Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

Synapse X.exe

windows10-1703-x64

6

Synapse X.exe

windows10-2004-x64

6

Resubmissions

21/09/2024, 14:51

240921-r7719aybkr 6

21/09/2024, 12:45

240921-pzfkxssfng 6

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    21/09/2024, 12:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Synapse X.exe

  • Size

    374KB

  • MD5

    b69c13e0099df6821ba000cb9d39819b

  • SHA1

    6a36cf9a4a9ff90f8ddf21f62db94ef2691b85ee

  • SHA256

    cbff32a11e742c778f5d2d94da6699af7302ec751111b06c37f665768eaf2d02

  • SHA512

    0c7b4d42f46a04574d8adf6d6149e0a81bc4cbafcb2e46557b0bd083f82fdd8dbf7cc166ee0da1cdf5048605f0e83f50a1e064a5c581a97b1aefc4533d9954bb

  • SSDEEP

    6144:H83Kwo3BjOALaQIigh4f86OZUjUKnmuv9uVYwEHCnGuBt+1:Hxz7r86h0uv8V5nxj+1

Score
6/10
discovery

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks processor information in registry 2 TTPs 5 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies registry class 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of FindShellTrayWindow 18 IoCs
  • Suspicious use of SendNotifyMessage 17 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\Synapse X.exe
    "C:\Users\Admin\AppData\Local\Temp\Synapse X.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of AdjustPrivilegeToken
    PID:4764
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4764 -s 8340
      2⤵
      • Program crash
      PID:4712
  • C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5060
    • C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe"
      2⤵
      • Checks processor information in registry
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2004
      • C:\Program Files\Mozilla Firefox\firefox.exe
        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2004.0.502071371\1290337208" -parentBuildID 20221007134813 -prefsHandle 1712 -prefMapHandle 1704 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fd21459d-bf4e-4708-b4fe-d33b534f39d7} 2004 "\\.\pipe\gecko-crash-server-pipe.2004" 1792 2461dcd8158 gpu
        3⤵
          PID:2920
        • C:\Program Files\Mozilla Firefox\firefox.exe
          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2004.1.1846131302\771538887" -parentBuildID 20221007134813 -prefsHandle 2136 -prefMapHandle 2132 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8f9f5d3e-12cd-4326-b4ac-bb2b3325a346} 2004 "\\.\pipe\gecko-crash-server-pipe.2004" 2148 2461dbf1058 socket
          3⤵
            PID:2396
          • C:\Program Files\Mozilla Firefox\firefox.exe
            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2004.2.896859297\1471756890" -childID 1 -isForBrowser -prefsHandle 2932 -prefMapHandle 2740 -prefsLen 20931 -prefMapSize 233444 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b169d137-9a6d-4d20-8212-46fa9bce808a} 2004 "\\.\pipe\gecko-crash-server-pipe.2004" 2732 24621c9a858 tab
            3⤵
              PID:2052
            • C:\Program Files\Mozilla Firefox\firefox.exe
              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2004.3.44500178\1978475236" -childID 2 -isForBrowser -prefsHandle 3460 -prefMapHandle 3452 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a0855bf9-4b0b-4adc-b714-a8b8c7ec1d65} 2004 "\\.\pipe\gecko-crash-server-pipe.2004" 3472 24622a68158 tab
              3⤵
                PID:688
              • C:\Program Files\Mozilla Firefox\firefox.exe
                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2004.4.1374463533\339129355" -childID 3 -isForBrowser -prefsHandle 4248 -prefMapHandle 4244 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {30d308f1-e198-40ab-9843-2935508969a1} 2004 "\\.\pipe\gecko-crash-server-pipe.2004" 4260 246238e8b58 tab
                3⤵
                  PID:4236
                • C:\Program Files\Mozilla Firefox\firefox.exe
                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2004.5.790512119\1168277263" -childID 4 -isForBrowser -prefsHandle 5032 -prefMapHandle 5036 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a8c62a6e-0248-4057-b3fc-4add4adc48be} 2004 "\\.\pipe\gecko-crash-server-pipe.2004" 4952 2462416fa58 tab
                  3⤵
                    PID:4204
                  • C:\Program Files\Mozilla Firefox\firefox.exe
                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2004.6.1576307743\1341474992" -childID 5 -isForBrowser -prefsHandle 4768 -prefMapHandle 4776 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ff5257cf-cbd4-42be-a9ef-b4dccb9da9c5} 2004 "\\.\pipe\gecko-crash-server-pipe.2004" 4780 24624170358 tab
                    3⤵
                      PID:2976
                    • C:\Program Files\Mozilla Firefox\firefox.exe
                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2004.7.2127563489\383077750" -childID 6 -isForBrowser -prefsHandle 5228 -prefMapHandle 5232 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8448a42a-aa17-4770-aef1-fff72cd38d7c} 2004 "\\.\pipe\gecko-crash-server-pipe.2004" 5220 24624171258 tab
                      3⤵
                        PID:3592
                      • C:\Program Files\Mozilla Firefox\firefox.exe
                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2004.8.1883524928\392059156" -childID 7 -isForBrowser -prefsHandle 4404 -prefMapHandle 4544 -prefsLen 26328 -prefMapSize 233444 -jsInitHandle 1220 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {61803626-0b3a-42ff-b57d-f1a7cf31f08b} 2004 "\\.\pipe\gecko-crash-server-pipe.2004" 4272 24612b62858 tab
                        3⤵
                          PID:4308

