7de2fc8cc891773df4c67698174ad16167ad3d0cead793f7d7e9438abb2e2fd2

Resubmissions

02/02/2025, 00:19

250202-al7pxswrby 3

20/01/2025, 09:05

250120-k2ap8ssjfm 7

Analysis

max time kernel
200s
max time network
210s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20250113-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20250113-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
20/01/2025, 09:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

chocolate-doom-3.1.0-win64.zip
Size

7.4MB
MD5

7d16cf0bb8d64056373a2e6dc92e2469
SHA1

d2a7ce4836a4f3f49e194ad4e182fbc713b8e7fe
SHA256

7de2fc8cc891773df4c67698174ad16167ad3d0cead793f7d7e9438abb2e2fd2
SHA512

28cfe1ef802a60202ab942c418d24552a0d0da80622aec089eebeb6534d53584a9903ca3643e38815d3dcbdd7269dffdd891c12f8107c9c52f60f468b5012663
SSDEEP

196608:oGgPKsh/iTXR3wBp44ghq5a856j8eYcyic0asSMiX9Zt0:oGY7/U0yNhq5ae6dYUvaZw

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 3 IoCs

pid	Process
1528	chocolate-doom-setup.exe
1696	chocolate-doom.exe
2056	chocolate-doom.exe

Loads dropped DLL 58 IoCs

pid	Process
1528	chocolate-doom-setup.exe
1528	chocolate-doom-setup.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
1696	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe
2056	chocolate-doom.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3560	7zFM.exe

Suspicious use of AdjustPrivilegeToken 3 IoCs

description	pid	Process
Token: SeRestorePrivilege	3560	7zFM.exe
Token: 35	3560	7zFM.exe
Token: SeSecurityPrivilege	3560	7zFM.exe

Suspicious use of FindShellTrayWindow 3 IoCs

pid	Process
3560	7zFM.exe
3560	7zFM.exe
3560	7zFM.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 1528 wrote to memory of 1696	1528	chocolate-doom-setup.exe	96
PID 1528 wrote to memory of 1696	1528	chocolate-doom-setup.exe	96

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\chocolate-doom-3.1.0-win64.zip"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:3560

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:524

C:\Users\Admin\Desktop\test\chocolate-doom-setup.exe
"C:\Users\Admin\Desktop\test\chocolate-doom-setup.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1528
- C:\Users\Admin\Desktop\test\chocolate-doom.exe
  "C:\Users\Admin\Desktop\test\chocolate-doom.exe" "@C:\Users\Admin\AppData\Local\Temp\chocolat.rsp"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:1696

C:\Users\Admin\Desktop\test\chocolate-doom.exe
"C:\Users\Admin\Desktop\test\chocolate-doom.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
PID:2056

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\Desktop\test\SDL2.dll

Filesize
2.3MB

MD5
efeb2125121ceb715c66df72c81e259c

SHA1
0d22a72129dc3953ffdb4731e77d4904d48f5e47

SHA256
bb0d3d93461871a1d95e436dd02f0a721b5d5baddc55257d801e5d2216c8c33c

SHA512
6424f9805ef34f40e81b23478ec62f03cd023887da6f9409bc6eb8cc3afda6d002f97d4b7e8f9864255d16995bba072f4c182ad576d57d035344b42a6fdea9b5

Download Submit
C:\Users\Admin\Desktop\test\SDL2_mixer.dll

Filesize
304KB

MD5
b5e644a57d7093dcc1bd426d356f11c3

SHA1
7631f5f72b9ba2ea64c6663feada9e2d0165a651

SHA256
11456fbe221169b5a337d12ba8221c32e80bce0ddbd8b4c6f6ceebfeb6d33d2a

SHA512
8f9aa75e66bf69b0a5cc60a3b0045466a20072a09137cf5eefd1c38f19c69c5b19b3e802fbbab5334270b853226626989ef49a88fbb899035bbf4c3a1df780b8

Download Submit
C:\Users\Admin\Desktop\test\SDL2_net.dll

Filesize
24KB

MD5
766b03931029c33c763e666a3725e3a9

SHA1
2438ce9d66e045f24efdf22f89d9c823103d7421

SHA256
3f747b7ce428ae883bd6a4bea6bb377092e21b7d3e4b09183dffc8b42517f96a

SHA512
2cd531ff53058ad7299f333b39d5fa4e17f16cc86521002fd94a8ac8b1fc5b9ac58083c7dbdc3abaa72bc073d9a329df26ea5e3a5ef5e9824861bac9330a5efd

