Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://www.mediafir...

windows11-21h2-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250410-en
  • resource tags

    arch:x64arch:x86image:win11-20250410-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    10/04/2025, 20:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.mediafire.com/file/rzm2m54kfkwsw5n/BloxFruits_script.zip/file

Score
10/10
lummadiscoveryspywarestealer

Malware Config

Extracted

Family

lumma

C2

https://aquesolp.run/agosoz

https://7soursopsf.run/gsoiao

https://changeaie.top/geps

https://easyupgw.live/eosz

https://qliftally.top/xasj

https://upmodini.digital/gokk

https://salaccgfa.top/gsooz

https://zestmodp.top/zeda

https://lxcelmodo.run/nahd

Signatures

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

    stealerlumma
  • Lumma family
    lumma
  • Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
    spyware
  • Suspicious use of SetThreadContext 2 IoCs
  • Drops file in Windows directory 11 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 1 IoCs
  • Modifies registry class 7 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 29 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.mediafire.com/file/rzm2m54kfkwsw5n/BloxFruits_script.zip/file
    1⤵
    • Drops file in Windows directory
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of WriteProcessMemory
    PID:4188
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2e0,0x2f4,0x7ffa5717f208,0x7ffa5717f214,0x7ffa5717f220
      2⤵
        PID:6128
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1828,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=2268 /prefetch:11
        2⤵
          PID:912
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2232,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=2224 /prefetch:2
          2⤵
            PID:1236
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2476,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=2472 /prefetch:13
            2⤵
              PID:4252
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3464,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=3492 /prefetch:1
              2⤵
                PID:5084
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3480,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=3504 /prefetch:1
                2⤵
                  PID:5100
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4864,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=4704 /prefetch:1
                  2⤵
                    PID:2628
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=5028,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=5076 /prefetch:1
                    2⤵
                      PID:5156
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --always-read-main-dll --field-trial-handle=5264,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=5284 /prefetch:1
                      2⤵
                        PID:3340
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --always-read-main-dll --field-trial-handle=5504,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=5052 /prefetch:1
                        2⤵
                          PID:1908
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --always-read-main-dll --field-trial-handle=5440,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=5840 /prefetch:1
                          2⤵
                            PID:4644
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --always-read-main-dll --field-trial-handle=4188,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=6020 /prefetch:1
                            2⤵
                              PID:6048
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --always-read-main-dll --field-trial-handle=5008,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=5016 /prefetch:1
                              2⤵
                                PID:5456
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --always-read-main-dll --field-trial-handle=4972,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=5060 /prefetch:1
                                2⤵
                                  PID:3640
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5088,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=5148 /prefetch:14
                                  2⤵
                                    PID:656
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5068,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=5180 /prefetch:14
                                    2⤵
                                      PID:1160
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --always-read-main-dll --field-trial-handle=6568,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=6584 /prefetch:1
                                      2⤵
                                        PID:5988
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6708,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=5468 /prefetch:14
                                        2⤵
                                          PID:5972
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7280,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=7320 /prefetch:14
                                          2⤵
                                            PID:384
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --always-read-main-dll --field-trial-handle=7296,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=7336 /prefetch:1
                                            2⤵
                                              PID:876
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7776,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=7788 /prefetch:14
                                              2⤵
                                                PID:3020
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\cookie_exporter.exe
                                                  cookie_exporter.exe --cookie-json=1136
                                                  3⤵
                                                    PID:1224
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7828,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=7848 /prefetch:14
                                                  2⤵
                                                    PID:5344
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7828,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=7848 /prefetch:14
                                                    2⤵
                                                      PID:5232
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --always-read-main-dll --field-trial-handle=7940,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=7904 /prefetch:1
                                                      2⤵
                                                        PID:3772
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --always-read-main-dll --field-trial-handle=6172,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=6060 /prefetch:1
                                                        2⤵
                                                          PID:3888
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7140,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=5628 /prefetch:14
                                                          2⤵
                                                          • NTFS ADS
                                                          PID:5440
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4164,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=5808 /prefetch:14
