hxxps://files[.]minecraftforge[.]net/net/minecraftforge/forge/

Resubmissions

12/08/2024, 02:05

240812-cjbktavcjc 3

12/08/2024, 02:00

240812-ce66xszeqm 5

12/08/2024, 01:59

240812-cegahazemn 3

Analysis

max time kernel
35s
max time network
36s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
12/08/2024, 02:05

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://files.minecraftforge.net/net/minecraftforge/forge/

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133679019692166625"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2576	chrome.exe
2576	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 25 IoCs

pid	Process
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe
Token: SeShutdownPrivilege	2576	chrome.exe
Token: SeCreatePagefilePrivilege	2576	chrome.exe

Suspicious use of FindShellTrayWindow 35 IoCs

pid	Process
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe
2576	chrome.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
5548	javaw.exe
5548	javaw.exe
5548	javaw.exe
5548	javaw.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2576 wrote to memory of 912	2576	chrome.exe	84
PID 2576 wrote to memory of 912	2576	chrome.exe	84
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 4236	2576	chrome.exe	85
PID 2576 wrote to memory of 2816	2576	chrome.exe	86
PID 2576 wrote to memory of 2816	2576	chrome.exe	86
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87
PID 2576 wrote to memory of 2708	2576	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://files.minecraftforge.net/net/minecraftforge/forge/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa2405cc40,0x7ffa2405cc4c,0x7ffa2405cc58
  2⤵
  PID:912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1960,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1952 /prefetch:2
  2⤵
  PID:4236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2084,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2144 /prefetch:3
  2⤵
  PID:2816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2284,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2604 /prefetch:8
  2⤵
  PID:2708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3140,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:1508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3172,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:2828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4484,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4588 /prefetch:1
  2⤵
  PID:4756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4700,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4720 /prefetch:1
  2⤵
  PID:3376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4800,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5040 /prefetch:8
  2⤵
  PID:4916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5384,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5400 /prefetch:1
  2⤵
  PID:2500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5044,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5036 /prefetch:1
  2⤵
  PID:3680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4952,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5556 /prefetch:1
  2⤵
  PID:1836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5088,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:2492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5688,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5700 /prefetch:1
  2⤵
  PID:3828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5816,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5828 /prefetch:1
  2⤵
  PID:4260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5956,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5972 /prefetch:1
  2⤵
  PID:116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5808,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6120 /prefetch:1
  2⤵
  PID:5280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=6320,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6312 /prefetch:1
  2⤵
  PID:5364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6544,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6520 /prefetch:1
  2⤵
  PID:5876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6684,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6648 /prefetch:1
  2⤵
  PID:5904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6272,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6720 /prefetch:1
  2⤵
  PID:5912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5832,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6864 /prefetch:1
  2⤵
  PID:5920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=4948,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6972 /prefetch:1
  2⤵
  PID:5948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6840,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7048 /prefetch:1
  2⤵
  PID:5964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=7188,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7212 /prefetch:1
  2⤵
  PID:6052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=7504,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5680 /prefetch:1
  2⤵
  PID:5400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=4828,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4508 /prefetch:1
  2⤵
  PID:5788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6360,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6348 /prefetch:1
  2⤵
  PID:6084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4820,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4612 /prefetch:8
  2⤵
  PID:5172
- C:\Program Files\Java\jre-1.8\bin\javaw.exe
  "C:\Program Files\Java\jre-1.8\bin\javaw.exe" -jar "C:\Users\Admin\Downloads\forge-1.21.1-52.0.2-installer.jar"
  2⤵
  - Suspicious use of SetWindowsHookEx
  PID:5548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=5496,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:5812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=5632,i,7379978666818004379,17848915526966224609,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:5836

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:860

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1296

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
4f9afaf5c282d329e05d3e6aa3efc443

SHA1
5ae287ae9c18e8e336f772a451661ef3b26f201f

SHA256
ad76fdddd040c7cf205bd6d42e012a332c845b03e75755308ced5104059adbf6

SHA512
9c08bfe481ddf5ec732113db7b819a220cf3532b59b76b7db05aa2cf1079e466a6b2d35b2ea195832ad969e69a1f71f16e3d0c947ae6d58b17d11a81270b160f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