Download Submit
C:\Users\Admin\Desktop\test\chocolate-doom-setup.exe

Filesize
331KB

MD5
d7e016a610f35a9d549a2733a0691820

SHA1
6876f12753aee67f3ce71e74e4cc69d0c72c888f

SHA256
0118a94138a5fd497de4304da5b86c6d102462c66e80709f45a64dcef73c9c68

SHA512
6ae25c31ceb24d2c3c10b9f007a7261f17bdfe6660ecbde729452d7bef8a39232aae50ee9e1c79a6727819d015bcdc07e6e641855143342141607ff144ecfe79

Download Submit
C:\Users\Admin\Desktop\test\chocolate-doom.cfg

Filesize
5KB

MD5
3dd266ec1750a2a71fa3411855ef4ae8

SHA1
3be1c101ff0f3cbfa8dccea06eccff45b328f1f3

SHA256
98d275f8d7fa7a7787cfbd3880c94f6db832873e0ec0b088834c86a04e870799

SHA512
f0f8a239d181dacf5736806e6b086af194fb42b2459b404359d5e78c564644fb37de82e0689c4582489105b83c6dce40f3d8e6a1361724345076be3b7f435a40

Download Submit
C:\Users\Admin\Desktop\test\chocolate-doom.exe

Filesize
842KB

MD5
2d877c280ea4c7db14fd5cad6081506e

SHA1
cd2bb4ac8a12d3199b24a9fcb2e74295e72f26b1

SHA256
3f99e022ea8030d788adcaf263a10fd252f896b89b85da0777144aafecf49277

SHA512
2d1922513d6dee72ce0962e6eaa52fb06c328f05e08b025d9d4563f48621f382ce7a354dd5bc551f94c96e9d0791946b96149a17b0d32df39a8c38caf860923d

Download Submit
C:\Users\Admin\Desktop\test\default.cfg

Filesize
1KB

MD5
d3e8d2c743bd95fc01d1ab6528c1af29

SHA1
8561ce9cb50545cced5916ef676912fd07e7b5a4

SHA256
86e7d48b9567d64231058ba563c61eb91da0285d2f082ea718ccd7e5dd5ac793

SHA512
04eefc70c8ea6a2062878e9e2135148a3b809cf3d84755d3337aa70405454c372cd3db7f9c8cf9f705fcbff0af3f48143323bb69f1124acdd81a63f09823af45

Download Submit
C:\Users\Admin\Desktop\test\libFLAC.dll

Filesize
416KB

MD5
9eecc512c5436689e1a8cb0dd560ef61

SHA1
a9bd61763699409b370d7f14ec15077e18066102

SHA256
2ffa938e415e18f3bca57327cfdfbb07644cb3eaf5beab45e042ce160d33caaf

SHA512
201b67e5e0625005ecf483e46ba0afe967359e2b42ec30e25ba251bcf7c8ea3705171ef44241089894d92cfdf983a246f78575d2d377ffff12056f40a9209195

Download Submit
C:\Users\Admin\Desktop\test\libfluidsynth-3.dll

Filesize
466KB

MD5
bb4998f8b2e2da902cd9a80dac5c357c

SHA1
f2282a0b3e9a95a1cd481f0968f46d4f70f210b5

SHA256
5bb8cd658bf9736fdc8bcb593203860fe3c5bf45f37ae59c374d00baa61ae71d

SHA512
630e1fd3344ac85da6b9b88e4acb7aec12f8783b7df5cc6c1d2fb99ace72161e2b4cbfd76a22c5795ef84f99cdb339892e6417316e02edff4e0ea7ff18ef5b2f

Download Submit
C:\Users\Admin\Desktop\test\libgcc_s_seh-1.dll

Filesize
147KB

MD5
98a99311dfd6cfac0c289095106ab09a

SHA1
53c6b8890b6fb41932c7d1561c401721f15af28e

SHA256
3ab7416a4ba14756acffc22bee223b3f65bfdd6c96397cbd02f46d85bf59a734

SHA512
bbd7407d97ffc2871f2eb5f7b397a32df773737c5adaca4d321b80e6aa3f0cae01b93e508097b247d7b4bbe2d18dfa80aec7c0463467f0ccf87257e743078ad8

