71349d0dd4281f397b1a0c35f89c0fce38eea60456c89f9f96b6a2da007a541f

Resubmissions

21/08/2024, 19:49

240821-yj4r9axcmg 7

04/05/2024, 15:25

240504-stl3ashf7y 10

Analysis

max time kernel
244s
max time network
246s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
21/08/2024, 19:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

LagoFastInstaller__20240322_180853_channel168.exe
Size

3.1MB
MD5

e1ceb392988d4431fa573c266b08bf5b
SHA1

dda75f00e6cfb94fdd9a9478beca5b0c279ff535
SHA256

71349d0dd4281f397b1a0c35f89c0fce38eea60456c89f9f96b6a2da007a541f
SHA512

3d85d919061c2e1048ff0f8693be87566034a8e2d2f722d82a9b953a2bfa5c1e06cf1f26f4f914639615ceaeb35bae6b4c38e495fcfcea3ebcea1bc2984f744b
SSDEEP

49152:t3zzQzRagpVfwuzpSIZ4MNTKBBqVpzZOBVon/FdM7OViNvVxxx+d+S8BQOkHD3+O:tzzeDRzpSI7qs

Score

7^/10

bootkit discovery persistence privilege_escalation upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
behavioral1/files/0x0007000000023521-313.dat	acprotect

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/files/0x0007000000023521-313.dat	upx
behavioral1/memory/3444-349-0x0000000067A40000-0x00000000696C8000-memory.dmp	upx
behavioral1/memory/3444-468-0x0000000067A40000-0x00000000696C8000-memory.dmp	upx

Downloads MZ/PE file

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\E:	LagoFast.exe
File opened (read-only)	\??\G:	LagoFast.exe
File opened (read-only)	\??\N:	LagoFast.exe
File opened (read-only)	\??\R:	LagoFast.exe
File opened (read-only)	\??\S:	LagoFast.exe
File opened (read-only)	\??\T:	LagoFast.exe
File opened (read-only)	\??\W:	LagoFast.exe
File opened (read-only)	\??\X:	LagoFast.exe
File opened (read-only)	\??\Y:	LagoFast.exe
File opened (read-only)	\??\Z:	LagoFast.exe
File opened (read-only)	\??\H:	LagoFast.exe
File opened (read-only)	\??\J:	LagoFast.exe
File opened (read-only)	\??\U:	LagoFast.exe
File opened (read-only)	\??\V:	LagoFast.exe
File opened (read-only)	\??\A:	LagoFast.exe
File opened (read-only)	\??\B:	LagoFast.exe
File opened (read-only)	\??\I:	LagoFast.exe
File opened (read-only)	\??\K:	LagoFast.exe
File opened (read-only)	\??\M:	LagoFast.exe
File opened (read-only)	\??\L:	LagoFast.exe
File opened (read-only)	\??\O:	LagoFast.exe
File opened (read-only)	\??\P:	LagoFast.exe
File opened (read-only)	\??\Q:	LagoFast.exe

Writes to the Master Boot Record (MBR) 1 TTPs 2 IoCs

Bootkits write to the MBR to gain persistence at a level below the operating system.

bootkit persistence

Bootkit

T1542.003

description	ioc	Process
File opened for modification	\??\PHYSICALDRIVE0	LagoFast.exe
File opened for modification	\??\PhysicalDrive0	LagoFast.exe