                    Network

                    MITRE ATT&CK Enterprise v15

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads

                    • C:\Users\Admin\AppData\Local\Temp\tmpaddon
                      Filesize

                      442KB

                      MD5

                      85430baed3398695717b0263807cf97c

                      SHA1

                      fffbee923cea216f50fce5d54219a188a5100f41

                      SHA256

                      a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

                      SHA512

                      06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
                      Filesize

                      8.0MB

                      MD5

                      a01c5ecd6108350ae23d2cddf0e77c17

                      SHA1

                      c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

                      SHA256

                      345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

                      SHA512

                      b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\db\data.safe.bin
                      Filesize

                      2KB

                      MD5

                      ec5e47bd9d1851f8a016b78df7fea96f

                      SHA1

                      37cdd00b9a0005833a66bae62c92d53c2d830462

                      SHA256

                      bc1c94e807178d7894f1a70e0716cf3c01f333a02b971bfda77b0a2bd9deaed0

                      SHA512

                      c1514946e872657617d3f4d1b1b6d52d4a04a070b57b6177c888a8d2333eaf881b7d0857a6044af5125dfb913e1dcb6ca2d02e7b18babf0e911f4786381e4d77

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\pending_pings\a3519f9a-636c-4b58-a3a3-670a2fe6fb97
                      Filesize

                      746B

                      MD5

                      10588ab596f778133037906266368124

                      SHA1

                      d2e5d5b55b27ac9cda838e26a14e1d3ff2edd862

                      SHA256

                      e1c0d4f215e286ea01449fbfff99f9952cc800e0b4f29913fb30cbdf78aef47c

                      SHA512

                      8b12a83746c5a6ded4120023bab82d0c5f5153ae28ab56e8924f13a888933649dd95c58f1ae295158b746296db932dde4fc3525b386174f5da970523bdcb0a8e

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\datareporting\glean\pending_pings\d648dbaa-8e90-49b6-8c47-4ea787a730be
                      Filesize

                      9KB

                      MD5

                      97d263f425ed6b6a3f623591987dfd2e

                      SHA1

                      c308df71d8220d2cd67b3aff9c4e7296b0529868

                      SHA256

                      e52e790239c89c959615c14350b34698e0e5b1ae329ac1c8676cac8c09e2f3a0

                      SHA512

                      2cd089ccd99ca82cd11bfff121f84c458b7bc989c58058b91ac7a20cbe4d976db1e609ffc558db535b893bb80576dd6c0eb7a10eb66befa8e943ea4c97fa8974

