Overview

overview

10

Static

static

10

2024-11-26...er.exe

windows7-x64

10

2024-11-26...er.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    158s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    26/11/2024, 05:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-11-26_796a64f3468d20acdecb486bbafb9d54_hijackloader_icedid_luca-stealer.exe

  • Size

    2.3MB

  • MD5

    796a64f3468d20acdecb486bbafb9d54

  • SHA1

    147946b22255931da9cba6bce6cedc50c76cc5e1

  • SHA256

    bb846882b3def0776589b707f28a52dabacc9f7745c4943d912f33e957b32f61

  • SHA512

    0dc326f3e561dd7a0b7c1c1f77d873644075dab260747d7b0b5efa52c3d47fba282ea65cee07b98286a1747b04645e05205bb586acb5281e2c0fa64327914a9d

  • SSDEEP

    49152:XCkCFdSRfMMMMM2MMMMMARfMMMMM2MMMMMvnBEf2CkCFdSRfMMMMM2MMMMMARfMu:ykCuRfMMMMM2MMMMMARfMMMMM2MMMMMF

Score
10/10
blackmoonbankerdiscoveryspywarestealertrojan

Malware Config

Signatures

  • Blackmoon family
    blackmoon
  • Blackmoon, KrBanker

    Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    trojanbankerblackmoon
  • Detect Blackmoon payload 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Drops file in System32 directory 64 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 4 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-11-26_796a64f3468d20acdecb486bbafb9d54_hijackloader_icedid_luca-stealer.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-11-26_796a64f3468d20acdecb486bbafb9d54_hijackloader_icedid_luca-stealer.exe"
    1⤵
    • Enumerates connected drives
    • Drops file in System32 directory
    • Drops file in Program Files directory
    • Drops file in Windows directory
    • System Location Discovery: System Language Discovery
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\mail.exe
      "C:\mail.exe"
      2⤵
      • Executes dropped EXE
      • System Location Discovery: System Language Discovery
      PID:3064
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.dywt.com.cn/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1616
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1616 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2824
  • C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE" -Embedding
    1⤵
    • Drops file in System32 directory
    • System Location Discovery: System Language Discovery
    • Modifies registry class
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2652

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\setup.exe
    Filesize

    3.3MB

    MD5

    a868384481906a64d6af1d97d5970d25

    SHA1

    2edd39a7c733d0591c53985898daa71315a68d0a

    SHA256

    8af7e2335126e24bb9c040f8a96ccc6a330639128ec7f99c6865adfa7395f2e8

    SHA512

    b47e56fb5e90888c92743f9845141670243ed6ceab745cec0ba3d77b8b32d1d5f5cc1b24fc1b060783e85e267fe4f0b8488461c268f002c11b3411f06d3bfb84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bfdb83703300c8bbf0844d64e28d395d

    SHA1

    ff3aebd2726294f2f807e1b58116a044418883dc

    SHA256

    c45fe85e20e7c63139ba0372cb9e932f8659a3f3ec41c3886e8ecf86c2c47b81

    SHA512

    c04d30d70ac27b55f78af619d4e2074a42463a4eb6c0c1b1555612eec7096ee25668893d4cf3ef28c3ee49634fa4861bd5ad58ccc1bb9d69fcdf6473788a0f50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    937ea532f90d9c0c06ddb2ac68149ce6

    SHA1

    8d90a2c1399b12a89858373f99c70cc086021882

    SHA256

    61ec4f16f3e5f4d2a7a37b8d6da61c712b9278e14722773ae54d57bba52b43d1

    SHA512

    0b1394cb7d3591ef24ccefae11fc783804ebff1b916bb9d09016ce21c362a2c6d74425edf706315b159f6ccfb32ec811afe4b38bf7344952856669141486e0e0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    efec624cf0c6a963947a6f19f49bb30c

    SHA1

    7421d919d6704e10d9900c3dec0ffedfec6a906c

    SHA256

    d2a1fd1a4e1fd6f31338f8ac45db1da8fde5ebdd6e975668d18dc0a0495bee4b

    SHA512

    00b7631596a7505309e7762ab233be6fe2bd34051345bacc5bb15193137fc9c1f823d4c8f8782144e253e23d4a4f302ab49cb6ae79a9a47001540aed6031212b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c127bed18ac625234fca73d5f4c83e51