Checks computer location settings 2 TTPs 2 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\Control Panel\International\Geo\Nation	LagoFastInstaller__20240322_180853_channel168.exe
Key value queried	\REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\Control Panel\International\Geo\Nation	LagoFast.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\LagoFast\nfapi.dll	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\driver\driver_x64\processFilter8.sys	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\driver	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\temp\02\026a1db34a8b4d49219d3879e8758327	LagoFast.exe
File created	C:\Program Files (x86)\LagoFast\temp\de\dec2bace74a31b6b2888f8dac10db008	LagoFast.exe
File opened for modification	C:\Program Files (x86)\LagoFast\driver\lwf\win10\i386\ndisrd.sys	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\lang_files\crashrpt_lang_DE.ini	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\lang_files\crashrpt_lang_PL.ini	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\driver\lwf\win7\amd64\ndisrd.cat	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\driver\lwf\win8\amd64\ndisrd.cat	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\cef\libcef.dll	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\cef\swiftshader\libGLESv2.dll	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\mbrowser.dll	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\driver\lwf\win8\amd64\ndisrd_lwf.inf	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\temp\e1\e15fd0adf57b3423b48dd3193a1d58f8	LagoFast.exe
File created	C:\Program Files (x86)\LagoFast\temp\f1\f1db2e3684bbf8a611c128bdac905c85	LagoFast.exe
File created	C:\Program Files (x86)\LagoFast\lang_files\crashrpt_lang_IT.ini	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\lang_files\crashrpt_lang_KO.ini	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\cef\icudtl.dat	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\CrashRpt1403.dll	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\msvcp120.dll	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\driver\driver_x64\JYNetFilter8.sys	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\cef\locales\en-US.pak	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\cef\libGLESv2.dll	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\mbrowser.dll	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\driver\lwf\win7\i386\ndisrd.sys	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\ChromeBase.dll	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\MSNDetourDLL.dll	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\NTKHelper.dll	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\temp\09\091cd493cfe000485bf6c95dbfd241cc	LagoFast.exe
File created	C:\Program Files (x86)\LagoFast\temp\44\44552cc7e64ec17b062009edb2712d1d	LagoFast.exe
File opened for modification	C:\Program Files (x86)\LagoFast\lang_files\crashrpt_lang_ZH-CN.ini	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\driver\driver_x64\npf.sys	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\temp\4e\4ef2e331d4fff435e2bbd542e0ec38fd	LagoFast.exe
File created	C:\Program Files (x86)\LagoFast\cef\cef.pak	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\res\icon_refresh.png	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\driver\driver_x64\netfilter2wfp7.sys	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\driver\driver_x86\npf.sys	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\res\error.html	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\dbghelp.dll	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\wiresockapi.dll	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\temp\f8\f8930e6d0a33d21ec1f1394616fbdfc1	LagoFast.exe
File created	C:\Program Files (x86)\LagoFast\driver\driver_x86\netfilter2wfp8.sys	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\driver\lwf\win10\i386\ndisrd_lwf.inf	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\driver\lwf\win7\amd64\ndisrd_lwf.inf	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\LagoFast.exe	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\cef\mrender.exe	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\LogicLib.dll	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\driver\lwf\win8\amd64\ndisrd.sys	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\driver\driver_x86\netfilter2wfp7.sys	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\driver\lwf\vista\i386\ndisrd.cat	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\cert\Global.cer	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\vpn_client.dll	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\temp\d1\d1ee11c2cc97d19e6bfdb0c497bb36a7	LagoFast.exe
File created	C:\Program Files (x86)\LagoFast\cef\cef_extensions.pak	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\dbghelp.dll	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\driver\lwf\win7\amd64\ndisrd.sys	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\temp\7e\7e6fa0016b46f57c95d8d12afa4f3a6a	LagoFast.exe
File created	C:\Program Files (x86)\LagoFast\temp\47\47d19c756f6e1714d301dc8f6a0b4a31	LagoFast.exe
File created	C:\Program Files (x86)\LagoFast\temp\86\8670f2f2b5603cc7e8df85c535905bc5	LagoFast.exe
File opened for modification	C:\Program Files (x86)\LagoFast\cef\natives_blob.bin	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\lang_files\crashrpt_lang_PL.ini	ChannelIstaller.exe
File opened for modification	C:\Program Files (x86)\LagoFast\lang_files\crashrpt_lang_PT.ini	ChannelIstaller.exe
File created	C:\Program Files (x86)\LagoFast\rlottie.dll	ChannelIstaller.exe

Executes dropped EXE 2 IoCs

pid	Process
2772	ChannelIstaller.exe
3444	LagoFast.exe

Loads dropped DLL 26 IoCs

pid	Process
2772	ChannelIstaller.exe
2772	ChannelIstaller.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Event Triggered Execution: Netsh Helper DLL 1 TTPs 6 IoCs

Netsh.exe (also referred to as Netshell) is a command-line scripting utility used to interact with the network configuration of a system.

persistence privilege_escalation

Netsh Helper DLL

T1546.007

description	ioc	Process
Key queried	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe
Key value enumerated	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe
Key opened	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe
Key queried	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe
Key value enumerated	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe
Key opened	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe

System Location Discovery: System Language Discovery 1 TTPs 5 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	LagoFastInstaller__20240322_180853_channel168.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	ChannelIstaller.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	LagoFast.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	netsh.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	netsh.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION	LagoFast.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\LagoFast.exe = "11000"	LagoFast.exe

Modifies registry class 6 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\lagofast	ChannelIstaller.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\lagofast\URL Protocol	ChannelIstaller.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\lagofast\shell\open\command	ChannelIstaller.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\lagofast\shell	ChannelIstaller.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\lagofast\shell\open	ChannelIstaller.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\lagofast\shell\open\command\ = "C:\\Program Files (x86)\\LagoFast\\LagoFast.exe \"%1\""	ChannelIstaller.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
2944	LagoFastInstaller__20240322_180853_channel168.exe
2944	LagoFastInstaller__20240322_180853_channel168.exe
2944	LagoFastInstaller__20240322_180853_channel168.exe
2944	LagoFastInstaller__20240322_180853_channel168.exe
2772	ChannelIstaller.exe
2772	ChannelIstaller.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe
3444	LagoFast.exe

Suspicious behavior: LoadsDriver 7 IoCs

pid	Process
4	Process not Found
656	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
656	Process not Found

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	3444	LagoFast.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
3444	LagoFast.exe

