c77ece148119b2cae38d79e925b3106c166d1b89ea54bd0ba8b25e20780ca4f4

Resubmissions

23/08/2024, 12:32

240823-pqrltstfjf 7

23/08/2024, 12:28

240823-pngnvatdqf 7

Analysis

max time kernel
33s
max time network
127s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
23/08/2024, 12:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Box Fights Champions Season 4 18.3.0v (1).exe
Size

221.2MB
MD5

6cb4e00e854a4167d3f2426c40d81ff3
SHA1

a087dfd4d5e8f878d3cec158c40c5bbba49e8afa
SHA256

c77ece148119b2cae38d79e925b3106c166d1b89ea54bd0ba8b25e20780ca4f4
SHA512

9202069015684b1e3fe053fbc4c5992a921fd7fb2c46b0b487bd7bf2bea25e8b8aaca23547552c58dec79803e873af4bec8780d56a971921c989490b10107531
SSDEEP

6291456:DG+yOcyHNamVY5x7oYE7srpN/wzzmmcMyJ:DG+7cQchVpN4zz7cPJ

Score

7^/10

discovery

Malware Config

Signatures

Loads dropped DLL 31 IoCs

pid	Process
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe
2248	Box Fights Champions Season 4 18.3.0v (1).exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Box Fights Champions Season 4 18.3.0v (1).exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2368	chrome.exe
2368	chrome.exe

Suspicious use of AdjustPrivilegeToken 62 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe
Token: SeShutdownPrivilege	2368	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe
2368	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2248	Box Fights Champions Season 4 18.3.0v (1).exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2368 wrote to memory of 1656	2368	chrome.exe	31
PID 2368 wrote to memory of 1656	2368	chrome.exe	31
PID 2368 wrote to memory of 1656	2368	chrome.exe	31
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2676	2368	chrome.exe	34
PID 2368 wrote to memory of 2304	2368	chrome.exe	35
PID 2368 wrote to memory of 2304	2368	chrome.exe	35
PID 2368 wrote to memory of 2304	2368	chrome.exe	35
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36
PID 2368 wrote to memory of 2600	2368	chrome.exe	36

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef71a9758,0x7fef71a9768,0x7fef71a9778
  2⤵
  PID:1656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1172 --field-trial-handle=1220,i,7619597833120752244,10650134831344585028,131072 /prefetch:2
  2⤵
  PID:2676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1508 --field-trial-handle=1220,i,7619597833120752244,10650134831344585028,131072 /prefetch:8
  2⤵
  PID:2304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1592 --field-trial-handle=1220,i,7619597833120752244,10650134831344585028,131072 /prefetch:8
  2⤵
  PID:2600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2220 --field-trial-handle=1220,i,7619597833120752244,10650134831344585028,131072 /prefetch:1
  2⤵
  PID:3048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2232 --field-trial-handle=1220,i,7619597833120752244,10650134831344585028,131072 /prefetch:1
  2⤵
  PID:2824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1164 --field-trial-handle=1220,i,7619597833120752244,10650134831344585028,131072 /prefetch:2
  2⤵
  PID:2940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2272 --field-trial-handle=1220,i,7619597833120752244,10650134831344585028,131072 /prefetch:2
  2⤵
  PID:2428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=1464 --field-trial-handle=1220,i,7619597833120752244,10650134831344585028,131072 /prefetch:1
  2⤵
  PID:2656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3784 --field-trial-handle=1220,i,7619597833120752244,10650134831344585028,131072 /prefetch:8
  2⤵
  PID:2984

C:\Users\Admin\AppData\Local\Temp\Box Fights Champions Season 4 18.3.0v (1).exe
"C:\Users\Admin\AppData\Local\Temp\Box Fights Champions Season 4 18.3.0v (1).exe"
1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:2248

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:788

C:\Users\Admin\AppData\Local\Temp\Box Fights Champions Season 4 18.3.0v (1).exe
"C:\Users\Admin\AppData\Local\Temp\Box Fights Champions Season 4 18.3.0v (1).exe"
1⤵
PID:3972

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\6ec835c4-2ef3-4011-9216-47e780ef1901.tmp

