Overview

overview

5

Static

static

1

4-NOTIFICA...-4.msg

windows7-x64

5

4-NOTIFICA...-4.msg

windows10-2004-x64

3

5- DEMANDA...-3.svg

windows7-x64

3

5- DEMANDA...-3.svg

windows10-2004-x64

3

Resubmissions

25-09-2024 06:14

240925-gzpjtsselc 5

25-09-2024 04:21

240925-eym89svdmn 5

Analysis

  • max time kernel
    178s
  • max time network
    182s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25-09-2024 06:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4-NOTIFICACION DEMANDA LABORAL -4.msg

  • Size

    450KB

  • MD5

    87e289195af7d0b2588a8b72a034a0ec

  • SHA1

    c7f5a6660664b834bfcc5d3017387b66fea04539

  • SHA256

    78c8866893236cd959f3a92f0395e74156102a7d1241d86ab32f272cfa29ab29

  • SHA512

    d546726076dc1fb04ca191315dc5a794915963324243368024a191a3b8c6542ff0a1dcbb246504068c28da90287e7f6b030f4ebbb018b733831b180a02c9a486

  • SSDEEP

    6144:u4G4j56Lf0LsuC4fBpCoK21dE+XlpJGwSsKld:t6LcLLCJ21GApJGwvk

Score
5/10
discovery

Malware Config

Signatures

  • Drops file in System32 directory 14 IoCs
  • Drops file in Windows directory 3 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 42 IoCs
    adwarespyware
  • Modifies registry class 61 IoCs
  • NTFS ADS 3 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 33 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE" /f "C:\Users\Admin\AppData\Local\Temp\4-NOTIFICACION DEMANDA LABORAL -4.msg"
    1⤵
    • Drops file in System32 directory
    • Drops file in Windows directory
    • System Location Discovery: System Language Discovery
    • Modifies Internet Explorer settings
    • Modifies registry class
    • NTFS ADS
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:2148
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:1036
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0xc8
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:1652
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\Downloads\5- DEMANDA LABORAL JUZGADO 02 LABORAL DEL CIRCUITO-3.svg
      1⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2020
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2020 CREDAT:275457 /prefetch:2
        2⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2480
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2020 CREDAT:275468 /prefetch:2
        2⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1744

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      378fed0f50cadc81dfc6923b8a51ec8d

      SHA1

      2d8211b0668fdec1e301e1879028da0a899c445b

      SHA256

      52a3e257f23009e1981460560e913637cb950ec1a507c03797a7fea5569f5574

      SHA512

      6ff5caaa836c4d97acda52f1c4e38ba3fd06d08a689b373b698c411ad30b24739ee34dec6b2b9c320a253ed1a44f0e7bf5cb17b264025fc3459fc4e73c33cb81

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      66e9c513eb4a777c16be58eef392b671

      SHA1

      58f16330a087a26302a2e60487d96b3716356493

      SHA256

      29aa12db27ee35d4193310cff4a8db8e7c2d3d752adc31602e028106549b4b81

      SHA512

      283244e25b0724b82640b6abad56d17541eaf982f72c39cc1703a00ec6a5fdf3ac4a9dc23d4cab293e70aceb3c3821ba699aba07b626845642e74450210c37c0

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      6ac835a465c9195de9133153d496e5eb

      SHA1

      b328d97cdfe11e54206ec6e3c24bad7e154317d8

      SHA256

      e08584b2f547365feb0e87832647d435fce48446d7e7ddde14210cb380af7ca6

      SHA512

      cc1df34379c8911214b47f59b80e1b7962649ca4ce8dbefd9dba4548662345aeac0c87804a952d3f743db3ec3d6d152e63c1c40ee569db81324eec3fc5ff6c35

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      feba94b4b09ba1e8bd17e03d91a8bdfd

      SHA1

      14ec07a0678752ce79a85ca8a19e9b8338afc256

      SHA256

      07ed78ba102e9a654e92cfc215886d1c2764edf4fc44284e6e63c0c9d9c4ea8c

      SHA512

      2c8d27756860cd105f93c85ab9292224fbc3511162a6860694ccb37784cbb8b6500cb207411c5176d27c5e7832436b0258251a0b977b8df81358ecade3ed60af

