Overview

overview

10

Static

static

7

RippleSpoofer.exe

windows7-x64

9

RippleSpoofer.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    120s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    15-12-2024 21:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RippleSpoofer.exe

  • Size

    15.6MB

  • MD5

    76ed914a265f60ff93751afe02cf35a4

  • SHA1

    4f8ea583e5999faaec38be4c66ff4849fcf715c6

  • SHA256

    51bd245f8cb24c624674cd2bebcad4152d83273dab4d1ee7d982e74a0548890b

  • SHA512

    83135f8b040b68cafb896c4624bd66be1ae98857907b9817701d46952d4be9aaf7ad1ab3754995363bb5192fa2c669c26f526cafc6c487b061c2edcceebde6ac

  • SSDEEP

    393216:QAiUmWQEnjaa4cqmAa4ICSSF1a0HPRV8gtFlSiZh5ZlZ:bhnGhMAXSmHXFA+

Score
9/10
discoveryevasionthemidatrojan

Malware Config

Signatures

  • Identifies VirtualBox via ACPI registry values (likely anti-VM) 2 TTPs 1 IoCs
    evasion
  • Checks BIOS information in registry 2 TTPs 2 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Themida packer 3 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs
  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\RippleSpoofer.exe
    "C:\Users\Admin\AppData\Local\Temp\RippleSpoofer.exe"
    1⤵
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)
    • Checks BIOS information in registry
    • Checks whether UAC is enabled
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2208
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://discord.gg/Qt5NMSgdzU
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2816
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2816 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    638f97aa130707614a64cd2641864f38

    SHA1

    7da6e3f9fe625cf7aa59dc985ec708ab0b55dfa1

    SHA256

    25ecb380b3b35f66a18144f5675fd9e539d8a6b44436b64a52640122175e57ee

    SHA512

    afa3b61c3404bf9a16dbe2386704a563aff98a1bbbf133cd5fe99995b0484b8774c51d1892af67e3f98d9f1c202e67dbe82382f52affcb2a4cccb2d02045f0ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d62bc82df3659429f3ce321e4dfea306

    SHA1

    887f4acac0c04f24837a7417284856f5843f943c

    SHA256

    04381a6c7562cab1bbe18cbb707d180fac99a5c1e03756246decc6c2aaca9c29

    SHA512

    b1cc8f6e5e9c954bcb5591d4aadbc2c7c02ee820daa9c154b4b2990d824f96b7585c4a97e9ea1c24dd92a3259fb3d2d9759e9ef756c644ca6b4b7420e3c45d33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    58a923813c21f3b7707088175defea2e

    SHA1

    e38693b6b60d5e5605c36be54e2ce9a1953104a1

    SHA256

    71c33c7b916b60a00c1b21cfcdbd5e3b9c405a4e27ec7a45f307bbab661f7a09

    SHA512

    411c315c17fe653190fd51c03a43075438d9e0953fa619344a9ad5f897deb2aeb9a687d036075a396a2e13236fd843dd7b4e94fd98e26894e9cc0557d66222a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2fdf5fe14743225be3b37a1f91ff9ba

    SHA1

    eae85500487cf8b8454a00738ed5868fcfc289d9

    SHA256

    f23ab2ea8f715960ba34c55a3b2863748ba9440b758e66a2858fd3591348d3bf

    SHA512

    80cd9b907657d6b997b5adaaf23da9d156a3080d155208a76dfd2dbc4bbef86b0d2d83b29974fd9e82435cc2a5622b8e0d487ee09a1b09ba4160bd5c25fbaba4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ede9e6931c71c39043739887ed45d99

    SHA1

    77463394ba48c4376a6cd7213db2032b44c14ca2

    SHA256

    45fdc5afbf2e55af927b2b45d1c56a9ae05d5968a6c997381b1245323a9f073a

    SHA512

    bd3ecefe731ef731b1497d6ebad1c193e656e65186c33d572bf4716b937e45dea09b6b9fce80d3d72a956a055fb2760817427e1ff5b96459995d190620231aa9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f00d2b27efa99787ee52bffc3a28e4f0

