Analysis Overview
SHA256
bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c
Threat Level: Known bad
The file bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c was found to be: Known bad.
Malicious Activity Summary
Detect Socks5Systemz Payload
Socks5Systemz
Executes dropped EXE
Loads dropped DLL
Unexpected DNS network traffic destination
Looks up external IP address via web service
Checks installed software on the system
Unsigned PE
System Location Discovery: System Language Discovery
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-10 22:45
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-10 22:45
Reported
2024-08-10 23:35
Platform
win10v2004-20240802-en
Max time kernel
1191s
Max time network
1151s
Command Line
Signatures
Detect Socks5Systemz Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Socks5Systemz
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-QGQ7B.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-QGQ7B.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp | N/A |
Unexpected DNS network traffic destination
| Description | Indicator | Process | Target |
| Destination IP | 152.89.198.214 | N/A | N/A |
Checks installed software on the system
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-QGQ7B.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-QGQ7B.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-QGQ7B.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-QGQ7B.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.exe
"C:\Users\Admin\AppData\Local\Temp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.exe"
C:\Users\Admin\AppData\Local\Temp\is-QGQ7B.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp
"C:\Users\Admin\AppData\Local\Temp\is-QGQ7B.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp" /SL5="$502D8,3442393,54272,C:\Users\Admin\AppData\Local\Temp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.exe"
C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe
"C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe" -i
C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe
"C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe" -s
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 13.107.21.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| RU | 152.89.198.214:53 | bduruce.com | udp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| US | 8.8.8.8:53 | 214.198.89.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.8.196.185.in-addr.arpa | udp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| US | 8.8.8.8:53 | 8.173.189.20.in-addr.arpa | udp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
| CH | 185.196.8.214:80 | bduruce.com | tcp |
Files
memory/1380-2-0x0000000000401000-0x000000000040B000-memory.dmp
memory/1380-1-0x0000000000400000-0x0000000000414000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-QGQ7B.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp
| MD5 | 4c66dfdb244a9b27ce722a6e862d2954 |
| SHA1 | f88c11ea7429f222a6fa40f8b54fee3f3e7391aa |
| SHA256 | 18be4e3ee14297cac6d3ce462aa38b2996d3b43a6e2e7dab9af431f0af8c67b4 |
| SHA512 | 3d6a1ff5b1ec237ef0db636d089bca6f5c5cdef56415c4b5f39919cae75c7e797a80d8c228dc9e355151db1e8d2cc4b0378f7d24449335d13115efd114628125 |
memory/1836-10-0x0000000000400000-0x00000000004BD000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-MDUMB.tmp\_isetup\_iscrypt.dll
| MD5 | a69559718ab506675e907fe49deb71e9 |
| SHA1 | bc8f404ffdb1960b50c12ff9413c893b56f2e36f |
| SHA256 | 2f6294f9aa09f59a574b5dcd33be54e16b39377984f3d5658cda44950fa0f8fc |
| SHA512 | e52e0aa7fe3f79e36330c455d944653d449ba05b2f9abee0914a0910c3452cfa679a40441f9ac696b3ccf9445cbb85095747e86153402fc362bb30ac08249a63 |
C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe
| MD5 | 4253ec7a70655370b0cfeabbb881e8c0 |
| SHA1 | cf3747b8191c86dee0e88de5987a25ddd0ae3243 |
| SHA256 | 2626274060858fe7be1c94e042785e8cde47fdb1bd655ad0b2752b3236bbe4f2 |
| SHA512 | 25b10eb4fdf5baf242c340a141d13a5369865a578336a1d7a4e8889318bb379e509c814a47c4eaf1c332d5e982d67dc0e5cfb239ddc70dc2aa0da4005457d1ab |
memory/1944-52-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/1944-53-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/1944-56-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-59-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/1380-60-0x0000000000400000-0x0000000000414000-memory.dmp
memory/1836-61-0x0000000000400000-0x00000000004BD000-memory.dmp
memory/4736-62-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-65-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-68-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-71-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-74-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-77-0x0000000000AF0000-0x0000000000B92000-memory.dmp
memory/4736-81-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-84-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-87-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-90-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-93-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-96-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-99-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-103-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-106-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-109-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-112-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-115-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-118-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/4736-123-0x0000000000400000-0x00000000007E0000-memory.dmp
