Overview

overview

6

Static

static

1

URLScan

urlscan

1

https://drive.google...

windows10-1703-x64

6

Analysis

  • max time kernel
    299s
  • max time network
    268s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    22-08-2024 22:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://drive.google.com/file/d/1o3FwYADK2UOCehbivYXIiRB37hESan31/view?usp=sharing

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs
  • Drops file in Windows directory 4 IoCs
  • Modifies Internet Explorer settings 1 TTPs 2 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Suspicious behavior: MapViewOfSection 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Windows\system32\LaunchWinApp.exe
    "C:\Windows\system32\LaunchWinApp.exe" "https://drive.google.com/file/d/1o3FwYADK2UOCehbivYXIiRB37hESan31/view?usp=sharing"
    1⤵
      PID:2316
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:1352
    • C:\Windows\system32\browser_broker.exe
      C:\Windows\system32\browser_broker.exe -Embedding
      1⤵
      • Modifies Internet Explorer settings
      PID:4576
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Modifies registry class
      • Suspicious behavior: MapViewOfSection
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2272
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:656
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      PID:1160
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Modifies registry class
      PID:5348

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\L5P12AEX\edgecompatviewlist[1].xml
      Filesize

      74KB

      MD5

      d4fc49dc14f63895d997fa4940f24378

      SHA1

      3efb1437a7c5e46034147cbbc8db017c69d02c31

      SHA256

      853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

      SHA512

      cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\191721PO\KFOmCnqEu92Fr1Mu4mxK[1].woff2
      Filesize

      14KB

      MD5

      5d4aeb4e5f5ef754e307d7ffaef688bd

      SHA1

      06db651cdf354c64a7383ea9c77024ef4fb4cef8

      SHA256

      3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

      SHA512

      7eb7c301df79d35a6a521fae9d3dccc0a695d3480b4d34c7d262dd0c67abec8437ed40e2920625e98aaeafba1d908dec69c3b07494ec7c29307de49e91c2ef48

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\191721PO\css[1].css
      Filesize

      800B

      MD5

      179833a46cf004323d697ec583d1c0b5

      SHA1

      d67abe32e5acdd166bfa9043124b95c0ec05bd7e

      SHA256

      fb248ea03e7b4f21745d262e1974ab61e7acdbf2621a22332cde5fb29b5e5f72

      SHA512

      59879fd2b6d1c760ce06a58c3b1d0915a923fd3e938a876323bfedf40fec4b41a85b2be6db09aa4396d353632c35a2c52a10ffe04aa73044936379a4f2fe54df

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\191721PO\lazy.min[1].js
      Filesize

      119KB

      MD5

      70ccc67a1b1268b9b107ca5694d695f2

      SHA1

      14c6212bde3d34323f35e7424d8ee42e2e255da7

      SHA256

      2b8692ca9e4abf49e556da9d280504263b55ea339a27465ffc8282dbeacc834c

      SHA512

      cdafefda1dce05aaf537f9d5efdca048bc33f4cef5749d7fce5b797dc89832fd59d791efe00fba50ec434086784284cc9b710d524d107ca002b6305ba0de26c4

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\191721PO\m=MpJwZc,UUJqVe,sy6,s39S4,syn,pw70Gc[1].js
      Filesize

      6KB

      MD5

      8a6a9687488e77beb8a7221fe298891e

      SHA1

      0f46e27e8873c02f9b1d5af21325a5cc8b4a6e49

      SHA256

      fad0720093a3d5c6b3594fc6ba855fccba4a63b1baeb40b297de39be85f192da

      SHA512

      e3f3d64bc17f07e323f1139bc016bea439c5a44396ef21cafa7f45e227ffe3e4d6ea76f8e4d3a1c695a8b6e74bdf406a1903eff1da109ffda71c69ee7824642a

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\191721PO\m=RqjULd[1].js
      Filesize

      21KB

      MD5

      132a4e3977a9899233082dec7bc44780

      SHA1

      7070e6d75e37d38231e2802d4c5e2b7dd7ae89af

      SHA256

      04613cbc04f0fe16182372dc1a77ee57bf4da7fff9adba950edbef552a7eb087

      SHA512

      8b6f83c0fa778d197e884da08044ab2436fb40168e51902fa2d83cada1e140a0a1cdff6b1f3ae0f6f14039df09eeec86e5f8f67f5a3e196bfe33e520fda55f36

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5V6XRDK6\cb=gapi[1].js
      Filesize

      122KB

      MD5

      7d41ce8af12a1020f76d0d4620a30b79

      SHA1

      913cdcd6daf53cecb2639d9a451c4f1f88071d9e

      SHA256

      2b4ae5731b6361fef2a0b2ea0d005ca674d5cfa837628dc8acf4140b2c8b3843

      SHA512

      f42cd6041d26407cb75ab57788a71aab626d3a94c50a2a4a04dcb6c89fb728695c44054c0dd79e3c2824bfa9188d6ca8e7a3cb71e6eef7f645f93839147ae0f0

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5V6XRDK6\rs=AA2YrTt9tkKBZuHInPlQq_B9pPXVq56dJQ[1].js
      Filesize

