Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

8b06e7b169...18.exe

windows7-x64

6

8b06e7b169...18.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    141s
  • max time network
    141s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/08/2024, 16:06 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe

  • Size

    437KB

  • MD5

    8b06e7b1698e7218757d2ad5b2777f1e

  • SHA1

    ff6ed4e456a79d0c97f4aa36dbf5bd4f95ca6b18

  • SHA256

    8c0d92ecb125cb20eae6e687a75ec8423b9c201f1f06c0993649e6dfda5e1421

  • SHA512

    6cac4f47af7a304f8c8d688a2bf11a985be645c869e5f08cd3cf5adc738cd5c9ace922e90f11fd3e8c9163d4c199db40003cb2648ff1ec0259fca70258e103c9

  • SSDEEP

    12288:vb8GN/WcNIFYD4nNHEh+I+vd/MOxOKWvjC:vb8GBWg4NHLI+NhULC

Score
6/10
discoverypersistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Modifies registry class 3 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • System Location Discovery: System Language Discovery
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2316

Network

  • flag-us
    DNS
    13.86.106.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    13.86.106.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    13.86.106.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    13.86.106.20.in-addr.arpa
    IN PTR
  • flag-us
    DNS
    73.144.22.2.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    73.144.22.2.in-addr.arpa
    IN PTR
    Response
    73.144.22.2.in-addr.arpa
    IN PTR
    a2-22-144-73deploystaticakamaitechnologiescom
  • flag-us
    DNS
    136.32.126.40.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    136.32.126.40.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    www.orkut.com
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    Remote address:
    8.8.8.8:53
    Request
    www.orkut.com
    IN A
    Response
    www.orkut.com
    IN CNAME
    ghs.googlehosted.com
    ghs.googlehosted.com
    IN A
    172.217.23.211
  • flag-nl
    GET
    http://www.orkut.com/
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    Remote address:
    172.217.23.211:80
    Request
    GET / HTTP/1.1
    Accept: image/gif, image/jpeg, image/pjpeg, application/x-ms-application, application/xaml+xml, application/x-ms-xbap, */*
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
    Host: www.orkut.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Location: https://www.orkut.com/
    X-Cloud-Trace-Context: 6253713cb0df55d26dde661093bc247b
    Date: Sun, 11 Aug 2024 16:07:12 GMT
    Content-Type: text/html
    Server: Google Frontend
    Content-Length: 0
  • flag-nl
    GET
    https://www.orkut.com/
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    Remote address:
    172.217.23.211:443
    Request
    GET / HTTP/1.1
    Accept: image/gif, image/jpeg, image/pjpeg, application/x-ms-application, application/xaml+xml, application/x-ms-xbap, */*
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
    Connection: Keep-Alive
    Host: www.orkut.com
    Response
    HTTP/1.1 200 OK
    X-Cloud-Trace-Context: 98dc437fac93192f7879df571e9e6776;o=1
    Content-Encoding: gzip
    Server: Google Frontend
    Date: Sun, 11 Aug 2024 16:07:09 GMT
    Expires: Sun, 11 Aug 2024 16:17:09 GMT
    Cache-Control: public, max-age=600
    ETag: "J_1yhA"
    Content-Type: text/html
    Age: 4
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://www.orkut.com/css/style-01.css
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    Remote address:
    172.217.23.211:443
    Request
    GET /css/style-01.css HTTP/1.1
    Accept: */*
    Referer: https://www.orkut.com/
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
    Host: www.orkut.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Sun, 11 Aug 2024 16:07:13 GMT
    Expires: Sun, 11 Aug 2024 16:17:13 GMT
    Cache-Control: public, max-age=600
    ETag: "J_1yhA"
    X-Cloud-Trace-Context: befc947615c1ee069836b09d066ee16e
    Content-Type: text/css
    Content-Encoding: gzip
    Server: Google Frontend
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://www.orkut.com/img/orkut-logo.png
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    Remote address:
    172.217.23.211:443
    Request
    GET /img/orkut-logo.png HTTP/1.1
    Accept: */*
    Referer: https://www.orkut.com/
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
    Host: www.orkut.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Sun, 11 Aug 2024 16:07:13 GMT
    Expires: Sun, 11 Aug 2024 16:17:13 GMT
    Cache-Control: public, max-age=600
    ETag: "J_1yhA"
    X-Cloud-Trace-Context: 362c7128f58ef2fc0137d86ff97410e3
    Content-Type: image/png
    Server: Google Frontend