Download Submit
C:\Users\Admin\Desktop\test\libglib-2.0-0.dll

Filesize
1.4MB

MD5
b4ada76c273c245bd48ae6528ed2faba

SHA1
8f81fc4821dd4c9e5113677e4c0878d5733daae6

SHA256
dcb12c60ed22fb252aa2b6b7ed430f48abe7174a4d42a0c55a35f1a07b53dbc3

SHA512
339f50eb7b8ce2960e6345a4291feee35759d5a773f2b1f241142a1c42885888097487aee8ba869ab7a51603c1b91d972bf5b246823541490974012fe236b9a3

Download Submit
C:\Users\Admin\Desktop\test\libgmodule-2.0-0.dll

Filesize
25KB

MD5
77baa4146fc85f53e3ccc7a748f68ca1

SHA1
755fe2ab1d3ecb1ac016adf93e7eb2f1910315ca

SHA256
fcdd3a776f7cf094f2338ac3ca022eb7b59b156e814a935908367bea1e371ac6

SHA512
0712fcf5d493ba5d5f7ade39d57f5c2f5722a522515d0a79040b5d9470eac10bd8fb9a0350300cf2a6af457f1a50d2eb86cbb4b24ec010cc49d65ebd4543e06e

Download Submit
C:\Users\Admin\Desktop\test\libgomp-1.dll

Filesize
288KB

MD5
501ca074b723bf26a72912b9b9adcfb9

SHA1
4ef365f8a8bf2a0d7820855331f28f26c7bf63a2

SHA256
755fdfa8783546b4e46fe408ed39cb6a61eb696dfc7c052649e8c45e9301c99b

SHA512
e36d4895dfadc142f6bca9c11ac513e47cddd4273a557aefc4a02d7c94737764fd3b1ad1bf3ee5f68bffa7621c8921e7bf2850002cac6a8751871a5d363898e9

Download Submit
C:\Users\Admin\Desktop\test\libiconv-2.dll

Filesize
1.1MB

MD5
caa39210328be92f41d04b3c81197d93

SHA1
0583a78258d7b6b0a0df561952d15b72e6b9399e

SHA256
700813d1233e8979a2802cfa3d72bde2c0c1b57a6b758f9d6f3bb612d073d40b

SHA512
fa4034db923d42faf621e8a6cf65b6b7e5de9703e6938d9fb07327b80d1f47e74f1b32edb391fddbba35d1fb1e1c13cf50773494ad16a73cd0bdbbb8c10fdda8

Download Submit
C:\Users\Admin\Desktop\test\libintl-8.dll

Filesize
180KB

MD5
35bd00b31d4c232aaef5eaf16738d734

SHA1
fd4dded6a51cbf5f5e1e2afff472572c18198fab

SHA256
65514f2f4a053e6a066f4eaf4fbbab0bf2257906927a8a3f2145f6bb991c4471

SHA512
621e292c3ff5ca9cfcba1e3f8cedcb9835c3a6ada92688621ca2d9b8da5497bf8ed08dfb22235209d00b8a475243462842f0d6e6b5182465d25720dc5dab6df8

Download Submit
C:\Users\Admin\Desktop\test\libmp3lame-0.dll

Filesize
317KB

MD5
e3602fc091ad54015d82487b88dcd79d

SHA1
b756471261ebf1858ca28e9e91e4b9a0bd7606d7

SHA256
e15c689c0ca53491548232e27f6b6ad29745ec75d574626fbb3e444f1bedadc4

SHA512
6ec790a9329a3f502353bd10490d71f8077db0eedd4ac914c0fd0ceefbdf21f6f82748a631621592ea7c91e013d2ae18c155285187a39fbe551f7ecfa33bdd97

Download Submit
C:\Users\Admin\Desktop\test\libmpg123-0.dll

Filesize
417KB

MD5
b4a355b9904417dbf5fc6fe63a34c676

SHA1
fe2f4734e03445e5911445e1f1ff6152c6872a03

SHA256
800e4e0e58128a2a96964cea6f9b2bb725aa3d30271a667f24e7bb140c0e5792

SHA512
b184dde764c0ede4124c3da056710d23a18fbc26d05500f92a5e910ead96612ac3cf8c66783086bcb6a8bf6d65598469a72152ec7688f08d98e28f396c8ee439