Filesize
20KB

MD5
0c4e029571dc182bfb39161f25531f06

SHA1
77b38d4a247b63881e7b9be324979c203987ae4e

SHA256
fa5e2241e03bf7f6357dbff6a4716e4fee8b612fcb241ce68411552ba643cee1

SHA512
51501b8f4caadf0975eb5d1b3e193c3215c3b0706f7203d9173c8bbd3149526e9134b8b87ebcb0de6f1ed44e9f735ea3871201ac476f99e463380fbdd39ec7db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
20e1750c3ea2a76648162e05f713d2ae

SHA1
33c3d0704ec05056d6e9f837d8be4e8b141f3893

SHA256
b87538dc463ef517cee9df9435836137d3d2541e8d9e94abddc9aeb0cda013c1

SHA512
a9263577332455d7b28be3f32aeec0af786700aa6d038c9f036e96887a8b0267447d6a2e489aa0bfd4bea22b563fc2f48d7502b9b1076a0e31a7d080283d7f5e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
f059cc00c7907d86550ae59af067ed3c

SHA1
74ce2c24bed6807e11433de647f5c3b12f9f4fd8

SHA256
5ad7511898c180558578a73c1028573ae27c579fae4ab4eff908ec1ec6d64aad

SHA512
ac2b6b682b818e950de7c75116203d583686e6498b9f36d04ef9677c0391759de74e9fa4407d51129c625b262790bb6eec5be44f638313544eea2ca5e3bbad10

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
77b98b65dc6d4432f0b2f5f8910794d8

SHA1
02a5a114ba904372578d05bfe0f206738579d1fc

SHA256
d3ead962d9ef9209baad08cdbafe8726bba9c932cadbe3d32b371aa260c8cc5e

SHA512
80b0fd81091622efe613d7a2a14a766e396bd121f9e823d5ea20001799e6e1862ab72785f0d9bfb5ed1de640a167cf953fd9ddb0c7a9df3c81c49797ff952e8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
867f6abe2cf6189ac3c92622be48d036

SHA1
595f7f1235bdbbe4e1fde2923a6551d851b438c4

SHA256
dabddd3e7adad2b1a073852353d5e6bfbe5461220e4388ef6689685711b1a7c0

SHA512
952133e31f128583b39d36a1f9ab180ac6091d221d5194eacf3351c67e2e97c8c03eb436b431a7b9a30fbe9242d0000b15e53b341d6c8eca120322bc9ebf93ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fc7e360deee7dbbc30bdb2d6faf725b9

SHA1
3987453a1332a6b4839cea3566f1685fc3ca1677

SHA256
1acc2c64a1ae4c60db91d04c050e86b969ff30deca573d2c9922e2361d49b390

SHA512
67165035680ea85a1492179509fe974367b667dbaf974d3fb6849638c9ba1b918c34e538ab768e79c027dee4c1b4cbce70ee908d1569c7b9562a18014618ea73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
a9677d7300f979810ddffd6ecf36e354

SHA1
724ff9797c28cdc5f8af2e3b961f734c1dc35145

SHA256
bb54d7278710482d899072a80e2b8641d911d15e82e4a6bf41965fda377cc0ab

SHA512
4b3bb17e4f6deb82842f632979e9ff13299913c24f4aa5e30e49f5ffd6da31b3f9402c5ee5e09d49ad3702eaa0037c99a29c9f36b7e8dd7dbbf949424a98e88c

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 833412.crdownload

Filesize
6.0MB

MD5
05600166768f63ce1ffa6563771b5e22

SHA1
9609f5a7eacff32454117672a53ab92cfa833614

SHA256
e2884200146b666bdda9193bb3a712763f8c7e4daa97678245f991d1181d2cab

SHA512
4cfe71a0ccb86d1d5e1ab7f94ae6642c375d579a4e65a157b21151ec8e9dedb141928bc872a33c836f3aed8e8cd1f48c48ac2ab2d8c736ee84c9fc9b2fe13312