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      457e7d8fbdbb4b20921c6963a142c68e

      SHA1

      4037416d776b4b16d381e9b37a370e0076715b3d

      SHA256

      cd37d942f957811cd0fe1354a5864dd66fb59de7b4ce0db4d318e184efa5c533

      SHA512

      af56220266b7443c593beec87c551a5d60067a4b185ea4b08be55d361759293aa18e06fb05f3ac942fa721dc6da02b01da454292bdaaedc0f7d44bfb21621a85

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      be347986365eab8fb0e52f8be1b56c9a

      SHA1

      c106ccb230b9773e2d3910f500ca94053dbfb6a4

      SHA256

      4d27549506699e1a9cfcdb00263cc65ec31b84d82636b7e75733652c015229ed

      SHA512

      c3aa0b5b11c323566d84232c6d81491436540dd79f455d700133775cc098aaf9c6e0d245fa913ce75a7a0ea151a79e43771390ba37cb2120a2ce8bc2492ab082

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      9300c42f2f4adaea22dc7285570d527a

      SHA1

      980f1198a33c5fbaa088bf53e1b60bfe85b3782e

      SHA256

      aa0873396c1661300d0b2f61ccee65e0809cf201aa147a44e5678a12ccc3473c

      SHA512

      e60ac91981904f9434c266e4bc810ffd6f73bd0a95e62244291c7083480ff49f1494617d1f4d8496fc692e22851126acd8f1145597b6d5668c2bde56dd5e3c70

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      5b29c4f8a1b13e9f9e8a817a652cb008

      SHA1

      8a773fcde0c5e7167711a514260a2d9da7653df2

      SHA256

      30625112057166f6b924021b9c064d2d3ba6181e10d91f5f1112f410efe8db9d

      SHA512

      49adff3060edb1ff870f57b85bcc77ecb8dc7c4358a1c7997588e94766e3a413b14b66bdadbde536a033f91910f797cfbb8a31dfeef89c9d43aab6ee918a2290

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      77aa40af6bd03db0d20c4d43dba5163e

      SHA1

      8914fcd73ea828d89a857b41381f732575a396c9

      SHA256

      63c4b72796c2fc95e4fa801412f8af74c81e912ea8b5e8dca9a85138ad51d5ae

      SHA512

      2e3fcc5af16085fc5021d41dee68a40d99418ddf8aec651cddd3982ed0a45eec339b6f5c51156f42ad9a6615ca2f789484ae874f3cfc2bef8d965b32ba87d241

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      f716deef5a2f7fde6e01af7f9e5be05b

      SHA1

      d4bd09f46445bb3ae338d4d1ceae601f2f5bcf94

      SHA256

      fb143e878b0b042b66677b8a7982c7f21c967238552564689f0df780e2272e5b

      SHA512

      950851f70631ca2fd14d3b27d6fc39c38af5270915d293f008aa95900a1bdce5750de76559523fb921ee7a0353e039388d81be1e337d320132db2781e7037433

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      d9450e32609dfa05946abd9ee045ea7e

      SHA1

      21233877c126e5e0f55b4ef4d2508efd031745da

      SHA256

      4e229be78eff528a1f46771a5b06f3faf4ac07c2239fe48a63008b98d3c3eaa1

      SHA512

      3d18b699d59a23f40fe22fc5357e4a9f3c6042df4caff0ba48ceb84841004b3f1a8d67554997f332699f344df50eabcda41f6a319653ef771fd2ed5467995682

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      f560d3ad1835cde0541eca43d656f702

      SHA1

      3932870e4f48b37a2c09546538bfcf063cb5c2b6

      SHA256

      2dfac35ba99a774805a6f84e04374e122743675616999340c6276b18314a0a93

      SHA512

      7416d368f8f838f8940ac548db13f170a946d99094999d4b7c804f5dfadf5a758b2dae1e9901ce02115cccdefb5a36f1ef3d8923c5c64b749c737c23794665cc

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      ba8d7cfc5e39e9245e3bc67bdfd6ac8d

      SHA1

      71b9b62d469f2311ae9cee28555239171e6cd3e3

      SHA256

      d0a66f42ea786237a373b8bce2d3024029af2102ee920ca1b458f2f1ab13835b

      SHA512

      af35ae7903ab0181a593bb8bd8a984973dab8cbae2bdbdd85e9d4748afce69cf430c53259ec31cdebe750ca70e2f27c043b783d63a6c346f87e732d3580da7a1

