA512 | 1501a50f08d94b26ccd428958cf2b96705f733c749744993d04e7be1937c7f8b803a8de00fddd2c205f9cdd7f06ab6023790ff5e2ebd05f7fd83df324f4483ec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ced157b9831b1eb8ac69c55a5f432626 |
| SHA1 | 63f1b0efd43a75d1e0786ad6a5f096369750a0ed |
| SHA256 | 40f39d81d7ef0beee371138d112c10f683710eb16009b89f539ce7218fbb5592 |
| SHA512 | 642dd1debfa28da27896da54a7d0bac718e8920b8c2fd1f7785e9487d45bfec22a5fe040d5649bfe1a1c0277ddd6a0c1de08ba11b62914e477e924275f1e7cba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4eea611b0fd52838af8196ac0138648b |
| SHA1 | 8e5c587d96181f1b39c8e0f570449d6d36ab0ab0 |
| SHA256 | 3b9780ee34bf758f3cdad609f261f9a9678983a3760d636171fea086b7048f5a |
| SHA512 | 2b20844fde0086a3553ba3102c859bdd6778bb2a5cc1d268ad16b75eeb19321098968b16a1481630f9f526f982212ed5c5cf47276977bd41bb86311536fe3193 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 90eefef6a12ccf2491e85a83d9c24a65 |
| SHA1 | 3a4386912c4ff04fd9c5122b8c70da6569f1541a |
| SHA256 | fbc41683fa79d86f74d926683dc2f36bdca6877e191fe8628b7c26d952a1a01f |
| SHA512 | 42a0971d1ed7cc401202d0220fb549eae2d67b2e25d4ec61c6ad2068295463ba418a4e5eac19125b953bd29e08173afdb1d945986bf2eaa4816cc998bdf0da10 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d044a64734c2d0ce5520161a11e19500 |
| SHA1 | caf72a692fe90be208754693738c812e4d2c97fa |
| SHA256 | 4c271e31670342a92dd5a23fd388a9f2dbeace6856ccffab5da2ee79b8d9ea6e |
| SHA512 | 99f7791f27763891d1a25b34494226cec0187b744c907efc75f5af8c86e530d767eb0bcf7eb66da5d9b5c48bdafa6ebfb80bd9fa37d01ff63a7f121deecd9a0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2c82b078d0b781612039e8bcc165f1f9 |
| SHA1 | 8fe65093a4ad4d44281cf7d586c7aa6c44f60e94 |
| SHA256 | 3f1b75d6d4d370e0a81983bf9cf5001dea7870c5e0edbcb2474eae66add590c5 |
| SHA512 | 1b343be4a7b837d87e50c535e10aec15c2ec313db110644d9de2b043309effe3777acfb7bd3a02168e836e02fa5c9c41538365318a5b1f5512459b14277b27c3 |
C:\Users\Admin\AppData\Local\Temp\tmptfxga5ww\update.exe
| MD5 | 0b7e6ef92b0cfa06d61ba19b250c3c7f |
| SHA1 | 1bfe28646c8b4e20e94926ea1987d64228095bfe |
| SHA256 | 15f779bef759b5566c409ab78d4fe244dc224c669cf3f67b0b93f89520261ae7 |
| SHA512 | 2711d92c167ebbb060b2025062018ec67e4f39ed7783722b84ed145e32b7c1673341f993405070dea55ead256d38d6d97512d6087cb5685358f33fab4c906d2f |
memory/4640-369-0x00007FFE519F0000-0x00007FFE51A1A000-memory.dmp
memory/4640-368-0x00007FF6C9840000-0x00007FF6CB6F0000-memory.dmp
memory/4488-370-0x00000220031C0000-0x00000220031C1000-memory.dmp
memory/4488-371-0x00000220031C0000-0x00000220031C1000-memory.dmp
memory/4488-372-0x00000220031C0000-0x00000220031C1000-memory.dmp
memory/4488-376-0x00000220031C0000-0x00000220031C1000-memory.dmp
memory/4488-382-0x00000220031C0000-0x00000220031C1000-memory.dmp
memory/4488-381-0x00000220031C0000-0x00000220031C1000-memory.dmp
memory/4488-380-0x00000220031C0000-0x00000220031C1000-memory.dmp
memory/4488-379-0x00000220031C0000-0x00000220031C1000-memory.dmp
memory/4488-378-0x00000220031C0000-0x00000220031C1000-memory.dmp
memory/4488-377-0x00000220031C0000-0x00000220031C1000-memory.dmp
memory/2604-387-0x0000000000C80000-0x0000000000CD7000-memory.dmp
memory/2604-390-0x0000000000C80000-0x0000000000CD7000-memory.dmp