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
                      Filesize

                      997KB

                      MD5

                      fe3355639648c417e8307c6d051e3e37

                      SHA1

                      f54602d4b4778da21bc97c7238fc66aa68c8ee34

                      SHA256

                      1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

                      SHA512

                      8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
                      Filesize

                      116B

                      MD5

                      3d33cdc0b3d281e67dd52e14435dd04f

                      SHA1

                      4db88689282fd4f9e9e6ab95fcbb23df6e6485db

                      SHA256

                      f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

                      SHA512

                      a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
                      Filesize

                      479B

                      MD5

                      49ddb419d96dceb9069018535fb2e2fc

                      SHA1

                      62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

                      SHA256

                      2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

                      SHA512

                      48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
                      Filesize

                      372B

                      MD5

                      8be33af717bb1b67fbd61c3f4b807e9e

                      SHA1

                      7cf17656d174d951957ff36810e874a134dd49e0

                      SHA256

                      e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

                      SHA512

                      6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
                      Filesize

                      11.8MB

                      MD5

                      33bf7b0439480effb9fb212efce87b13

                      SHA1

                      cee50f2745edc6dc291887b6075ca64d716f495a

                      SHA256

                      8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

                      SHA512

                      d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
                      Filesize

                      1KB

                      MD5

                      688bed3676d2104e7f17ae1cd2c59404

                      SHA1

                      952b2cdf783ac72fcb98338723e9afd38d47ad8e

                      SHA256

                      33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

                      SHA512

                      7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
                      Filesize

                      1KB

                      MD5

                      937326fead5fd401f6cca9118bd9ade9

                      SHA1

                      4526a57d4ae14ed29b37632c72aef3c408189d91

                      SHA256

                      68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

                      SHA512

                      b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs-1.js
                      Filesize

                      6KB

                      MD5

                      bb9179ae12cb1f90380e275e7b3dbd26

                      SHA1

                      d5268bb329ba6a3ce465f6eac83baafb964b12ea

                      SHA256

                      f8a6617194dd7c8706fbe27d2e5300a59a01c56a512d298c5d0f961c12cabd58

                      SHA512

                      0544a3cea763b9d2c86851c6109b75998118a9270378831f9fd1f756ea7bcb00eaf09ec0bfd482b48911dd9fa91bd7600a670bcf8cdd9fd4e8f95258c3564ef5

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs-1.js
                      Filesize

                      6KB

                      MD5

                      a8f0bb69f23ac06c2d00eb71a8c02a03

                      SHA1

                      9778705adcb889060de79b175a628c9df829a81c

                      SHA256

                      f533cd336d437b6b548eebf3649211f90854b92407bbc828c58411b8187307db

                      SHA512

                      2bec007af229e8b23676ce6bbe49f2d876b9d236730d45c858921a03ff31ccf0dee551b61a1fdaac93a90bcd5f01911b25d9cd158e096ac33d0c1b521189aa1b

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs-1.js
                      Filesize

                      6KB

                      MD5

                      1c4195b8a4b1bdeb84969aebeaf1d7f3

                      SHA1

                      bf72600e3f0605935b84d4b4eb20cbb3cd00490f

                      SHA256

                      f1ba41d788227ab3a57484d4dbc015990d7348857f861fa6a1381bb215b832a4

                      SHA512

                      1271daa74dd8ef1a5584dbe8c7fae62af172b3bba64237ec48896a69b6a47dc05b692d23a10b6c6ae164b987f984259ab0c29b51ae4f416dc192225f5942a76c

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\prefs.js
                      Filesize

