6f212a78295b3fa33032adc860ab7b194bf57985171272b0bc5bea932866dd59

Analysis

max time kernel
133s
max time network
127s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
12/10/2024, 11:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

39e1d2cc7a75bf9062084579b83d3cbf_JaffaCakes118.exe
Size

57KB
MD5

39e1d2cc7a75bf9062084579b83d3cbf
SHA1

c63e4c0774ae72a2875f76cfe26ff48cb9943005
SHA256

6f212a78295b3fa33032adc860ab7b194bf57985171272b0bc5bea932866dd59
SHA512

c9df4fdb90d8fe6f3e5f9f6389432eaa2e49777cc1fbf9b5db46d8d985444446eccfbd98ff179a6f62f3eebbc16c7399102c00d8d6d51194df4a2c153607b825
SSDEEP

768:9u88JmsOFMi3tYncdlDkQQa17xNnzvbEZ4LWv/RWjebG5KgzBTh8j:9uXmXWc/4fatDzMfHsp5K2h

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	39e1d2cc7a75bf9062084579b83d3cbf_JaffaCakes118.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	iexplore.exe

Modifies Internet Explorer settings 1 TTPs 28 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{1B7CE4A1-8891-11EF-9E32-4A174794FC88} = "0"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\InternetRegistry	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\PageSetup	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Toolbar	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\LowRegistry	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\SearchScopes	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "434896096"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\GPU	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\Zoom	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-3290804112-2823094203-3137964600-1000\Software\Microsoft\Internet Explorer\IntelliForms	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2456	IEXPLORE.EXE

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2456	IEXPLORE.EXE
2456	IEXPLORE.EXE
2312	IEXPLORE.EXE
2312	IEXPLORE.EXE
2312	IEXPLORE.EXE
2312	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 1404 wrote to memory of 2512	1404	39e1d2cc7a75bf9062084579b83d3cbf_JaffaCakes118.exe	31
PID 1404 wrote to memory of 2512	1404	39e1d2cc7a75bf9062084579b83d3cbf_JaffaCakes118.exe	31
PID 1404 wrote to memory of 2512	1404	39e1d2cc7a75bf9062084579b83d3cbf_JaffaCakes118.exe	31
PID 1404 wrote to memory of 2512	1404	39e1d2cc7a75bf9062084579b83d3cbf_JaffaCakes118.exe	31
PID 2512 wrote to memory of 2456	2512	iexplore.exe	32
PID 2512 wrote to memory of 2456	2512	iexplore.exe	32
PID 2512 wrote to memory of 2456	2512	iexplore.exe	32
PID 2512 wrote to memory of 2456	2512	iexplore.exe	32
PID 2456 wrote to memory of 2312	2456	IEXPLORE.EXE	33
PID 2456 wrote to memory of 2312	2456	IEXPLORE.EXE	33
PID 2456 wrote to memory of 2312	2456	IEXPLORE.EXE	33
PID 2456 wrote to memory of 2312	2456	IEXPLORE.EXE	33

C:\Users\Admin\AppData\Local\Temp\39e1d2cc7a75bf9062084579b83d3cbf_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\39e1d2cc7a75bf9062084579b83d3cbf_JaffaCakes118.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:1404
- C:\Program Files (x86)\Internet Explorer\iexplore.exe
  "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
  2⤵
  - System Location Discovery: System Language Discovery
  - Suspicious use of WriteProcessMemory
  PID:2512
- - C:\Program Files\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:2456
  - - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2456 CREDAT:275457 /prefetch:2
      4⤵
      System Location Discovery: System Language Discovery
      Modifies Internet Explorer settings
      Suspicious use of SetWindowsHookEx
      PID:2312

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1359abf7e488223fffcf1d04e30d1d9f

SHA1
fee1c6888b3483a63b4c633162c3f05e1709c0a5

SHA256
9da484b506fe0ab7c5ed6576151927c3d180a81659a2292ec02091bc64d78a7d

SHA512
f13307df51217b0b970aa63dd5b5bfcadb22db96053470f10a6075a690f14f1d799734a71f56b72a1fa6f2bd110765e254e8f1a09ed7bd204f19afd080bd70c2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
38954f3c933d0667e1fe5cd4999796da