Filesize
312KB

MD5
6df322df09f7ac8035673b5b9a6393b6

SHA1
76f97383a548226d92780ed1711611a7ece74ff8

SHA256
f775b089c93be995be7c3e995dc957d5c819905bd7043df4a54b47bafd869512

SHA512
417371e7777cf5088c1f14b1e40af8c8c1813a710b054a675156527a5cc21e34660750f15b908f17c32ecfc13b7dd64301675dc2e88951327e4e9f0aaaa0e306

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
c5a06701bc76c4b3f0b46e2255c8ee9b

SHA1
150dc4493155c4f07494b1537faa65258ea74659

SHA256
f7162c9073cb8514addc6f3ede80ca493b36c7cc1c5bfc4ceeed97134ecf7d12

SHA512
238c65dd9deac665bd7cc4da13bc59d79064eeaf715cb5c273d21485da303df7e1d489f25accb431ff77cac83e0defa4427f0d232e39f981cea4a0e75295aec1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
2c10fb288946ccecab32a3491622fa42

SHA1
cfabb212cf535e402454ff12ca750ef0304450b5

SHA256
b46c1087f7f99615f00a1fb31092d3aa72e433d936c45f18255b369238ab532b

SHA512
452e6a9f3a69ff8653cba7be9bccb8ed09f7182eb57435767f2f15224fd9ae85e7af35acb2453ab0536f73e6afbbc9f78fcc675f54607db2e43fac640e387ed3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
312KB

MD5
7100720e66a14d92b90fc9eb9eb4ac80

SHA1
42b9f35412aa31e6fbcba1e2c21e084cb0b87653

SHA256
c12b6b1623e2355437a0291cd28c65c572b00d9d0f08ee9f9a16c276ea29f5cc

SHA512
81ad2ecc911c00d45686d050945460fd6c5bdf2c4e7df0e5f58c6e7dc82fabcc8b396895fb426e4903ecf77e484ed43e076045cb33e2462f41e99fced841be8d

Download Submit
C:\Users\Admin\AppData\Roaming\MMFApplications\BFC_ANDREAS_ARK.ini

Filesize
29B

MD5
0461bd5ee7f5cf157cc83668b2a97556

SHA1
6ae8c4ddb4560279b1eb4399e0d9d38ae73640fb

SHA256
dec374b3db4536b07a30b0c46e9999fd2edd1678f6b014a6e6ce0b6a5eba4ae0

SHA512
50e6c985ba10ba8aaf869bd412a79c39072fb0139b0fc67b002aac9b72198471251119a2bbb171e42eb715e5523fa138eed84a59341b5610035ea7ed45be7f02

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\Box2DBase.mfx

Filesize
287KB

MD5
0572d03da13e13cecdccff2e64f9f4f5

SHA1
a1fcc08ac261edeb3c2b95f007c93fe1398583c7

SHA256
c4507e348be20dacff1caf80047009924a7dafde2f6d4fcd3a119e36c3b0a259

SHA512
68790d0a9b0ccac5389e551408c10bcb2430daa28162bf8de29fe327c78c72bc61181366d6e0f61ba661977daa825aa865255b71ba4cd0ecbc0f403d608d71d0

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\Box2DBouncingBall.mvx

Filesize
133KB

MD5
195ffcbce87652856c80fb8c16061933

SHA1
ee4ae53394661d5754a3f3d971074bd116d40f93

SHA256
396d6fa2cb83373ea69bb30c39bc5f3000168168ac0c455c0504357aed4201fa

SHA512
e2c3b2c7eb96e329d3b30ca12440539a5e3d7086932438974f6d9ba27ab78890c53764d0c5ed95a846d9bc30783d5ee7066000b019035128b509120b9c8f7a3c

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\Box2DParticules.mfx

Filesize
125KB

MD5
285d57468bc22f79d6d244db2787f9c0

SHA1
73d27e8ad6b14ae148afb858f6b2583f14820915

SHA256
d5596235a137139c43d429fd1099c4b66be6fc89ee61b80171f03489d316be28

SHA512
461e4029677ae393853c88510ae48d1c8d1a2ba4dde50d8e11da226b646397f2e5dd958b53ab1e614f9917742b85deaa56dc0f38c4b7763012f5e82f89a733fa

