Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

070f99655b...18.dll

windows7-x64

8

070f99655b...18.dll

windows10-2004-x64

5

Analysis

  • max time kernel
    149s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    01/10/2024, 19:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    070f99655b961735f45df81e68bba74e_JaffaCakes118.dll

  • Size

    224KB

  • MD5

    070f99655b961735f45df81e68bba74e

  • SHA1

    00b2bdc4dab1133aaa41b4a9010dc3e0e6813d11

  • SHA256

    9dd35be641daf8275c520c7b3608d8ecef84a22d1a412c87c72d9bf4069f35fb

  • SHA512

    3494a455c99b83b2f75000ad02847b9b1ca0715fbaa0ef0cb65917ac413fd3e4ed00f7e6d405625fff563a215a3b5fcf6456f0c5d5f435905097c0ee4d349547

  • SSDEEP

    6144:YAk17UiuGq+7hNfc1UtYaGoei8fYL1GKKQ+mZ4UyB:YZ1SGqwfsQ9Gn2KQZ4U

Score
8/10
discoveryevasionupx

Malware Config

Signatures

  • Disables Task Manager via registry modification
    evasion
  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • System Location Discovery: System Language Discovery 1 TTPs 5 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer Protected Mode 1 TTPs 15 IoCs
  • Modifies Internet Explorer Protected Mode Banner 1 TTPs 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 47 IoCs
    adwarespyware
  • Modifies registry class 5 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of FindShellTrayWindow 13 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 29 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\070f99655b961735f45df81e68bba74e_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1924
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\070f99655b961735f45df81e68bba74e_JaffaCakes118.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer Protected Mode
      • Modifies Internet Explorer Protected Mode Banner
      • Modifies Internet Explorer settings
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of WriteProcessMemory
      PID:2428
      • C:\Windows\SysWOW64\explorer.exe
        explorer.exe
        3⤵
        • System Location Discovery: System Language Discovery
        PID:2592
      • C:\Windows\SysWOW64\notepad.exe
        notepad.exe
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer Protected Mode
        • Modifies Internet Explorer Protected Mode Banner
        • Modifies Internet Explorer settings
        • Suspicious behavior: EnumeratesProcesses
        PID:2376
      • C:\Windows\SysWOW64\notepad.exe
        notepad.exe
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer Protected Mode
        • Modifies Internet Explorer Protected Mode Banner
        • Modifies Internet Explorer settings
        • Suspicious behavior: EnumeratesProcesses
        PID:2644
  • C:\Windows\explorer.exe
    C:\Windows\explorer.exe /factory,{682159d9-c321-47ca-b3f1-30e36b2ec8b9} -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Modifies registry class
    • Suspicious use of WriteProcessMemory
    PID:2080
    • C:\Windows\system32\ctfmon.exe
      ctfmon.exe
      2⤵
      • Suspicious use of FindShellTrayWindow
      PID:780
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2752
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2752 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2664

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    0dce665eb9d7f643bda3dc32041842d9

    SHA1

    fb1b7093cf2b3608ec3cf718e86c67c378b18bb7

    SHA256

    e6a792459e56b112dfc64e0691c8ae2ef7bb0b89277e18e6c8b4d5bdb4ea4c49

    SHA512

    8c1a0ae9468b6cc309a6e9261775e2bc6a67258b13998946729fac6e24a0b417f82284127fed1e437486c10034eac09db530442ca83dbfc9b2d90de1b98af3a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9af731f365782673847a3599a4852a91

    SHA1

    e25b25f1f6b511facd581740f07e08f1bc64daa7

    SHA256

    f69ca6950560abc4638e00cdace724204d20a84bf0a07a7c1e1a0c591d98a754

    SHA512

    74343ea5891773e21b0d27962bb40dc2d03572f00374fa3226b201ea37f80a2ebafeaa62a2f72c501df2d013c59e3fdf072704c157adfc615ad15980e8102d3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d08d6ce2ba65f6c328747ca0082e5134

