Overview

overview

10

Static

static

3

JaffaCakes...c7.exe

windows7-x64

7

JaffaCakes...c7.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    130s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/01/2025, 12:35 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_9f93e13557168d7e27c0a204b0a7f6c7.exe

  • Size

    78KB

  • MD5

    9f93e13557168d7e27c0a204b0a7f6c7

  • SHA1

    546ee81e300415bc56f26b07c9b170ec64eb0666

  • SHA256

    5da30448000f33b57a10b1e51a9fefbc1bdb3a6fc4b8ef2bd8602cfc31e60427

  • SHA512

    1644784deebfac76633ce874036144f55debb254b28966711c8486a294e6e37711da718c374e60d16edcadc0f2614748637adefd6260e788eb4708256e1c601d

  • SSDEEP

    1536:zCHF3M3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtq9/e1YP:zCHF83xSyRxvY3md+dWWZyq9/N

Score
7/10
discoverypersistence

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Uses the VBS compiler for execution 1 TTPs
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 4 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_9f93e13557168d7e27c0a204b0a7f6c7.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_9f93e13557168d7e27c0a204b0a7f6c7.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1732
    • C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
      "C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe" /noconfig @"C:\Users\Admin\AppData\Local\Temp\lhsfoo-3.cmdline"
      2⤵
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:1976
      • C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
        C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RESB4FE.tmp" "C:\Users\Admin\AppData\Local\Temp\vbcB4FD.tmp"
        3⤵
        • System Location Discovery: System Language Discovery
        PID:2444
    • C:\Users\Admin\AppData\Local\Temp\tmpB2FA.tmp.exe
      "C:\Users\Admin\AppData\Local\Temp\tmpB2FA.tmp.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_9f93e13557168d7e27c0a204b0a7f6c7.exe
      2⤵
      • Executes dropped EXE
      • Adds Run key to start application
      • System Location Discovery: System Language Discovery
      • Suspicious use of AdjustPrivilegeToken
      PID:2476

