c27646936f519338b5b796aedc458dab1333515f107ce00dcdc7edf392830bb3

Analysis

max time kernel
143s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
25-07-2024 11:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6f67e0016cc592fbc2bc35129433f320_JaffaCakes118.exe
Size

704KB
MD5

6f67e0016cc592fbc2bc35129433f320
SHA1

283db84a80ca8fde448d74daad59fea827f43acd
SHA256

c27646936f519338b5b796aedc458dab1333515f107ce00dcdc7edf392830bb3
SHA512

7ca2bf3481b31f32c916403682945f9bf3319c3342acae0c1077c1a9de7daa86f9bb104443f9466da8a0299e96c7b1c04b485219a0d43b7919134a384b656f96
SSDEEP

12288:ImhcfmetsELrGbIoE+itJPEbvrgqhVpMsSuyroPXJxxUYFEYP47MoFkvrPT+Ueen:ImhOGbXE+8BEbvrXSDroPXJxiYFjSkvd

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	6f67e0016cc592fbc2bc35129433f320_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	ielowutil.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Modifies Internet Explorer settings 1 TTPs 64 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\Software\Microsoft\Internet Explorer\VersionManager	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "428673134"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "325"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\Software\Microsoft\Internet Explorer\GPU	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "331"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31121032"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "233"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "331"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 70c0f2c588deda01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\youtube.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "121"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "492"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\Software\Microsoft\Internet Explorer\VersionManager	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\Software\Microsoft\Internet Explorer\IESettingSync	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "407"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{ED8247BA-4A7B-11EF-BE68-7A5D0894EB59} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\""	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "233"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "9268"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "9268"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "3253521696"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\youtube.com\NumberOfSubdomains = "1"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "115"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "492"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007836378798d3c34984a02971cee2fa8c000000000200000000001066000000010000200000007fe23b8a47d88cc25d9d74b56094a80cc154ef19728d0e0199be6d8c285ad7f1000000000e8000000002000020000000e1c0b999f873d2b2b96ddcbb267cc9166f458141339d265e3ff589238ab86cf520000000b5d9f01a79b19f7d83f65a91f6ca172fb1d027babea43100ad6d1ad0d66726054000000010441ecc38580fc1ee2d0e8dc31e2e9237870f1c8c2e13d6633735a9ee85dbc5e4bced260798b4e6f8e463db6d5727f8cc64155fbe7500f6daf965ce2c1a6877	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "121"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "233"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "325"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "407"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "6"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "3266490344"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "325"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31121032"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007836378798d3c34984a02971cee2fa8c00000000020000000000106600000001000020000000580ea568f05ffc2eecd682d01a3009fb592580a0bd72e91090ae18475b4f1c71000000000e80000000020000200000003edcd81366f9dca771c69665174094fe3bb83c28f9149047cb163c54fee3984c2000000047aac5cb1a9c3961dd0eb76b50e9b5b22d2a58ad946241c506b97e1f93e473cc4000000028b33a5f2332156f808763e375d441dc2a38b9c8175f2599f805fc3caf5618cb73955c8928444531588e1cc646db01b3bef03dead55832aac37df585cb38d184	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "492"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31121032"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1750093773-264148664-1320403265-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "6"	IEXPLORE.EXE

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1750093773-264148664-1320403265-1000\{05EF5494-D213-4F56-AD2C-94D6354293B8}	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
3316	iexplore.exe

Suspicious use of SetWindowsHookEx 5 IoCs

pid	Process
2676	6f67e0016cc592fbc2bc35129433f320_JaffaCakes118.exe
3316	iexplore.exe
3316	iexplore.exe
636	IEXPLORE.EXE
636	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3316 wrote to memory of 636	3316	iexplore.exe	86
PID 3316 wrote to memory of 636	3316	iexplore.exe	86
PID 3316 wrote to memory of 636	3316	iexplore.exe	86

C:\Users\Admin\AppData\Local\Temp\6f67e0016cc592fbc2bc35129433f320_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\6f67e0016cc592fbc2bc35129433f320_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:2676

C:\Program Files (x86)\Internet Explorer\ielowutil.exe
"C:\Program Files (x86)\Internet Explorer\ielowutil.exe" -CLSID:{0002DF01-0000-0000-C000-000000000046} -Embedding
1⤵
- System Location Discovery: System Language Discovery
PID:1828

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3316
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3316 CREDAT:17410 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:636

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\27H0LKPZ\www.youtube[1].xml

Filesize
14KB

MD5
cb8b152c6bad1fee3dc70671d439c534

SHA1
1152dd06b75d5a78d6956bcf9fd7e497633351b4

SHA256
b85fe8708300fff9f27e58aebf30df685401e6fae8119a1ff55da5995c2934ad

SHA512
6effda0d104722cf37b7a8e2f1380e451d10aebb37854911b89a5adee2da3be2af99b557e7693af23ba2b87b62b6f8f2e0e5c89f41d4aca5c6a0843e6a0d0bad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\27H0LKPZ\www.youtube[1].xml

Filesize
13B

MD5
c1ddea3ef6bbef3e7060a1a9ad89e4c5

SHA1
35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

SHA256
b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

SHA512
6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\27H0LKPZ\www.youtube[1].xml

Filesize
641B

MD5
668e64bf36880f53f8fe65c5f2739d7f

SHA1
a5e119fe9621a8ff2baba95f08479aa8d9c3c48c

SHA256
7f70228e09bc18a4145cd4f995518a38af4cc61d6a6e8df0c381139f3c221368

SHA512
bf4cb1a3f66c66c02944cdcf30811892540c45112a5ade1daaccca256fbb2d4180fee2bd9c1c54b743f2402df1b27e5fac00f13278aab1d120f981cca181bb44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\fez82rr\imagestore.dat

Filesize
4KB

MD5
c04a1c01aeeab41e0ccc076eff84dce6

SHA1
4a073a131279301b6942f8aa9eaf2e42d7f1c3be

SHA256
70ccb9dcf905f7a01b2e8db7963bec6e5f405519665b6cba6998e964e1f67f37

SHA512
e0028d492239c3d7393ae5f42620cdb8535f09d4eee677ceac4e2fbfbc008e412cb88b2ff135df06a90111ebd05811dd4df21c27e090137b4548586a9d1437ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UEL5ICRL\favicon[1].png

Filesize
4KB

MD5
341d5c24287a98dcfefc5915cc407a60

SHA1
4475380a9c995dfab0746e4c23d2ff39cb55ac14

SHA256
54dcd3a0769cdf5738f38f5e35a5963d85ff0e85ec06002582e54f8d3b388cd7

SHA512
c276127b7c8966b5d8ef7a5b06cfd74c340a2769d8488f3dcec4c6715033277f7755f648180f556fc90220a5b8a27803760ef276db3079bc0a8e5d3004d13480

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UEL5ICRL\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
memory/2676-1-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/2676-0-0x0000000000400000-0x0000000000810000-memory.dmp

Filesize
4.1MB

Download
memory/2676-5-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/2676-11-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/2676-12-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/2676-13-0x0000000000400000-0x0000000000810000-memory.dmp

Filesize
4.1MB

Download
memory/2676-8-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/2676-7-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/2676-6-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/2676-3-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/2676-4-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/2676-126-0x0000000000400000-0x0000000000810000-memory.dmp

Filesize
4.1MB

Download
memory/2676-140-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/2676-2-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download