    SHA1

    8f016ccd1c800ffde357b95fac95a4051044d423

    SHA256

    9f9dbcb5360b12faad12104cb06483ed19b1d0fbe8184740264b1e872c4984af

    SHA512

    66627b6fb6f35292d814ec884faae2ab55dcb4b385f09f3694edd523a796461741ac031c8fb5e88eccdd0d32cceffdbed14ddfe68d11142b0bd545e6e4131bd4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe9f5208eae494fac7c04cbea845ba6c

    SHA1

    406894c4c88ef12e8b27da5da7ad241c93ed8492

    SHA256

    9aa2b4493b8a7c0147660e88b5d33b91b326bb712d05e29ca83ef4cb4a951f6c

    SHA512

    2401092035a880c50ac7586985643c15ceaa12737b325e05678c5977d57d8ed2a4b1912cb27baed1bfcfcd251bcd81908fe03a36708dfebd0e78ef33de7762fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5906b62f3f8b96a9f2acd49327c958a3

    SHA1

    a6482b9df1c41a84dc57ac42a3166543ebddbf8f

    SHA256

    d8a72882a63fd9f2aacc10493a641ad1bfcca721c6b20c6cee4914f4ab667b0a

    SHA512

    433476298b1568c925a6b91f28620eb763de92493c11dd7d76c68262fe1ef3c97a48b5bb6efe07c7688c2f9eedcfc884a7550a315bf8ce4ee18daaa67add4f91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    815ffafb997b739bd29174d11a9c18d0

    SHA1

    ac23051849d719ec66c81494188107a1940a0f81

    SHA256

    09ca6ea049f13149e116d3ae799ae35ae69555db01c238a6ed6c61b1af115d59

    SHA512

    9df3f9fb0f55cb09ccb9bd5d7993ad6fe7825372a458505352ae96fef3e0d5bf7a17515370a0405a5df65bb83629fe54fa3797011a9e60840db078c8e656b2ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9bae82f135d6eb7f981b24dc4398adb

    SHA1

    16a973a3ade11f7c54e65b81a981becf3cd4f944

    SHA256

    8ad9ba8a3b6466d11ea67d08bdee923c7aafab838f37b336ecd6eeb081287036

    SHA512

    55f12a6e3ebd80b4f73dd6d48fbd8034eaec2f95abbf8a07a4430643f8693c42107c0ca34a58c1c555178f3033559bc7b4058c7016f2403b3581c936aeab42f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0c65af4a36d1d853efaefc7490b3ce1e

    SHA1

    2a917406504d7d0ab8ba81f65f3c21d34fcc5f4d

    SHA256

    98a558f3a4a359a4c50ac0b302b33d721c896b73d7fbfec382f8a1cf3e3bae2f

    SHA512

    f5eb32566f8920bf9cc9f592c7abf61d109a2fe024bc0e01d8bb78808ec08e8ec35e16d1e1e15adce7e14aecb4d84f13d1d894985cb696d43a3242ab4f97843d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c1ea87a8b53ab1fd427776a8b92e79e8

    SHA1

    2070840e9d05c9ad0bb00bb7712cff0151591978

    SHA256

    3baf3c2888d28d2d0ff3739820d6c7942089601d97d413a9d943bc4faf9194dd

    SHA512

    2a5f2d32c55e514cd43460ef5072c34d89c0779cb14d4bdf2f701331256e3fdc03b822efe8221be3edb649a82347f135c13a93d2c91b87aadb25795224155091

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a06216aedbbf63cf8795fd8ba35f5ca

    SHA1

    831e1b86d3f3f60725ae235248c106a07b40b526

    SHA256

    a80af3ca1d1ce514faf2ed3344240e5beae67b34287bb74ef7ab7d6214b4ba50

    SHA512

    e0b6a44f7a52d136d07c2a09043f819eaceeae4f80317272e0950ec26fc7b73e5918b9a6b2fef0ca6b6cb8d3ac0867a920284429b7330ca2fe4358d97f0a5e7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    802e4a2b764dcb80b6ddc13ed6f063df