Suspicious use of SendNotifyMessage 1 IoCs

pid	Process
3444	LagoFast.exe

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 2944 wrote to memory of 2772	2944	LagoFastInstaller__20240322_180853_channel168.exe	111
PID 2944 wrote to memory of 2772	2944	LagoFastInstaller__20240322_180853_channel168.exe	111
PID 2944 wrote to memory of 2772	2944	LagoFastInstaller__20240322_180853_channel168.exe	111
PID 2944 wrote to memory of 3444	2944	LagoFastInstaller__20240322_180853_channel168.exe	113
PID 2944 wrote to memory of 3444	2944	LagoFastInstaller__20240322_180853_channel168.exe	113
PID 2944 wrote to memory of 3444	2944	LagoFastInstaller__20240322_180853_channel168.exe	113
PID 3444 wrote to memory of 620	3444	LagoFast.exe	114
PID 3444 wrote to memory of 620	3444	LagoFast.exe	114
PID 3444 wrote to memory of 620	3444	LagoFast.exe	114
PID 3444 wrote to memory of 4292	3444	LagoFast.exe	116
PID 3444 wrote to memory of 4292	3444	LagoFast.exe	116
PID 3444 wrote to memory of 4292	3444	LagoFast.exe	116

C:\Users\Admin\AppData\Local\Temp\LagoFastInstaller__20240322_180853_channel168.exe
"C:\Users\Admin\AppData\Local\Temp\LagoFastInstaller__20240322_180853_channel168.exe"
1⤵
- Checks computer location settings
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2944
- C:\Users\Admin\AppData\Local\Temp\ChannelIstaller.exe
  -pipename=\\.\pipe\autoupdate_pipe_lagofast_2944 -silent -auto-start -install-path "C:\Program Files (x86)\LagoFast"
  2⤵
  - Drops file in Program Files directory
  - Executes dropped EXE
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:2772
- C:\Program Files (x86)\LagoFast\LagoFast.exe
  "C:\Program Files (x86)\LagoFast\LagoFast.exe"
  2⤵
  - Enumerates connected drives
  - Writes to the Master Boot Record (MBR)
  - Checks computer location settings
  - Drops file in Program Files directory
  - Executes dropped EXE
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of WriteProcessMemory
  PID:3444
- - C:\Windows\SysWOW64\netsh.exe
    "C:\Windows\System32\netsh.exe" interface portproxy delete v4tov4 listenaddress=127.0.0.12 listenport=80
    3⤵
    - Event Triggered Execution: Netsh Helper DLL
    - System Location Discovery: System Language Discovery
    PID:620
- - C:\Windows\SysWOW64\netsh.exe
    "C:\Windows\System32\netsh.exe" interface portproxy delete v4tov4 listenaddress=127.0.0.12 listenport=443
    3⤵
    - Event Triggered Execution: Netsh Helper DLL
    - System Location Discovery: System Language Discovery
    PID:4292

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k NetworkService -p -s TapiSrv
1⤵
PID:2020

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s fdPHost
1⤵
PID:2772

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
1⤵
PID:1536

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost
1⤵
PID:3648

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s Netman
1⤵
PID:224

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
1⤵
PID:3804

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k netsvcs -p -s XblAuthManager
1⤵
PID:2928

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k netsvcs -p -s XboxNetApiSvc
1⤵
PID:1372

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

T1546

Netsh Helper DLL

T1546.007

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Event Triggered Execution

T1546

Netsh Helper DLL

T1546.007

Defense Evasion

Modify Registry

T1112

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\LagoFast\ChromeBase.dll

Filesize
583KB

MD5
7eb4431ee6b04be06713cb8692259fff

SHA1
a01908281044873302d39763fe0f1247c0a70441

SHA256
596983b5f5a946f38684e7b7caf6087c5b57504d8ec1568d1a0e7fd83dcf6024

SHA512
2981cc7124d34f7b4fc71b08994695fea65ebd9ab9a6ad994335f16c3300fdb78b579d3af4299794fec5fc051e3e50cfffed2a35ae7b4e7f1414e90716c688a3

Download Submit
C:\Program Files (x86)\LagoFast\CrashRpt1403.dll

Filesize
155KB

MD5
8c43226a0f3248ee47fe874f3e56750b

SHA1
1e124c159bdac7f8cd27379172f6131ef5abdcc2

SHA256
e98ed773efbc26c7489167a479b89297ab646c978373a04eb1090836ee5087e6

SHA512
638156603fdbdde1967e724c59037c163b22cb5571f1f189880543f1b50000d80496a7d5baf0379dd343dfcdde424c80288007deaf7bd738fa636fa65dfd2545

Download Submit
C:\Program Files (x86)\LagoFast\CrashSender1403.exe

Filesize
1.1MB

MD5
19e98392772daf3c990a096bcdb0f231

SHA1
d1836b3e4ad36c3babff334075b4cb3f7ab3c4a7

SHA256
ef48c359eda091fe943c5e1b565d9284120e6ba799826d87c1f5a83e063e381b

SHA512
6b36df48ef84f5f469c5099236bb81e228b835776ef6ac7285128ea125053e7f11db34dcfefc2ca54f92e7f4478ae0b19e38b58c5c6a49e87953fd3fe4342c09

Download Submit
C:\Program Files (x86)\LagoFast\DuiLib.dll

Filesize
1.5MB

MD5
378440be3f1c0b0aac14f1185cd48df3

SHA1
48c7d32412772233ad2c1c689b9b934002661126

SHA256
096a13ace3ae29138e2ae8d5e6ed40b37a15ee15d06f213cf0245164ada0c055

SHA512
63c9f9fd05284f704bbf09644b79a4af25caf18c304df31c6bf9a36fe85f9ecc910d4ec01a4fa96219075b80c4bceaa3035a23f4955932b2d70137db78ff2511