                                                          2⤵
                                                            PID:2704
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4204,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=5644 /prefetch:14
                                                            2⤵
                                                              PID:2716
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7844,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=5040 /prefetch:14
                                                              2⤵
                                                                PID:2920
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7892,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=5996 /prefetch:14
                                                                2⤵
                                                                  PID:4412
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=8004,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=5144 /prefetch:14
                                                                  2⤵
                                                                    PID:4404
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3380,i,1180905628117405538,5298366556369804320,262144 --variations-seed-version --mojo-platform-channel-handle=8000 /prefetch:14
                                                                    2⤵
                                                                      PID:4760
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
                                                                    1⤵
                                                                      PID:5076
                                                                    • C:\Windows\system32\cmd.exe
                                                                      C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
                                                                      1⤵
                                                                        PID:3280
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
                                                                          2⤵
                                                                            PID:2860
                                                                        • C:\Windows\System32\rundll32.exe
                                                                          C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                          1⤵
                                                                            PID:3364
                                                                          • C:\Users\Admin\Downloads\BloxFruits script\BloxFruits script\InstallerV2.exe
                                                                            "C:\Users\Admin\Downloads\BloxFruits script\BloxFruits script\InstallerV2.exe"
                                                                            1⤵
                                                                            • Suspicious use of SetThreadContext
                                                                            PID:3404
                                                                            • C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
                                                                              "C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
                                                                              2⤵
                                                                              • System Location Discovery: System Language Discovery
                                                                              • Suspicious behavior: EnumeratesProcesses
                                                                              • Suspicious use of AdjustPrivilegeToken
                                                                              PID:4124
                                                                          • C:\Windows\system32\BackgroundTransferHost.exe
                                                                            "BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13
                                                                            1⤵
                                                                            • Modifies registry class
                                                                            PID:1560
                                                                          • C:\Windows\system32\NOTEPAD.EXE
                                                                            "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\BloxFruits script\BloxFruits script\INFO!!.txt
                                                                            1⤵
                                                                              PID:1160
                                                                            • C:\Windows\system32\NOTEPAD.EXE
                                                                              "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\BloxFruits script\BloxFruits script\intro_update.dll.txt
                                                                              1⤵
                                                                                PID:5964
                                                                              • C:\Windows\system32\NOTEPAD.EXE
                                                                                "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\BloxFruits script\BloxFruits script\update_crack.dll.txt
                                                                                1⤵
                                                                                  PID:5444
                                                                                • C:\Users\Admin\Downloads\BloxFruits script\BloxFruits script\InstallerV2.exe
                                                                                  "C:\Users\Admin\Downloads\BloxFruits script\BloxFruits script\InstallerV2.exe"
                                                                                  1⤵
                                                                                  • Suspicious use of SetThreadContext
                                                                                  PID:1524
                                                                                  • C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
                                                                                    "C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
                                                                                    2⤵
                                                                                      PID:2364
                                                                                    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
                                                                                      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
                                                                                      2⤵
                                                                                      • System Location Discovery: System Language Discovery
                                                                                      PID:4532