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\Box2DStatic.mvx

Filesize
126KB

MD5
4fdd5e5d3f9d15622e741160f8359d80

SHA1
08af8b2e361b4c73c17bca4a1de92aa57157207d

SHA256
f1b78b67fa0ec761b5ef24b074b6805a0713c9b8f1bd48b8c0822cf01a642645

SHA512
f8db8c0ef40c6293ea684f6ad8ab3dede3bddc91c65dbfe4dbe9c39b478d04e75d15adbf16fa178cf4016b247665af7b1b62c6957f24a6fd9f29e13db614513c

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\GetNSetMouseSpeed.mfx

Filesize
116KB

MD5
40751becd59ab639fbb74111daebc01d

SHA1
cc1c6d48c3bbe2ed4494ccd7bf3aba1d10d6845b

SHA256
bfa435ea7fa61d3bdf081c426a81645911326883fd407fe1db7a5e7facf3dc6c

SHA512
52ce123b05d72bd2fe76e97968443f54cfefb011d740a946d1cae403f9d7ea0465b90cada6ac71e0c40e2e04115df5873707a9a95658ddd74066df11cef96eb4

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\INI++15.mfx

Filesize
439KB

MD5
760454c677adda4b319272641680e331

SHA1
348f18fb00889c3058451c2f034b51d6965522af

SHA256
4f7e3cc575de56d815589db22a1d96760e2f309e58b9bde1a57e108bda069393

SHA512
62f4d9c151adf2ce2430028185241f890849b3b0c2a11b5cc8c0e74bb3c02f3246e3abdc4031b75d2aaba9f24c26e60b165c410c2bf7c4e0569b34882b8477a7

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\InAndOut.mvx

Filesize
68KB

MD5
e0a46539bf68ea083867457c962b0edb

SHA1
1345276d8a0e2ffbc90bfd7a1aa7f75d9b908b77

SHA256
678073eea715bdb105d7316a2ccbdfbf6185b6bd23c3cd9528ebfeafb9ade716

SHA512
d23a7e70602bdcd5e3de488c86d83a97038762fa42d588d385cd0ef00a60f32b2344c730a3208352cd0b7fd9de9534e6e8527e8d1e9a5bb36da315724e602e21

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\Lacewing.mfx

Filesize
215KB

MD5
8a8767b9d44ff18cc9a2986cc1efcd5c

SHA1
1ab46ea5c4eb66c059113b715fda146b75c0de23

SHA256
50fe75b79197c5cff2d7f256ffff8d9f9d58e66c90f9fd00fd7aa4688c7d2e5a

SHA512
dfbc478d9504ab6cd375e1a987223afe993777417756d9901a46dffd31ee006ffd768f1fdc8279722a94e24344bbe5f2fd8b2b9bde9f92f73bddf880aa654857

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\Layer.mfx

Filesize
140KB

MD5
ef12eb1b8b4a804bca741734787fdfd2

SHA1
43b8f7571067bfd2d7762f6d5c69fb6978894f37

SHA256
b8612eb76d8967e49e9ba74a2cbd557096bacfbdb2c6e84d69d381b76d42052e

SHA512
55c2aa823ff69bea48948b04912e1d31465d9a9817ef53fda2957d44451d58fdb2efcf3c40c8431d26d8663f70729e57bbddaeca848ab4d6658f0d5b211d2f2d

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\Platform.mfx

Filesize
21KB

MD5
f028a9790936f628964ffb256405aebb

SHA1
2dbecca5034f39a78e88cdf962208f742ff43302

SHA256
722e0aeb4d6424e95df58c01e5b787a7bcc0b1e1f1c0cf86b18388c42980cfcd

SHA512
f0d3d204e8ec563092d4dbb60dce0370acda92fe39b07e8f021dbc28f56041dc8ddc382b1326cfa8fb694a16a57ebdc56f0824cbf5c9abbe47498e973bff3b32

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\XBOXGamepad.mfx

Filesize
83KB

MD5
aadd07ff9056c4f925789dccaae69b03

SHA1
c998a63c69f9f211efffdfc9cca65adb73f7af17

SHA256
c5972ea4bfb176e250cbc36d38661e5fd1be47ca235d2032a174097a9b006172

SHA512
f858455c1c0a29d494aff0e2044eafc0a75f677295f2c6a6a13536b459e7bb0cdd20669f94d73ec2c4105f0e10994c8c9219087a08bf373c9a38f8812eded4b5