Download Submit
C:\Users\Admin\Desktop\test\libogg-0.dll

Filesize
41KB

MD5
6c5a34f9dce9f16f6ae1d577625a2c49

SHA1
e3b9267516e6ceb517fe2ba121f468035132b2b0

SHA256
c23fad05860935e00b7c8b88c92de74e0e1439bf16687cf3f8e30a9ecea2e160

SHA512
9481f9c8d634cf1722818e2467f1bfd7105f8d11b777117fd5cad0d8f2e1793fbd6d376b954c9512688d42bdcdbbb54bdb8a154f1bcffcd2579ac73aba0c86ca

Download Submit
C:\Users\Admin\Desktop\test\libopus-0.dll

Filesize
422KB

MD5
eab1c612c34d4668f4a45aae4130825d

SHA1
6af04a89188cb8ce2dc9c977986acdd65c9fbb7e

SHA256
015096d563fc415ad179c3ec845700327572104a3de0e34abaa21889d7fc573b

SHA512
38c8be24b0732765983ea83ffe27bb7eed54e46f5eeafa0da198c1ba0b6dfd4930d02ee196ae62a6b9d6f3b4485379b955b798f69ddff7f92781d500b0945b47

Download Submit
C:\Users\Admin\Desktop\test\libopusfile-0.dll

Filesize
53KB

MD5
59c250b7a836fb561d8588fabf2a1d32

SHA1
610fbd796d10c8c086174f486cf4a723302aee88

SHA256
55e6b73452dc0feb8d61e25b7b27a5247b1ff1bc2eab6447b8ec30f6a763adbc

SHA512
7a1cc1db7e9f7adb8e3983c5d80b2c1875050eff7992917eb86848633ff82bdb0c054776dbc9d1b215ddbe93acc6128849e411dfba9669802fb25175f022598d

Download Submit
C:\Users\Admin\Desktop\test\libpcre2-8-0.dll

Filesize
396KB

MD5
a58aba3de208e2442b349cc515abced8

SHA1
e0acd11ccdb8766b160b6fc505cbac196a58be78

SHA256
63c54f82926373c29ca3b335691070b0f65ac8e4abee1e4fb0a787e5843bc150

SHA512
88eddbc3237314f8ca7a3cabf748981d1a2c5f19251a1326d17b57359fc2807baef4b160c0fe22c0f1b8d6262501b5a2d1193d881dad6d3e068aa82628566199

Download Submit
C:\Users\Admin\Desktop\test\libpng16-16.dll

Filesize
234KB

MD5
d6cf0d54c03bbbfda97ca404599dab57

SHA1
6ae009f8aafb6ed58903bf8718d4da8f16899773

SHA256
e07f44548276d5a6f085f61314ed994115743a35cbdc278bb35f927a6afd239a

SHA512
6b423060ad7ae6d8415945af3cb85a49c5f8cc4b3f6e86952277fe33ffc2ee518fdf17abf583d6e99777745aab4bf63dee699aafddafbcf542a799d01dd19781

Download Submit
C:\Users\Admin\Desktop\test\libportaudio.dll

Filesize
198KB

MD5
604f9aa0486f69cb9b53ec5d23a427fc

SHA1
8e19e7c9fd6c7de103508e3fbdb667fcb24d9765

SHA256
52c731bd6463f844378e6067eddc8ac5ad2b1e10c82a94cbec2a0fea3f51d5b4

SHA512
304ed8986dc2c3c070a955916d20cc280259d889d6b6b7b6351ea2f7c5849fa1b466636b415af1d881cc70c298f6b28399d87155ccb47014d0479c1d7ac14d27

Download Submit
C:\Users\Admin\Desktop\test\libreadline8.dll

Filesize
256KB

MD5
ef3735b101566db3338f4884eb181bcf

SHA1
ea1b520f77ad2f86d2db507d307646a3b92161f5

SHA256
5b1f803c8f918087d00d55ea9f99fbaa18afea3c80596c144595792cc18f81ca

SHA512
626f3d88ec921d3568df90a1d857ccace25670f6ff79cadf09c3d585afc82690f45cc13f63c715f76cbba87360daa164ea91cd4001bf0c2e11e93fa75586b0d6