    SHA1

    2668b63ebb68e0191843f4f6a9994a1796243f1e

    SHA256

    2e936b8a8aecaa369a3568bc973e196ce764beb857d72265d9992de6e8347c61

    SHA512

    9cdc1d14afd133c344ab3dc74d5231d54e2a7ec3bed1c6915db27d06bbfd105f9e55664085326a75da8019c1f86d696768cf396c8a1d045a3f802edfc4b94c71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1364bee963de5f194a85119eb78afb2f

    SHA1

    63d1ca125f5f5f002e95e78ba608a49cff4e661a

    SHA256

    909b11487e913c4f109a7ac3f2919e642032fbf0a1d8e7653ad5b8c81f6e6e7a

    SHA512

    02a4f08940a4fa5639e827fb59919e9835842977845af70c706b170ee44dbe1c63cd02673e2d3e18bf8c800d9670898bb90f5b47eb70c7470f12615f3135f022

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    75aa29b6420b76fbd7fcde95b232ca5e

    SHA1

    a9ed3d826e2c2b3589fba7b07ca23b05d1981162

    SHA256

    e98813e930018433ea4192fd8670ab2571c65c6b5a0b4693649105c59b496021

    SHA512

    52d1e6510a46bf9cfbde1d261e4dfcffbb14aba9de2a7eeb84aa1f53b684caf75d9951fc07a12bd09af75a4cfc5bc30a32b6ff16dd4847c6981676c877bd3a05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    422d851b1f587ca9b2a6168373dfeae3

    SHA1

    48b72ee150bf75b796adbb939924d22002feb790

    SHA256

    32afcef9ef10007c74c6566558546d9eb441fcd8611d45868d328c2b84a722bd

    SHA512

    979f2f0012bdead777b78135628dbd1589c2a90494fac3035f4ba8c60a21f1f9aa35569e0fe2aa9e92a0efe9ab81b040cf6baf1cf0f74dfd023d1bfbe8effda9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    371b01a6334c05fa0a5b7b302fb17b1d

    SHA1

    f0f6bff580916f908f4e0f06c3650059f9a8e1e1

    SHA256

    b4ce3338de9b70ee94b7003f44f190607de0885f58fadf0e4684f78aa2f5de8d

    SHA512

    021a24c7c0338b3686ab96bcacceec8a05400a419f144c66b6e06d48710a8bfe72fe96aeb473948952c8b6e6898dc3d10926cfb416beb78108537dbb68ce670f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c94945a0bd62dffc2cde725b1438618a

    SHA1

    1c3d1a73b771ff17d3ae4aab83f40108eb70605b

    SHA256

    683ccd59984de8f2aebabb77795f8557f03b37c946f641ea3bccb8f61bb5418c

    SHA512

    ac15a9c91b5d311f192aa098e7fb87f5969ef3c69a7a29a0ff4a1a1c19df8941bde72c903f5c62f7a6f32e68f24bcec0820d9191e552e77eb963b7f54fcf512c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9494a5892fc16f7d46d1445f51fb3d30

    SHA1

    1908e5e29713a0eca73cb4405a15f7945a45bd38

    SHA256

    a99925a84826358e0f5bab8bf0f16a2793808afa9d336abde7466ae0a14ab7de

    SHA512

    d26e1b1e89ca4291822fb55bbac18b32b377bcf3d45a970be44506176d6f02614908eb1bfccd5dc8eda4e7830316878ce8bbb5af8c8c5c15e24e989615ad90ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3f42e414756d2641cc0011b8614f06f9

    SHA1

    280369f4449d6b222147b099a0a901faca519a76

    SHA256

    b3cb070efc1751639ec8eb43e1c82b0924bc092c4320dc9ea0476275973ebd68

    SHA512

    68038f690d298ba13dd8ca237dc8683ac65cb760b6a948686b2d6fe29669174ad57ad67df0b730594de89bf7135ed817d332125c2b8a38d1cfbfa9779edcaec2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ad798b7f1124d762eaba29e44e684e7

