Analysis

  • max time kernel
    142s
  • max time network
    118s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    09-08-2024 11:20

General

  • Target

    eicarcom2.zip

  • Size

    308B

  • MD5

    e4968ef99266df7c9a1f0637d2389dab

  • SHA1

    bec1b52d350d721c7e22a6d4bb0a92909893a3ae

  • SHA256

    e1105070ba828007508566e28a2b8d4c65d192e9eaf3b7868382b7cae747b397

  • SHA512

    73d6b0ca9c5554fd2b37ff8af6b51812f3af49962cebd6e042d0883a45794ddb8a53724275d26f3e18cebf1cd1d67740acc920aba16965038c0cc75b87030fbe

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 27 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\eicarcom2.zip
    1⤵
      PID:4080
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe"
      1⤵
      • Drops file in Windows directory
      • Enumerates system info in registry
      • Modifies data under HKEY_USERS
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:1088
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffffa74cc40,0x7ffffa74cc4c,0x7ffffa74cc58
        2⤵
          PID:576
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1840,i,7489667350811734399,15772670273120605254,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1836 /prefetch:2
          2⤵
            PID:884
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1440,i,7489667350811734399,15772670273120605254,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2144 /prefetch:3
            2⤵
              PID:4508
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2208,i,7489667350811734399,15772670273120605254,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2224 /prefetch:8
              2⤵
                PID:3076
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,7489667350811734399,15772670273120605254,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3128 /prefetch:1
                2⤵
                  PID:1556
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,7489667350811734399,15772670273120605254,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3208 /prefetch:1
                  2⤵
                    PID:1448
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4520,i,7489667350811734399,15772670273120605254,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3588 /prefetch:1
                    2⤵
                      PID:768
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4916,i,7489667350811734399,15772670273120605254,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4748 /prefetch:8
                      2⤵
                        PID:2368
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4740,i,7489667350811734399,15772670273120605254,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5024 /prefetch:8
                        2⤵
                          PID:3676
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4856,i,7489667350811734399,15772670273120605254,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4760 /prefetch:8
                          2⤵
                            PID:2024
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5020,i,7489667350811734399,15772670273120605254,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4456 /prefetch:8
                            2⤵
                              PID:236
                          • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                            "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                            1⤵
                              PID:4728
                            • C:\Windows\system32\svchost.exe
                              C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                              1⤵
                                PID:2524
                              • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
                                "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\Documents\MergeCompress.docx" /o ""
                                1⤵
                                • Checks processor information in registry
                                • Enumerates system info in registry
                                • Suspicious behavior: AddClipboardFormatListener
                                • Suspicious use of SetWindowsHookEx
                                PID:4716
                              • C:\Windows\System32\rundll32.exe
                                C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                1⤵
                                  PID:4456

                                Network

                                MITRE ATT&CK Enterprise v15

                                Replay Monitor

                                Loading Replay Monitor...

                                Downloads

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                  Filesize

                                  1KB

                                  MD5

                                  3ddec6840b0f28111b0d48760a0f963d

                                  SHA1

                                  389020d0164d101f58b6df7c658478da74c1bd94

                                  SHA256

                                  49d80c69aca3c94a58a5f3523c6ce1fdccc358e60747fb3bf4a1d12809e1f535

                                  SHA512

                                  50a5a07b7d7737ac2c1e6220ae889925f29e14f6e3135bf52e03dc62f7235ea3cfa891e00f3243aab0c5d028569f081536574cebfc6cb847a9067c18553f0950

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                  Filesize

                                  2B

                                  MD5

                                  d751713988987e9331980363e24189ce

                                  SHA1

                                  97d170e1550eee4afc0af065b78cda302a97674c

                                  SHA256

                                  4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                  SHA512

                                  b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                  Filesize

                                  354B

                                  MD5

                                  8ff0c09c4dadea35203af9d498b87cec

                                  SHA1

                                  634f7aac5ab49202188dc56b5fa1afe082a7546c

                                  SHA256

                                  79c1085d481c8b0fa48dd08f4eba5b01e317ffaaaafaefef2f3e79c262ffa03b

                                  SHA512

                                  9effa6f5b943ddb2be57639e145f3a5e9d86ea769af6b715aff01ab52467de971dc07264d04a789e7712d0586628cc8e7d77747b693c43d417971f31e6575da0

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  8KB

                                  MD5

                                  e30103033b39fd4aebbf2f925979ed0f

                                  SHA1

                                  b93ba7449c5e001c425f21875e2f8d12c1b2a9f0

                                  SHA256

                                  53b412ff32fc29e0271f6d94b654856ce7d1c5be38f64115ed41765b467c0e83

                                  SHA512

                                  5b99028b7ea4802d70a290b895264ede0075119920b432000cd608ecd7818e747263bb68ce1e803bf0f831e64188e03b860b54d3d544c7ae3e3da835b919b9a1