Download Submit
C:\Program Files (x86)\LagoFast\Hardware.dll

Filesize
558KB

MD5
c30cb7b8017f07fea28227562a87f0f8

SHA1
c7f717fcd295ddc06760685fbd7d56c10ee1c91d

SHA256
2ed4e8c3e665a136abefbf8124cfc80db6971cf3c9d37121f587597a44fb91af

SHA512
88f3fc92cbc6fb383190877b155c923fffae43c3792af139c1055cbb255a88a303336893429b7d1a7e89273daa31f32449079f9c6e7d1f25aa0121f1d9d9978f

Download Submit
C:\Program Files (x86)\LagoFast\HttpLib.dll

Filesize
1.6MB

MD5
faf522ece05075f1066675c14331bf03

SHA1
8cc16e72000d47eda774019cedf8db12d3a48587

SHA256
491dfd64899c35f4ca563bdc8e1172c1bbef78e3e85d928baefd78b1c2710e5b

SHA512
e789c60fe7de0f1a2fb15572589458a052bfc37eabaaed0624123d45c7adcfd1e1450de48066bdeec1bab8f7dbd9c79e5fa45d5c7f678f75228bffaaafbbe9c4

Download Submit
C:\Program Files (x86)\LagoFast\KeyboardHook.dll

Filesize
18KB

MD5
4e913aef4b1ede6cdb72429c534f6188

SHA1
30548068860b6d265915a8d175d241284154cfd1

SHA256
a5752c195d946ebc9aecdbebe84c2410f04c84e227d688023c22f9076fd9cfab

SHA512
09ab975bb3e4eef0c259aa4e05b427796736e0dea5bb746c061ab102e8635f740e5e4232ce6fed020b4151c39dcae3574dc7e88fb6b305f8afdc7f3d3f37ff5b

Download Submit
C:\Program Files (x86)\LagoFast\LagoFast.exe

Filesize
20.8MB

MD5
2f516a2702aecc2b5de04ad77d66940d

SHA1
d47d4318fb1cb2412899ff8821a6cc3bbc0794ac

SHA256
7743c7c7970853dccfc7adeb1146246b1940f87a44e128be394d502dacfdebc8

SHA512
ec88fad25ccf8710506e8f408bcf72d676a3c38b1e972f8b163300ef67c9d84e552bedbb7eb5db5735bf502126b61dc44e5d32c67d8992b1fb8a78ec0ea60fbd

Download Submit
C:\Program Files (x86)\LagoFast\LogicLib.dll

Filesize
713KB

MD5
9ad3eb525b70f8154b432b23bdf38964

SHA1
ea58f7728f54a0e1f3e8a49dc550f687fd8b8f05

SHA256
d9f86548d97bc9f44e59f8ee3c4a02453169e976b7a8780d4a49edb6d2b8c8c8

SHA512
962fec0d25f5f875b48f58626083b952eeb4d0a846fb73aa45d2449ecf8d346112b90646285863155971a68601e9d4d12819bef53051460f4fc551c0cc828360

Download Submit
C:\Program Files (x86)\LagoFast\Network.dll

Filesize
3.4MB

MD5
d45956a74542ecd8f3495564ba118f30

SHA1
872c369fb287940e381c8bef21bf53c596dbe437

SHA256
c3790987f9399adb3d98480ddd7315f3b29db63819ea0a5ee952f72a1fd619bb

SHA512
c0a575e55344df1a0bd3082ffa12b0b81421cc8b4919ae7e82baf389e6ac3608acf6e13417b646416b7a9a3290d550412dcaaf5e769f871d6bdcf6a7b9279772

Download Submit
C:\Program Files (x86)\LagoFast\cef\cef.pak

Filesize
3.5MB

MD5
3f25f3cb727ec8a91891f8ec21657212

SHA1
09f37afff84b2445f0afa8cbb803d53bada62080

SHA256
f8a79e0f94e8a6ef849aed1910040c7d8a4c8a61487eb67163509008c9cdb33b

SHA512
c931c465c0bf1480978df9ee192bc52be82613707bd9ed813e7857a66c55386498825fa300f028ab59d0a64a1f7b5e3936ed777e97f1aee42f9a2ef8fb68827d

Download Submit
C:\Program Files (x86)\LagoFast\cef\cef_100_percent.pak

Filesize
719KB

MD5
cc741473d2d075fdc2be804eec407a12

SHA1
22a96140286fdb004540a2051b93432aa133843d

SHA256
6107c1bfdbf2cf351d5281073422b836d7a547e81345bff502fd31335d7fcbb3

SHA512
31977768847821379aca3a49a30d6dc25a31621d96b618c4a9fc71bf7eb7f9999db87603190140fbaec8beb103cd8ff793d5144cbc68a7ec7815db64aa530437