Download Submit
C:\Users\Admin\Desktop\test\libsamplerate-0.dll

Filesize
1.4MB

MD5
b4cd3f93dcb8d13f4df5754efc7e2cf0

SHA1
c7b16082997d52fed7e8348682329ea123000cab

SHA256
0166677413e26f06d1818b81ce3e9f831daff774f11acc1350db10c52650cb69

SHA512
5c70fd514d062f419d1274308fad645cf88c5710842be8db71ed088f7cbaf45dd815642751342833b43ac404764561293e4b4448bb41878f38c3323516360e78

Download Submit
C:\Users\Admin\Desktop\test\libsndfile-1.dll

Filesize
686KB

MD5
9a2b0cb1bce3997c909011426a383141

SHA1
d5dab75561f71be2c7d604131ea266af6ec99db5

SHA256
f28a3a0ab1bc79ff5b3229829e1882962818506ababbcd46ec3151480be4d3dc

SHA512
db4a4d7078febf5673e6d099c3a1314f9ca5b4a5ea616ae77effda15acaf13a499bcd87bb4f711983b7a00ee818af9cd1d332b6c488357ac7eb320327a45d6b2

Download Submit
C:\Users\Admin\Desktop\test\libstdc++-6.dll

Filesize
2.3MB

MD5
e65032f963ca4052a026bd588aec885f

SHA1
489af245792a31dcc84b3d74b8f557f6b91343ec

SHA256
5de4f48ca74fb59a1b888362c777167077a7434b829b492613cd8f6b685ec311

SHA512
4a145dfa5202482e290508369c406bae67898da09b7baf5c0da00141a8263950724902ae244d3b38b3ca47e3544ece30516b70b8842e7e2689ebe683e753a014

Download Submit
C:\Users\Admin\Desktop\test\libtermcap-0.dll

Filesize
43KB

MD5
93bf83db5f71a23c40bbda56a6228b53

SHA1
27fa42efeba0edebc231077b3ee5d12ee784442b

SHA256
3a1f77bb119788317129e9690d475a810dd4884a7a20fc03873c652023f6fff0

SHA512
c42cf9222066a427340fc10912e4362a7f7744efe418b97bddfff8c20367484f5f186331f20c6a1c1bc7a4b5cab6b15102d7399cff522ea983481b62db53f32c

Download Submit
C:\Users\Admin\Desktop\test\libvorbis-0.dll

Filesize
177KB

MD5
d5cefc2aa2ca25721596e39fa8799833

SHA1
e95447c00f07ca1c9ddac2ad5132cb7a3ab6459a

SHA256
50c1a0e9ee31d1711560ef6caf26ef9dc79032fefc60b34f66e3a46d917a2789

SHA512
d3b35ce8efc60f23b757ee09070a812fae3e084bf4802633f5540c3d8c9fa4f5b64ee33e206a5b31edf5f5d07d3575debb654acdf8fcda2b7d1cb17e525dcadb

Download Submit
C:\Users\Admin\Desktop\test\libvorbisenc-2.dll

Filesize
566KB

MD5
25ca8c9ac1c7207214ed9037ee47372e

SHA1
e3ff9fae61fc5b5af54ff9843e0154bb28cb006c

SHA256
d86869ba6389551a3de44ff0a5a0c43a37c19e2c29a72bd8d67b593312da6e42

SHA512
e61cefc69e7588beef03689e9eb3cf36b3882650fa51580c934d7912d5ff2ad58f2f28401cf655e2a01db9b222838931f469a7c23f9207cb218c43d60980d3d6

Download Submit
C:\Users\Admin\Desktop\test\libwinpthread-1.dll

Filesize
57KB

MD5
e579c4702463a3b722617562cad76654

SHA1
f60a1f74e2ec3bbfdf5d96adf9e24e9ea1ea4e7c

SHA256
c279f2e972f520b6b3eed694528638b8a8edf0298efd7c480e42c8ddbb3c5f12

SHA512
fbb6d138c16423b121aab41d4d3eb309a9ab3d0795375abeede7ffd614e37ee536cf9a49721de471f496a03e51721dd6f78f44b33c7b44583c9102748c752d78