memory/4848-388-0x00007FF63F640000-0x00007FF64035E000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | 009b9a2ee7afbf6dd0b9617fc8f8ecba |
| SHA1 | c97ed0652e731fc412e3b7bdfca2994b7cc206a7 |
| SHA256 | de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915 |
| SHA512 | 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
| MD5 | 5708322279edbb147f83c76dab9e62c1 |
| SHA1 | b74374fd3489b681f60227d16409d4220afb3b04 |
| SHA256 | f154eef970f06c9873891568624d7a0495c50badb11dcf15e675124783d4d944 |
| SHA512 | fb218c902bb09979c2a532577bf5e837f2268b07e141c9ee62a70acc85777b973836dec474b4dec1cde2bf1e030601fe178486f0c524e6825d32c62c96719b4a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
| MD5 | 46718f09588f37b78323e88f6dd473b0 |
| SHA1 | d7332feadfb335f112252fd4a4076ef339d14114 |
| SHA256 | fdaeb34e1c316d09f7e947deb27bd505f3aabca3526cdd9fb43e8158227eea43 |
| SHA512 | 8e0858be915b1867bff04146338ac8182d8512c42be788352e5ce358f61e90509dc1d1596bd0ef94b4f8860af7809fe9e8f4d6db479ca4022674a1f517fca28f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
| MD5 | a830a6efc08ff6d11efe7801d9a443d7 |
| SHA1 | 5c7e008c684b2a4d5f20bc6bcad1d4e17c6edc2d |
| SHA256 | eece7d816c3c20434f3bb7d9efa2192ea1df529005226908fed90e705b8f425d |
| SHA512 | 95ae9fb19c67d324cb9232b919910691486cc11e343e7b38a15851ff9ce93e6aa75bc2984d50404061c8577a1aec105444fc21c5a95786eb760ef736dabd1db2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL
| MD5 | 867e123bcb3572aaad5c10240fc3be83 |
| SHA1 | 9901a9e65e70bfa15e878438291cc374798d53e1 |
| SHA256 | a9cbed4d4c9de9300fca61b81b7e94dc6c5359080ec034bff96f7ca2b6f07925 |
| SHA512 | cf2783c1b721bc9d85879cfbe81f5831efe55ec8b937b033da6c9e96cf4a9840b734430c9037df78b11a117b4843038d1f78714af6e1a525e3cdb33008a63588 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
| MD5 | b64844536d46bdcb587ce47dfad8acd9 |
| SHA1 | 484b23719e15111009ba4d83a1c97b0befa516a5 |
| SHA256 | 09cd7e351b2241846801de43f710c5186af4ea2598faceab40120190989b4a33 |
| SHA512 | d8e06b7f81337ad0b8fba9141e172118a5b3cb7a298c5381b4f59c81ae87312aa869aa8fc1fd0b7e03bf68a8a1f3d937c2f4e359b75f94ca3db2e44da5cc7b5c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
| MD5 | 938dc31d2f35dc1246db9b2da3feb1e1 |
| SHA1 | 4be7b831da6438258d5e66cac62f0fc8b16950ec |
| SHA256 | 2d3784c15029e41998ee878b333c1dfd23556964ffb6334c7f24e810a913bf90 |
| SHA512 | df07eec1b86ae76cb5ff2ba8b01a8152f2e6d4448be6ff7f11a68e6215712b9190a41e4c03c9dfad2a9266c88ef684b54e8de3a318d7d8c390ea2f52fc7ac102 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
| MD5 | ebb14f8ddf064a1c3407de603cfc3bda |
| SHA1 | ec6ffea909c632de39c0907fe9b22896e77cf7e1 |
| SHA256 | e87c3131854fb59d9063ca472f491127584f987375cdb44f40b9bd5192370cc9 |
| SHA512 | a61b41289f8398abf3f9d6a3be3e4105bd490aec57917d4dc455947f9842667bb480b4df329f190d613e7e5cd8451a8eda6ada6a19c5e4c8af8ce1cc2f93a1ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | 57f762b59d4a540b8c807855c8839de4 |
| SHA1 | ed86ae32eef69c8c08cefb75424e328c9f6d2f88 |
| SHA256 | 208e03059a44119a94b1a5b69ea6daa3f0591bc64e7c8f81ff4dba3f151e9d10 |