Download Submit
memory/5548-471-0x0000019CCC850000-0x0000019CCC860000-memory.dmp

Filesize
64KB

Download
memory/5548-437-0x0000019CCC7B0000-0x0000019CCC7C0000-memory.dmp

Filesize
64KB

Download
memory/5548-391-0x0000019CCC6B0000-0x0000019CCC6C0000-memory.dmp

Filesize
64KB

Download
memory/5548-394-0x0000019CCC6C0000-0x0000019CCC6D0000-memory.dmp

Filesize
64KB

Download
memory/5548-396-0x0000019CCC6D0000-0x0000019CCC6E0000-memory.dmp

Filesize
64KB

Download
memory/5548-399-0x0000019CCC6F0000-0x0000019CCC700000-memory.dmp

Filesize
64KB

Download
memory/5548-398-0x0000019CCC6E0000-0x0000019CCC6F0000-memory.dmp

Filesize
64KB

Download
memory/5548-403-0x0000019CCC710000-0x0000019CCC720000-memory.dmp

Filesize
64KB

Download
memory/5548-402-0x0000019CCC700000-0x0000019CCC710000-memory.dmp

Filesize
64KB

Download
memory/5548-480-0x0000019CCC7C0000-0x0000019CCC7D0000-memory.dmp

Filesize
64KB

Download
memory/5548-408-0x0000019CCC730000-0x0000019CCC740000-memory.dmp

Filesize
64KB

Download
memory/5548-407-0x0000019CCC720000-0x0000019CCC730000-memory.dmp

Filesize
64KB

Download
memory/5548-411-0x0000019CCC740000-0x0000019CCC750000-memory.dmp

Filesize
64KB

Download
memory/5548-410-0x0000019CCC6A0000-0x0000019CCC6B0000-memory.dmp

Filesize
64KB

Download
memory/5548-417-0x0000019CCC760000-0x0000019CCC770000-memory.dmp

Filesize
64KB

Download
memory/5548-415-0x0000019CCC750000-0x0000019CCC760000-memory.dmp

Filesize
64KB

Download
memory/5548-414-0x0000019CCC6B0000-0x0000019CCC6C0000-memory.dmp

Filesize
64KB

Download
memory/5548-420-0x0000019CCC6C0000-0x0000019CCC6D0000-memory.dmp

Filesize
64KB

Download
memory/5548-422-0x0000019CCC780000-0x0000019CCC790000-memory.dmp

Filesize
64KB

Download
memory/5548-421-0x0000019CCC770000-0x0000019CCC780000-memory.dmp

Filesize
64KB

Download
memory/5548-425-0x0000019CCC6D0000-0x0000019CCC6E0000-memory.dmp

Filesize
64KB

Download
memory/5548-426-0x0000019CCC790000-0x0000019CCC7A0000-memory.dmp

Filesize
64KB

Download
memory/5548-431-0x0000019CCC6E0000-0x0000019CCC6F0000-memory.dmp

Filesize
64KB

Download
memory/5548-432-0x0000019CCC7A0000-0x0000019CCC7B0000-memory.dmp

Filesize
64KB

Download
memory/5548-481-0x0000019CCC890000-0x0000019CCC8A0000-memory.dmp

Filesize
64KB

Download
memory/5548-436-0x0000019CCC700000-0x0000019CCC710000-memory.dmp

Filesize
64KB

Download
memory/5548-435-0x0000019CCC6F0000-0x0000019CCC700000-memory.dmp

Filesize
64KB

Download
memory/5548-438-0x0000019CCC7C0000-0x0000019CCC7D0000-memory.dmp

Filesize
64KB

Download
memory/5548-442-0x0000019CCC7D0000-0x0000019CCC7E0000-memory.dmp

Filesize
64KB

Download
memory/5548-441-0x0000019CCC710000-0x0000019CCC720000-memory.dmp

Filesize
64KB

Download
memory/5548-444-0x0000019CCC7E0000-0x0000019CCC7F0000-memory.dmp

Filesize
64KB

Download
memory/5548-443-0x0000019CCC720000-0x0000019CCC730000-memory.dmp

Filesize
64KB

Download
memory/5548-449-0x0000019CCC800000-0x0000019CCC810000-memory.dmp

Filesize
64KB

Download
memory/5548-448-0x0000019CCC7F0000-0x0000019CCC800000-memory.dmp

Filesize
