2e6db642fad3918398b520cf655d6ca7fc040bd177e30a30bd7f549adb4e48c0

Resubmissions

27-08-2024 09:33

240827-lh58gatgme 10

24-08-2024 14:41

240824-r2eshswgrk 10

Analysis

max time kernel
134s
max time network
103s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
24-08-2024 14:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5ba3af74071e58c1f18c22ac35c6cbb7.exe
Size

2.5MB
MD5

5ba3af74071e58c1f18c22ac35c6cbb7
SHA1

7ae9c93f0c69bc86cd7d1abcf34340667a2d791c
SHA256

2e6db642fad3918398b520cf655d6ca7fc040bd177e30a30bd7f549adb4e48c0
SHA512

198fe5be5cbfb1be083a91b8c07ce00204cb925a7b605ad7f72648888ac5f723349694dcd0472cdc7271b40e2948ccee23c80cde31b23de837cff3945cbd4b8e
SSDEEP

49152:XwREDDMAfQRw4z0g3Q1edHeMxWrP+beY7UY714:XwREzfQRDzJQ1edMwZgN

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 2 IoCs

Processes:

5ba3af74071e58c1f18c22ac35c6cbb7.tmpfzxujk.exe

pid process

1300 5ba3af74071e58c1f18c22ac35c6cbb7.tmp
3924 fzxujk.exe

pid	process
1300	5ba3af74071e58c1f18c22ac35c6cbb7.tmp
3924	fzxujk.exe

System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

Processes:

5ba3af74071e58c1f18c22ac35c6cbb7.exe5ba3af74071e58c1f18c22ac35c6cbb7.tmpfzxujk.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	5ba3af74071e58c1f18c22ac35c6cbb7.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	5ba3af74071e58c1f18c22ac35c6cbb7.tmp
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	fzxujk.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

Processes:

fzxujk.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	fzxujk.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	fzxujk.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

fzxujk.exe

pid process

3924 fzxujk.exe

pid	process
3924	fzxujk.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

5ba3af74071e58c1f18c22ac35c6cbb7.exe5ba3af74071e58c1f18c22ac35c6cbb7.tmpfzxujk.exe

description	pid	process	target process
PID 3488 wrote to memory of 1300	3488	5ba3af74071e58c1f18c22ac35c6cbb7.exe	5ba3af74071e58c1f18c22ac35c6cbb7.tmp
PID 3488 wrote to memory of 1300	3488	5ba3af74071e58c1f18c22ac35c6cbb7.exe	5ba3af74071e58c1f18c22ac35c6cbb7.tmp
PID 3488 wrote to memory of 1300	3488	5ba3af74071e58c1f18c22ac35c6cbb7.exe	5ba3af74071e58c1f18c22ac35c6cbb7.tmp
PID 1300 wrote to memory of 3924	1300	5ba3af74071e58c1f18c22ac35c6cbb7.tmp	fzxujk.exe
PID 1300 wrote to memory of 3924	1300	5ba3af74071e58c1f18c22ac35c6cbb7.tmp	fzxujk.exe
PID 1300 wrote to memory of 3924	1300	5ba3af74071e58c1f18c22ac35c6cbb7.tmp	fzxujk.exe
PID 3924 wrote to memory of 1168	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 1168	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 1168	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 4048	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 4048	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 4048	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 1620	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 1620	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 1620	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 3804	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 3804	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 3804	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 2452	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 2452	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 2452	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 2464	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 2464	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 2464	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 5016	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 5016	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 5016	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 2260	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 2260	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 2260	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 3544	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 3544	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 3544	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 364	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 364	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 364	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 464	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 464	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 464	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 1988	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 1988	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 1988	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 2576	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 2576	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 2576	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 4172	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 4172	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 4172	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 4188	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 4188	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 4188	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 3236	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 3236	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 3236	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 4384	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 4384	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 4384	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 3748	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 3748	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 3748	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 5072	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 5072	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 5072	3924	fzxujk.exe	GoogleUpdateCore.exe
PID 3924 wrote to memory of 4388	3924	fzxujk.exe	GoogleUpdateCore.exe