Network

  • flag-us
    DNS
    bejnz.com
    tmpB2FA.tmp.exe
    Remote address:
    8.8.8.8:53
    Request
    bejnz.com
    IN A
    Response
    bejnz.com
    IN A
    44.221.84.105
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:35:58 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=f5fbb99776a1f4553ea5eec9d084c8c1|181.215.176.83|1736339758|1736339758|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:01 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=0ceeba0b961ffbb04aee2f629166b8e4|181.215.176.83|1736339761|1736339761|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:03 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=61fb4cdfbd526cce00d89466b67a1a25|181.215.176.83|1736339763|1736339763|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:06 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=da5beaf0bd53d30948282a69e6feef50|181.215.176.83|1736339766|1736339766|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:08 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=e2c22253e811718206fb00b994a20249|181.215.176.83|1736339768|1736339768|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:10 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=7a92f259896d869d66c53a367f461777|181.215.176.83|1736339770|1736339770|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:12 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=e30e2eaf6710da8c2c201d4144f9d704|181.215.176.83|1736339772|1736339772|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:14 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=008e645eb1e906b663ed1040813c5044|181.215.176.83|1736339774|1736339774|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:20 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=398abf2826c58138ff8b9e57c1f522e1|181.215.176.83|1736339780|1736339780|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:22 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=eb08632f9f41953ff8e088fa60917238|181.215.176.83|1736339782|1736339782|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:24 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=9ffde33096a7d9548c8d312b4b2f9448|181.215.176.83|1736339784|1736339784|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:30 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=4ed7ee47d7280b098ac394f72e0866d5|181.215.176.83|1736339790|1736339790|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:32 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=d6b13d72ebe84812035a69b6c53b7714|181.215.176.83|1736339792|1736339792|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:34 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=9c593e82d0f441cb3125f66bc6e88547|181.215.176.83|1736339794|1736339794|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:37 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=6d1d7a43308687c4918b8e7b82e1458d|181.215.176.83|1736339797|1736339797|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:39 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=8779cce5463efb672719638e98845a71|181.215.176.83|1736339799|1736339799|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:41 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=d68a08ae7732a35309618c153fff9382|181.215.176.83|1736339801|1736339801|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:43 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=1b8df7b962ab9653fc5b3fd9999dd99b|181.215.176.83|1736339803|1736339803|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:49 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=be62a1f5fefc05e8b97f39821790a2e1|181.215.176.83|1736339809|1736339809|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:51 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=334102b761a4536d27ef0ff3c645d32e|181.215.176.83|1736339811|1736339811|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:53 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=e8a3c0206a25fc41ba5b05d17f532684|181.215.176.83|1736339813|1736339813|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:36:58 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=585673e1df00608c76fe4c9227b57ed0|181.215.176.83|1736339818|1736339818|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:37:01 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=4d1421420686e96fe7deaf3dd2fc258f|181.215.176.83|1736339821|1736339821|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:37:03 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=d2aa07e0519c1c234305f127c627cf71|181.215.176.83|1736339823|1736339823|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:37:06 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=7850465b6d11a426f7d434891a8e56db|181.215.176.83|1736339826|1736339826|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:37:38 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=4aea10517c43d18ccc6c7b5d134357cf|181.215.176.83|1736339858|1736339858|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:37:40 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=b3af4a8d3c993cd9a3f9dd77df422fd6|181.215.176.83|1736339860|1736339860|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:37:42 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=a0ea5baca04b4549b38c223953ac12ab|181.215.176.83|1736339862|1736339862|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:37:45 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=fee13212177f9ca751d5f4ea437c04ce|181.215.176.83|1736339865|1736339865|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:37:47 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=890e1a5b4a2fb3f7efb992fa1bff7ece|181.215.176.83|1736339867|1736339867|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:37:49 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=46e9d77ad22bc44a3356fb294c4cec15|181.215.176.83|1736339869|1736339869|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:37:51 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=0dbaa5632ab7369f4686e70589d9af53|181.215.176.83|1736339871|1736339871|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:37:53 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=5e31c4826a7a20653a39daa16c107263|181.215.176.83|1736339873|1736339873|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:37:56 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=a4494e3c2e098962b60f979159e53351|181.215.176.83|1736339876|1736339876|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • flag-us
    GET
    http://bejnz.com/IP.php
    tmpB2FA.tmp.exe
    Remote address:
    44.221.84.105:80
    Request
    GET /IP.php HTTP/1.1
    Host: bejnz.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 08 Jan 2025 12:37:58 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: close
    Set-Cookie: btst=12f9e5856067e1c83d0e2b613ca3abe3|181.215.176.83|1736339878|1736339878|0|1|0; path=/; domain=.bejnz.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
    Set-Cookie: snkz=181.215.176.83; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    295 B
     617 B
     5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    271 B
     617 B
     5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    398 B
     625 B
     7
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    271 B
     617 B
     5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    271 B
     625 B
     5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    317 B
     617 B
     6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    317 B
     617 B
     6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    271 B
     617 B
     5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    323 B
     617 B
     6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    317 B
     625 B
     6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    271 B
     625 B
     5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    369 B
     577 B
     7
    4

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    363 B
     617 B
     7
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    271 B
     617 B
     5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    352 B
     617 B
     6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    363 B
     617 B
     7
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    363 B
     617 B
     7
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    317 B
     625 B
     6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    369 B
     617 B
     7
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    271 B
     625 B
     5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    363 B
     617 B
     7
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    369 B
     617 B
     7
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    444 B
     665 B
     8
    6

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    271 B
     617 B
     5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    271 B
     617 B
     5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    614 B
     617 B
     10
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    317 B
     625 B
     6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    271 B
     625 B
     5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    271 B
     617 B
     5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    317 B
     617 B
     6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    317 B
     625 B
     6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    271 B
     625 B
     5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    317 B
     617 B
     6
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    271 B
     617 B
     5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    http://bejnz.com/IP.php
    http
    tmpB2FA.tmp.exe
    271 B
     625 B
     5
    5

    HTTP Request

    GET http://bejnz.com/IP.php

    HTTP Response

    200
  • 127.0.0.1:127
    tmpB2FA.tmp.exe
  • 44.221.84.105:80
    bejnz.com
    tmpB2FA.tmp.exe
    152 B
     3
  • 8.8.8.8:53
    bejnz.com
    dns
    tmpB2FA.tmp.exe
    55 B
     71 B
     1
    1