64KB

Download
memory/5548-447-0x0000019CCC730000-0x0000019CCC740000-memory.dmp

Filesize
64KB

Download
memory/5548-454-0x0000019CCC810000-0x0000019CCC820000-memory.dmp

Filesize
64KB

Download
memory/5548-455-0x0000019CCC820000-0x0000019CCC830000-memory.dmp

Filesize
64KB

Download
memory/5548-453-0x0000019CCC740000-0x0000019CCC750000-memory.dmp

Filesize
64KB

Download
memory/5548-477-0x0000019CCC870000-0x0000019CCC880000-memory.dmp

Filesize
64KB

Download
memory/5548-459-0x0000019CCC830000-0x0000019CCC840000-memory.dmp

Filesize
64KB

Download
memory/5548-458-0x0000019CCC760000-0x0000019CCC770000-memory.dmp

Filesize
64KB

Download
memory/5548-461-0x0000019CCAB40000-0x0000019CCAB41000-memory.dmp

Filesize
4KB

Download
memory/5548-468-0x0000019CCC840000-0x0000019CCC850000-memory.dmp

Filesize
64KB

Download
memory/5548-466-0x0000019CCC770000-0x0000019CCC780000-memory.dmp

Filesize
64KB

Download
memory/5548-467-0x0000019CCC780000-0x0000019CCC790000-memory.dmp

Filesize
64KB

Download
memory/5548-388-0x0000019CCC6A0000-0x0000019CCC6B0000-memory.dmp

Filesize
64KB

Download
memory/5548-470-0x0000019CCC790000-0x0000019CCC7A0000-memory.dmp

Filesize
64KB

Download
memory/5548-474-0x0000019CCC860000-0x0000019CCC870000-memory.dmp

Filesize
64KB

Download
memory/5548-473-0x0000019CCC7A0000-0x0000019CCC7B0000-memory.dmp

Filesize
64KB

Download
memory/5548-476-0x0000019CCC7B0000-0x0000019CCC7C0000-memory.dmp

Filesize
64KB

Download
memory/5548-457-0x0000019CCC750000-0x0000019CCC760000-memory.dmp

Filesize
64KB

Download
memory/5548-389-0x0000019CCAB40000-0x0000019CCAB41000-memory.dmp

Filesize
4KB

Download
memory/5548-406-0x0000019CCC430000-0x0000019CCC6A0000-memory.dmp

Filesize
2.4MB

Download
memory/5548-485-0x0000019CCC880000-0x0000019CCC890000-memory.dmp

Filesize
64KB

Download
memory/5548-484-0x0000019CCC8A0000-0x0000019CCC8B0000-memory.dmp

Filesize
64KB

Download
memory/5548-483-0x0000019CCC7D0000-0x0000019CCC7E0000-memory.dmp

Filesize
64KB

Download
memory/5548-487-0x0000019CCC7E0000-0x0000019CCC7F0000-memory.dmp

Filesize
64KB

Download
memory/5548-488-0x0000019CCC8B0000-0x0000019CCC8C0000-memory.dmp

Filesize
64KB

Download
memory/5548-492-0x0000019CCC800000-0x0000019CCC810000-memory.dmp

Filesize
64KB

Download
memory/5548-493-0x0000019CCC8C0000-0x0000019CCC8D0000-memory.dmp

Filesize
64KB

Download
memory/5548-491-0x0000019CCC7F0000-0x0000019CCC800000-memory.dmp

Filesize
64KB

Download
memory/5548-494-0x0000019CCAB40000-0x0000019CCAB41000-memory.dmp

Filesize
4KB

Download
memory/5548-499-0x0000019CCC8D0000-0x0000019CCC8E0000-memory.dmp

Filesize
64KB

Download
memory/5548-498-0x0000019CCC820000-0x0000019CCC830000-memory.dmp

Filesize
64KB

Download
memory/5548-497-0x0000019CCC810000-0x0000019CCC820000-memory.dmp

Filesize
64KB

Download
memory/5548-503-0x0000019CCC830000-0x0000019CCC840000-memory.dmp

Filesize
64KB

Download
memory/5548-504-0x0000019CCC8E0000-0x0000019CCC8F0000-memory.dmp

Filesize
64KB

Download
memory/5548-510-0x0000019CCC8F0000-0x0000019CCC900000-memory.dmp

Filesize
64KB