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  8KB

                                  MD5

                                  2aafdb234d07b0e6ae75dc9935434fa4

                                  SHA1

                                  b9fb8d82b33a7208df4ddfaa87b856131c528113

                                  SHA256

                                  750d3c6cc8ec0a5a2a75e5e53ed59b80587bade61c1d801ec8a3970e981d40fd

                                  SHA512

                                  f93a1122ca14003bc03e27a072e77b1118f6096ff899386a9d1b1a58ff73540903277e9c1af2fe74b2547a6cf0967a8038111002ea5d7c22028e2151bd8c5758

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  8KB

                                  MD5

                                  caf0dc2582cdf311a4efee184e7652d9

                                  SHA1

                                  5380f4b43ef9feba3521df9de2ace049aa789da2

                                  SHA256

                                  8754d9a396c3be7765e1f07688ef0326eb74ad6098ac00244df4fe166e797d26

                                  SHA512

                                  7674136e1adc3d72bf3e7531fc80a9519d6a2811f4dff96f4d74526d65aea1e1caa73ec7a58d51a1f3c6ab8a584114dac06a3e7a6349e693905e2725ca0eec85

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  28e34568f320df70c98a09bd17578625

                                  SHA1

                                  a83e71a220feb0b14569803b5e5260cb5bc8f525

                                  SHA256

                                  dbd513d1f44bde59d01081f94b7946f3dd0b2d6c0a73009b218c48edb403baf2

                                  SHA512

                                  af0fd504d66f65e46c001c69e9553a6960f9ff73370c5867892bdf0c9572bc0d4c12bfcab09d769d2fa15be55273d96ff829ba6e22b97e8a3dee5cfa01b0c19e

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  8KB

                                  MD5

                                  54b1c5e745335a681ad204dc0b37a9a1

                                  SHA1

                                  24d2bf4e55b84ebfa0ab78bb04087361e0a92310

                                  SHA256

                                  c10a7eefea42cd499d5d7f3db9593d65f55a123fddf0dd4118246440a67806f3

                                  SHA512

                                  720425b8bcdda3ec52b2fded48c17ea0b58244e0b0f0b630c31e0a278a89d51b664618f377b16445bb5de1ad975d58c2634d6870b596ba61a3801f706e43b3d1

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

                                  Filesize

                                  15KB

                                  MD5

                                  6b6b83c0dbe694823e447d7e53a74273

                                  SHA1

                                  20dc316d1752d60ab8f7b1d54e36152cc10364cc

                                  SHA256

                                  5e5d8e781d96c8043f9c8e40b3980fd07077fa0c54bc5127eb5c2a2339c7f8b5

                                  SHA512

                                  adbf6692fd6c08f92fca88a2908d5bc44fa3c408c3dd6f7bba0069445f9b135b6059049a2e284dad10d702656110cbd6815d39a43c57f21dba970819f7268503

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                  Filesize

                                  196KB

                                  MD5

                                  c43da8977a943c7d57ff7b1959afc71b

                                  SHA1

                                  350df74272c7817328dc0ee60da09166f6a21c3a

                                  SHA256

                                  e84d711756388280577467c73712f6403df654b19f82fbf8cc29f6fc44950494

                                  SHA512

                                  6da219949ef82e11f22776f76c711d078c7ea9a2a62fb225cc080607ac4d8b87e1c13564172880289deceaeb082a49ee0c60b2ca78bd4d23dfdc7be57885c3ce

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                  Filesize

                                  259KB

                                  MD5

                                  2830567f9304c92fe120764eeee1d9df

                                  SHA1

                                  a93567d75a2eb341de3d8b4a36605027697b69a0

                                  SHA256

                                  eb411adc3ed7c4815fd3e339fd608308411fb834d5fd7dd96a05abc8f962ad7e

                                  SHA512

                                  8e4405e84a721e292c4baa38a5c2b5b2acccf9fb62184fea3597f6921855e0b2f405b774d548420fc42219fe20c49edd13d9907867ad0ee3d003877408ace9fa

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                  Filesize

                                  195KB

                                  MD5

                                  3e801810f170b3600c4ed9f89e03be52

                                  SHA1

                                  54fed0207d4291cf4f8089a343918e766467d949

                                  SHA256

                                  3e78efce8b286431c0e7a804426904935a1ec3c86d223769a87187aaa05b706b

                                  SHA512

                                  3e8e10882c6cee7c63c2b6513554879034f6e8801942e77665cd7670a175ebf09910da0ddf5a95061a6653f5390ee693c94a113f0f8bb3062d6e853d8fd98ef1