Download Submit
C:\Program Files (x86)\LagoFast\cef\cef_200_percent.pak

Filesize
844KB

MD5
065140de55434f35f9c5c10764c29ee4

SHA1
4bb734f61c04bfc68f7e15f128a2853a5f7649ea

SHA256
ef2c632ca52b27d464d6d3d8cd1b5b31b62b1102845682c680cd2bb102c5fca0

SHA512
552e5f79a41e78afd191394cb4cc5a8ab0ead3a0ec1706066e85b4aa3f2a80ff0674dc8f9232a3f123c8c60a9e63d63bc84b79f7c357ff7c7a85b6c98ebe55ee

Download Submit
C:\Program Files (x86)\LagoFast\cef\cef_extensions.pak

Filesize
1.7MB

MD5
7950f40808c588a071b9fe8a398201a6

SHA1
679beb65bc958f53b1f59342ef835d94b510274c

SHA256
8aabc7b9d7f696612ec3df0ee34a9814d0ee8bed2a5cb1fa0dfa2236033b50d7

SHA512
85a63f59656bbf5f3944fde8963134e2d16b53637b1f7ae6dfd11cbf071e38b2cdf6e51c8c847de5b4433132f321091bead7a56261b9e2f96498e8df95dc147d

Download Submit
C:\Program Files (x86)\LagoFast\cef\chrome_elf.dll

Filesize
697KB

MD5
2d88fd7431444d395d87b4e26779970a

SHA1
d61b06723cd58d67f069c21b295bc645d161dbc2

SHA256
2933a0d772b258958300a26f5331ce7d9bea3d0f198a2da6842ac6105707aa66

SHA512
4010f1055f95af8f96516aa0ccf74772634efcb9742de610d570d98e2b674dff6788ffb5033ae90ed75b26e4ed8db0cf39f40d84acad2e22e9bf18c04ff84321

Download Submit
C:\Program Files (x86)\LagoFast\cef\icudtl.dat

Filesize
9.8MB

MD5
65c6337820fbe9bf2498a9395e3b20f2

SHA1
5cc62646e6c73b4be276d08719bc5e257af972bb

SHA256
33da1cdda18eaea52011d40ae9a610cac9f6466156e9803891ee77294607aee4

SHA512
4800f03577a46a98a4bd786dc37a380f4169540e243fdb7835e3146fba0d0e1d07a7e3ec8cd23566feb00d204d582d678698ae61db156339fe56229de0b267c9

Download Submit
C:\Program Files (x86)\LagoFast\cef\locales\en-US.pak

Filesize
177KB

MD5
424663a523ce37f8a6087681fe3b05f3

SHA1
c250b53402e3ca81a5b15b4ae9efbe374d0b40dc

SHA256
a9ad65a2bc012cc22efcea44ff42de06503043f7ce76ccab8edaa33456d339e7

SHA512
566adf1626179bdb07615b63545b12dd304b7cbe43767e924a2806fa7fa8ac3b808a862375dd4723e985f15ba83760319a70c594e97934f91022446590fb10d6

Download Submit
C:\Program Files (x86)\LagoFast\cef\natives_blob.bin

Filesize
81KB

MD5
e350965916554e65a47305a6ab27c2ba

SHA1
9d60e499a907811a3155e9a07f8645d6c83cb909

SHA256
1cae202ada016cf455abf69d583524a1d37a1371ad4efdfac4baed07c6402bdd

SHA512
c6044b769a00f887b573ad35a7f5b71f6134d2d596a54effa50710be2f528acefea53ae4a2847e16c1b4e56962d8b0fe24f1ea4a04bfe167514b0abddb4fb5a8

Download Submit
C:\Program Files (x86)\LagoFast\cef\v8_context_snapshot.bin

Filesize
590KB

MD5
9bf16ed329b8f4a33f4aeed76b517773

SHA1
50a5c092a5e1413806e480f3a423c020eba46a3a

SHA256
22c31f1ad3c9234989e41527dd475e4cc82cec01abd0154620686ea11d650ed9

SHA512
a250cf808e29ef7138ea758187fefb5f34b7581511fa5d38e55e2e374045e5ccea35db53d0f1c3d079322c993a42e27d7eb11e154e5af229d1125f933fa4b279

Download Submit
C:\Program Files (x86)\LagoFast\dbghelp.dll

Filesize
1.2MB

MD5
bb3a8505910396ff1f638489f73a9802

SHA1
07876ec7917da70ca7396295e415ddf10fcf30fa

SHA256
b97c240f9b2299f5ab51f05fb97b73f2e6f0d005950a32ac473068531165e917

SHA512
f9e780a54d39636ca3ef95a95c271e339f113f8a7f13af3761e44d4423b45bb5d79b1c1f8de66fe5f828278ad4ddf724174c36cb53d1fe63f34a404c1f9a87aa

Download Submit
C:\Program Files (x86)\LagoFast\driver\lwf\win7\amd64\ndisrd_lwf.inf

Filesize
2KB

MD5
594d8fca1306a345056e4ee299d3ca98

SHA1
86332a69361ec9676eb07f33fbf841f9e057a70f

SHA256
9344e5652e449b4e722d8a00f666cda147d5305b913102195bd7255124a413bc

SHA512
ad01e07cb158c16ce88aa8e5636e3056d61dd295dce35db36cfc766b4518fe00a98f10064b99bffb691b701ff522f9bc1571d825fdbb8049cabdbc4ce3f2c64a