SHA1
8c53fb85092264fb894e858dd305cdb7d3613877

SHA256
ea50f3c65bd3e6be997143e9b167cfec8385905c7894ba17bb23ade82ab71c21

SHA512
8bf5688ccb00ce9c70d51453ad32580a5b3da68f1db3936300ad39a9e3917d9d8925d61f7c4c50ad77582ec3306812aa32bd8b1670bd650db236fcb1261593f2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
43733ce2a53faebafe9ea9a5a2b10513

SHA1
7f54297435efe6b5caefedbc13942d2e8abae2a3

SHA256
53fe350c151e54d08d9444f5bc8390943697d19538a5be1fa7d34151612e3062

SHA512
3ff0ef4358836079859bdccaaf4086c6c226d7a682baa841832b61048f11f9cc9c766979da70df8945de10b81db9b2e312352e8e72db72546d9331fd40dda66b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5a929e61030a1563705650e0f044ae70

SHA1
eaa9e12a2554eed6f5f5153cdce5ec1f5b3cf38d

SHA256
0e516202c02024e02d02cb20e0485f31cc24d4e58c6e107f464983c517e7d064

SHA512
cbbf1f398d41f72446eb480ac57672f066d28a8ea9cc87fcd869eaa6160bb7c437c4d8ba8724ceb13aaefcd4089fba75384a8d6e16e887033c2896d709aa030e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0043887aed90eade44a631b8f34f1d78

SHA1
caecf2081d69126d4a36df44bbff0c1798067012

SHA256
3d81a1cc120a1135d1d4581c8f1a411ce65600a0f503dfd67befa2a36a6fc34a

SHA512
1b885ff0504f5ca5289382415270bd76cab7da76dfe81343b2fd850c982602660bf553daa7b3da7c803ec7b8cc986aa969bb5f050eecc14f48aeb6f929c51570

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1fcf200216c698661650c53900d62512

SHA1
85c500c961c568c2dbf89bcfef31cf5deecb92a4

SHA256
af0f6b394617c2217d9696108a6899127a660078e9d00d4f54c6e9280d1a6547

SHA512
bb0e70fca45d612cf6c4f90c2c23517003bf4110d32d99fe44cb21fe771736664d7919ebbbfe0292b9f3cc033e320d89cd1c54b97c1d816a4a7ebf3096296c5a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
667cd47e4401aca58a31f59d6c229181

SHA1
ccf5cfc9edbc4b25988b1998b01710f3c8dfebf5

SHA256
12557d5e1041020b589cabd1d68290f438ac5e9cbbbadb6ba31c92bdd80ff067

SHA512
413b925cdaf3929095bde22be3eb91c34fb1f754c689ccc6d9edaef5ac6c2330c76ebe99087d08da8c61e8f9d0d4917ea1c6ba936333dd0aa2924efd7aa22c46

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
33875551c83bcddcdf0435b459880c7c

SHA1
cf23c6feffce2f634300d3b63db8d879c877ea1e

SHA256
97d738b80a22cf50da067055b60fcc63da2a6b76f63f5c64e6f87d97b4a3138a

SHA512
20534e394a28324c3e18a7ea052976e7ac484535820905be4c63091edb7523566054f02b7e053d265cf828437357321fe9ad2f6db8e2c88bc674770a84c2671c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b307ba10373ddfdf32eda84291c027ab

SHA1
dd34977825b3208f02ebc1d072230ee7db63139f

SHA256
efce27e91690bb866bec78f86bfa535ccec928e1e67dca4c6841170e700f0702

SHA512
a2f841d3c032240cefb9e77d80fa68d74af6b4824ba696d30af22ccec671b77bc9f66fc6098757ee2cac1ddda8693e7b17b70603591633a4410477026c457275

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d859b880d1ee5e59d65e40d0a6504f48

SHA1
1e722fdf75e4e987149bc1ddd365766fcd22bb3f

SHA256
c84840449051922a9a60f5d399a5eb401f2096b6afe38a82a0781bd1faa0654d

SHA512
69db9285eb1ef2aa1934851b20fe59a8776239ec75fc835ed0dfc056bd0739046f02a39b953d20cfef9a477271287c2128bb369b025050117b28ffca6d23a65f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
33444cc89f152ace3b50e376e7ac896f