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-10 22:45
Reported
2024-08-10 23:33
Platform
win7-20240729-en
Max time kernel
1200s
Max time network
1200s
Command Line
Signatures
Detect Socks5Systemz Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Socks5Systemz
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-4R3QF.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe | N/A |
Loads dropped DLL
Unexpected DNS network traffic destination
| Description | Indicator | Process | Target |
| Destination IP | 152.89.198.214 | N/A | N/A |
Checks installed software on the system
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | api.ipify.org | N/A | N/A |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-4R3QF.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-4R3QF.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-4R3QF.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\is-4R3QF.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.exe
"C:\Users\Admin\AppData\Local\Temp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.exe"
C:\Users\Admin\AppData\Local\Temp\is-4R3QF.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp
"C:\Users\Admin\AppData\Local\Temp\is-4R3QF.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp" /SL5="$401AE,3442393,54272,C:\Users\Admin\AppData\Local\Temp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.exe"
C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe
"C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe" -i
C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe
"C:\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe" -s
Network
| Country | Destination | Domain | Proto |
| RU | 152.89.198.214:53 | bxruzbx.com | udp |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| US | 8.8.8.8:53 | api.ipify.org | udp |
| US | 104.26.12.205:80 | api.ipify.org | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | ip.bablosoft.com | udp |
| NL | 142.93.136.142:80 | ip.bablosoft.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| US | 8.8.8.8:53 | www.google.gr | udp |
| NL | 172.217.23.195:443 | www.google.gr | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| NL | 142.250.179.170:443 | optimizationguide-pa.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.179.170:443 | optimizationguide-pa.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 2.22.99.85:80 | api.steampowered.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| NL | 142.250.179.174:443 | accounts.youtube.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.179.174:443 | accounts.youtube.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | www.google.de | udp |
| NL | 216.58.208.99:443 | www.google.de | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| GB | 2.22.99.85:80 | api.steampowered.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | www.google.be | udp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | www.google.cl | udp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | www.google.nl | udp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 2.22.99.85:80 | api.steampowered.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.179.170:443 | content-autofill.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.179.170:443 | content-autofill.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 172.217.23.202:443 | content-autofill.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 172.217.23.202:443 | content-autofill.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 2.22.99.85:80 | api.steampowered.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| NL | 142.251.36.42:443 | optimizationguide-pa.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.251.36.42:443 | optimizationguide-pa.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 2.22.99.85:80 | api.steampowered.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 172.217.23.202:443 | optimizationguide-pa.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 172.217.23.202:443 | optimizationguide-pa.googleapis.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | imap.comcast.net | udp |
| US | 96.117.83.141:993 | imap.comcast.net | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| US | 8.8.8.8:53 | b-graph.facebook.com | udp |
| DE | 157.240.251.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| DE | 157.240.251.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| DE | 157.240.251.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| DE | 157.240.251.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| DE | 157.240.251.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| DE | 157.240.251.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| DE | 157.240.251.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| DE | 157.240.251.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| DE | 157.240.251.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | b-graph.facebook.com | udp |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | imap.ziggo.nl | udp |
| NL | 84.116.6.3:993 | imap.ziggo.nl | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | auth.api.np.ac.playstation.net | udp |