    SHA1

    b556be7e7b304ab0e47bf50e52006149aebc569c

    SHA256

    4f83f9f46082b0258f87609f99303ceebc34a3a4363ebedb30f03da449a7b7ec

    SHA512

    bb874127fd28849066d95cbb8c16b122e5586d2533c881e973ce3da61dc15de7e8a9ac5668b1cfd6fc91d165c68e1c7a1e55800572096b892a77e5436862e9e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c874bda85ae4c81fe5ea6938bda6d146

    SHA1

    7d12c0b6081defc2f640a624faa7ad40aafae017

    SHA256

    3d68d6ca762517a41fa8c04de8b6506e4068bee2797c8201472b112b52caaab0

    SHA512

    dc8e24764b88bf8b7646b636f5f3ec8579672678627a64948bb2d93f2bb63117a8ab8a49088979ec7e0ddc95c32545f5646d973c97fe4cb849b797cddd85a115

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f8582ffd2d94d7d21e7d903f6c958d28

    SHA1

    c5834dc7d30d1830d46ee45ea6453f02e90c23a3

    SHA256

    e9f528df9a151d7233337c6aca3537b6632552007b7189fcbf8aa1d229cd2b23

    SHA512

    12076af33f17f091e79703787d326adadc1e3e2aa0834bcb2166955e70a18e6086a83081e8027380036a1826d4e82f95b36059a3748fe610ddbffcb73de1569b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    84550ca28b2d163119233c66e51424da

    SHA1

    1fb128ecc0fdb0a402de3148789a8aee47718579

    SHA256

    301d9bb5988b2ec3cfe4ac6efe32554556a83f38b961e2b3d48b87b0474aaa0a

    SHA512

    efe77f73a7d9c63162a05baf0ba38045d281e18b631f992629b3b8b7cc2a5f1863656f1b283679a576a158c2459ba592418a196732284b4267cb068e3daa8436

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aab468e60eedfb0a324807efe47aee8b

    SHA1

    b8494d7f89e69e46979c37bbe8367cb29f61fc8c

    SHA256

    8ea63bcab6c9f9d32a34b32abeaf52f60fcf7edebffca760383323b470ac277b

    SHA512

    d9c1f9e3fd6e91b1d5b1011e186200075d3e52613f86f8aa1ef7c9a39d5a20a576bd1be451b9a37a4eca7bcc2a22114ef5d686462e36fe13b64ffd12b875181e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cb375b98913fb501008b23709e15c21e

    SHA1

    db65fce26c71f493ed1286cdf7b9d97b9048389a

    SHA256

    996f242f056032d8a5cf40f20e975bee1d97c7258a4c297e4e25e74afff4b02a

    SHA512

    33cc3a34679c6a3a072565108f610c2c3468c59af3bb77951d73b18d4163fdaee59a84d0195dde964cf6776156e1aab23ca9ca0f5be6cd51b5313556e42a616a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e6121c7a7a1df18b850d0d80bd85d33f

    SHA1

    51ae2a238f26fbe05f7cb0a2b277a4901e90b9fc

    SHA256

    f3dc058dee0afb91e11fed76ee08964bfe7682e5dedbcff2c8a5d68fb99823cd

    SHA512

    5ffcd1c959c3d6846696bd2f562416608b8b3ef395967053756349d34078332ebbb2c738703fd1443c495c6a9b2bda27ebe08b906a7459d6acaf126185a1fbae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62abe405dd12382555ccfacc2e477d5b

    SHA1

    bb4ea6b8c48a34462deb4698118995b9bcab6205

    SHA256

    43e1e3da178abbc84ea5b054bb550af2cac6398bfdc88045c68f6b1028fa451c

    SHA512

    3677d033cd567e55b56bd1eda80cc07784bad744f8b3c3bed1ee8daa7325802857a97e0c8b4296c6a9bb7fbe9fc34e56d543d12e199253d50ffd14d312627db7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT
    Filesize