Download
memory/5548-509-0x0000019CCC840000-0x0000019CCC850000-memory.dmp

Filesize
64KB

Download
memory/5548-513-0x0000019CCC850000-0x0000019CCC860000-memory.dmp

Filesize
64KB

Download
memory/5548-514-0x0000019CCC900000-0x0000019CCC910000-memory.dmp

Filesize
64KB

Download
memory/5548-517-0x0000019CCC860000-0x0000019CCC870000-memory.dmp

Filesize
64KB

Download
memory/5548-519-0x0000019CCC920000-0x0000019CCC930000-memory.dmp

Filesize
64KB

Download
memory/5548-518-0x0000019CCC910000-0x0000019CCC920000-memory.dmp

Filesize
64KB

Download
memory/5548-521-0x0000019CCC870000-0x0000019CCC880000-memory.dmp

Filesize
64KB

Download
memory/5548-522-0x0000019CCC930000-0x0000019CCC940000-memory.dmp

Filesize
64KB

Download
memory/5548-525-0x0000019CCC940000-0x0000019CCC950000-memory.dmp

Filesize
64KB

Download
memory/5548-524-0x0000019CCC890000-0x0000019CCC8A0000-memory.dmp

Filesize
64KB

Download
memory/5548-529-0x0000019CCC950000-0x0000019CCC960000-memory.dmp

Filesize
64KB

Download
memory/5548-528-0x0000019CCC880000-0x0000019CCC890000-memory.dmp

Filesize
64KB

Download
memory/5548-527-0x0000019CCC8A0000-0x0000019CCC8B0000-memory.dmp

Filesize
64KB

Download
memory/5548-530-0x0000019CCAB40000-0x0000019CCAB41000-memory.dmp

Filesize
4KB

Download
memory/5548-533-0x0000019CCAB40000-0x0000019CCAB41000-memory.dmp

Filesize
4KB

Download
memory/5548-536-0x0000019CCC960000-0x0000019CCC970000-memory.dmp

Filesize
64KB

Download
memory/5548-535-0x0000019CCC8B0000-0x0000019CCC8C0000-memory.dmp

Filesize
64KB

Download
memory/5548-539-0x0000019CCC8C0000-0x0000019CCC8D0000-memory.dmp

Filesize
64KB

Download
memory/5548-544-0x0000019CCC980000-0x0000019CCC990000-memory.dmp

Filesize
64KB

Download
memory/5548-541-0x0000019CCC970000-0x0000019CCC980000-memory.dmp

Filesize
64KB

Download
memory/5548-548-0x0000019CCC8D0000-0x0000019CCC8E0000-memory.dmp

Filesize
64KB

Download
memory/5548-549-0x0000019CCC990000-0x0000019CCC9A0000-memory.dmp

Filesize
64KB

Download
memory/5548-378-0x0000019CCC430000-0x0000019CCC6A0000-memory.dmp

Filesize
2.4MB

Download
memory/5548-560-0x0000019CCC8E0000-0x0000019CCC8F0000-memory.dmp

Filesize
64KB

Download
memory/5548-561-0x0000019CCC9A0000-0x0000019CCC9B0000-memory.dmp

Filesize
64KB

Download
memory/5548-562-0x0000019CCAB40000-0x0000019CCAB41000-memory.dmp

Filesize
4KB

Download
memory/5548-564-0x0000019CCC8F0000-0x0000019CCC900000-memory.dmp

Filesize
64KB

Download
memory/5548-565-0x0000019CCC9B0000-0x0000019CCC9C0000-memory.dmp

Filesize
64KB

Download
memory/5548-574-0x0000019CCC900000-0x0000019CCC910000-memory.dmp

Filesize
64KB

Download
memory/5548-575-0x0000019CCC9C0000-0x0000019CCC9D0000-memory.dmp

Filesize
64KB

Download
memory/5548-577-0x0000019CCC910000-0x0000019CCC920000-memory.dmp

Filesize
64KB

Download
memory/5548-578-0x0000019CCC920000-0x0000019CCC930000-memory.dmp

Filesize
64KB

Download
memory/5548-579-0x0000019CCC9D0000-0x0000019CCC9E0000-memory.dmp

Filesize
64KB

Download
memory/5548-582-0x0000019CCC930000-0x0000019CCC940000-memory.dmp

Filesize
64KB

Download