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      717ead69e6bda0bb034c0127347f0dbd

      SHA1

      3cff86bb670243eeef3ae6778a1a14bdc091606e

      SHA256

      c3b36f21a7b329428b5a481a045d4ac58fdd96d356c78013b0fadebe26ecd83e

      SHA512

      6bf05235f4bad3a546668a98a7a1610935049f20c6d9feb1a89f0ba92cc6dc2422c4b5582eaa7489e3f525a653e393b191d3f1a8eefd241980e9abc7afb5613c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      c47b6908403fbdda8f56fcf1033c866f

      SHA1

      94e5694d5bc00c5b34046e8ad23f4ee727badf0b

      SHA256

      d67ee9721f280c0a4f23d4b3046ea5c51b383e031be6add04258827e3701a0af

      SHA512

      bbcec6dcbd416a156e0c43b0f9a6b1fba716a9e0afb6f8f4d6191b421ba37ce80b96c10f83b795d40ac1a91530d801431b386150f4edd215e7a5a29afdf43754

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      3c75d914dd2077097257b52b17556401

      SHA1

      eaa87e6c0ef5b0b70ec33c56b3c75a1b8ed1cce2

      SHA256

      a845909d1c40ef7ff9159b7db54285b94645e80eecda9ffad803adcdd9e76226

      SHA512

      c3e867bcbca84e82cbcf451ccf81366a688bb636b681ee9576138f6053f10286cb6f7c40303f995f1999eb282131cbae86f08dc0e4982077bda2a011f4e8db30

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      5ef068dbcb6ec95f6657509fe4d19e98

      SHA1

      3279bd8ebc8d14fa17319de6bec2610971938c16

      SHA256

      0ea71bf7b1a041df903cc1f9f4fe69c6b4fb023c0f4d7ae811ced69eda3b942e

      SHA512

      736291c07f55ff409fb5a13a935f2e727fd9f16c046672d0ab26064614f5a0076f1efec6db65e1e083c3580f7930c4e63f3177aaec74035b240257c8358265cf

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      bb4eae2c0b45120d428dd7886e287f46

      SHA1

      feb9fefd1f76d00ca527ae34504c8c67fe67f816

      SHA256

      6819371ae2292ee61a22762a09d2957f4077ba78d7598dc01e35470946105ce6

      SHA512

      7c6dd5a787a0b10f64766c610ec717f77c6757790ba8ba7ddd602fa564703582547cb80a7eeee99b00187afa0c68f9afa941be9ef79eafb4376a9cb6e317de75

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      db5a06477ee45b176fd407328c3103b7

      SHA1

      b61aa4bb000f0910632e2f5c027754076c160da9

      SHA256

      fef4799c006e21720bea91a637173d65cf7815175f86f3fba825a4d58ff9c3b7

      SHA512

      a9d9600457621e87fbb5cdf7d12ee83835bf716bf6ea4a953f09864174c3effcd3a526c66265823698d4d3ed156cd4e8da9b7e4895ca9714562ce44c5165d115

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT
      Filesize

      240KB

      MD5

      a77ca244dd452850b17ae039989f5dee

      SHA1

      87c26b42e2077ebcf39e5e0c97302689cfb34e33

      SHA256

      2d8c9501dea995f4cc3e751a75a7f7b660514cff429486e325dca871b06df854

      SHA512

      2257e9e595324be61570bcaae059799e97f0c0b6b84b7e00b4958b59449e5743b296c122c6eb270bc8de292494d662e18efe523d242c17e4ec77ceb21e7ce6b6

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT
      Filesize

      240KB

      MD5

      0e8ac804dfe5b0723fddfe9b08b6b7f9

      SHA1

      9955fde65f85723ddaac805ee56a2c77b5ac9f3c

      SHA256

      3ac46b69998bb8e4b1458875dc5e1beff2053af9e0102c588552688e185972d4

      SHA512

      0b7d4e22a1ad753eacf229c3f898008567766de580d5c831815bc669b141d3fce1cd349afb08960e5e65717037f7760a42f365700cfd84d16b5bead411eb14a2