    SHA1

    2b088e6bff868eb6976767477a7aa04a1140474b

    SHA256

    a04c7c7a04d574be23e30b241ac17715d1ef953bd70a326afe0ff032371127f0

    SHA512

    5e18ce05cacdb715ab9ad7064dd7a6817112fa438a85f1b08dc46538c422f4351be7badecc04818f15beaad6898d3785da1d9d3633e1101a76c1fe83a2303981

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dcf053e749fbe28019cff99cf3b554f0

    SHA1

    96f3cf49971a6b72b824c94c95a6beb5fa981b90

    SHA256

    a1636112a491de0c58c724fb880ce4eb7aaabae47eccee5c195db0fa5d8cfefd

    SHA512

    5457579a926035e5cd654d5a1d64cd63ade2d1b6c23fd8bbe624c547b10228c74e666d11336c0a1b710cb76f87cbd559e1c8f41d1ba7a616226af239699afad1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2d0a09324b0136a35c52e088fdd73fda

    SHA1

    e34cb0000048c55e3c83699e69b4afbf85eba952

    SHA256

    89a658fd78022c999070b7e64fd28dc63757a6ed4078d0b08628903af4359309

    SHA512

    c33ca9bed4b5f53e4ffcc5e80706e2440eb438802169f7179d8b657413f5d1884546a3ae786ad30b108fa1877c94ee8a02798ef9bb81a1e53a6c3c1e409f1ded

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f466c9c11c509bf73ca5762ce80244b2

    SHA1

    825108b50a93143c7e923602a5f686f0f9a355a3

    SHA256

    4ae1283ca5c08de39253b2fd5324078a5ced86668ca4867ec19fc05cd7e7db83

    SHA512

    13ca434c47abc0912fb4fdc31c2cc3c92ebca5a2213d8f29b67e983c38cf9b0b45295a39aff791617f8ce1921bc1ff33986e93d5d6cc4019f85469914d43f06b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    36eb8305aee409764d5507248dac6e06

    SHA1

    1d783682f4cf1ae3bff2119b558123dfe1314188

    SHA256

    3a6054c5825f195307a7f468e336901fc9c319a69aaa2b09012c0c3402211e7f

    SHA512

    a054121b1a3612bcbcce32c995853d2f11a1facc7c4acc83898b560c7a2baaf6926bc984eab730417031886b79f8c65a04e9f7b2eee6fac008815a014e9d4626

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21fd0864896d1b427b086ef466ea38e0

    SHA1

    ca444a870431ecd0db18b3a7936202a94ff6281d

    SHA256

    3eb665881ea02f9e0d448a9e44434493eeb1b5e190b2dcf5a38c50481e5c8950

    SHA512

    521b1ec22c0d5e335933c0cfb6bb8f351d52d940efe39345ba3eaa40eb7e0ba9a3862031582113349e7bfebd22a0459ea171eda826778d6f2d3fde141635a1db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70b1aed174e03f82f4fc8dfc9a86eaf0

    SHA1

    e8e2152baa0f6bc18af490e46d93fb8f75f79248

    SHA256

    8689f6dee3e57d40e9cb2267c2778e6a3f458f063f8a1c75634dbf28c5f7e949

    SHA512

    1b261007db171663ae152a4fe8ebd722f131c2304c08a8ec49732dd6f1f237e2f0f8118032f443ace2a714e656a19349e2028d0f712c32dd66001699f59b268a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ec3b0546766004880113085eb4cf076f

    SHA1

    ab0fcbfa5a8f75d792f5974c7afbd7d33d8be14d

    SHA256

    9bf3c2fea8d7cfb1c3d461c6a4e6ded899217f4f945622107ea3cf92e2897c5a

    SHA512

    44dca6ab1cd8f8dd608fff99a992238fd2500ab6e6900dc30bdfabc4fa0902feb400eaf4bbca36e172e3873761ba9139ffab2de236977751a58931137dd920e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2744dd98d4a4669896b57548082a93ff