                      6KB

                      MD5

                      abe983d604464305e58d6bb0e06efeb8

                      SHA1

                      2bacbf6a1ade11a775a389575a6bcc05f976e48e

                      SHA256

                      49f6e568ac5b7b9ca8c9526c2279b7c88bff3d62547527a6183b115081082a28

                      SHA512

                      f31e8615d07a7bd90ab3edc2c647e05cd44e4224b627cf06e2030227c70ff2bde52fc7a01421071f19800f1d13ebb775afb0ab0e71cff3d01500e082d688f4d6

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
                      Filesize

                      3KB

                      MD5

                      e310f5415aef7503a12608bc698fabcd

                      SHA1

                      338b9a219169f9fca25aa532780f41b5913695cb

                      SHA256

                      b8644e9f985c2dd3267840500723fb0189b259a1d2e5496bd3122aab4099b190

                      SHA512

                      e19d93420799ecc600e67a25be5c52378e2133a10afb61e9195e7531d74d5350652e69afc0ddfec836f2141278f086ee1bfddde19e4778d5e0dc0e0f6ad72251

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
                      Filesize

                      4KB

                      MD5

                      dd10f501bf7843324b0c8e0d1b278894

                      SHA1

                      6e30dee60b47b1a0d65f08cffd8023128f7823a5

                      SHA256

                      11acf86c548d4d694d28ac76290187ca60c5618377cd54e04d4eeb79a2762335

                      SHA512

                      c22323aea1f1d0c54c97c5e076118340cf2258bee09c5a2df7801d1d54fb6f78a93e11c87f1b723383ac1b868fb682d960dfc78a52ab994d66f24bca6758fce1

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\sessionstore-backups\recovery.jsonlz4
                      Filesize

                      4KB

                      MD5

                      b2e49992fc120c42981779b21bb3a57f

                      SHA1

                      3f102c9482fafe64ceb0de86629c54ba1696edf3

                      SHA256

                      266e601ed664d25a4dd48004a1c457637517d8db4d740074019527353783bac4

                      SHA512

                      1ccd2b9ce148aca45eda046b0034dce76350964ae05263cf528a8d14d2e903740872fd860fd967ed773bad9c442a0f8e62a8a70a1d2742d86f2276144cdcddbb

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wtg1s5j6.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
                      Filesize

                      184KB

                      MD5

                      0d0013d9708d9fef539adc917f5b87f6

                      SHA1

                      5e071e6b4d8abf007c8bb78ee948caf5bb0439e1

                      SHA256

                      f416d29cdbaa66b7d04483831d2a593a735316fafb643414a12df78da0ab054b

                      SHA512

                      851e9965a0fed9e0f5195ce655635cf13687d18678e4a9df807ab22cbc53c02cd2006fd65d93cd80b2a06d709e59122ea9933ba5cec551c6d51f5e9b4c175388

                      Download Submit

                    • memory/4764-8-0x0000000073C10000-0x00000000742FE000-memory.dmp

                      Filesize

                      6.9MB

                      Download

                    • memory/4764-0-0x0000000073C1E000-0x0000000073C1F000-memory.dmp

                      Filesize

                      4KB

                      Download

                    • memory/4764-7-0x0000000073C1E000-0x0000000073C1F000-memory.dmp

                      Filesize

                      4KB

                      Download

                    • memory/4764-6-0x000000000C360000-0x000000000C398000-memory.dmp

                      Filesize

                      224KB

                      Download

                    • memory/4764-5-0x0000000073C10000-0x00000000742FE000-memory.dmp

                      Filesize

                      6.9MB

                      Download

                    • memory/4764-4-0x0000000073C10000-0x00000000742FE000-memory.dmp

                      Filesize

                      6.9MB

                      Download

                    • memory/4764-3-0x0000000002380000-0x0000000002386000-memory.dmp

                      Filesize

                      24KB

                      Download

                    • memory/4764-2-0x00000000049D0000-0x0000000004A4A000-memory.dmp

                      Filesize

                      488KB

                      Download

                    • memory/4764-1-0x00000000001F0000-0x0000000000252000-memory.dmp

                      Filesize

                      392KB

                      Download