                                                                                  Network

                                                                                  MITRE ATT&CK Enterprise v16

                                                                                  Replay Monitor

                                                                                  Loading Replay Monitor...

                                                                                  Downloads

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                    Filesize

                                                                                    280B

                                                                                    MD5

                                                                                    9e4597d6e9951c90f605fa4a330843b2

                                                                                    SHA1

                                                                                    c9a4c72aba3b9584e03d0db43aee91e51094c369

                                                                                    SHA256

                                                                                    272d838982199dc905b6eea7f57fc331c216efacab7d865cf427fa4972aff009

                                                                                    SHA512

                                                                                    adbf3948d11ce019ee5a0e8971b7b08567c7a3de742e03274ae0bd868f64f4d09e93e91e38681b34eb017af7d4708e5484b776b9b3828715d05f35621423fe05

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000a4
                                                                                    Filesize

                                                                                    31KB

                                                                                    MD5

                                                                                    86bcdfc31410dcdc5dad2866c3b0bd24

                                                                                    SHA1

                                                                                    8862f2f3a32feca5cbb87c9f8a651fd26dc482f9

                                                                                    SHA256

                                                                                    2d6f68fc649f6fea713cb42c87ef1755104c5495fd9c7170fecf412845787b0a

                                                                                    SHA512

                                                                                    ff65cec7b6cce695e459d43d12d3bbe8c2923de2819ac96c62d572ef616168a88471ba519c70c019675f674e911f4cf2da4d518886616b812598b7e9309abb92

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
                                                                                    Filesize

                                                                                    5KB

                                                                                    MD5

                                                                                    db7b1ca11d44d1d4119889bc17abd3dd

                                                                                    SHA1

                                                                                    5263609ffdaea93b5e59acec1369cebecd150e7a

                                                                                    SHA256

                                                                                    48febb26aecd48fbb67e42e602f6077c8167f0362ea0ad3334717a23176d75dd

                                                                                    SHA512

                                                                                    9e6f3c51b639941edcb1971314f6a83edf09a8a49eac2f71060023ab67c86dba712c5d3fa191f1e62d689c711db81768779dc0048ddf9c7bdce00cc9dc2934d8

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe580470.TMP
                                                                                    Filesize

                                                                                    4KB

                                                                                    MD5

                                                                                    53f6b36432b710792bd586f2af92c87a

                                                                                    SHA1

                                                                                    c26d8bc093aa41367c20f6b99305afa69dbd8278

                                                                                    SHA256

                                                                                    dfc54448078fa6bc3fc908ce2865410a363cc475a54ec98de4f7d26e4610297b

                                                                                    SHA512

                                                                                    bc2779cb327e9add5087d1b60baddcb9fa8069f55f89917658186e09eceb8f92d45dd7a720a07b772a1b48917708ded019cb33f15f5300f11e9ff8d95dfc54a7

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
                                                                                    Filesize

                                                                                    2B

                                                                                    MD5

                                                                                    99914b932bd37a50b983c5e7c90ae93b

                                                                                    SHA1

                                                                                    bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                                    SHA256

                                                                                    44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                                    SHA512

                                                                                    27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
                                                                                    Filesize

                                                                                    224KB

                                                                                    MD5

                                                                                    c6a0373f165e63ca83fd1af6450f0dd3

                                                                                    SHA1

                                                                                    aa918820ef784015582138addfe79f42874ef2aa

                                                                                    SHA256

                                                                                    1e3118907c7eb75584605afc8632c7aa789b296f5d2d4b25045326f4db480837

                                                                                    SHA512

                                                                                    31477c91d500ab69017798de8491b48cc3944b37cafcc24e67ebd13a2ec0e0a756afbc39d95f637b1bb42fd1a4d73453fc411610e8f8faed8f95ad734d237b2f

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps
                                                                                    Filesize

                                                                                    107KB

                                                                                    MD5

                                                                                    2b66d93c82a06797cdfd9df96a09e74a

                                                                                    SHA1

                                                                                    5f7eb526ee8a0c519b5d86c845fea8afd15b0c28

                                                                                    SHA256

                                                                                    d4c064db769b3c109da2ed80a53fbab00987c17421a47921e41e213781d67954

                                                                                    SHA512

                                                                                    95e45c0aea0e704be5f512dffaae377d4abef78da99b3bca769264d69be20f2570daf2f47905645217e1b2696e42b101f26149219f148b4d6dd97a6c2868b6f5

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
                                                                                    Filesize

                                                                                    36KB

                                                                                    MD5

                                                                                    675197e4d5a96dae13e5175df3138b37

                                                                                    SHA1

                                                                                    2817400af3b785a3bf8815c6ec3cd060ae510d28

                                                                                    SHA256

                                                                                    f001bb3eaf239ee016fbb8ed6e5517172eac3d270248bc5cfce640f6d3f16a79

                                                                                    SHA512

                                                                                    8d37db33db4e30a85127720da8a7e02331a40ccb0a04e0bfde6a6a0d63e07e8f51c05f496ea11565fc09e7b9c8183ddfd718b890e13f11d0fa31b9d02a158581

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
                                                                                    Filesize