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\aviflt.ift

Filesize
24KB

MD5
97b3b613ed1f994389b1a963b6e781c9

SHA1
13b38afdfd6ea283a2012bb8e5c652e13175440c

SHA256
cb5f43c24df39973b983b7fda4abcef60f425061d880c7dd9514b501b84790f8

SHA512
97cb23d76d926fe03573c127862b738217f91b0cb61517df7514597fdc50844ccb3d4f799b9a8b23b8da37a2b802ee2bd1e56b5e9fdb699bc3d511868ffd417c

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\bmpflt.ift

Filesize
24KB

MD5
a73a9c8e91ef95cf4eabadf8f7334abf

SHA1
763195d19f5467c593ab638dbdd0a0277a3048f3

SHA256
02d03c4847e34c9029cca452e37ada5ef40167406d4474a9393e11aace024c3d

SHA512
cb5f451d8e637d466fec2dde865d5daac5a15ea44b6e2ce0506070c123ffad506f5f9739a9ea440f01c8f331cc9d42802cc14f82e1252ac667fa7318bcdf3acb

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\ctrlx.mfx

Filesize
44KB

MD5
ceb8b2e522d0aaaecdf69b3bcc89a530

SHA1
c1cf769a96a9612f7fd0c1965413f4a57e4907e1

SHA256
3407eb12f6bacec5ebd4df96ff3fd34741a3919fd46c2ec527364c5f1e753a65

SHA512
3c46743c635eb96351e6a82490cececb24e6a104433c962f263ec01cf78fa9747d4f56d05c3085c0a18eff7c180b145df5e8e74bc008fe2f617f7f4c24be0331

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\fliflt.ift

Filesize
28KB

MD5
91b37f29180a7bcca82dd4682d677b3d

SHA1
bca27cb7ddb271e6649f264777e04970f5ad1276

SHA256
4b651eaa60da09038984a9b7027826941f61f6da58d3f57d11349c8c1896a6d4

SHA512
2fb10952f2671e6a42a9748279aa94e9ce9b307d57d562f9ebbaaa88e27ca96eda36a5fa209df0f791adab7e8d896916b30330ba759b9278cac4bff43600d6e2

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\gifflt.ift

Filesize
28KB

MD5
9a1a0b8e7045c06c47abeb52d861c377

SHA1
6a1c36eb8354f62d5eab6d7c62316fd7d0e1aa92

SHA256
8fadc250c2afc00b0430c5df576cfd2d444367ad928027334c5d03829241cf92

SHA512
918a672f82be50a42c237eeb361b971c724a1d7b11cab183dfd5125bdb7663cae588fa92b142dc99a88407a133bbe58bd7bc0c5c60d93287c470375fc094f079

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\jpgflt.ift

Filesize
96KB

MD5
ba4a1f5006fc3fc33f30e82a964cd7b3

SHA1
8099283e645b6ef523757afdf552da3dc9b72924

SHA256
5bcaaff4c698581603d4165308260412b38ac6cf708486b53bda3bc76241098d

SHA512
8eaa1bae465a0ddd498372fcc9bd9c2b3bd9ba861abcc9158a0e3b8cf14f2a6fc8aae8fb129f96ea090c023247dec56524b2f42fa25239c08145dbe7c664a11e

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\kcclock.mfx

Filesize
106KB

MD5
52d17266a014b5da9552a13d7594786b

SHA1
c1acdf4fcc9d5b985a8030a0cc3b6c6679e80a67

SHA256
d79eb00cd7822b836f4a7522c0a2acd08ab9955c3ee625a90ed8e8a177eab2ab

SHA512
149fda83701323ce52777a350fb844794d61aa4adea4b7e41910af4444c507bb0dd3134f996c42789b84edb75459e4e8c500fe6ebb467f55007a24fa0cf7e5ca

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\kcedit.mfx

Filesize
32KB

MD5
62f67209e7995da3f14f4b697235a99b

SHA1
158248b41de5449ef647a2caeda431dc544aa59d

SHA256
1fb56c1a5fb313c8c51fead10472566328c9260aacc72aa8dde8d345acf53203

SHA512
3857939c51b5045030df233393597b9b56a0534a2ea570d748a002b19b0b20de16b0d5181cf9eb6180d24b4de0a159e21275d12bdc7673a3f891ce155db42325