Download Submit
C:\Program Files (x86)\LagoFast\http-filter.dll

Filesize
8.3MB

MD5
1540c159dc1748d5e1b78430523e6f41

SHA1
f488613839908a473e9ecaef3ceb691e8a13001a

SHA256
a09e54facb478466a0fa354b7946c54b5e8197df3821601052c4abf1aa4edfdb

SHA512
87352844761c2481968b9c4c71ffa69c27beda1fa97177644ea0bb204fbdb05179919e0638c0f3e0b6e0827b5e00fa07c369f70bdaae27706a3110b9f04c296a

Download Submit
C:\Program Files (x86)\LagoFast\http_proxy.dll

Filesize
853KB

MD5
0a208e7b12ba2d75d7bc52f58fab21d9

SHA1
1825a9704703501f71d01267c1867a8af58527be

SHA256
53a39b09cd3f50eb00752274a16111e48e6c026774db2adf3ad332cd76688dfa

SHA512
ea81510298d25c769c3a4911a45f73178df199869111221359bc814d6976887e8a8c18e2a178e2f008a6fa1b0293a38bf17b77958927b3191f3fdb04d0ae0718

Download Submit
C:\Program Files (x86)\LagoFast\lang_files\crashrpt_lang_EN.ini

Filesize
8KB

MD5
771da39b527e886a247a0c0a33ffb715

SHA1
cb762abe50294a08a7823c246e02cd9347555b49

SHA256
763f0fe5af80055827fb2563af696bd1452c39be080720ab483d0ce6ac36ee92

SHA512
628382cf8a6035275b48d6ff3cf0dc17c2b61f65e4ef0f138990a09fd0cf09a4f821e2cb5780a3fddb49a01e3f6af1f379ed44bef290d39b0d04d5e110b7d9a5

Download Submit
C:\Program Files (x86)\LagoFast\mbrowser.dll

Filesize
818KB

MD5
21b01385644c14ee12c71b5819daaaa5

SHA1
2d0a031850229691e0a1e25cce99925c537a6d18

SHA256
b7a735298b6b4875d0e31d6ec4af7684ecf96055c4a49e8d057ff9419c75d8d4

SHA512
079bd001308fa592d9254fa4141671ab5f366f03cd22e36fcf456533fc21e453727dc276947a410a631b4e9744f1b70b41480867e9f8fb4551ead997c8488b8f

Download Submit
C:\Program Files (x86)\LagoFast\msvcp120.dll

Filesize
455KB

MD5
ef587cfcf19129ce4976bb75c163468e

SHA1
0cc6b4319d074c6a363ad8a9983a620105b1df8b

SHA256
5646e4af3a618b8b97d5dd2fc84a5cb1bb5a018eb19ed610642ea007f93b5ef9

SHA512
d7f03e49afb36b4ebffeaf3603d0a4a5a30f34efb0ded230f6488d2808e3c24d070fb3c086cb221ef652a4749212f283774a32a1cbeabe162dad5b95a54c0c4b

Download Submit
C:\Program Files (x86)\LagoFast\msvcr120.dll

Filesize
958KB

MD5
e8b4c3f7810b64e289188ce81a3d222c

SHA1
50e27ed9ca66b56bdf6f2b2efb571bcce67ecbb5

SHA256
1e396fa4e922dfc6dad84d9fa69ac5d922224bb7fc02c8ebff5c6a30b441523d

SHA512
b5ea8608402c5b899a57389a9455416997f20c03fd40e5af524862cf75c9306dfc8965eab56834ac6f2e119a823185f3b10b417040ca4fd13997991a77d01f34

Download Submit
C:\Program Files (x86)\LagoFast\nfapi.dll

Filesize
194KB

MD5
95704d5fddb1de05536bf234b361908c

SHA1
a6407108ee82cc84b2849274463704ef8b5852d4

SHA256
82fd5b32c46b1e870adf6c8a9abfa6b7f04cb63a8241952fa5f0d4d23b5340e6

SHA512
2354b958a789325f8ccf38879970bc22a8c43e07b5726782040c4accbf8422bae20b465c1f156c339825ec19e3c41660e5a201608c210abb68fba8d3d48d087f

Download Submit
C:\Program Files (x86)\LagoFast\paho-mqtt3a.dll

Filesize
111KB

MD5
30a5ef54ad1e8ed0b2c36e379f195c79

SHA1
af7d0ebf8fe3754ec94a2e072658fc0bd6613cf9

SHA256
d7a3e22a83b9e6dd5003da678acb9e5786168cf551f3536cd11b077cd6df3932

SHA512
78791343fb50f18c8a4d78aa0e1329b842505408f1eafe19c45848ec1ee4ec363ca292ffdf2330e8a056670dc39284504e3c0acdc5a6d482979a3582564d2c1f