                                                                                    18KB

                                                                                    MD5

                                                                                    5088f510050ddd2228c3d6b0a33f13d3

                                                                                    SHA1

                                                                                    d93b2883910de9fe0bca6e01920498a56c21d53c

                                                                                    SHA256

                                                                                    646eb910f03be44303509b5393a0103a297d60ddcfca7a3fe9edcdb45b0f753f

                                                                                    SHA512

                                                                                    55ef61457aa5bf4ff1621f6618ebf2ec196dac76b04d43bf0d471bb62fcbbaf399d41b3659ebfab97a1f2eec376b5fc437899b639b996ce294377bdb682d7612

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
                                                                                    Filesize

                                                                                    2B

                                                                                    MD5

                                                                                    d751713988987e9331980363e24189ce

                                                                                    SHA1

                                                                                    97d170e1550eee4afc0af065b78cda302a97674c

                                                                                    SHA256

                                                                                    4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                    SHA512

                                                                                    b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
                                                                                    Filesize

                                                                                    40B

                                                                                    MD5

                                                                                    20d4b8fa017a12a108c87f540836e250

                                                                                    SHA1

                                                                                    1ac617fac131262b6d3ce1f52f5907e31d5f6f00

                                                                                    SHA256

                                                                                    6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

                                                                                    SHA512

                                                                                    507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                    Filesize

                                                                                    22KB

                                                                                    MD5

                                                                                    9a67615848f4e84211575cb8385eeaa8

                                                                                    SHA1

                                                                                    0b42a9de4469fd73fb753c9e1a69183ae9d6eea5

                                                                                    SHA256

                                                                                    36bfba9d5eaf653b517c3eca48ac3375e1aecfabfec59100479caf0df077dcf4

                                                                                    SHA512

                                                                                    9f916ce3f8ce3d2ae0d75903135728d779e5a61941ffdfabf2534c9ad304c653a1bdd0c277c729ecd3059429901c47b42a243827b8aa517e7d7e9d3fa4b3a2cc

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                                                                    Filesize

                                                                                    37KB

                                                                                    MD5

                                                                                    d1715c6ccac2661176f6ea648e0333ee

                                                                                    SHA1

                                                                                    50cf00879dd236ab72b19c6675acf27286767694

                                                                                    SHA256

                                                                                    ff852ce39cd191637209bd9d2a14ee0561c07ced48960e04fdbe4f848106c36c

                                                                                    SHA512

                                                                                    e1ff3fde0dc85d88c7f10364baad486555762b782ad2b204656a41f3b5a96a9ee82a66cf4396d5c252132b43ed899b2a0cade98f0ec4fc61cb06d36adc6dce69

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log
                                                                                    Filesize

                                                                                    23KB

                                                                                    MD5

                                                                                    48ef0103edd5d420dc2f46c3911149db

                                                                                    SHA1

                                                                                    8f3b09e6312cda32531af1064cabb72a593c5b61

                                                                                    SHA256

                                                                                    e38e188ade0d6bdeee585e794aa9a62d4d161986da62f550ad3f53a71536beae

                                                                                    SHA512

                                                                                    bb266cbb790c578edf7213a11d47066517086b648630e2f9fd207857be1ebb6c6f76e00eacc003d7785e3a50149f09f5215a63566399be6d0895f832d3965a09

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
                                                                                    Filesize

                                                                                    228KB

                                                                                    MD5

                                                                                    ed7a616682440602bf5e816328a9280a

                                                                                    SHA1

                                                                                    eb438cc9580699a0110be0d7192f04d90994e9f3

                                                                                    SHA256

                                                                                    eaa43836030739b0fd5fb081784237c5f911eb716336d9d08dd24e2dfcda4daf

                                                                                    SHA512

                                                                                    2e362b84e41f1ff3d03a174d11de28950c2390168e0f763e4275d12bb1f8b0fec2753224d538d7ac2eb3c8aa49f7f33f382e49356aa309562aa17657f7f9908b

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
                                                                                    Filesize