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                  Filesize

                                  195KB

                                  MD5

                                  29bc5205c2fefff58eefd4f716f4e8a1

                                  SHA1

                                  9a8b7b5f01a1f6dcdc2719d82703d21e302fb5cd

                                  SHA256

                                  7fa145ea09b84a4757d75bec3e7db1abbe7c784da7dbccdfe273ba4b51412dcb

                                  SHA512

                                  454a1393a1b3f60dea0c47cbbff132feef6c914677224ca38e5d7538e238593cba289c904d68ba0c9dce913ba63398143edf87d470b325d72e28afe08032f302

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

                                  Filesize

                                  264KB

                                  MD5

                                  64101eb97b70fec08fede329d1ad0ab0

                                  SHA1

                                  ecbd1bce927a7b456e60b3c6fa6aeb119369645a

                                  SHA256

                                  353f29b1831f2fccce06908dce0a0811661daa31c57fb4b0a2adc36a70801b43

                                  SHA512

                                  6ab96e55b285b5c4ac9af4a65f0d0de98d1cbd8bb5d2a52048aa5efe2b4c5c370585e1a6d282a44eac176a3ee4b903fbcb50cb61bef1311eb994338c26152f92

                                • C:\Users\Admin\AppData\Roaming\Microsoft\Office\Recent\index.dat

                                  Filesize

                                  304B

                                  MD5

                                  f13a373a670458b9fe378e770a0b564c

                                  SHA1

                                  dcfe4685721b414393da02c7dc3219c08ef43a1f

                                  SHA256

                                  8e8107d5c8d9432bbf565a9e8f9aa2d0c7cf19f33ee1c17df29a54aba30704ec

                                  SHA512

                                  20dab31c66c03965daf30deda4800b54c295886b2a37de3b1996da647e6237c8f0baec84eee9efbd0be4499399b1c3cd40eee0158bc16996abdfd95e5a18efa1

                                • C:\Users\Admin\AppData\Roaming\Microsoft\UProof\CUSTOM.DIC

                                  Filesize

                                  16B

                                  MD5

                                  d29962abc88624befc0135579ae485ec

                                  SHA1

                                  e40a6458296ec6a2427bcb280572d023a9862b31

                                  SHA256

                                  a91a702aab9b8dd722843d3d208a21bcfa6556dfc64e2ded63975de4511eb866

                                  SHA512

                                  4311e87d8d5559248d4174908817a4ddc917bf7378114435cf12da8ccb7a1542c851812afbaf7dc106771bdb2e2d05f52e7d0c50d110fc7fffe4395592492c2f

                                • C:\Users\Admin\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryEN0409.lex

                                  Filesize

                                  2B

                                  MD5

                                  f3b25701fe362ec84616a93a45ce9998

                                  SHA1

                                  d62636d8caec13f04e28442a0a6fa1afeb024bbb

                                  SHA256

                                  b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

                                  SHA512

                                  98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

                                • memory/4716-68-0x00007FF7C9B30000-0x00007FF7C9B40000-memory.dmp

                                  Filesize

                                  64KB

                                • memory/4716-73-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-79-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-81-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-80-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-83-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-84-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-85-0x00007FF7C78A0000-0x00007FF7C78B0000-memory.dmp

                                  Filesize

                                  64KB

                                • memory/4716-82-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-86-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-89-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-90-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-88-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-87-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-78-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-77-0x00007FF7C78A0000-0x00007FF7C78B0000-memory.dmp

                                  Filesize

                                  64KB

                                • memory/4716-76-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-139-0x00007FF7C9B30000-0x00007FF7C9B40000-memory.dmp

                                  Filesize

                                  64KB

                                • memory/4716-140-0x00007FF7C9B30000-0x00007FF7C9B40000-memory.dmp

                                  Filesize

                                  64KB

                                • memory/4716-141-0x00007FF7C9B30000-0x00007FF7C9B40000-memory.dmp

                                  Filesize

                                  64KB

                                • memory/4716-138-0x00007FF7C9B30000-0x00007FF7C9B40000-memory.dmp

                                  Filesize

                                  64KB

                                • memory/4716-142-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-74-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-75-0x00007FF809AA0000-0x00007FF809CA9000-memory.dmp

                                  Filesize

                                  2.0MB

                                • memory/4716-72-0x00007FF809B43000-0x00007FF809B44000-memory.dmp

                                  Filesize

                                  4KB

                                • memory/4716-71-0x00007FF7C9B30000-0x00007FF7C9B40000-memory.dmp

                                  Filesize

                                  64KB

                                • memory/4716-70-0x00007FF7C9B30000-0x00007FF7C9B40000-memory.dmp

                                  Filesize

                                  64KB

                                • memory/4716-69-0x00007FF7C9B30000-0x00007FF7C9B40000-memory.dmp

                                  Filesize

                                  64KB

                                • memory/4716-67-0x00007FF7C9B30000-0x00007FF7C9B40000-memory.dmp

                                  Filesize

                                  64KB