C:\Users\Admin\AppData\Local\Temp\5ba3af74071e58c1f18c22ac35c6cbb7.exe
"C:\Users\Admin\AppData\Local\Temp\5ba3af74071e58c1f18c22ac35c6cbb7.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:3488
- C:\Users\Admin\AppData\Local\Temp\is-S1TVN.tmp\5ba3af74071e58c1f18c22ac35c6cbb7.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-S1TVN.tmp\5ba3af74071e58c1f18c22ac35c6cbb7.tmp" /SL5="$6023E,1651783,845824,C:\Users\Admin\AppData\Local\Temp\5ba3af74071e58c1f18c22ac35c6cbb7.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious use of WriteProcessMemory
  PID:1300
- - C:\Users\Admin\AppData\Local\Temp\is-JC4UE.tmp\fzxujk.exe
    "C:\Users\Admin\AppData\Local\Temp\is-JC4UE.tmp\fzxujk.exe" C:\Users\Admin\AppData\Local\Temp\is-JC4UE.tmp\script.a3x
    3⤵
    - Executes dropped EXE
    - System Location Discovery: System Language Discovery
    - Checks processor information in registry
    - Suspicious behavior: GetForegroundWindowSpam
    - Suspicious use of WriteProcessMemory
    PID:3924
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:1168
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:4048
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:1620
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:3804
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:2452
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:2464
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:5016
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:2260
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:3544
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:364
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:464
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:1988
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:2576
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:4172
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:4188
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:3236
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:4384
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:3748
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:5072
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:4388
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:2324
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:3324
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:3556
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:2084
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:4596
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:2924
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:3920
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:2728
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:2796
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:4500
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:4756
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:228
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:1752
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:336
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:4568
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:4336
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:4892
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:1028
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:1544
  - - C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe
      "C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateCore.exe"
      4⤵
      PID:4348

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\is-JC4UE.tmp\fzxujk.exe

Filesize
872KB

MD5
c56b5f0201a3b3de53e561fe76912bfd

SHA1
2a4062e10a5de813f5688221dbeb3f3ff33eb417

SHA256
237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d

SHA512
195b98245bb820085ae9203cdb6d470b749d1f228908093e8606453b027b7d7681ccd7952e30c2f5dd40f8f0b999ccfc60ebb03419b574c08de6816e75710d2c

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-JC4UE.tmp\script.a3x

Filesize
653KB

MD5
9ca5723b051b92f691e7a7b429f79bca

SHA1
7824fc09ac6a7e8e7517e084e4bf28db4e68e991

SHA256
67ab963c9d63cf6343277d63bdd7160329d9a13597cc2f59233883d19adb0309

SHA512
9fa68bb561c31e9e2a5655b54f10df771777ac8eec76de757bedac0011893a8a547d52f0aca59a6d07624675d34766fa8bbede514a22432d58b1ab3775502638

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-S1TVN.tmp\5ba3af74071e58c1f18c22ac35c6cbb7.tmp

Filesize
3.2MB

MD5
e587511f17c07622f2e88bde6dc2a499

SHA1
08899e43445db2e0d000b3afd80e028636786eeb

SHA256
9fbf0748b5d890c2c28b1ae20aad7fc23a93cc7a57c4a51220d9381af7637c60

SHA512
2e59d9c525c5383c4ea66c785584aa69256a47ffe928a6595cc2bf07469d2da4dd56dcd3d3d42496e593c39eec6356fc4c8a9cdeee6770c7e6c3319b8b614c6e

Download Submit
memory/1300-6-0x0000000000290000-0x00000000005D3000-memory.dmp

Filesize
3.3MB

Download
memory/1300-15-0x0000000000290000-0x00000000005D3000-memory.dmp

Filesize
3.3MB

Download
memory/1300-21-0x0000000000290000-0x00000000005D3000-memory.dmp

Filesize
3.3MB

Download
memory/3488-0-0x0000000000440000-0x000000000051C000-memory.dmp

Filesize
880KB

Download
memory/3488-2-0x0000000000441000-0x00000000004E9000-memory.dmp

Filesize
672KB

Download
memory/3488-16-0x0000000000440000-0x000000000051C000-memory.dmp

Filesize
880KB

Download
memory/3488-23-0x0000000000440000-0x000000000051C000-memory.dmp

Filesize
880KB

Download
memory/3924-14-0x0000000001670000-0x0000000001A70000-memory.dmp

Filesize
4.0MB

Download