Download Submit
C:\Program Files (x86)\LagoFast\processProxy.dll

Filesize
506KB

MD5
822ece530cb82900fa2b089eea0217fd

SHA1
1d2274fd9d4a4bbee1c243aaeb703c4ddf5c28a8

SHA256
f00143d1fe6a274fd332928058bd464f0bca8aac19cde4561d6824a273a7fd37

SHA512
f848f82fa6d327fef6a1b9427bc9cb93f57c7b67e76ea25e495fb09f33bd0fed72240f74cff23631f307652666e5de93a7620e3136e2ffd24cd10e75e428f03f

Download Submit
C:\Program Files (x86)\LagoFast\proxy-divert.dll

Filesize
8.1MB

MD5
945ebdef92aab1c1e20295c825ee77a5

SHA1
28ec29bb3e93a0f73b261681a3d818f1077f44c2

SHA256
394cf80c0a0eadb9c4025af8835ca685f9dd119b714d3f16b7a0d5ff118e402b

SHA512
2f29d124e1f2568110578499ed6efb3910e9e69657c10a56f57cd43864c03628e293eea3b92edaaffcc82675495d001970f0cb6638a3cfb89e3c8929d9ecc715

Download Submit
C:\Program Files (x86)\LagoFast\proxy.dll

Filesize
11.6MB

MD5
e20bf8cdaec016ef27de88c47a500405

SHA1
2e37765c644a69d037a8af8e1d4aab13616aa4e7

SHA256
e6be0d78941a7554a2fffc23f66a6aaebb6faef0f6a5cb8079f9ac2b841ae518

SHA512
d14783a43dbbd302ca71f2fd2251a1f90db937c23ef5ab05a0cedff2a618f47c45dcb3eb82e534875a226b69e6d4ec99eb227be599574cf5dcbae4eecff2238f

Download Submit
C:\Program Files (x86)\LagoFast\rlottie.dll

Filesize
1.4MB

MD5
ede470eea94b681ddbd0811586eae1f7

SHA1
af3153febc1b65bfaeffe4a2732ffe5bc3d76a25

SHA256
edf0cdd3329d01854ff035ab80cc5969286aaa12c2de68ca2d85f625c0bdae5b

SHA512
3424cf86040fe4c2cc784c2912f4feb3e5ac68ad4a80437f4d12e47fac253499880878515890338864ae4a2125a89eee300c145296270f917f026e2e08b2098a

Download Submit
C:\Program Files (x86)\LagoFast\vpn_client.dll

Filesize
5.1MB

MD5
82235a965dc95e2b8d4c7897bb497158

SHA1
e82815dd1a983a14f0f7147cfbb138108b266b0f

SHA256
1390a31e04d74adbb88a11028a54325af8cc3196194d66c6cecfce6798f9059e

SHA512
df6edd17180af12c4a9e64258f5894fae5a98d40b07b621605da2f50faace5db0ef41f2b5dd7928ca7807ee01972a7f0863ac711280fc6c4e2f0f6a2fa6ff1f5

Download Submit
C:\Program Files (x86)\LagoFast\wiresockapi.dll

Filesize
665KB

MD5
9d7f61a489882cb1a9f2be1e55f25514

SHA1
0064acd64d452c735bc80dfb7f363fbd881a2186

SHA256
f4b6f3eb02ebcfc6e0884b19e9a922de357ac15924db28970bd0f76a84f00af9

SHA512
58f99a735d607cf87ffd29701b9052743267af9e3095e1b5558379dae96425502d1b2f4d8b69c86995e43b508485f7effda1c912c776516e54883e45f50f4cf7

Download Submit
C:\Users\Admin\AppData\Local\LagoFast\user.ini

Filesize
77B

MD5
d64355e76634e71ffa0b89c96640741b

SHA1
3014990a063b8b756667d3ad40bd9c61d28fa613

SHA256
bab7624907c2509645dcdbfaf4bf5002754019149a1ebafd9992f21b179cde3b

SHA512
988e9f623553564ddc1d366b49d6fdb78280002451cc3a02cc9ddccd54f19eb2c455fbfa4862a74c0bf2da830bb2a2feecbb919aca7209333b383296c4f780f5

Download Submit
C:\Users\Admin\AppData\Local\LagoFast\user.ini

Filesize
109B

MD5
076f5ad3899e038c06d1a4a609ed2655

SHA1
7037fa4ab010fc89a406566623bb112ce5129c52

SHA256
41f644dd5edbee6a5788a04445b8c4494485c638592d6afc7c15dc16f7e37cbc

SHA512
e32e101f8a1e98c9360c33ef6fbad1030385323185d1427636e1269ca0f181692ca54fb7ee610954c9bf0d2317b99c758f70656af042c749576d95502824e848

Download Submit
C:\Users\Admin\AppData\Local\LagoFast\user.ini

Filesize
176B

MD5
7fc51666343d1eb68b768fbd53f318d0

SHA1
382555008a3f10704124a7431631605b3bae5947

SHA256
ee86af5e8ce3eca30856db604dd2b08bc3453a7ff665cee9e56c36f5d279850b

SHA512
c844ba7099ed3c572cb0aac338e254208fdd60c3916bc703b8b88a2df2c836e4ca85b9511c6b617c7ecc4634be174bf9578d24962680f259ad8d06b94f674dc4