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\lutsxto\imagestore.dat
      Filesize

      5KB

      MD5

      5e51bdd1bbb28794a237536b253c3db3

      SHA1

      add50035223c4356bc0df3fd59d1f7df3d875903

      SHA256

      53e02eaa67e0e139c7241d57fd3991084f2437771fa32677ddc7147e5996bceb

      SHA512

      10641108f1438f4c9525011a1ccc253ce0e1de8d481f8f31d9688ffaae0c3cda2dc88bda90265fe25bce174963e2715473a8ebf176694221eb76d87580a59b8d

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Outlook\mapisvc.inf
      Filesize

      1KB

      MD5

      48dd6cae43ce26b992c35799fcd76898

      SHA1

      8e600544df0250da7d634599ce6ee50da11c0355

      SHA256

      7bfe1f3691e2b4fb4d61fbf5e9f7782fbe49da1342dbd32201c2cc8e540dbd1a

      SHA512

      c1b9322c900f5be0ad166ddcfec9146918fb2589a17607d61490fd816602123f3af310a3e6d98a37d16000d4acbbcd599236f03c3c7f9376aeba7a489b329f31

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQU8S4LJ\favicon[1].ico
      Filesize

      5KB

      MD5

      f3418a443e7d841097c714d69ec4bcb8

      SHA1

      49263695f6b0cdd72f45cf1b775e660fdc36c606

      SHA256

      6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

      SHA512

      82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Outlook\N5LUXXB9\5- DEMANDA LABORAL JUZGADO 02 LABORAL DEL CIRCUITO-3.svg
      Filesize

      382KB

      MD5

      cb5f7c144a3d5edc7b366f781f0ee5ca

      SHA1

      cefcd42d12ec1a5e61d060e5dd7217c4e3822248

      SHA256

      fbf3745834e07063ca47e29d598462f273a1d172260bb21f213b8bfd0e7d7b6c

      SHA512

      fef6013c9766e4cd052d7526fc54b8717762c8441d1b67932752aab13bf3cbd47c4de7bfe943e7e659d28cc330883c1b5dc1d1d97debdce4d3955dc4fdf1f044

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Cab45D8.tmp
      Filesize

      70KB

      MD5

      49aebf8cbd62d92ac215b2923fb1b9f5

      SHA1

      1723be06719828dda65ad804298d0431f6aff976

      SHA256

      b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

      SHA512

      bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\Tar4699.tmp
      Filesize

      181KB

      MD5

      4ea6026cf93ec6338144661bf1202cd1

      SHA1

      a1dec9044f750ad887935a01430bf49322fbdcb7

      SHA256

      8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

      SHA512

      6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\{E35A96CF-419D-48B8-8D85-123F73F85A26}.html
      Filesize

      6KB

      MD5

      adf3db405fe75820ba7ddc92dc3c54fb

      SHA1

      af664360e136fd5af829fd7f297eb493a2928d60

      SHA256

      4c73525d8b563d65a16dee49c4fd6af4a52852d3e8f579c0fb2f9bb1da83e476

      SHA512

      69de07622b0422d86f7960579b15b3f2e4d4b4e92c6e5fcc7e7e0b8c64075c3609aa6e5152beec13f9950ed68330939f6827df26525fc6520628226f598b7a72

      Download Submit

    • C:\Users\Admin\Downloads\5- DEMANDA LABORAL JUZGADO 02 LABORAL DEL CIRCUITO-3.svg:Zone.Identifier
      Filesize

      26B

      MD5

      fbccf14d504b7b2dbcb5a5bda75bd93b

      SHA1

      d59fc84cdd5217c6cf74785703655f78da6b582b

      SHA256

      eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

      SHA512

      aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

      Download Submit

    • memory/2148-637-0x000000000DF60000-0x000000000E372000-memory.dmp

      Filesize

      4.1MB

      Download

    • memory/2148-0-0x000000005FFF0000-0x0000000060000000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2148-188-0x000000000B4F0000-0x000000000B4F2000-memory.dmp

      Filesize

      8KB

      Download

    • memory/2148-1-0x000000007328D000-0x0000000073298000-memory.dmp

      Filesize

      44KB

      Download