    SHA1

    1dc1dcff4a80e07a2c967cda779343fdd69ea2ef

    SHA256

    f1b4b88e9d3edede76fff219056aa9be2d97c7deb19d6a4d41d5cda5afba15b0

    SHA512

    535cb6dbed16d1ea9509107e8740fd72572e0d2ffec8308494743508fbf99fb404f0f9adc9d4837ec4103df151ad9e52c202dc4b78e9e279978d9e18f36cac8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dfadf3a28b3fc737f852e236dba0b68b

    SHA1

    8732058d3182e0b51b8c84773f53f0086e1794f7

    SHA256

    7fc12a9926e61cd0cbf62341ab40e577671e4fe4d8b291715ccb4abb8835c986

    SHA512

    4012c48829704dc4afeef39733b1613d43f3d211da163f351570ee94a99b77ff0676e2d924c7219170ed99e3cda4cc035cc2f9af4543fcca5543f2b1ebbd8a28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    abe746ca23d4c3f995b80ae1a71ac0d6

    SHA1

    ef1dfa19c7931c1743c2b56547315a3ed67a515a

    SHA256

    daeafafa9fab231106487cf29b132ad3ed47460053ae7307aec151ff447c68c4

    SHA512

    727ad3708c2a9aaa69af93dc288bf7a9da04bdaf36df58188d32677fddb0e53773d2f8b11a58e0da5aefa773b5153026fb23f82ab411817affb2e385ebc89429

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d673b35269e223fad973e500d443caa

    SHA1

    e2530f2fc30ecfcafaec693e43b7dbb63757e250

    SHA256

    147b7ad57e2d853292b4bcfeb231c246248bcc970564cdbf96eed85b387a0b03

    SHA512

    a8af5071361e10d3b3799aa00a4800cc5a49ccaa30eb574a38fb7cb428e63a769d3bd05f1a38e5d0fb1545012400dc93a630f03e830493edebe776df48a58e27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7c1069aa23996b1bf2052cc8b2a23c9c

    SHA1

    3d472e070eb28afaf435b758b0d16683d1dc6ec5

    SHA256

    250fd7510b52dd0a17db0a1043fca4a9cb41d097c11e582b90fdec2a071f1285

    SHA512

    943c64928fc80186153b57d17ed2c31214d58285bf5009280964b353a8b9a2a0c8854e714cb2b5bef78e1e0dd09d44710dfabbb95a5fc2aea4de8721f9886ac3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ef560e2ae0b416059c42073a17a0df9c

    SHA1

    72870092d968823152cc43012a972f0273d4c905

    SHA256

    71100dfad3e49435c547f9909a36f7451d9e14d633a1e37dce0bb50b5b2bfce7

    SHA512

    51faa07e8a997d48c8dc7adc42452627c7ef0517b5522fbe0d4b02c8d7ce7194d95b12dd380819117ac86e1e82bace5744fa0a1d4cfd6197a832adcd1be10369

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    41c64d815f326d6cee3ad3447cdaa24a

    SHA1

    88588183e13b6ca8068e649cdae95f94f9d2a8c7

    SHA256

    68178fb81399d772f6f50b8186898a629b7b04685bdbea86ff0344c0cb50b57f

    SHA512

    d608f527a1526e3da0b99a004e030bba106b8723ed25430f15603317e0b74fcea1619c1f938eb315d2918b6626208f68eeb9819c912b9ce3c38926daa273dd69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d4f8322a55abe37cc3870790826fec2

    SHA1

    b7de9afa81c3d397a6fda7f727277712199a6bbd

    SHA256

    b9660859e79410e49462aa70d29c63abcbea093a70bca1159e0a8516d0071caf

    SHA512

    46734425b139988260af3fab16f36d5692230f4e3f0b480116b5cb68e3b951d78967efc240ef18c92055721a5d31fcb7838b9e940682ffe9edf6b157835fefcc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    a64872b03c7de045550d003ee948ea71