SHA1
7e4d913f9a86af1f174990e4097d56abb69ce1c2

SHA256
185979307c7714e95f293167c418bc9e5e60373766305c8a5ed2e30e7acb1a59

SHA512
dad36a398653e9f002d6ad523a3b7891816c7eacc199f31bba2d4ff19bc55c925607a59ec5a3a0a4e5f34cf4ee799f3841d36ea477ba487b8ce07dcbd8292460

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9323459905a505466972e86fdf24b623

SHA1
b18812528e9191b7ff620122e6baa8398e35b2a4

SHA256
40ee25e43bd00d7d10dbc62739518b513af7c1c4fde0d36be4a98ab0a794ad72

SHA512
002debd477b4fa53325620d9c6a81e9d16582950b78a4d8dfe98566a3bd5aaaca1b20e9f9d7463a2cd48bbf95338170f5e25224488519c169ac9c69e358fd56d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
6de77ebc99331e81ae0d13b9f5bec8f6

SHA1
af353e84efc97fa93b4561394f1d868d9472ac97

SHA256
39687009754530eece84859b696f015d41031349fc76701e3fca785ce182fe71

SHA512
ae78e3b89ef50222b16fa6aa0dc2300203faa35f0e4f9619d747f03e744c14de7c9bf4c2781154d0c8f398be1229fb2b5bef64999532ceae90fcd5aa32d6fcfe

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4de9d5b0f390025e94c6482bf940ab7d

SHA1
0a95aac37b070de10813154622c12df6fca52201

SHA256
1bc375ef825b0228926d3a1c7879f46251cd3052db50ffb417b1b8801b3afc53

SHA512
57bb310cc2fbc388afe8f369b1834c57447926735fcf3722d97ed68d1b967be267f680bd169cfdb81d9db5971f8664ad0dd452d325334a193a3070bcb3b42bac

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0bfbb977ef5b5b855b375ff659487d74

SHA1
89625982ab552ccada2c4329380af4b050be841b

SHA256
da80c5d4807f43facdb154798bc34d9d78583dda9b61565dcff2961530f9dbce

SHA512
52b055d707454695e2c1f3fc4a17bcd43023340b02d80e2ea99051f08bb98a466f321f6491d7b62c5e38d363d54faf7ca633e8c09dd054d7e526c352471e8943

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1e81c95513044cce3d045d91e42a70d1

SHA1
0cd41f4d526161cc8f41002d3af64647a570f2ae

SHA256
40068b9905298932e6c48595fced78b8d098c17535e131340ec1e591bb1c3444

SHA512
b0c625a2305cde9c34e5709144c5db387bdc5175df86b8e408e587aae472f87490e60923d447baf0ed713751d8a1d07dc9b543cc65da64f897fe77a077f03b39

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2387ea83af99a38da4b98d893039aadc

SHA1
2e41b2a2066cf3a0c7ce85881bc0f61e954aca0a

SHA256
2cb4531f447328397569e0075e85a5ff529b24014c159f056efce69239778b07

SHA512
65a634838ca1b5f8e64ba408eff6ea119e7e5d6160551e7544357b72cd019a84dea90bbc43b931d8f8aba427e05295b37f0b74d862189f9895a548c49f71667e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3ea2c91e17bd8726972ebff6a611d042

SHA1
e42636eeb563344f1e453ecf95faab692cc2df4a

SHA256
43dbe3aaa1ec59cadbe54cb5e330deecd474908fa83f5cdef9f3a3585b5b14a2

SHA512
0c1aadf6775d96ccc6aceec48ca6c7f2baa48233ec8f20088645de2a23d079cdb1eb64f77a48489e4075c68f2571fd40ee51c6bb49716442bdd49a4a7812fe42

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
8af883a7d05a4ed86f0b6fac2b06b936

SHA1
843925b452ac70d7103ad9cbf480dae6506fa709

SHA256
d7240728b842d366c33e6a1029d8596b08b6ba07847445219a6a956252267b6d

SHA512
616f7abc4f6626a7dc52bf674f25d72320e823dbcfadd1494a6f4a0e385a8373db3ee059d3405cc2b1f77aa74ee7398a17d194bf4c8005942676116002fb0529

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabFAE3.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarFB56.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit
memory/1404-0-0x0000000000400000-0x0000000000415000-memory.dmp

Filesize
84KB

Download