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\kcini.mfx

Filesize
114KB

MD5
7c0cb7fdc0d3519520cd4b8137edbd80

SHA1
bd4eddd8316a51baf4a3ae68b56acfbba734f46c

SHA256
d1471b2685d45956c323baa2cab11dfe479eb1021f04e2949f03557527c5fc84

SHA512
601c16892bef77d5842e0778f27d4f82e19ae66333b2b75c9a34b3ba6441169946e1167ceb21ed270bddba305abfe50f2e8f8ab2e9dc410c96a31944e597034a

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\kclist.mfx

Filesize
32KB

MD5
de7d289ea419cc82784cefc87e652c70

SHA1
9035cf539cd9d3c14fdda73eb2c23452750cfade

SHA256
c83bcec56f1666d6871e077cc54d0ee7f6462773c03afbb301b9180a4ad0a31a

SHA512
f02d5aa3822218517d3c6f9114f0fb90c37ed7281ab09f3a868f251e2975d6da10bd1616a9e13eab0e1f138f2bd2e7953686d3cf7e18e2a67b1bba9fbd762ea0

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\kcmslot.mfx

Filesize
24KB

MD5
f00ff9773c34ffba124c3f454f35ee33

SHA1
4fdd7c6f4e7312b64ab1d9ddf138bba3df0bc0d8

SHA256
99b24fc486e0c9adfd6559b299ddbfeb047827924eefab9fe423d53acc437f1c

SHA512
a2864fed5eb63f331967ddce72380a2930668a65b9c6c6b62006f103a5576842ca2d9c392eaba6d2bfc56f05518ced53c626216f79ecc76718ca1b10c4880564

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\kcplugin.mfx

Filesize
24KB

MD5
3735e9e74bd2933ff7317cb500d9a1e5

SHA1
4bb8db39a5fec92473bcb590619c5d2015addcc7

SHA256
10491218743ff2421d8d5cbbe622afc23b2256f27cebbd5ad6f035d914b9a2bf

SHA512
2484cc4b2b4c939b3063c7877bd9e0672e907a19515951ff658427ad167d7ad1d46b5d46099f0bcb84753cf34ea557b28ea3a6950fc8f0516c98231df7ca8670

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\kcwctrl.mfx

Filesize
79KB

MD5
2c34e977f898ab60eddb72075c4be223

SHA1
adf883dd06e5ae340a03e6c22a56a4c0caf909ea

SHA256
a0ada42e3a4760097c1c2f98905f12b19de47159543aa21e1c604dbcac7337f2

SHA512
73402857d09e5a0e8049bb7adf3bbfdfc9ac65966217751cbf6db2bf532aa3f92ffc3a1a5dcda638e83d6ede29ebe6e760cbad74d27aa6fa006c9296607d3c37

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\mmf2d3d9.dll

Filesize
1.1MB

MD5
72bb9180f8905c0da95566b778cdac5e

SHA1
e96145e8120514092b35f67f1f120b958997f921

SHA256
3cde7a9181ab63a42cd3535d279d0ab1397b7b78fa3ddddef832757ab2024101

SHA512
c2c8d8c74c53a78545e69f27a7fe1a6d1291888158962e93e16e6ec9950f86e74c68bd2eb50d04db0bff58e8dc93455aa384245991c5afe34abee36fef53710f

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\mmfs2.dll

Filesize
510KB

MD5
1e0e5acec2f2d3567c40491e39aa8f50

SHA1
101ec3bbd32c005b12b38c0f7988faa9329a019f

SHA256
6c9ff6036404e71b0bc2c12bc739eeef0d9200925f5796487af2aa4ef5c5ef97

SHA512
80bbdd2dcc44494a53b14098b7e99db7c20b40650938454105b423e70906ad7371274ed73d3fccd114b9396112a695aebf37f6916976a972154cd562d10e01de

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\mode7ex.mfx

Filesize
37KB

MD5
28d1f9807bf360afbfff052bd39a1714

SHA1
bd89924cfad17605ebe9e352d0d8a10463abe2fe

SHA256
efc61853b403d5351898dc1ad96dcc0315d02bc41baf6277f49e8f18146de99e

SHA512
128157a2550a9b0fc8acb19d85fe39f6b5cda59932ea506dc2d233db0bebba276417a38d670dab5f138338f22947f77b79b1308fba4ba2d59c0584024a075076

