Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Registrati...ck.bat

windows7-x64

8

Registrati...ck.bat

windows10-2004-x64

10

Registrati...vn.exe

windows7-x64

8

Registrati...vn.exe

windows10-2004-x64

8

Registrati...CU.ps1

windows7-x64

6

Registrati...CU.ps1

windows10-2004-x64

6

Registrati...an.vbs

windows7-x64

3

Registrati...an.vbs

windows10-2004-x64

7

Registrati...AR.exe

windows7-x64

1

Registrati...AR.exe

windows10-2004-x64

3

Registrati...RU.ps1

windows7-x64

3

Registrati...RU.ps1

windows10-2004-x64

3

Registrati...UK.ps1

windows7-x64

10

Registrati...UK.ps1

windows10-2004-x64

10

Registrati...in.ps1

windows7-x64

10

Registrati...in.ps1

windows10-2004-x64

10

Registrati...an.vbs

windows7-x64

3

Registrati...an.vbs

windows10-2004-x64

7

Registrati...ss.dll

windows7-x64

1

Registrati...ss.dll

windows10-2004-x64

1

Registrati...ng.exe

windows7-x64

3

Registrati...ng.exe

windows10-2004-x64

1

Registrati...es.dll

windows7-x64

1

Registrati...es.dll

windows10-2004-x64

1

Registrati...es.dll

windows7-x64

1

Registrati...es.dll

windows10-2004-x64

1

Registrati...es.dll

windows7-x64

1

Registrati...es.dll

windows10-2004-x64

1

Registrati...es.dll

windows7-x64

1

Registrati...es.dll

windows10-2004-x64

1

Registrati...es.dll

windows7-x64

1

Registrati...es.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12/03/2025, 06:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Registration (Crack)/Crack.bat

  • Size

    2KB

  • MD5

    e90e30e3c6697d870286c1a6831a135b

  • SHA1

    1fa1f0d27f23fe364a2e0c198687ff3362d467fd

  • SHA256

    b08aaa0b0319c50f5614419752f4c45fa30b5e48137018e009672791447f4e6f

  • SHA512

    7feff998c5c7cf4e1cffbf8e654363168b10cd6b942116cb7ab04407ee0e3b40c523d5a273ce984a30ce7fdfb308a43e8ed41f7f3862faa0b25c083dd940ecb6

Score
8/10
discoveryexecution

Malware Config

Signatures

  • Command and Scripting Interpreter: PowerShell 1 TTPs 2 IoCs

    Run Powershell and hide display window.

    execution
  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 30 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Modifies registry key 1 TTPs 1 IoCs
  • Runs net.exe
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 25 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Registration (Crack)\Crack.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1800
    • C:\Windows\system32\net.exe
      net session
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2008
      • C:\Windows\system32\net1.exe
        C:\Windows\system32\net1 session
        3⤵
          PID:492
      • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
        powershell -NoProfile -WindowStyle Hidden -ExecutionPolicy Bypass -Command "$b='"cG93ZXJzaGVsbCAtRXhlY3V0aW9uUG9saWN5IEJ5cGFzcyAtRmlsZSBsYW5ndWFnZS93aW5feC5wczE="';Invoke-Expression([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($b)))"
        2⤵
        • Command and Scripting Interpreter: PowerShell
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of WriteProcessMemory
        PID:2352
        • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
          "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass -File language/win_x.ps1
          3⤵
          • Command and Scripting Interpreter: PowerShell
          • Drops file in Program Files directory
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of AdjustPrivilegeToken
          • Suspicious use of WriteProcessMemory
          PID:2192
          • C:\Windows\system32\reg.exe
            "C:\Windows\system32\reg.exe" ADD HKCU\SOFTWARE\Valve\Steam\Apps\993090 /v Installed /t REG_DWORD /d 1 /f
            4⤵
            • Modifies registry key
            PID:2632
          • C:\Program Files (x86)\Lossless Scaling\LosslessScaling.exe
            "C:\Program Files (x86)\Lossless Scaling\LosslessScaling.exe"
            4⤵
            • Executes dropped EXE
            • Suspicious use of WriteProcessMemory
            PID:2664
            • C:\Program Files\Internet Explorer\iexplore.exe
              "C:\Program Files\Internet Explorer\iexplore.exe" http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch&plcid=0x409&o1=.NETFramework,Version=v4.8&processName=LosslessScaling.exe&platform=0009&osver=5&isServer=0&shimver=4.0.30319.0
              5⤵
              • Modifies Internet Explorer settings
              • Suspicious use of FindShellTrayWindow
              • Suspicious use of SetWindowsHookEx
              • Suspicious use of WriteProcessMemory
              PID:2344
              • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2344 CREDAT:275457 /prefetch:2
                6⤵
                • System Location Discovery: System Language Discovery
                • Modifies Internet Explorer settings
                • Suspicious use of SetWindowsHookEx
                PID:1828