    DNS Request

    bejnz.com

    DNS Response

    44.221.84.105

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\RESB4FE.tmp
    Filesize

    1KB

    MD5

    5e22c65e34b1594ceb6ddd1103f38905

    SHA1

    4fe2364be3d479080db8b797e3805bdd54cd46ec

    SHA256

    4908b7c76002058832ce9770f2cf55b5aa2c5b68c50f4e0d9e7cab0743b29576

    SHA512

    df922aff61a43834ed7dfa168e9ccfb33206e2ee226ceaecb1d8bde139f57df50d889aba3613ca83c903332ceaab51466ac38bc20820718f1e6db5757aa62c82

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lhsfoo-3.0.vb
    Filesize

    15KB

    MD5

    668b90c12de3ba066b0a064facdc3680

    SHA1

    824c8116ed8ab65c5ff4e6e1a9752b2364a9c95c

    SHA256

    d25b30ec84f7c0ed385be7fb98f4789908c7b82aa63e03423270194267b753a8

    SHA512

    dff7ea29f8e10a6599412b9b2e2e467ef00488a40a8eb43722cab7f5964c73f7b7bd348d3dbfde2f1ddc03ab5fe827af0151d87ded4cb49ecbf142fcb5f42ed7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lhsfoo-3.cmdline
    Filesize

    266B

    MD5

    803b109103d1b1f002b8f49496fca110

    SHA1

    7f6945b5315ad3688fa3e4d692da93c45a735900

    SHA256

    48725bae92811dda1f63ad52d056c75d479b5f01faa905ba6d93dfcf6fc96a2a

    SHA512

    df23f97aeb4ddb8371f279eb32ca6b332c3e8aa3dc25d10f96a52df37620331be9ea1f9523e86b93561dd3b2c2da3133509fc28764d6c8012f508a15f6c523b4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\tmpB2FA.tmp.exe
    Filesize

    78KB

    MD5

    808f15c64b43ab31606bf102f229de12

    SHA1

    ed8dcde08e6b527796d39a8510f541cea3b6430c

    SHA256

    0ddac942b39a8cde4baa2e4a55fe1548f910c9c63cc69da83daca65512080b38

    SHA512

    fa6fc1f2d97e3404e1156033d5a33b66fc83d5e65357774b9d2181792293ed7aa5f9e0e494666332b18f2f1b3d442304b18f4d5647c0b9f298c21531f61e1e7a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\vbcB4FD.tmp
    Filesize

    660B

    MD5

    6f26627ea072b2915490043023a8f658

    SHA1

    42a9a18a4ebb7e4590c79ca614125daac13fae94

    SHA256

    b6a5ed4cf495eb67225c0c7bc45a9440c7e8bac2536a0d5739a844b467ff2197

    SHA512

    8a4e60c6144d0f9682dacb5fbad0bb75a4718a244db2f82fafd9527577d2a237468d42f5bf9d0776f429a4dd94322948e3ccf38b59cc780b34a830d4c89831d4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\zCom.resources
    Filesize

    62KB

    MD5

    4f0e8cf79edb6cd381474b21cabfdf4a

    SHA1

    7018c96b4c5dab7957d4bcdc82c1e7bb3a4f80c4

    SHA256

    e54a257fa391065c120f55841de8c11116ea0e601d90fe1a35dcd340c5dd9cd5

    SHA512

    2451a59d09464e30d0df822d9322dbecb83faa92c5a5b71b7b9db62330c40cc7570d66235f137290074a3c4a9f3d8b3447067ed135f1bb60ea9e18d0df39a107

    Download Submit

  • memory/1732-0-0x00000000748C1000-0x00000000748C2000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1732-1-0x00000000748C0000-0x0000000074E6B000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/1732-2-0x00000000748C0000-0x0000000074E6B000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/1732-23-0x00000000748C0000-0x0000000074E6B000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/1976-8-0x00000000748C0000-0x0000000074E6B000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/1976-18-0x00000000748C0000-0x0000000074E6B000-memory.dmp

    Filesize

    5.7MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.