      228KB

      MD5

      90eb0e3f6dc54ce70aa6a9c4b88eb3e4

      SHA1

      93f5ddd4a4f5f1a5c4f7ddde1fabfe62382f5e7c

      SHA256

      3b407b3e0bdc8b4e51e37ecec198e030a5a769cca34d1e705561fa3bcd7877f0

      SHA512

      97556951ba9cf655a0495e5b4302bd87a46971cda6f18e84815d1a606a069aefeb8459e7ed8fa3abc99ed3b3d3cac6d7d77890dee2fe0899f7286d45fde3d01e

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5V6XRDK6\rs=AA2YrTvdf0Ja9-cFHLh-nlOYGyOfmAxP9w[1].css
      Filesize

      3KB

      MD5

      e3eac709a4cc63504a6c6234badef7d6

      SHA1

      096168061aae154fbe9de83d623d31d6c97189ab

      SHA256

      8f4501f2846a44e6562478e4d75583d1734fe06fbcc428b0a86e0b8b19f85987

      SHA512

      8df52289a52d51fd2096229f681c30727e25c7bd104afe09dc1932680c3e37ea00d5eee98c31481a45e5d22581d7465983a174ccea238cf0f93cc46639f8dcda

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\C79S26J5\KFOkCnqEu92Fr1Mu51xIIzI[1].woff2
      Filesize

      16KB

      MD5

      d8bcbe724fd6f4ba44d0ee6a2675890f

      SHA1

      d276fd769bcb675f8efe42ebe3003c1d3255f985

      SHA256

      aa4650a411dfe1c9beb794ffaf08c7909cdfbb05672d79b3a9976672cbba75ec

      SHA512

      23f757ea3afe6febe1e8ea935f0ee8690e1b1b1da511788b529cc2fc38f7e454153cdba6f84a6a0e19b294e5311625a03617cf98aac150f17b88a53f3ed8b72a

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\C79S26J5\KFOlCnqEu92Fr1MmEU9fBBc4[1].woff2
      Filesize

      15KB

      MD5

      285467176f7fe6bb6a9c6873b3dad2cc

      SHA1

      ea04e4ff5142ddd69307c183def721a160e0a64e

      SHA256

      5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

      SHA512

      5f9bb763406ea8ce978ec675bd51a0263e9547021ea71188dbd62f0212eb00c1421b750d3b94550b50425bebff5f881c41299f6a33bbfa12fb1ff18c12bc7ff1

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\C79S26J5\KFOlCnqEu92Fr1MmSU5fBBc4[1].woff2
      Filesize

      15KB

      MD5

      55536c8e9e9a532651e3cf374f290ea3

      SHA1

      ff3a9b8ae317896cbbcbadfbe615d671bd1d32a2

      SHA256

      eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf

      SHA512

      1346654c8293a2f38dd425ad44a2aa0ed2feab224388ab4e38fb99082769bbd14d67d74cac3ce6e39a562a0812f9bce0a623be233f9632dcb8d5d358e42f2186

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\C79S26J5\css2[1].css
      Filesize

      609B

      MD5

      c9416551b401e8ddc4cd642b1348d60c

      SHA1

      75d238de4bcef07ec6afd81fa38a91a3a55adc2a

      SHA256

      cb7b5b067f94b97f8e98d0c0d0e2ef2add7725527ad7ea726ff7d6702f1eff9a

      SHA512

      b7b3054284b982026adc743f27da8d89050546049471cba9e380086a56dc01749041e237b932e187b566445bdc380ef3938c4f7932e33a6005344f7ccb14d5c9

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\C79S26J5\m=bm51tf[1].js
      Filesize

      1KB

      MD5

      e6daac6421566a17d359eb0eaf2069f9

      SHA1

      3d279304539b3d5ae0ff6c02e887f32c0edb44e7

      SHA256

      2826f757b7962fccc397b2771f2ff6565717e06648e989c00fa49038d5859cc6

      SHA512

      35293dc042fea3269e5541f4cd83f8aaec77b30b1229d6d272a66157a86ce619b202b20ae2aa77dd70a8e5cd2399c99fa1dc362e9c29a7f43f9016520d834367

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UZCS2QKE\KFOlCnqEu92Fr1MmWUlfBBc4[1].woff2
      Filesize

      15KB

      MD5

      037d830416495def72b7881024c14b7b

      SHA1

      619389190b3cafafb5db94113990350acc8a0278

      SHA256

      1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97

      SHA512

      c8d2808945a9bf2e6ad36c7749313467ff390f195448c326c4d4d7a4a635a11e2ddf4d0779be2db274f1d1d9d022b1f837294f1e12c9f87e3eac8a95cfd8872f

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UZCS2QKE\cb=gapi[1].js
      Filesize

      206KB

      MD5

      01aca6d674132913ecbc9db2b2d9ad03

      SHA1

      c9fb646739e2ed2e18869867e3fcdd9364ff046f

      SHA256

      f41d574aeffffe2094c610397398b37da40813e31cded45f92037c49295f4d15

      SHA512

      c96ab1a80f2db279ea53f8bedbd1b2feb17c3ac7ff29181235883d78b065fca21c59c832b04bb6c50fc6cd56287f5fb7977a1d9a2dfb5c7ac45443d86f56bbd0