                                                                                    460B

                                                                                    MD5

                                                                                    25cf95beb026c7f9b1c21e2b7ed66601

                                                                                    SHA1

                                                                                    bc3b63286dde58acc3bfe438a63ee098a0e58bf6

                                                                                    SHA256

                                                                                    aa9c998dca9df4d5e9e9c1bb94f773d69e62b1040dd9b892fa55845b60cd6397

                                                                                    SHA512

                                                                                    e566ac3643961ffd34d15a6005a4c8f84bab5d3086f851f5d23792fe6ccf1fbadc2136fdc4246f86820231bd9622c278478b6d4195f6d3862c32ac000c33ba0a

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
                                                                                    Filesize

                                                                                    13B

                                                                                    MD5

                                                                                    3e45022839c8def44fd96e24f29a9f4b

                                                                                    SHA1

                                                                                    c798352b5a0860f8edfd5c1589cf6e5842c5c226

                                                                                    SHA256

                                                                                    01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd

                                                                                    SHA512

                                                                                    2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                    Filesize

                                                                                    40KB

                                                                                    MD5

                                                                                    dfa44c251c4e8fe757c1c4cf08613564

                                                                                    SHA1

                                                                                    f9f742f3206662b8ca05f6c60a11f30fb1c66b05

                                                                                    SHA256

                                                                                    324f10ec8e59b4619d66c78df34cec4edd62a5d2bd22ccc516f248e89f60db12

                                                                                    SHA512

                                                                                    55c79fc274c9039caa8e19fc1499935724ff3573aa88a8e143dd241354b68de86eaf1740a0c69dcf8988c96b4ad421645cb7255eeb781b7cd84112dab85060d6

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                    Filesize

                                                                                    41KB

                                                                                    MD5

                                                                                    0b25b79f7fa7c04bb45efb8a4cc86b1b

                                                                                    SHA1

                                                                                    bf14677aaa353228057fa8a1bd349d1b96194f4d

                                                                                    SHA256

                                                                                    f1c7d640dacb8c9f6bf3a3c13f392e20e315ed20a3cc0c43b60d42b2c0a6e9d7

                                                                                    SHA512

                                                                                    517726b7e2553e0927f026efb41fcf8326fcf28aca890a37f7f8b1c36e58885df4570470099a35e4ace3329ea22b616dd9a76208534a002c4124d6a2dc40a7f0

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                    Filesize

                                                                                    40KB

                                                                                    MD5

                                                                                    8f4c55a04f040fb7ede48deaa16de7e4

                                                                                    SHA1

                                                                                    80f4008c1d7589e4e389d055c1f9c9ed989ce6c5

                                                                                    SHA256

                                                                                    2bd94ac9f6d6ed3c62d9a3f7985b3c156a61f1125d85fcd031d93a0f767ce9e1

                                                                                    SHA512

                                                                                    20531a80e0c54b4b1c61028177ba64fb8cd89b0af4d6960dd3da674941edaa635a4a1e86ab79cafcd8bfdc5b13ff26b35b8128b2cdd4556648e4a4f840fe5137

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                    Filesize

                                                                                    41KB

                                                                                    MD5

                                                                                    f1e399c07e2194eb5e607ea0ae6261ec

                                                                                    SHA1

                                                                                    bae80ce8867445240f647712787c8ca6814be361

                                                                                    SHA256

                                                                                    63e89cf2668b28edbe3a61bccca1d462bca8257ab8297b683a3abcafb7d6e185

                                                                                    SHA512

                                                                                    6c58c8ba764f098096ab00a9a51012c154e6736623c71db34428cb7e5664d93790dd7e5833effaa8e08d95218508a515f3545207629f43088ef95192e74b0c5d

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\BackgroundTransferApi\fb9f3859-5e60-4e19-88e9-d5d7963cda87.down_data
                                                                                    Filesize

                                                                                    555KB

                                                                                    MD5

                                                                                    5683c0028832cae4ef93ca39c8ac5029

                                                                                    SHA1

                                                                                    248755e4e1db552e0b6f8651b04ca6d1b31a86fb

                                                                                    SHA256

                                                                                    855abd360d8a8d6974eba92b70cbd09ce519bc8773439993f9ab37cb6847309e

                                                                                    SHA512

                                                                                    aba434bd29be191c823b02ea9b639beb10647bbe7759bbffdaa790dfb1ec2c58d74c525ef11aacda209e4effe322d1d3a07b115446c8914b07a3bce4d8a0e2c3