    Transfer-Encoding: chunked
  • flag-us
    DNS
    c.pki.goog
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.179.131
  • flag-nl
    GET
    http://c.pki.goog/r/r1.crl
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    Remote address:
    142.250.179.131:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/10.0
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 11 Aug 2024 15:51:20 GMT
    Expires: Sun, 11 Aug 2024 16:41:20 GMT
    Cache-Control: public, max-age=3000
    Age: 952
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-us
    DNS
    o.pki.goog
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.179.131
  • flag-nl
    GET
    http://o.pki.goog/s/wr3/i1c/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBQSq0i5t2Pafi2Gw9uzwnc7KTctWgQUx4H1%2FY6I2QA8TWOiUDEkoM4j%2FiMCEQCLV8jgzo5tMAnYNxrG45vR
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    Remote address:
    142.250.179.131:80
    Request
    GET /s/wr3/i1c/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBQSq0i5t2Pafi2Gw9uzwnc7KTctWgQUx4H1%2FY6I2QA8TWOiUDEkoM4j%2FiMCEQCLV8jgzo5tMAnYNxrG45vR HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/10.0
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: scaffolding on HTTPServer2
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sun, 11 Aug 2024 14:14:22 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 6770
  • flag-nl
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEFISB6AKY0OzCbS%2BEJ1LbPY%3D
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    Remote address:
    142.250.179.131:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEFISB6AKY0OzCbS%2BEJ1LbPY%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/10.0
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Sun, 11 Aug 2024 15:08:53 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 3500
  • flag-us
    DNS
    211.23.217.172.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    211.23.217.172.in-addr.arpa
    IN PTR
    Response
    211.23.217.172.in-addr.arpa
    IN PTR
    prg03s05-in-f2111e100net
    211.23.217.172.in-addr.arpa
    IN PTR
    prg03s05-in-f19�J
    211.23.217.172.in-addr.arpa
    IN PTR
    ams16s37-in-f19�J
  • flag-us
    DNS
    131.179.250.142.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    131.179.250.142.in-addr.arpa
    IN PTR
    Response
    131.179.250.142.in-addr.arpa
    IN PTR
    ams17s10-in-f31e100net
  • flag-nl
    GET
    https://www.orkut.com/js/analytics.js
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    Remote address:
    172.217.23.211:443
    Request
    GET /js/analytics.js HTTP/1.1
    Accept: */*
    Referer: https://www.orkut.com/
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
    Host: www.orkut.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Sun, 11 Aug 2024 16:07:13 GMT
    Expires: Sun, 11 Aug 2024 16:17:13 GMT
    Cache-Control: public, max-age=600
    ETag: "J_1yhA"
    X-Cloud-Trace-Context: 362c7128f58ef2fc0137d86ff97410e3
    Content-Type: application/javascript
    Content-Encoding: gzip
    Server: Google Frontend
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://www.orkut.com/img/orkut-signature.png
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    Remote address:
    172.217.23.211:443
    Request
    GET /img/orkut-signature.png HTTP/1.1
    Accept: */*
    Referer: https://www.orkut.com/
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
    Host: www.orkut.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Sun, 11 Aug 2024 16:07:13 GMT
    Expires: Sun, 11 Aug 2024 16:17:13 GMT
    Cache-Control: public, max-age=600
    ETag: "J_1yhA"
    X-Cloud-Trace-Context: 7fe4f8543019c0169d9780eeb45d08cd
    Content-Type: image/png
    Server: Google Frontend
    Transfer-Encoding: chunked
  • flag-us
    DNS
    46.36.251.142.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    46.36.251.142.in-addr.arpa
    IN PTR
    Response
    46.36.251.142.in-addr.arpa
    IN PTR
    ams17s12-in-f141e100net
  • flag-us
    DNS
    228.249.119.40.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    228.249.119.40.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    196.249.167.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    196.249.167.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    196.249.167.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    196.249.167.52.in-addr.arpa
    IN PTR
  • flag-us
    DNS
    26.165.165.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    26.165.165.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    26.165.165.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    26.165.165.52.in-addr.arpa