    SHA1

    728fec671e1bcef89d72e27060dcfbe67a157393

    SHA256

    76b0ce3607931181799fe1e48439ed104511aa1a83c392e11b83ca50213b846a

    SHA512

    ef89cc6ceb61385c608abfc3942d9dc9f9beba0ae3674d64635dc7480a15e7e90e2720198fc2ccb6394285881487a8db22bbcac4c93e6a76e5256a84fb7e19e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a88ccb0c3d20bcbaf4de8e0da555572d

    SHA1

    465a7192eb22a396ce7bde20a75010a0e604d0a5

    SHA256

    648e78792982bb29e0d83ae49c5064876352739c41a95a529d2f6d630f1257cc

    SHA512

    b3d71f80f431501219b2c0af501640bedd0dc2436f0a2c637cf9d1f331d36dee034c865325e91c9c99a20e62e8999000d658fdb00d972b6710fcc31eecd46416

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    076867280442e46787b69034820a1755

    SHA1

    60a5fdd6568cfaf48b2801706302c4cc1fad672f

    SHA256

    c2acf0e898083b0cc7e11bfee46be350d39e616619c329403b009f9d73b03a53

    SHA512

    8460e773e368cf1c8343d0166ec367b496344e84989dcf1d185e4e8cae8bd50967e62defd8e32b594deac43ed57a197b34b60195496518c8fac9dc910d3354a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    166b4670795516baa73ce85b684be611

    SHA1

    f595ddcdf0fe044bfeb9e90f201ad51ed6267074

    SHA256

    daa92f32f9786666a7871da306bd008e0a5b8f32b1c51437aecc48f002d08931

    SHA512

    20b166e87fd7f20c06bcadf60728cbbd24358507f915ba8d7651c0ecb65e8dfb17834331400e71e445446201cd61cc96aadce5ab46fd174ac9f53266315805d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    303b8c8caf772610271c5ffab227afc4

    SHA1

    2258ccec24f0a2d6d6a76a154de5ed6ed9f7ab29

    SHA256

    5210ad95a89ea937e2104f3780bf07b3e002183a1eee12aad73f17b452f1442c

    SHA512

    d5e85e3e4dc17133bf2cf3ede4365634eb03b122cfcba7edcf8d572370662853ed7dc90fb70180d79f17329b995801397510417bb21c2ce5cbcdc3cea1531ad1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5772cee80fedc18500aaea5d24b98c16

    SHA1

    43bb1456e64c23dffeda44c8f5f06b3fae1b9dd4

    SHA256

    5bcd32e07c968cae83e3606a97c9bc1dc05473df92ce41b32e40d8278395b298

    SHA512

    d03516c59b65d27f6283b7f911542805f938d3d921fa28303c92ed05c0da32b21f1fe9fce40e66ff42a5e37a0dfb4abd119825c02e2e9ef1c501b197cdf48d45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    93ed58ae6a7b37efe46f8543ad2936f3

    SHA1

    55ae9fc3b2b7a60787a28235790e9c539c61b69e

    SHA256

    446e6f34e7156738d4c55b859684db66bc58704df5b4ab220cce3494a8ade392

    SHA512

    7bdc8ac603e94298fb2cdce4c2094c623874c4b1789b460a9301217d879c8df05c3a01639c5b11663c19c6222853bc014af7e7845f9100f2558a7d1eef5ac2cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ea913f777a058dbcf7a92c48566a1a84

    SHA1

    510aa4777f7323ae6aa5ae20a1c916e0b419c45c

    SHA256

    f9e315e7a5ec37f119cb7583946fe5eb77fb6360de0ebb73503bf6f1a2d8cb1a

    SHA512

    a5b8a8fc8be4f902fe93cf31d36ecff76a36b5fc31e53bf8b9f93d57b26102e4a9d6cc664598eccca8c576f2422a316e79b38b6f94187e22b1beeaaa1a6d1c4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b345433f2970f9239b7fd6db976ff44