| SHA512 | 2bf1f27d62f39b68666edc5a5749b247e6c7edfdfec0bdeb404aedc52ec54dca7ca08a15431f4498b58c6e19f67b39a99c58f3c73f9fd3813c2f01fc67d508f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | 8680ad8cc782b74ee7a15f0a042c76f1 |
| SHA1 | ec430c456dedd9a2360703a826491fcd69f6dd8b |
| SHA256 | af745264049ea73c66c1dc7783e59fcfe94c0506337867380ae638e694cfe5e7 |
| SHA512 | 7869afe9f737bc31a9c33b03014f4d5239cc48a798deabc0fdc835fd6736a99b17d181e57866ac960bbdb0d1e3e8610cf97bb01762435d8808ca56f1e74dc2be |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 01088b35a7144b96e1c65db9ecf5aeab |
| SHA1 | 3d5b4a4fafdc3867adca4a4a640d6296bba06f82 |
| SHA256 | 66616d0b8be2030b1f40d1da2a80bdf930172335226111b7965a4480bb584f1f |
| SHA512 | bf639e6539792c3ebab0ddb646b795a1cb14e4359fe97726db69ba2e082debdb920c15d5eb96a552613ead61ee4320de0331c02aaba3f14dd83956cc7affba89 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | 8fcb818bc23425964d10ac53464bf075 |
| SHA1 | 396f40d25a7d38eed9730d97177cd0362f5af5d7 |
| SHA256 | 8b56333cda4211c50ada778d598348b8a846d557ed9117d8b265e004db31e9f7 |
| SHA512 | 6ec7588257bd1261f9b2876c3aa57fba2b6bdc33a2a68830c8d8d539f449c552cf6923a5e8afb5e665d12cad253a10d68ad665d9eb74ff8250c6daf2f61e6da8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
| MD5 | f817e737bd803df8a4f12c1937ab0d51 |
| SHA1 | 24e172cdf9d4b77b0cb4c271aed4a7c9eba98fc9 |
| SHA256 | 17b0202476b336c41e4108aa245ac863c3e19ef8c5e430fe112a0900f0a18802 |
| SHA512 | d417d62e0fdcdfa883d4ffb317546e7ac5258aac538cbfad4eb111b134839750a65c55b5230507ff6912ffd272c0eb6317bcdd95c38cfb81c63b8e85b1359346 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | 0f3de113dc536643a187f641efae47f4 |
| SHA1 | 729e48891d13fb7581697f5fee8175f60519615e |
| SHA256 | 9bef33945e76bc0012cdbd9941eab34f9472aca8e0ddbbaea52658423dc579f8 |
| SHA512 | 8332bf7bd97ec1ebfc8e7fcf75132ca3f6dfd820863f2559ab22ac867aa882921f2b208ab76a6deb2e6fa2907bb0244851023af6c9960a77d3ad4101b314797f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | d7ff26e78ea2a2e4caf35ba779aeb43d |
| SHA1 | 2f023ba26ef838fc038851728cec296e7b00b936 |
| SHA256 | eafb740ac39eadc1d188c34eed6c0e56c75eed1ef8b273806b21f110420e483d |
| SHA512 | a6073702a4b558e5ef867a7967538b0c6600f763a52ec9bb76f920819ae759de9e7296177c41bee4c3309f4add8403a276fdaa32ae84aab897ca6608bf824b5f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | 8b36b954e5a8947dedbc720664fbccb7 |
| SHA1 | 0310a60a8bbd7ac385b6e94aec8dee9aa05a6d24 |
| SHA256 | 069b3e224154172e3c385b5ebbdde887253d596776b74b9fb2a326b875fb718e |
| SHA512 | c2827251585fbb5e24bc38ef58822e8892d952c6e2a90743453502254550384cfcc9789858d66706c86f51c483fc28c23c796ba6285747689940460402b30f29 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004
| MD5 | 669b1563b95fce26d9ddc3c7e9bdc538 |
| SHA1 | 275e4ae2606a0da908003b77ea06b24ea8b66214 |
| SHA256 | d46765072d87d9892a0f6f8f9849eafe0abecee9d662e99f8b45d8c5b22ac667 |
| SHA512 | 09e066f5a1974927b2cb607a8b953f2732928c7347f65cdfcdb573170840562de6eae091a61108827b3ae0799c16bfbd41d858ee1a8bc57d9bb1fac814438302 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003
| MD5 | f31a1ab9f483d9db21349522e39dd16e |
| SHA1 | 01a275d7fc1c4f578fa506c8e0bf9b7787dd4806 |
| SHA256 | 463800c9ec072ae72a4f6fdc1f2f779c792cb7ceb6f57c7d1231eabefad2bd9d |