| GB | 2.22.133.25:443 | auth.api.np.ac.playstation.net | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | accounts.api.playstation.com | udp |
| GB | 23.49.160.101:443 | accounts.api.playstation.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| PT | 157.240.212.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | b-graph.facebook.com | udp |
| GB | 157.240.221.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| GB | 157.240.221.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | b-graph.facebook.com | udp |
| GB | 163.70.147.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| GB | 163.70.147.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | imap.comcast.net | udp |
| US | 96.116.226.39:993 | imap.comcast.net | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 2.22.99.85:80 | api.steampowered.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| US | 8.8.8.8:53 | imap.comcast.net | udp |
| US | 96.118.208.81:993 | imap.comcast.net | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| US | 8.8.8.8:53 | imap.comcast.net | udp |
| US | 96.118.23.242:993 | imap.comcast.net | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | imap.kpnmail.nl | udp |
| NL | 195.121.65.133:993 | imap.kpnmail.nl | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 2.22.99.85:443 | steamcommunity.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| US | 8.8.8.8:53 | imap.comcast.net | udp |
| US | 96.118.210.168:993 | imap.comcast.net | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| CH | 185.196.8.214:80 | bxruzbx.com | tcp |
| US | 8.8.8.8:53 | b-graph.facebook.com | udp |
| GB | 157.240.221.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| GB | 157.240.221.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| GB | 157.240.221.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp | |
| GB | 157.240.221.35:443 | b-graph.facebook.com | tcp |
| NL | 45.156.23.96:2023 | tcp |
Files
memory/408-2-0x0000000000401000-0x000000000040B000-memory.dmp
memory/408-0-0x0000000000400000-0x0000000000414000-memory.dmp
\Users\Admin\AppData\Local\Temp\is-4R3QF.tmp\bfea462a7527fc9f2c573fc362bebcfabb0148b7e2521adc106962f9c555b26c.tmp
| MD5 | 4c66dfdb244a9b27ce722a6e862d2954 |
| SHA1 | f88c11ea7429f222a6fa40f8b54fee3f3e7391aa |
| SHA256 | 18be4e3ee14297cac6d3ce462aa38b2996d3b43a6e2e7dab9af431f0af8c67b4 |
| SHA512 | 3d6a1ff5b1ec237ef0db636d089bca6f5c5cdef56415c4b5f39919cae75c7e797a80d8c228dc9e355151db1e8d2cc4b0378f7d24449335d13115efd114628125 |
\Users\Admin\AppData\Local\Temp\is-6C92S.tmp\_isetup\_shfoldr.dll
| MD5 | 92dc6ef532fbb4a5c3201469a5b5eb63 |
| SHA1 | 3e89ff837147c16b4e41c30d6c796374e0b8e62c |
| SHA256 | 9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87 |
| SHA512 | 9908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3 |
\Users\Admin\AppData\Local\Temp\is-6C92S.tmp\_isetup\_iscrypt.dll
| MD5 | a69559718ab506675e907fe49deb71e9 |
| SHA1 | bc8f404ffdb1960b50c12ff9413c893b56f2e36f |
| SHA256 | 2f6294f9aa09f59a574b5dcd33be54e16b39377984f3d5658cda44950fa0f8fc |
| SHA512 | e52e0aa7fe3f79e36330c455d944653d449ba05b2f9abee0914a0910c3452cfa679a40441f9ac696b3ccf9445cbb85095747e86153402fc362bb30ac08249a63 |
memory/2976-18-0x0000000000400000-0x00000000004BD000-memory.dmp
\Users\Admin\AppData\Local\BekkySoft Universal Player\bekkysoftuniversalplayer32_64.exe
| MD5 | 4253ec7a70655370b0cfeabbb881e8c0 |
| SHA1 | cf3747b8191c86dee0e88de5987a25ddd0ae3243 |
| SHA256 | 2626274060858fe7be1c94e042785e8cde47fdb1bd655ad0b2752b3236bbe4f2 |
| SHA512 | 25b10eb4fdf5baf242c340a141d13a5369865a578336a1d7a4e8889318bb379e509c814a47c4eaf1c332d5e982d67dc0e5cfb239ddc70dc2aa0da4005457d1ab |
memory/2976-55-0x0000000006CB0000-0x0000000007090000-memory.dmp
memory/2276-57-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2276-58-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2276-61-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-63-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/408-65-0x0000000000400000-0x0000000000414000-memory.dmp
memory/2976-66-0x0000000000400000-0x00000000004BD000-memory.dmp
memory/2700-69-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2976-70-0x0000000006CB0000-0x0000000007090000-memory.dmp
memory/2700-73-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-74-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-79-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-82-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-85-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-86-0x00000000023D0000-0x0000000002472000-memory.dmp
memory/2700-90-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-95-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-98-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-101-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-102-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-107-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-109-0x00000000023D0000-0x0000000002472000-memory.dmp
memory/2700-108-0x00000000023D0000-0x0000000002472000-memory.dmp
memory/2700-113-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-114-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-119-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-122-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-125-0x0000000000400000-0x00000000007E0000-memory.dmp
memory/2700-126-0x0000000000400000-0x00000000007E0000-memory.dmp