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\mp3flt.sft

Filesize
24KB

MD5
dadc138be9d36e6e4b8e4bf9ef2de4bc

SHA1
2758db786c544ec7889f26edf9bc4634c9240af0

SHA256
ddeafda7b28bf7545e3ba164aa4a74219eb961c36bb974e0f5085a07daf18f44

SHA512
63a21c5eda225c7fb8a67595c3180d4fdc1bc37d3b45f839e1b562ef946bf5b2237a9ff17c3f6f5de489779bbb9652ac2a1a74b83f153883bd436756acf249e1

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\pcxflt.ift

Filesize
24KB

MD5
56f80b514fa7cc1dd7fb24ef195c30eb

SHA1
e61d7dcbbb623219c625bc67ed0f382f26308600

SHA256
c9e1db8689c11a87f9ab30ebc705eeccc0fbd909ca493a6f589d6a9a5c2a1b15

SHA512
f391e04bd3e67317b3bb1f9541c94782d14e8b8287f5fd3e2f753688d85cc38bf5164c8faa5dc85b8c44a480f81462a4ddc16aafe64313601d21a608b546e721

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\pngflt.ift

Filesize
288KB

MD5
d57365ca275388910be7b09d95ee65b9

SHA1
477e9afa81c0ba97323be56d15ade8fb17c45d78

SHA256
df948630fdb53ddad68d66994f5d2b18a67df32478b6b8b3720c28f40bde7b1f

SHA512
b6a7266c47245cdd5ccc1e4c1b490a22996cac3db53500405354d1a5892896f66aba255ff725808770489a199626a844a86cb80e081a47ed27671bd82ca1cfbb

Download Submit
\Users\Admin\AppData\Local\Temp\3eff38de-f959-4641-8de9-473c65c62ba8.FusionApp\tgaflt.ift

Filesize
24KB

MD5
00a5f50c4a0f8a2c8704fb0640dfcfb6

SHA1
960ff3909de1395de49bd9f36600b989851591ea

SHA256
756725f247592504d42c67257c3957e972ee490af06f12b00467b389e0ee6bbc

SHA512
2be74193a33f1b70f39be9a5565326d425ce02b6eb98b783f8749a209b95fdcbe8724c38c9dbd33e4a12b40756c5ad9177e557f62748b52be2cd7c4bc344b577

Download Submit
memory/2248-135-0x0000000000F10000-0x0000000000F34000-memory.dmp

Filesize
144KB

Download
memory/2248-130-0x0000000000ED0000-0x0000000000EF2000-memory.dmp

Filesize
136KB

Download
memory/2248-127-0x0000000000EB0000-0x0000000000EC2000-memory.dmp

Filesize
72KB

Download
memory/2248-112-0x0000000000940000-0x0000000000962000-memory.dmp

Filesize
136KB

Download
memory/2248-93-0x0000000000910000-0x0000000000932000-memory.dmp

Filesize
136KB

Download
memory/2248-88-0x0000000000390000-0x00000000003D9000-memory.dmp

Filesize
292KB

Download
memory/2248-50-0x00000000002B0000-0x00000000002EB000-memory.dmp

Filesize
236KB

Download
memory/3972-150402-0x0000000000250000-0x000000000028B000-memory.dmp

Filesize
236KB

Download
memory/3972-150418-0x00000000003A0000-0x00000000003E9000-memory.dmp

Filesize
292KB

Download
memory/3972-150455-0x0000000000F50000-0x0000000000F72000-memory.dmp

Filesize
136KB

Download
memory/3972-150521-0x0000000001060000-0x0000000001084000-memory.dmp

Filesize
144KB

Download
memory/3972-150512-0x0000000000FE0000-0x0000000001002000-memory.dmp

Filesize
136KB

Download
memory/3972-150506-0x0000000000FC0000-0x0000000000FD2000-memory.dmp

Filesize
72KB

Download
memory/3972-150429-0x0000000000810000-0x0000000000832000-memory.dmp

Filesize
136KB

Download