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Program Files (x86)\Lossless Scaling\LosslessScaling.exe
      Filesize

      953KB

      MD5

      2c98d33096e97094cbbbd19f27f40883

      SHA1

      7e28af9d119d2658f962e3b28140c6081be1612b

      SHA256

      010ac1120a88a772e87d9e9018aa5db034a9bac9399803d4a7c4db3c47a71df6

      SHA512

      f9070ad6b2e3295fdde13aa8d7486147a7f9a675a924ad3bf117479baf5b573cf92650199e58378dd8345a28ab890bbd5021d374030c24836bfa65bb037dddc7

      Download Submit

    • C:\Program Files (x86)\Lossless Scaling\LosslessScaling.exe.config
      Filesize

      174B

      MD5

      2a2df45a07478a1c77d5834c21f3d7fd

      SHA1

      f949e331f0d75ba38d33a072f74e2327c870d916

      SHA256

      051099983b896673909e01a1f631b6652abb88da95c9f06f3efef4be033091fa

      SHA512

      1a6dd48f92ea6b68ee23b86ba297cd1559f795946ecda17ade68aea3dda188869bba380e3ea3472e08993f4ae574c528b34c3e25503ee6119fd4f998835e09d7

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
      Filesize

      71KB

      MD5

      83142242e97b8953c386f988aa694e4a

      SHA1

      833ed12fc15b356136dcdd27c61a50f59c5c7d50

      SHA256

      d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755

      SHA512

      bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      bdd4f073cd9a0476d8ad6d5f75ebf5ba

      SHA1

      465aaf9eb5627d2adcac69d5dcbd121b82c33013

      SHA256

      a5733b24e7fdad44612cb240ef93c47aa99fd6ed73fcb2dd189a7056fdc5aa56

      SHA512

      b9aaf29e38331037107aa7f9d9b0b3171bac1a0cfcf7866ce9899cb0288db04fb7c8f23d790a604680e32df8afd1d2e65dd9274a4be1471863bae41e104167ea

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      0f19df936c31d36c76777d61d36360de

      SHA1

      4be846301427b1c320fa8eec413fcd22709f3bf4

      SHA256

      e9e78f2fb808a68675195efde803b3f3f11a73723177c51fae1feaf307b63fc8

      SHA512

      52fb9c0772a679dba3d019d0070e3ef90c6e3916c104e6062bc23b29cabd74b807f01e113158f7703c1efc12c261abd9b6b7ab848a902dea6ccc54f3eb3db34a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      08535552eee88f2f39c8fca2a943b631

      SHA1

      6a9d1a92fe3819bf1aeddd3de41ad16d1c158165

      SHA256

      000d8c888f190b5ccb9f3a4f9bd97ab9d89ca5785609127e47ba657e5d2b9048

      SHA512

      8e86b72f7d18ee36908348004eeae8bbc130f52971c0112cfdfba913ddc0f44ec5f3348088eb47205cce48d6880993a800757e830381356a427c388a39dab438

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      9287a44b0e245e64efcdea17cdb72d26

      SHA1

      acf9fceb605ebfe5bb7eedff8d7ec1be7f86cc17

      SHA256

      f7536c5e8c6a9b478e1c0c2280dd1400c354b5977ad5ad9ab78f4c33fee18032

      SHA512

      fd4074d8d4900e2e6962e8cc72269e22a9b6ce6eb47ecdde0eaabf6f5481093c9c60c94245b14d780f5add2e8337a9a0f53eac79363141cc2eee0b03d5e51650

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      2c0cd84140c5a892808653d0ff0acd07

      SHA1

      0f6d2c194f302974743319ab64f9d4d51ac72a71

      SHA256

      897df8bae51bacc7649fcd9c8894b9dd4941da4e5ce105997427796d47e34f41

      SHA512

      568295a38a79d6a80d26e758f55e36b164f515ae44e1d34f52d8c38adaddf25b10f1a4f99936c589b1c034c821dd545482bd5281a205629d39f57c73114c5510

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      e02b69a5d8dec85bd13e77157db309b1