| SHA512 | cab9bf13c36b854bef939e1d09c8d896caf1d7c20f6948f70f27eaf2869e49c8b9be728b4c95926ba869a987516a79d3193d416b0582b7570a58269c8caa7603 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002
| MD5 | 628ba8d31375849e0943894669cd033c |
| SHA1 | 4fa6d50a37fa2dadec892474d3e713ef9de2d8a1 |
| SHA256 | 80e3440c312f921afe33a7d4a3d11d1d2dc7162f8f50b748b796f424441d10d6 |
| SHA512 | d4406493dc8767c479460f3039b038866549feebf392280384da08adbcad2e871720d046220cb67ebe3ab75c14e06a31df2fa7c0f2c17f91eda26ba0a709d27f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
| MD5 | 5d4f18316d56a0bd3d32c33c75adc3f7 |
| SHA1 | cbaa299fca2e2f98741ff1acad6b681c3c089f3b |
| SHA256 | 19e429854c0cfdae2cd47bb8a333dcd860017e4e67d7e0c7ea53f8248b454d6d |
| SHA512 | 3661fbfcb2d0304daf1bfbdd8616ac255bc3f14a5d311a2a698127b5caf665dedb14b3706f09ecff434e50c5bc998e7df43e1992021bb3cf54572e3583d57706 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3
| MD5 | 538ad9e59a673264b8e5391fe07b647c |
| SHA1 | dd4f372bb69ade55a1ceab979c822a3723a24b8e |
| SHA256 | a3e64510fe5ec32cd49569ae126238b736dddf9e4845ee6741d112a90bba2469 |
| SHA512 | 2179ae0e850a041a996028017ce31abac91ffc46cc8c1a1b7eabea22d353d0abf386fde8805a97915ee3caf23eec4bc26353a83242377e02a15de9240a226ef1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2
| MD5 | bd2112a621cd61be49506ae4d266f66b |
| SHA1 | 1be5b13047c3f7e6405599361f366c909b096de7 |
| SHA256 | 9b3c035a3f58e019bf2fccaa5d8754b9ddaae4b9e4954e166b7248ae51e07137 |
| SHA512 | ca9c61edc16e262dfa6c3ae531fc0ca5f77e1a531822c4381b2a979101b7de0a370803fab2e4202a927144f2157d062d4fa67bc88991e528f5e0da8c8e46628b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
| MD5 | ad57b7d925c8d029e80f69fb326c1640 |
| SHA1 | 9dae645aefd7df83dffb8fd6000c1d249727687a |
| SHA256 | 72c0634d4767b16a498a54f245e104c773c52e8dc54ee144ba89252aba8d78a7 |
| SHA512 | a8a71803ab674a87a5a873cbbf8941b0434dbd846b5ef6299672950299393b5d968653f235bf09fc813e5639492533cedf2ea59a85db13d4a66cb808d19536fb |
memory/4640-433-0x00007FFE519F0000-0x00007FFE51A1A000-memory.dmp
memory/4640-432-0x00007FF6C9840000-0x00007FF6CB6F0000-memory.dmp
memory/3564-452-0x00007FFE432D0000-0x00007FFE432FA000-memory.dmp
memory/3564-451-0x00007FF799BC0000-0x00007FF79BA70000-memory.dmp
memory/3620-455-0x0000000000C00000-0x0000000000C57000-memory.dmp
memory/3620-457-0x0000000000C00000-0x0000000000C57000-memory.dmp
memory/1996-456-0x00007FF6186E0000-0x00007FF6193FE000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
| MD5 | 4fef7f899d2af2824b689bf0391940e8 |
| SHA1 | 0e115b0bf17f777d3f6f0298e150ac4e11966aa7 |
| SHA256 | 9a85530960b7daf37360777b51d3e35e6b3500b3cf8c7293ea3ee8065ee8f693 |
| SHA512 | b6a55cd2c42f62de856f9bc6130950b66ab7580fe9710fe94f2058066622b88ac389575852edec37f30d873bbf66a073308f89f592a6a716a95356c548836570 |
memory/4788-471-0x00007FFE432D0000-0x00007FFE432FA000-memory.dmp
memory/4788-470-0x00007FF799BC0000-0x00007FF79BA70000-memory.dmp
memory/3564-473-0x00007FFE432D0000-0x00007FFE432FA000-memory.dmp
memory/3564-472-0x00007FF799BC0000-0x00007FF79BA70000-memory.dmp
memory/4788-475-0x00007FFE432D0000-0x00007FFE432FA000-memory.dmp
memory/4788-474-0x00007FF799BC0000-0x00007FF79BA70000-memory.dmp