    238KB

    MD5

    f5524a45db5be96110074ea3de662e39

    SHA1

    7195a7b667317ea2e2cb8efb7bb83ecf20f4f3f1

    SHA256

    7d9e7174d654db1472df73e1ce3b0bd1a6a1b52581a6c048914f8d324aafd78c

    SHA512

    55360b7b55cb675830027014c638ceecea6256829ff60585005eda7173f0bb953335420113b53b92e401cfcccc07d04960f9f6abde194ba7d4e1acaec8090447

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT
    Filesize

    240KB

    MD5

    d467e186e9b7a28d35c19c4f36897951

    SHA1

    81d5f111c1942cdba870b3371f799280632d997c

    SHA256

    f3f970ab6cd95fa68268aa3d438578e9f362df7dbaff94972402250c411e365a

    SHA512

    ae5863a2375db65e09f633c68a63e0b14b78a44f32987753370fadf950291d07cfde85563bc70d7b01040c19ed669ac9aca01c6df075acf36caa983d2466df18

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT
    Filesize

    230KB

    MD5

    d111bfe0d2e55a0bb3b474c20d9ed622

    SHA1

    cc9dcd511a637c7ef0e9fa3ff4713ff3c48908d2

    SHA256

    191adc349cfc65404f6becd3f73adc741b46692d2ea4436b39fdd2c0b29d3f7f

    SHA512

    7f862dfb73432c6816f6f1403011a28a5261c58c0de5ac7a3a2853cad796eaeaca9bdf9d87a38c8c2cb65005ce21bfa8c05ad78a4bffe6c7f492a9b63431caff

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Outlook\mapisvc.inf
    Filesize

    1KB

    MD5

    48dd6cae43ce26b992c35799fcd76898

    SHA1

    8e600544df0250da7d634599ce6ee50da11c0355

    SHA256

    7bfe1f3691e2b4fb4d61fbf5e9f7782fbe49da1342dbd32201c2cc8e540dbd1a

    SHA512

    c1b9322c900f5be0ad166ddcfec9146918fb2589a17607d61490fd816602123f3af310a3e6d98a37d16000d4acbbcd599236f03c3c7f9376aeba7a489b329f31

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7C83.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7CF3.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Windows\Êý¾Ý¿â.ini
    Filesize

    4KB

    MD5

    38c2fc50e0925d76fdf473f29b725baf

    SHA1

    395b6a1b0be5c37604988936089ab27a805a0247

    SHA256

    100b4c78fd7d3aabec1bf6bbf0e11b1056af369a9507b6f9e6043221b5d56fc4

    SHA512

    53a9f6ae5d8e9d70ef507f2bb2138883f5a2f5386384a9a55c0a509fd250e41e3bbb0a5eb8dbbd53e78c120c565756db0cfbf8531bf0dc4979a83148a5300b97

    Download Submit

  • C:\mail.exe
    Filesize

    63KB

    MD5

    797d36d890bd96ef00369a2f4ee00f07

    SHA1

    ece843e8e93f8d8dcfa69961898043391e6cef69

    SHA256

    6c04ae545e15fe257e1cfe374649ad968a643ceb7e3f75a834825530633c30b6

    SHA512

    6064215d00f7bde0a052b5eacd19eb5dd40021d5dc0ead3a816700cb89fdd668445258367c1c24ab9008a53978e84ea0fc0f675582ed5a957bf31cff41c68bb7

    Download Submit

  • C:\vcredist2010_x86.log.html
    Filesize

    80KB

    MD5

    acc7b993d6dbb4e6b8f5736ef6d65b9a

    SHA1

    cd0a746e7b9ff049f5aadef367e38bc08d78c5f7

    SHA256

    b83587fdc697a52f8350bce8356183120627a99183879a867cb726645d0b357b

    SHA512

    b6fadd5e6da0062ba7043d1cce1ad6a5a6bfd84db583c9bb3084afe1b90d2951f86c3f4f73e4999208ee778b4991a6295af9e2ca626eab6009e54a020543c7b0

    Download Submit

  • memory/2652-1492-0x0000000071ABD000-0x0000000071AC8000-memory.dmp

    Filesize

    44KB

    Download

  • memory/2652-18-0x000000005FFF0000-0x0000000060000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2652-19-0x0000000071ABD000-0x0000000071AC8000-memory.dmp

    Filesize

    44KB

    Download