Download Submit
C:\Users\Admin\AppData\Local\LagoFast\user.ini

Filesize
200B

MD5
382e60bd6c5277c7c5a810a6555b2612

SHA1
3153d9ee460c3e6c13e4b0abe87ec9bbc4d59ba6

SHA256
d69d9d2b396a97a3bec86fde510358402d70af4e885fbe5e32b2ae3e3a3a9d17

SHA512
80321e927cbbe97e30233cf01bbef6801e3267c0ffa162f951b08e9fe9806e10ed8821a733a6477984664cbded5031705e70a7add0d5211b62374715f16d1906

Download Submit
C:\Users\Admin\AppData\Local\LagoFast\user.ini

Filesize
460B

MD5
bfc46a3c981349899ffa79eed541d444

SHA1
bae3917a5522b97ee8176d1f5d54bdf3cc8c31b3

SHA256
526611cb06db9b41b6a3ff37a2d2b11849ba21cc9e76b98e5e6d3f3f55df75ec

SHA512
4b41e070249dd2b1eab48212149d518675cd6c6357eee02d20c31c2e22bfddb9d32d1065dd72eeecdfcc7c61d870de008026ea8c45657b28150a1a7aab257a04

Download Submit
C:\Users\Admin\AppData\Local\LagoFast\user.ini

Filesize
460B

MD5
a0eb13293a2a5273953751156267a307

SHA1
43e39f88bf0d150cd7de0c644ce33b8720157fef

SHA256
873c4b6b0f5759a7ff6bf1c89517c7c2cad29d78047650068758f3d611a36e9c

SHA512
1536dd47fa1c6b9c10366fa9e159c5525f616b5bc30ca23532e40ab1b0a3725cad48fcfb58174eccff0d162828e704d4eaeb90dc4216c8249077501abe8098a2

Download Submit
C:\Users\Admin\AppData\Local\Temp\7z.dll

Filesize
1.2MB

MD5
4f8997114eb4929daa5eb2bc27765879

SHA1
4d373181aa669f164e2ecbce5166527c2a479fe5

SHA256
c23e78fa31e87b8775dc05421a41c1e11b8cc8d0b973e5f33116e302892666d9

SHA512
3f56248cf6776878575bb60551ff8a1fe6b520e952dfb674b8254a0e00be75df811e88e08d8f2dec00d94f987aa1b9f7e7f7330835eec8c4be2f2a928ad042d5

Download Submit
memory/3444-422-0x000000003B8C0000-0x000000003B8CE000-memory.dmp

Filesize
56KB

Download
memory/3444-417-0x0000000038370000-0x0000000038382000-memory.dmp

Filesize
72KB

Download
memory/3444-419-0x000000003B880000-0x000000003B891000-memory.dmp

Filesize
68KB

Download
memory/3444-420-0x000000003B8A0000-0x000000003B8B6000-memory.dmp

Filesize
88KB

Download
memory/3444-421-0x0000000038590000-0x00000000385A0000-memory.dmp

Filesize
64KB

Download
memory/3444-424-0x000000003A030000-0x000000003A0CB000-memory.dmp

Filesize
620KB

Download
memory/3444-423-0x0000000039F70000-0x000000003A029000-memory.dmp

Filesize
740KB

Download
memory/3444-418-0x00000000384F0000-0x0000000038501000-memory.dmp

Filesize
68KB

Download
memory/3444-416-0x0000000038210000-0x0000000038218000-memory.dmp

Filesize
32KB

Download
memory/3444-349-0x0000000067A40000-0x00000000696C8000-memory.dmp

Filesize
28.5MB

Download
memory/3444-430-0x000000003C100000-0x000000003C122000-memory.dmp

Filesize
136KB

Download
memory/3444-434-0x000000003F850000-0x000000003F8C2000-memory.dmp

Filesize
456KB

Download
memory/3444-439-0x0000000040CB0000-0x0000000040CBE000-memory.dmp

Filesize
56KB

Download
memory/3444-438-0x00000000400F0000-0x00000000400FD000-memory.dmp

Filesize
52KB

Download
memory/3444-437-0x000000003F940000-0x000000003F952000-memory.dmp

Filesize
72KB

Download
memory/3444-436-0x000000003FB70000-0x000000003FC39000-memory.dmp

Filesize
804KB

Download
memory/3444-433-0x000000003C1D0000-0x000000003C1DD000-memory.dmp

Filesize
52KB

Download
memory/3444-432-0x000000003A1E0000-0x000000003A1EB000-memory.dmp

Filesize
44KB

Download
memory/3444-431-0x000000003C130000-0x000000003C14C000-memory.dmp

Filesize
112KB

Download
memory/3444-425-0x000000003C1F0000-0x000000003C46E000-memory.dmp

Filesize
2.5MB

Download
memory/3444-429-0x000000003BFB0000-0x000000003C0F5000-memory.dmp

Filesize
1.3MB

Download
memory/3444-435-0x000000003C1E0000-0x000000003C1F0000-memory.dmp

Filesize
64KB

Download
memory/3444-428-0x000000003BF10000-0x000000003BFA4000-memory.dmp

Filesize
592KB

Download
memory/3444-468-0x0000000067A40000-0x00000000696C8000-memory.dmp

Filesize
28.5MB

Download