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\Downloads\BloxFruits script.zip
                                                                                    Filesize

                                                                                    4.1MB

                                                                                    MD5

                                                                                    8a6a94c3009cf8c71b28c387858917e6

                                                                                    SHA1

                                                                                    561357c252bd8a66addf13ea129798264285434a

                                                                                    SHA256

                                                                                    1c388afabe695c4e1a1e97fea56646c946c143de504c3503d1f760360900f071

                                                                                    SHA512

                                                                                    0ea1526974ec20927ae674db8af303c698aa4ec5278d181b40c2e32b6b55fb8e324bfdec9b44954c15e7c3be499358725130f7951f5c2b3ef8380eae85464368

                                                                                    Download Submit

                                                                                  • C:\Users\Admin\Downloads\BloxFruits script.zip:Zone.Identifier
                                                                                    Filesize

                                                                                    26B

                                                                                    MD5

                                                                                    fbccf14d504b7b2dbcb5a5bda75bd93b

                                                                                    SHA1

                                                                                    d59fc84cdd5217c6cf74785703655f78da6b582b

                                                                                    SHA256

                                                                                    eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

                                                                                    SHA512

                                                                                    aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

                                                                                    Download Submit

                                                                                  • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4188_1593747691\LICENSE
                                                                                    Filesize

                                                                                    1KB

                                                                                    MD5

                                                                                    ee002cb9e51bb8dfa89640a406a1090a

                                                                                    SHA1

                                                                                    49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2

                                                                                    SHA256

                                                                                    3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b

                                                                                    SHA512

                                                                                    d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

                                                                                    Download Submit

                                                                                  • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4188_1593747691\manifest.json
                                                                                    Filesize

                                                                                    85B

                                                                                    MD5

                                                                                    c3419069a1c30140b77045aba38f12cf

                                                                                    SHA1

                                                                                    11920f0c1e55cadc7d2893d1eebb268b3459762a

                                                                                    SHA256

                                                                                    db9a702209807ba039871e542e8356219f342a8d9c9ca34bcd9a86727f4a3a0f

                                                                                    SHA512

                                                                                    c5e95a4e9f5919cb14f4127539c4353a55c5f68062bf6f95e1843b6690cebed3c93170badb2412b7fb9f109a620385b0ae74783227d6813f26ff8c29074758a1

                                                                                    Download Submit

                                                                                  • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4188_1816364733\manifest.json
                                                                                    Filesize

                                                                                    176B

                                                                                    MD5

                                                                                    6607494855f7b5c0348eecd49ef7ce46

                                                                                    SHA1

                                                                                    2c844dd9ea648efec08776757bc376b5a6f9eb71

                                                                                    SHA256

                                                                                    37c30639ea04878b9407aecbcea4848b033e4548d5023ce5105ea79cab2c68dd

                                                                                    SHA512

                                                                                    8cb60725d958291b9a78c293992768cb03ff53ab942637e62eb6f17d80e0864c56a9c8ccafbc28246e9ce1fdb248e8d071d76764bcaf0243397d0f0a62b4d09a

                                                                                    Download Submit

                                                                                  • memory/4124-398-0x0000000000400000-0x0000000000464000-memory.dmp

                                                                                    Filesize

                                                                                    400KB

                                                                                    Download

                                                                                  • memory/4124-397-0x0000000000400000-0x0000000000464000-memory.dmp

                                                                                    Filesize

                                                                                    400KB

                                                                                    Download

                                                                                  • memory/4124-438-0x0000000002CD0000-0x0000000002CD6000-memory.dmp

                                                                                    Filesize

                                                                                    24KB

                                                                                    Download

                                                                                  • memory/4124-439-0x0000000002CD0000-0x0000000002CD6000-memory.dmp

                                                                                    Filesize

                                                                                    24KB

                                                                                    Download

                                                                                  • memory/4124-437-0x0000000000400000-0x0000000000464000-memory.dmp

                                                                                    Filesize

                                                                                    400KB

                                                                                    Download