    IN PTR
  • flag-us
    DNS
    198.187.3.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    198.187.3.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    99.58.20.217.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    99.58.20.217.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    tse1.mm.bing.net
    Remote address:
    8.8.8.8:53
    Request
    tse1.mm.bing.net
    IN A
    Response
    tse1.mm.bing.net
    IN CNAME
    mm-mm.bing.net.trafficmanager.net
    mm-mm.bing.net.trafficmanager.net
    IN CNAME
    ax-0001.ax-msedge.net
    ax-0001.ax-msedge.net
    IN A
    150.171.27.10
    ax-0001.ax-msedge.net
    IN A
    150.171.28.10
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239339388112_1D9RCOGNLARU8ARO7&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
    Remote address:
    150.171.27.10:443
    Request
    GET /th?id=OADD2.10239339388112_1D9RCOGNLARU8ARO7&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 360094
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 505DA8707E9C428594DEA60BD9A9C55E Ref B: LON04EDGE1119 Ref C: 2024-08-11T16:07:41Z
    date: Sun, 11 Aug 2024 16:07:41 GMT
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239317301306_14JKCMWI1LY9W4K6L&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
    Remote address:
    150.171.27.10:443
    Request
    GET /th?id=OADD2.10239317301306_14JKCMWI1LY9W4K6L&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 543646
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 8A502B8948A3413DAA6A281C15F68D27 Ref B: LON04EDGE1119 Ref C: 2024-08-11T16:07:41Z
    date: Sun, 11 Aug 2024 16:07:41 GMT
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239339388111_1XGVGDXXGM4UED7TP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
    Remote address:
    150.171.27.10:443
    Request
    GET /th?id=OADD2.10239339388111_1XGVGDXXGM4UED7TP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 497379
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: BBC8E120049E4D7880AD37DD93E1B1FF Ref B: LON04EDGE1119 Ref C: 2024-08-11T16:07:41Z
    date: Sun, 11 Aug 2024 16:07:41 GMT
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239317301715_1L98D8CO0BH9X0WDY&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
    Remote address:
    150.171.27.10:443
    Request
    GET /th?id=OADD2.10239317301715_1L98D8CO0BH9X0WDY&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 439986
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: CE5AB0EAF8EF48F4B5C1D88A6604F9AE Ref B: LON04EDGE1119 Ref C: 2024-08-11T16:07:41Z
    date: Sun, 11 Aug 2024 16:07:41 GMT
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239353582480_11Y0WDW5HLDOO8GP5&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
    Remote address:
    150.171.27.10:443
    Request
    GET /th?id=OADD2.10239353582480_11Y0WDW5HLDOO8GP5&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 679925
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 16D7D8D2A06C4DDF8414F0A9BFD7C31D Ref B: LON04EDGE1119 Ref C: 2024-08-11T16:07:42Z
    date: Sun, 11 Aug 2024 16:07:41 GMT
  • flag-us
    GET
    https://tse1.mm.bing.net/th?id=OADD2.10239353582481_1UFRZG7HSKJ6VOM8D&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
    Remote address:
    150.171.27.10:443
    Request
    GET /th?id=OADD2.10239353582481_1UFRZG7HSKJ6VOM8D&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
    host: tse1.mm.bing.net
    accept: */*
    accept-encoding: gzip, deflate, br
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
    Response
    HTTP/2.0 200
    cache-control: public, max-age=2592000
    content-length: 645633
    content-type: image/jpeg
    x-cache: TCP_HIT
    access-control-allow-origin: *
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    timing-allow-origin: *
    report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
    nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
    accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    x-msedge-ref: Ref A: 6A538526705C402EA7F04ADC59C03FCF Ref B: LON04EDGE1119 Ref C: 2024-08-11T16:07:42Z
    date: Sun, 11 Aug 2024 16:07:41 GMT
  • flag-us
    DNS
    81.144.22.2.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    81.144.22.2.in-addr.arpa
    IN PTR
    Response
    81.144.22.2.in-addr.arpa
    IN PTR
    a2-22-144-81deploystaticakamaitechnologiescom
  • flag-us
    DNS
    30.243.111.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    30.243.111.52.in-addr.arpa
    IN PTR
    Response
  • 172.217.23.211:80
    http://www.orkut.com/
    http
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    683 B
     391 B
     6
    4