      SHA1

      0f49c7ee2dd7431dadb79a2063c8a9e053a5929c

      SHA256

      c2834a9e2eaa0e0b349369550bbfc5cf99abb6915538ac86949c680ab4a8485c

      SHA512

      8a701503d23500f6e7ba8749fba6bb08e068b1e44bf1c4132e389e905d0cdda77b809f7d8338bf94d9486da71788bf7385e0e90add32d38238afdb6bff70b50f

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      74668d67fa44a5b80064b41d60e59461

      SHA1

      001cf132841fe811e0970e6e50989301614976ce

      SHA256

      38886cccc3dd9b3c4b76cf54d7b542fc78ca37e2d9fb91944d1df8802caa0739

      SHA512

      3169935b7e7dc7d95b25629a4298e241d66b86dac5314823440ea41b4d1e51b454a7b9724923d6a44fd2a209fa214734d267e615b99157e679e40800d3b0e47e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      c715d9ba8aab8de03e04b4a07c59a298

      SHA1

      100a9215c8190ca1a017680bc371f95209aa9605

      SHA256

      d255e2c16e4badd99918454c17f966f1bb04753261e113253067cad4182159fb

      SHA512

      68e33684a21733b25dca4810ea670e2a50fe050f74537ec89b7ced274b26314b2f9da228d6cee4884c3f3f12b9e6b048ee5acb7054d2e76a714c38712267cb6c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      b5abec80e908f0c17e6a34a249decad7

      SHA1

      f17f9d7a3e0833cf9848ef04c8f8e31a7016fbec

      SHA256

      56468fde3fda8f777ffa1838e6c4535ce28404109ed4f3c01d733fb005eb8791

      SHA512

      e9ca84bb6bd9fb77b2833794986b4a90333ebed79d070afa2fa21ec88638a6a77f077a5ebda6f7ced2960aa7f780617d4dc39c20cee1ce674b81c5d241805e19

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      8235f4d60571a386181e1eb4ce921906

      SHA1

      6efdc3dc3c97f58deaa67e2c2fa243a59cf9cb5e

      SHA256

      0fe93e644b5552216170bff369bca38b59851cf8bf05ef68a08affc87b6c502b

      SHA512

      02d97362011185d43899f707de20c0c1bc28278068c44fadf6df9f72afeef7400b7900d04f0fe1c4485398226e2289a4b7b64487b35b226beeec9367326da011

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      401f06dc04af86fe65b936e318cb3882

      SHA1

      1d5f270e9c7c7a4dc0be54bee6e30d6ca4250641

      SHA256

      7c2f70405149f752679f17dc3d34443043a870ee1c2c05505fc5c4f8d1dad04d

      SHA512

      479a7b3b5661b410aed9a872ed8982bdde64db3877911ef810462f3674e949ea79abdfa65373d1d5f0f02b37f70579b5ca7a8fdc92a29fda499432666769e2c9

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      32a1e5ccb17530dfc079abda220d5744

      SHA1

      7a2527aed9ca247f152f8782243900c26c41b4dc

      SHA256

      4d16bdc68c0a39bbf9f24de5fc042869bfff68ed743de462a32338f2b0dac3a3

      SHA512

      3d85d7d574a1af06f7ddc927228467e5c092576fac7bd250ebf2a7b632af2aa7f2e56b4525e5cfc4f612874124eaedb96d827a0d14d5307a4e6f958281ab3c50

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      61866b607d9e39bfac734abb778bddcc

      SHA1

      fdde1888f312e35faa670ae06c95975a6b935636

      SHA256

      30511487c5d89bb1ed4d225b72aa17824f071f0b55977407a209b9cc64be11cb

      SHA512

      56b71ebde9610c6db5da4b69b9e6ce67b4edb9888e896185af5077070c54f515a1567ef947b859ffbd8588f73e3d2e68dec6968ddda08210efd2c5e5fda632e1

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      949461e725fa310382731014fe39cf60

      SHA1

      2e53f5b87b27bdbb2603b8019ee1f74da96d1578

      SHA256

      f41539dbd8c1716efefa5870b98f12d74a646899fef9b7b417d5a702cec84b27

      SHA512

      70835e9c9a5ed6a5c9dc39a8a3a05519a1f3e0b60f00fbf91465542f0a9ad89936c390c85b96c7f9d31351996347ff5b98320da59a731c1e03fb73d91b342184

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      6a5f04f51fe3fbbf2c0a895e9631ac38