    SHA1

    77849a5ee5d071be4e5bb85f2d8c83a6f444b83a

    SHA256

    872fe366db1ac3943dee9118e0474800f76be39c21236a1a34449de3c8bb9fee

    SHA512

    5c1aab94b2c5fd18774a58407be8b58a76cdb9e1b5314644afb8473e76067ff3a41a3b2c258bd040e3c2fe2890ad8001408aecad82d3e14d3fd2d4285c6dc134

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\melo7gx\imagestore.dat
    Filesize

    24KB

    MD5

    43645a67b53dab56a3721e02cfae2694

    SHA1

    7885aef6925c13aace3cc8d86958823abfc258bd

    SHA256

    82386a6401ace8a7c1ecee87440f3575098de7a84a98fa120a1b5385c0b3a91d

    SHA512

    f387a5be263ae86cfd09153f870435d0782ebe265a58e79a58946ecd6c1bd0f72f26f60a048056ef0e88911b8a83cc384e0247748e04b3e7d490a0cf681d8c57

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BCOPU31\favicon[1].ico
    Filesize

    23KB

    MD5

    ec2c34cadd4b5f4594415127380a85e6

    SHA1

    e7e129270da0153510ef04a148d08702b980b679

    SHA256

    128e20b3b15c65dd470cb9d0dc8fe10e2ff9f72fac99ee621b01a391ef6b81c7

    SHA512

    c1997779ff5d0f74a7fbb359606dab83439c143fbdb52025495bdc3a7cb87188085eaf12cc434cbf63b3f8da5417c8a03f2e64f751c0a63508e4412ea4e7425c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF9BB.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFA0C.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2208-14-0x0000000003E40000-0x0000000003EF2000-memory.dmp

    Filesize

    712KB

    Download

  • memory/2208-10-0x0000000000230000-0x0000000001EB0000-memory.dmp

    Filesize

    28.5MB

    Download

  • memory/2208-15-0x000007FEFD670000-0x000007FEFD6DC000-memory.dmp

    Filesize

    432KB

    Download

  • memory/2208-17-0x000007FEFD670000-0x000007FEFD6DC000-memory.dmp

    Filesize

    432KB

    Download

  • memory/2208-0-0x0000000000230000-0x0000000001EB0000-memory.dmp

    Filesize

    28.5MB

    Download

  • memory/2208-2-0x000007FEFD670000-0x000007FEFD6DC000-memory.dmp

    Filesize

    432KB

    Download

  • memory/2208-19-0x0000000000230000-0x0000000001EB0000-memory.dmp

    Filesize

    28.5MB

    Download

  • memory/2208-16-0x000007FEFD670000-0x000007FEFD6DC000-memory.dmp

    Filesize

    432KB

    Download

  • memory/2208-11-0x000007FEFD670000-0x000007FEFD6DC000-memory.dmp

    Filesize

    432KB

    Download

  • memory/2208-9-0x0000000000160000-0x0000000000161000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2208-7-0x0000000000230000-0x0000000001EB0000-memory.dmp

    Filesize

    28.5MB

    Download

  • memory/2208-5-0x000007FEFD670000-0x000007FEFD6DC000-memory.dmp

    Filesize

    432KB

    Download

  • memory/2208-3-0x000007FEFD670000-0x000007FEFD6DC000-memory.dmp

    Filesize

    432KB

    Download

  • memory/2208-6-0x0000000000230000-0x0000000001EB0000-memory.dmp

    Filesize

    28.5MB

    Download

  • memory/2208-12-0x000007FEFD670000-0x000007FEFD6DC000-memory.dmp

    Filesize

    432KB

    Download

  • memory/2208-1-0x000007FEFD683000-0x000007FEFD684000-memory.dmp

    Filesize

    4KB

    Download