    HTTP Request

    GET http://www.orkut.com/

    HTTP Response

    302
  • 172.217.23.211:443
    https://www.orkut.com/img/orkut-logo.png
    tls, http
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    3.5kB
     35.4kB
     45
    44

    HTTP Request

    GET https://www.orkut.com/

    HTTP Response

    200

    HTTP Request

    GET https://www.orkut.com/css/style-01.css

    HTTP Response

    200

    HTTP Request

    GET https://www.orkut.com/img/orkut-logo.png

    HTTP Response

    200
  • 142.250.179.131:80
    http://c.pki.goog/r/r1.crl
    http
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    395 B
     1.8kB
     6
    5

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.179.131:80
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEFISB6AKY0OzCbS%2BEJ1LbPY%3D
    http
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    836 B
     1.6kB
     8
    5

    HTTP Request

    GET http://o.pki.goog/s/wr3/i1c/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBQSq0i5t2Pafi2Gw9uzwnc7KTctWgQUx4H1%2FY6I2QA8TWOiUDEkoM4j%2FiMCEQCLV8jgzo5tMAnYNxrG45vR

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEFISB6AKY0OzCbS%2BEJ1LbPY%3D

    HTTP Response

    200
  • 172.217.23.211:443
    https://www.orkut.com/img/orkut-signature.png
    tls, http
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    2.1kB
     11.9kB
     24
    21

    HTTP Request

    GET https://www.orkut.com/js/analytics.js

    HTTP Response

    200

    HTTP Request

    GET https://www.orkut.com/img/orkut-signature.png

    HTTP Response

    200
  • 150.171.27.10:443
    tse1.mm.bing.net
    tls, http2
    1.2kB
     6.9kB
     15
    13
  • 150.171.27.10:443
    https://tse1.mm.bing.net/th?id=OADD2.10239353582481_1UFRZG7HSKJ6VOM8D&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
    tls, http2
    114.3kB
     3.3MB
     2397
    2393

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239339388112_1D9RCOGNLARU8ARO7&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239317301306_14JKCMWI1LY9W4K6L&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239339388111_1XGVGDXXGM4UED7TP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239317301715_1L98D8CO0BH9X0WDY&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239353582480_11Y0WDW5HLDOO8GP5&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

    HTTP Request

    GET https://tse1.mm.bing.net/th?id=OADD2.10239353582481_1UFRZG7HSKJ6VOM8D&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

    HTTP Response

    200

    HTTP Response

    200
  • 150.171.27.10:443
    tse1.mm.bing.net
    tls, http2
    1.5kB
     6.8kB
     15
    11
  • 150.171.27.10:443
    tse1.mm.bing.net
    tls, http2
    1.2kB
     6.9kB
     15
    13
  • 150.171.27.10:443
    tse1.mm.bing.net
    tls, http2
    1.2kB
     6.8kB
     15
    12
  • 8.8.8.8:53
    13.86.106.20.in-addr.arpa
    dns
    142 B
     157 B
     2
    1