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UZCS2QKE\m=_b,_tp[1].js
      Filesize

      188KB

      MD5

      4417787dc591d6be58e9d4712f3894d5

      SHA1

      4f223c71bbc72d7a3361c6ac876c0cf6f931ac59

      SHA256

      57bc279dd37c9449b60c0523ab9c5be491bdf885a94460243307a91cd47118e9

      SHA512

      353e48932146abcdbb0366267f9fdbaa0babdd7cc57a7c72854c2de2dcfcbd2693a43e24dfd200430a104af59b1dc38b3f1ca6f67a067a7dbb8c35b11c761e9d

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UZCS2QKE\m=v,wb[1].js
      Filesize

      1.8MB

      MD5

      211df9eb77263d4bd7c3ccbb4dfe3fc7

      SHA1

      7d8385b636d76567269c0002e1f57ad57af6df42

      SHA256

      73cf00434beb5fee68146cb783c273a58c62380b6eec9ae15c5bba34b325be39

      SHA512

      34a33fec5507ca83774ee4ca80f22e73ddf0561e2838c6a5e1dfd8b5c6b36cd7c2e526fe55dfa0ae2dfb1e74796c7c60163880da684ad185e12de3048ce5f878

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UZCS2QKE\rs=AO0039vWOEKt76gfYi-cUY20xNTMcbSJDA[1].css
      Filesize

      2.3MB

      MD5

      ff3f7f0fe83159470c5e6e3bba8bd429

      SHA1

      15aa6df918a3c723f60777e5f4e53d98e17dcd02

      SHA256

      70175bf647ccf40e1f3ff006ce520af31a95bf3617551422dd90361329248ed3

      SHA512

      f44e62e752a34612909c5c7449a5550e69789c912ca6a3c863888e1596022e7547be3599b7d00bfd85d75d135e2733c8912d4acb4ff7e2db1c4fc9604397c08f

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\ISELDIQ1\drive_2020q4_32dp[1].png
      Filesize

      831B

      MD5

      916c9bcccf19525ad9d3cd1514008746

      SHA1

      9ccce6978d2417927b5150ffaac22f907ff27b6e

      SHA256

      358e814139d3ed8469b36935a071be6696ccad7dd9bdbfdb80c052b068ae2a50

      SHA512

      b73c1a81997abe12dba4ae1fa38f070079448c3798e7161c9262ccba6ee6a91e8a243f0e4888c8aef33ce1cf83818fc44c85ae454a522a079d08121cd8628d00

      Download Submit

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\KR34W2DL\suggestions[1].en-US
      Filesize

      17KB

      MD5

      5a34cb996293fde2cb7a4ac89587393a

      SHA1

      3c96c993500690d1a77873cd62bc639b3a10653f

      SHA256

      c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

      SHA512

      e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

      Download Submit

    • memory/656-42-0x000001EBD0B80000-0x000001EBD0C80000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1160-328-0x00000149EE1B0000-0x00000149EE1C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1160-74-0x00000149FF380000-0x00000149FF382000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1160-329-0x00000149EE1B0000-0x00000149EE1C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1160-330-0x00000149EE1B0000-0x00000149EE1C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1160-331-0x00000149EE1B0000-0x00000149EE1C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1160-335-0x00000149EE1B0000-0x00000149EE1C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1160-336-0x00000149EE1B0000-0x00000149EE1C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1160-334-0x00000149EE1B0000-0x00000149EE1C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1160-333-0x00000149EE1B0000-0x00000149EE1C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1160-332-0x00000149EE1B0000-0x00000149EE1C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1160-337-0x00000149EE1B0000-0x00000149EE1C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1160-93-0x00000149EE900000-0x00000149EEA00000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1160-326-0x00000149EE1B0000-0x00000149EE1C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1160-67-0x00000149EE900000-0x00000149EEA00000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1160-72-0x00000149FF360000-0x00000149FF362000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1160-327-0x00000149EE1B0000-0x00000149EE1C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1160-70-0x00000149FF340000-0x00000149FF342000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1160-66-0x00000149EE900000-0x00000149EEA00000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1160-282-0x0000014183800000-0x0000014183900000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1160-272-0x0000014183600000-0x0000014183700000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1160-160-0x0000014182920000-0x0000014182A20000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1160-53-0x00000149EE1A0000-0x00000149EE1A2000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1160-58-0x00000149EE1F0000-0x00000149EE1F2000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1160-56-0x00000149EE1D0000-0x00000149EE1D2000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1160-155-0x0000014182820000-0x0000014182920000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1160-123-0x00000149EE6A0000-0x00000149EE6C0000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1160-116-0x000001418B500000-0x000001418B520000-memory.dmp

      Filesize

      128KB

      Download

    • memory/1352-35-0x000001C2330F0000-0x000001C2330F2000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1352-0-0x000001C235D20000-0x000001C235D30000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1352-16-0x000001C235E20000-0x000001C235E30000-memory.dmp

      Filesize

      64KB

      Download