Download Submit
C:\Users\Admin\Desktop\test\zlib1.dll

Filesize
94KB

MD5
75614eafefb7ce4d280fc0ff8fbb85b4

SHA1
92f094955212e1971bb191cf562ac9fa5c822095

SHA256
19e4cc266e1cd31b40dac7a3d847ac7b24ad2422edae0d9c16f766e4c8aad345

SHA512
479a09711b4e9820dd6a910b39a7d59c8839b685dc51f1237a05c204314c5474676531cb2e35f7b1feff6f4fc6ec825db27c048ff41cba8533baa853ab7b9508

Download Submit
memory/1528-82-0x00007FFD111C0000-0x00007FFD1140B000-memory.dmp

Filesize
2.3MB

Download
memory/1528-83-0x00007FFD28780000-0x00007FFD2878F000-memory.dmp

Filesize
60KB

Download
memory/1528-81-0x00007FF7911F0000-0x00007FF79124B000-memory.dmp

Filesize
364KB

Download
memory/1528-175-0x00007FFD111C0000-0x00007FFD1140B000-memory.dmp

Filesize
2.3MB

Download
memory/1528-176-0x00007FFD28780000-0x00007FFD2878F000-memory.dmp

Filesize
60KB

Download
memory/1528-174-0x00007FF7911F0000-0x00007FF79124B000-memory.dmp

Filesize
364KB

Download
memory/1696-159-0x00007FFD103F0000-0x00007FFD104A7000-memory.dmp

Filesize
732KB

Download
memory/1696-169-0x00007FFD1F290000-0x00007FFD1F2A3000-memory.dmp

Filesize
76KB

Download
memory/1696-168-0x00007FFD100E0000-0x00007FFD10162000-memory.dmp

Filesize
520KB

Download
memory/1696-167-0x00007FFD10170000-0x00007FFD101E0000-memory.dmp

Filesize
448KB

Download
memory/1696-166-0x00007FFD101E0000-0x00007FFD1024A000-memory.dmp

Filesize
424KB

Download
memory/1696-165-0x00007FFD20820000-0x00007FFD20837000-memory.dmp

Filesize
92KB

Download
memory/1696-164-0x00007FFD10250000-0x00007FFD10369000-memory.dmp

Filesize
1.1MB

Download
memory/1696-163-0x00007FFD215B0000-0x00007FFD215C6000-memory.dmp

Filesize
88KB

Download
memory/1696-162-0x00007FFD27D60000-0x00007FFD27D8C000-memory.dmp

Filesize
176KB

Download
memory/1696-160-0x00007FFD21B70000-0x00007FFD21B8F000-memory.dmp

Filesize
124KB

Download
memory/1696-171-0x00007FFD10020000-0x00007FFD10053000-memory.dmp

Filesize
204KB

Download
memory/1696-158-0x00007FFD126E0000-0x00007FFD12728000-memory.dmp

Filesize
288KB

Download
memory/1696-157-0x00007FFD1CCA0000-0x00007FFD1CCD9000-memory.dmp

Filesize
228KB

Download
memory/1696-156-0x00007FFD12980000-0x00007FFD129D0000-memory.dmp

Filesize
320KB

Download
memory/1696-155-0x00007FFD28770000-0x00007FFD28780000-memory.dmp

Filesize
64KB

Download
memory/1696-154-0x00007FFD104B0000-0x00007FFD1061A000-memory.dmp

Filesize
1.4MB

Download
memory/1696-153-0x00007FFD10620000-0x00007FFD10872000-memory.dmp

Filesize
2.3MB

Download
memory/1696-152-0x00007FFD1F100000-0x00007FFD1F135000-memory.dmp

Filesize
212KB

Download
memory/1696-151-0x00007FFD28780000-0x00007FFD2878F000-memory.dmp

Filesize
60KB

Download
memory/1696-150-0x00007FFD10920000-0x00007FFD10974000-memory.dmp

Filesize
336KB

Download
memory/1696-148-0x00007FFD10980000-0x00007FFD10AF7000-memory.dmp

Filesize
1.5MB

Download
memory/1696-146-0x00007FFD10B00000-0x00007FFD10BDC000-memory.dmp

Filesize
880KB

Download
memory/1696-147-0x00007FFD18410000-0x00007FFD18452000-memory.dmp

Filesize
264KB

Download
memory/1696-161-0x00007FFD10370000-0x00007FFD103E1000-memory.dmp

Filesize
452KB