    DNS Request

    13.86.106.20.in-addr.arpa

    DNS Request

    13.86.106.20.in-addr.arpa

  • 8.8.8.8:53
    73.144.22.2.in-addr.arpa
    dns
    70 B
     133 B
     1
    1

    DNS Request

    73.144.22.2.in-addr.arpa

  • 8.8.8.8:53
    136.32.126.40.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    136.32.126.40.in-addr.arpa

  • 8.8.8.8:53
    www.orkut.com
    dns
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    59 B
     106 B
     1
    1

    DNS Request

    www.orkut.com

    DNS Response

    172.217.23.211

  • 8.8.8.8:53
    c.pki.goog
    dns
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    56 B
     107 B
     1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.179.131

  • 8.8.8.8:53
    o.pki.goog
    dns
    8b06e7b1698e7218757d2ad5b2777f1e_JaffaCakes118.exe
    56 B
     107 B
     1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.179.131

  • 8.8.8.8:53
    211.23.217.172.in-addr.arpa
    dns
    73 B
     173 B
     1
    1

    DNS Request

    211.23.217.172.in-addr.arpa

  • 8.8.8.8:53
    131.179.250.142.in-addr.arpa
    dns
    74 B
     112 B
     1
    1

    DNS Request

    131.179.250.142.in-addr.arpa

  • 8.8.8.8:53
    46.36.251.142.in-addr.arpa
    dns
    72 B
     111 B
     1
    1

    DNS Request

    46.36.251.142.in-addr.arpa

  • 8.8.8.8:53
    228.249.119.40.in-addr.arpa
    dns
    73 B
     159 B
     1
    1

    DNS Request

    228.249.119.40.in-addr.arpa

  • 8.8.8.8:53
    196.249.167.52.in-addr.arpa
    dns
    146 B
     147 B
     2
    1

    DNS Request

    196.249.167.52.in-addr.arpa

    DNS Request

    196.249.167.52.in-addr.arpa

  • 8.8.8.8:53
    26.165.165.52.in-addr.arpa
    dns
    144 B
     146 B
     2
    1

    DNS Request

    26.165.165.52.in-addr.arpa

    DNS Request

    26.165.165.52.in-addr.arpa

  • 8.8.8.8:53
    198.187.3.20.in-addr.arpa
    dns
    71 B
     157 B
     1
    1

    DNS Request

    198.187.3.20.in-addr.arpa

  • 8.8.8.8:53
    99.58.20.217.in-addr.arpa
    dns
    71 B
     131 B
     1
    1

    DNS Request

    99.58.20.217.in-addr.arpa

  • 8.8.8.8:53
    tse1.mm.bing.net
    dns
    62 B
     170 B
     1
    1

    DNS Request

    tse1.mm.bing.net

    DNS Response

    150.171.27.10
    150.171.28.10

  • 8.8.8.8:53
    81.144.22.2.in-addr.arpa
    dns
    70 B
     133 B
     1
    1

    DNS Request

    81.144.22.2.in-addr.arpa

  • 8.8.8.8:53
    30.243.111.52.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    30.243.111.52.in-addr.arpa

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2316-0-0x0000000000400000-0x00000000004E2000-memory.dmp