    SHA1

    48e2bdc2fdf5755f711694d7dc56bbe15406a891

    SHA256

    4bd7b1beabb46950a424107a0d430eda74dd933a21c9b71ecd9b84e5a628010e

    SHA512

    0716ca4416fd93da8bc912b134bea17b97766b165767a49e00337cdaa6d3ea7ccd93f85abb60821b827b2443d62b6f9672c16bf4ffa38e6c011eee768c139b13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9eec47e60015d62c2d418c85a1c75d0e

    SHA1

    db608805a79451cc100eae338cfe74f4c279c1aa

    SHA256

    fb0bbca08cb55a172814742778bfb083571dd8a3becec32cc8c1fbf41b0f32e4

    SHA512

    eea191be42e9247538259e2ac485bd4f91813f6bf1046c9f6d511c7409842a5675352d0e5e44599681c009c1076a5e76d28384e03a26fa9ebc513194ee74a7ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21f90640589e87dd6192ae2beafa50ee

    SHA1

    6482247517a97e3714b294604ff1d228c55a8160

    SHA256

    2c5d65fb08ada3029441fa96048fa0bce09d4a6ed1ea76088542a375c1c664b1

    SHA512

    4922e0b26a1db145a534bc3de0f797888c355c06e7c5f764a293b5f674f1a7824fd0ba3ddf852d54d11e9b4d404765e0bc4432f0be6b29fc990f91732046cbb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    292ed535165a763ed5a7fa3a5c3b65ad

    SHA1

    536ac664a61b17d70c07436ad3328ed2d56f3867

    SHA256

    73223a269950dfa5fa2d172e7aae9e966cc758729e4e23b55a8e69b07c173a2b

    SHA512

    a8f12295f642a8a7ede2b94b300fe10020e0e27402f5dc720732f233933f3b5d81838c481039fe5acd6665ec9b63c22e7b5c6e7b290775a0c23fb1c00ce558a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC5FF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC622.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2080-7-0x0000000003B10000-0x0000000003B20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2376-10-0x00000000004E0000-0x0000000000539000-memory.dmp

    Filesize

    356KB

    Download

  • memory/2376-377-0x00000000004E0000-0x0000000000539000-memory.dmp

    Filesize

    356KB

    Download

  • memory/2376-8-0x0000000000180000-0x0000000000181000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2376-9-0x00000000004E0000-0x0000000000539000-memory.dmp

    Filesize

    356KB

    Download

  • memory/2376-13-0x00000000001D0000-0x00000000001D2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2428-4-0x00000000001F0000-0x0000000000205000-memory.dmp

    Filesize

    84KB

    Download

  • memory/2428-238-0x0000000000680000-0x00000000006D9000-memory.dmp

    Filesize

    356KB

    Download

  • memory/2428-5-0x0000000000680000-0x00000000006D9000-memory.dmp

    Filesize

    356KB

    Download

  • memory/2428-0-0x0000000000680000-0x00000000006D9000-memory.dmp

    Filesize

    356KB

    Download

  • memory/2428-1-0x0000000000680000-0x00000000006D9000-memory.dmp

    Filesize

    356KB

    Download

  • memory/2428-2-0x0000000000680000-0x00000000006D9000-memory.dmp

    Filesize

    356KB

    Download

  • memory/2428-3-0x0000000000680000-0x00000000006D9000-memory.dmp

    Filesize

    356KB

    Download

  • memory/2644-12-0x00000000008E0000-0x0000000000939000-memory.dmp

    Filesize

    356KB

    Download

  • memory/2644-14-0x00000000008E0000-0x0000000000939000-memory.dmp

    Filesize

    356KB

    Download

  • memory/2644-378-0x00000000008E0000-0x0000000000939000-memory.dmp

    Filesize

    356KB

    Download