Download
memory/1696-149-0x00007FFD111C0000-0x00007FFD1140B000-memory.dmp

Filesize
2.3MB

Download
memory/1696-145-0x00007FF750ED0000-0x00007FF75106D000-memory.dmp

Filesize
1.6MB

Download
memory/1696-172-0x00007FFD0FF80000-0x00007FFD10015000-memory.dmp

Filesize
596KB

Download
memory/1696-173-0x00007FFD1C700000-0x00007FFD1C713000-memory.dmp

Filesize
76KB

Download
memory/1696-170-0x00007FFD10060000-0x00007FFD100D1000-memory.dmp

Filesize
452KB

Download
memory/2056-204-0x00007FFD10150000-0x00007FFD101E5000-memory.dmp

Filesize
596KB

Download
memory/2056-205-0x00007FFD10280000-0x00007FFD102F0000-memory.dmp

Filesize
448KB

Download
memory/2056-193-0x00007FFD10420000-0x00007FFD1058A000-memory.dmp

Filesize
1.4MB

Download
memory/2056-203-0x00007FFD126F0000-0x00007FFD12723000-memory.dmp

Filesize
204KB

Download
memory/2056-202-0x00007FFD101F0000-0x00007FFD10272000-memory.dmp

Filesize
520KB

Download
memory/2056-201-0x00007FFD1C700000-0x00007FFD1C713000-memory.dmp

Filesize
76KB

Download
memory/2056-200-0x00007FFD102F0000-0x00007FFD1035A000-memory.dmp

Filesize
424KB

Download
memory/2056-199-0x00007FFD10360000-0x00007FFD10417000-memory.dmp

Filesize
732KB

Download
memory/2056-198-0x00007FFD12980000-0x00007FFD129C8000-memory.dmp

Filesize
288KB

Download
memory/2056-197-0x00007FFD1CCA0000-0x00007FFD1CCD9000-memory.dmp

Filesize
228KB

Download
memory/2056-194-0x00007FFD10590000-0x00007FFD107E2000-memory.dmp

Filesize
2.3MB

Download
memory/2056-192-0x00007FFD107F0000-0x00007FFD10861000-memory.dmp

Filesize
452KB

Download
memory/2056-190-0x00007FFD10870000-0x00007FFD10989000-memory.dmp

Filesize
1.1MB

Download
memory/2056-189-0x00007FFD20820000-0x00007FFD20837000-memory.dmp

Filesize
92KB

Download
memory/2056-187-0x00007FFD21B70000-0x00007FFD21B86000-memory.dmp

Filesize
88KB

Download
memory/2056-186-0x00007FFD1F100000-0x00007FFD1F135000-memory.dmp

Filesize
212KB

Download
memory/2056-182-0x00007FFD11150000-0x00007FFD111A4000-memory.dmp

Filesize
336KB

Download
memory/2056-185-0x00007FFD215A0000-0x00007FFD215CC000-memory.dmp

Filesize
176KB

Download
memory/2056-184-0x00007FFD27D70000-0x00007FFD27D8F000-memory.dmp

Filesize
124KB

Download
memory/2056-183-0x00007FFD28780000-0x00007FFD2878F000-memory.dmp

Filesize
60KB

Download
memory/2056-180-0x00007FFD111B0000-0x00007FFD11327000-memory.dmp

Filesize
1.5MB

Download
memory/2056-179-0x00007FFD20DF0000-0x00007FFD20E32000-memory.dmp

Filesize
264KB

Download
memory/2056-178-0x00007FFD11330000-0x00007FFD1140C000-memory.dmp

Filesize
880KB

Download
memory/2056-177-0x00007FF750ED0000-0x00007FF75106D000-memory.dmp

Filesize
1.6MB

Download
memory/2056-196-0x00007FFD18410000-0x00007FFD18460000-memory.dmp

Filesize
320KB

Download
memory/2056-195-0x00007FFD28770000-0x00007FFD28780000-memory.dmp

Filesize
64KB

Download
memory/2056-191-0x00007FFD1F290000-0x00007FFD1F2A3000-memory.dmp

Filesize
76KB

Download
memory/2056-188-0x00007FFD11030000-0x00007FFD110A1000-memory.dmp

Filesize
452KB

Download
memory/2056-181-0x00007FFD10990000-0x00007FFD10BDB000-memory.dmp

Filesize
2.3MB

Download