    Filesize

    904KB

    Download

  • memory/2316-1-0x0000000002290000-0x00000000022C0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2316-2-0x0000000002270000-0x0000000002272000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2316-4-0x0000000002280000-0x0000000002281000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-44-0x00000000024A0000-0x00000000024A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-43-0x0000000002490000-0x0000000002491000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-42-0x0000000005D50000-0x0000000005D51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-41-0x0000000005D60000-0x0000000005D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-40-0x0000000005D70000-0x0000000005D71000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-39-0x0000000005D30000-0x0000000005D31000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-38-0x0000000005D40000-0x0000000005D41000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-37-0x0000000005D10000-0x0000000005D11000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-36-0x0000000005D20000-0x0000000005D21000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-35-0x0000000005CF0000-0x0000000005CF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-34-0x0000000005D00000-0x0000000005D01000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-33-0x0000000005CD0000-0x0000000005CD1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-32-0x0000000005CE0000-0x0000000005CE1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-31-0x0000000005CB0000-0x0000000005CB1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-30-0x0000000005CC0000-0x0000000005CC1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-29-0x0000000005C90000-0x0000000005C91000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-28-0x0000000005CA0000-0x0000000005CA1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-27-0x0000000005C70000-0x0000000005C71000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-26-0x0000000005C80000-0x0000000005C81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-25-0x0000000005B50000-0x0000000005B51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-24-0x0000000005B60000-0x0000000005B61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-23-0x0000000005B30000-0x0000000005B31000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-22-0x0000000005B40000-0x0000000005B41000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-21-0x0000000005B10000-0x0000000005B11000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-20-0x0000000005B20000-0x0000000005B21000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-19-0x0000000005AF0000-0x0000000005AF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-18-0x0000000005B00000-0x0000000005B01000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-17-0x0000000002880000-0x0000000002881000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-16-0x0000000005AE0000-0x0000000005AE1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-15-0x0000000002860000-0x0000000002861000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-14-0x0000000002870000-0x0000000002871000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-13-0x0000000002840000-0x0000000002841000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-12-0x0000000002850000-0x0000000002851000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-11-0x0000000002820000-0x0000000002821000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-10-0x0000000002830000-0x0000000002831000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-9-0x0000000002800000-0x0000000002801000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-8-0x0000000002810000-0x0000000002811000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-7-0x00000000022C0000-0x00000000022C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-6-0x0000000000650000-0x0000000000651000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-5-0x00000000004F0000-0x00000000004F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-3-0x0000000002260000-0x0000000002261000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-45-0x0000000005D90000-0x0000000005D91000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-48-0x0000000005DA0000-0x0000000005DA1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-46-0x0000000005D80000-0x0000000005D81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-47-0x0000000005DB0000-0x0000000005DB1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-49-0x0000000005FA0000-0x0000000005FA1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-50-0x0000000005F90000-0x0000000005F91000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-51-0x0000000006350000-0x0000000006351000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-52-0x0000000006340000-0x0000000006341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-57-0x00000000064A0000-0x00000000064A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-56-0x00000000064B0000-0x00000000064B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-55-0x0000000006360000-0x0000000006361000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-54-0x0000000006370000-0x0000000006371000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-53-0x0000000000400000-0x00000000004E2000-memory.dmp

    Filesize

    904KB

    Download

  • memory/2316-59-0x0000000006AF0000-0x0000000006AF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-60-0x0000000006AE0000-0x0000000006AE1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-58-0x0000000002290000-0x00000000022C0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2316-63-0x0000000006B30000-0x0000000006B31000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-66-0x0000000006B40000-0x0000000006B41000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-65-0x0000000006B50000-0x0000000006B51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-64-0x0000000006B20000-0x0000000006B21000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-62-0x0000000006B00000-0x0000000006B01000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-61-0x0000000006B10000-0x0000000006B11000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-69-0x0000000007150000-0x0000000007151000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-73-0x0000000007190000-0x0000000007191000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-74-0x0000000007180000-0x0000000007181000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-72-0x0000000007160000-0x0000000007161000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-71-0x0000000007170000-0x0000000007171000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-70-0x0000000007140000-0x0000000007141000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-68-0x0000000007010000-0x0000000007011000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-67-0x0000000007020000-0x0000000007021000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-75-0x00000000072B0000-0x00000000072B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-76-0x00000000072A0000-0x00000000072A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-98-0x0000000000400000-0x00000000004E2000-memory.dmp

    Filesize

    904KB

    Download

  • memory/2316-99-0x0000000005D50000-0x0000000005D51000-memory.dmp

    Filesize

    4KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.