      SHA1

      961bb9f7298459acceda0637c6e8cba0fae07acf

      SHA256

      64169653adbe5c345be1dc8ec3ac7692cef969422aee0350ee7c2d7f419efed9

      SHA512

      05128822af0f8e4b4cee56153c09ed2f171d536958cc98127deb20e900faf6c526354c6c53df81482b423f0d27f1408279b1458a9472991a89924151a209ed6c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      4366f40d321af8492b726c9434fa3be1

      SHA1

      d8dd66e44200573119cd4b51fd8f1b6f1765c0ee

      SHA256

      b1c7971b932c14cf36ce88ebf875f066e2952bfe7d10aa9ec0e2f28a26becafd

      SHA512

      71d4c72406688720e247eb257cb2070165bb274a314fae1d4c6d0181bfcb22b5111ea78fb3288480de71894d1017052154dc30e722050fefb4a655f4553f45fc

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      efbbd5be54b9b6aba0004d7ad16f7467

      SHA1

      4efe42a1013c3857f2d3cfb9a11b04048c3c107c

      SHA256

      d53d42f48da1521a593183f650509702361a17ff355d3e58503e968bca53b41a

      SHA512

      d32cc2d7d9c8ca611650b5abf59167f6dfccc896da2b2b8e9319bf3ad428a8b2b874dac9b9bd763ac3e62cf060f6deb30624be813dffa55c1be671852c02268f

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      3a2ac5b9d5a3294efd424e9d149ec5bb

      SHA1

      ffaefe0aa2eaad8c6e540d131d9cf60ec24cd483

      SHA256

      9f6cccb25b5c54e0a98fa2fde9f2381c62fff65c36afd7d71e6177a17e0de73c

      SHA512

      638b8ff7c7b441efe86b07a5a030e83a108c8cda6712533817df346cf47b9a68ef10b7afdaf1cffeaf5577024597f6e5fd60ca78c90272cade5eccd1a3f6c6d3

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      3f3014890753f95eb42353efef41b894

      SHA1

      16cadabddcefcc97b6195a600859ac9e51278c81

      SHA256

      938eabd755c048715ba806ca721e11e1e20d5af130dcbf26ae31ffaad30ab464

      SHA512

      02ddbd03bfd685197f92ad6867b77a46d8a44035d63cbaac4c694adf1c6dc2b39f3444413751f472328b2b5b2727a8b2a0d66e7ab8d1554a56d9e3eee2f0d4bd

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      344B

      MD5

      dfaf31cc3c324cb81b54e6085301b743

      SHA1

      c565fcdb3ffe741e386b6fd10a4eb0955d8e1151

      SHA256

      16dc412214131575971c535444a217df3dac6b382113231d6b80f30ee14f0398

      SHA512

      6cd36bedb2309be88d4bdfc167b6e8b60b68d013cf59d8fcd341d307019911fb7131cfc917cc1c0e1da98c7f12cd46a80b62db0876419f5f5e5bdbed4fce18b3

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\TarFDE6.tmp
      Filesize

      183KB

      MD5

      109cab5505f5e065b63d01361467a83b

      SHA1

      4ed78955b9272a9ed689b51bf2bf4a86a25e53fc

      SHA256

      ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673

      SHA512

      753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\29REOLIG11YLB08HZ9FP.temp
      Filesize

      7KB

      MD5

      2a96e8b0028d54c0fd5db87a9de1edf0

      SHA1

      b6d651e6af073e6ce400f1a40a04504a99216acf

      SHA256

      a623dd9299573b189aa5ad06c955b27aae0a6053b3ad74648671871bf9546a01

      SHA512

      70d1b418d674a81c3d0244b8e8edad59e2ae5110d22f62e1da10247b1d69b6c3de9089060c98f8ecc09decfdf87ca6507f880e7a956a7e23a8586a1c73b17ee8

      Download Submit

    • memory/2352-9-0x000007FEF5460000-0x000007FEF5DFD000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/2352-7-0x000007FEF5460000-0x000007FEF5DFD000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/2352-4-0x000007FEF571E000-0x000007FEF571F000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2352-10-0x000007FEF5460000-0x000007FEF5DFD000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/2352-61-0x000007FEF5460000-0x000007FEF5DFD000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/2352-8-0x000007FEF5460000-0x000007FEF5DFD000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/2352-6-0x0000000002290000-0x0000000002298000-memory.dmp

      Filesize

      32KB

      Download

    • memory/2352-5-0x000000001B660000-0x000000001B942000-memory.dmp

      Filesize

      2.9MB

      Download