Analysis

  • max time kernel
    195s
  • max time network
    199s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240319-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240319-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/04/2024, 09:54

General

  • Target

    https://www.mediafire.com/file/lqlncwwnvq7n1rq/WaveTrial.rar/file

Malware Config

Signatures

  • Identifies VirtualBox via ACPI registry values (likely anti-VM) 2 TTPs 1 IoCs
  • Downloads MZ/PE file
  • Checks BIOS information in registry 2 TTPs 2 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Executes dropped EXE 4 IoCs
  • Loads dropped DLL 5 IoCs
  • Themida packer 6 IoCs

    Detects Themida, an advanced Windows software protection system.

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 61 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 32 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.mediafire.com/file/lqlncwwnvq7n1rq/WaveTrial.rar/file
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2408
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8e4d39758,0x7ff8e4d39768,0x7ff8e4d39778
      2⤵
        PID:4000
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1760 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:2
        2⤵
          PID:3528
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
          2⤵
            PID:648
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2248 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
            2⤵
              PID:4852
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3020 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
              2⤵
                PID:5036
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3028 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                2⤵
                  PID:1204
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4944 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                  2⤵
                    PID:2360
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5728 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                    2⤵
                      PID:5512
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5900 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
                      2⤵
                        PID:5552
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5388 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
                        2⤵
                          PID:5728
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5356 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                          2⤵
                            PID:5796
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5220 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                            2⤵
                              PID:5956
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=6080 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                              2⤵
                                PID:6032
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=6688 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                2⤵
                                  PID:464
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=6476 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                  2⤵
                                    PID:4364
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=7160 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                    2⤵
                                      PID:3920
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=7004 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                      2⤵
                                        PID:5204
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=7296 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                        2⤵
                                          PID:6176
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=7488 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                          2⤵
                                            PID:6252
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=7652 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                            2⤵
                                              PID:6332
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=7740 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                              2⤵
                                                PID:6420
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=7752 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                2⤵
                                                  PID:6428
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=7908 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                  2⤵
                                                    PID:6556
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=8528 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                    2⤵
                                                      PID:7028
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=8800 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                      2⤵
                                                        PID:3160
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=8984 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                        2⤵
                                                          PID:6864
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=9084 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                          2⤵
                                                            PID:6972
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=8716 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                            2⤵
                                                              PID:6716
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=8816 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                              2⤵
                                                                PID:6692
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=8384 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                2⤵
                                                                  PID:6724
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=9356 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                  2⤵
                                                                    PID:1592
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=9364 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                    2⤵
                                                                      PID:6776
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=9520 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                      2⤵
                                                                        PID:6784
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=9536 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                        2⤵
                                                                          PID:6804
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=9552 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                          2⤵
                                                                            PID:5548
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=10076 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                            2⤵
                                                                              PID:5568
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=10216 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                              2⤵
                                                                                PID:5652
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=10364 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                2⤵
                                                                                  PID:5636
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=10516 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                  2⤵
                                                                                    PID:5640
                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=10660 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                    2⤵
                                                                                      PID:6768
                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=10796 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                      2⤵
                                                                                        PID:6812
                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=10816 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                        2⤵
                                                                                          PID:6820
                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=11084 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                          2⤵
                                                                                            PID:7256
                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=11216 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                            2⤵
                                                                                              PID:7264
                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=9964 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                              2⤵
                                                                                                PID:8412
                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=11932 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                2⤵
                                                                                                  PID:8500
                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=11964 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                  2⤵
                                                                                                    PID:8508
                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=11980 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                    2⤵
                                                                                                      PID:8516
                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=11988 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                      2⤵
                                                                                                        PID:8524
                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=12004 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                        2⤵
                                                                                                          PID:8532
                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=12536 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                          2⤵
                                                                                                            PID:9132
                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=12236 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                            2⤵
                                                                                                              PID:8308
                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=9328 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                              2⤵
                                                                                                                PID:8468
                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=12256 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                                2⤵
                                                                                                                  PID:8608
                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=12892 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                                  2⤵
                                                                                                                    PID:8300
                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=12896 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                                    2⤵
                                                                                                                      PID:9300
                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=13000 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                                      2⤵
                                                                                                                        PID:9368
                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=13308 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                                        2⤵
                                                                                                                          PID:9400
                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=6276 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                                          2⤵
                                                                                                                            PID:9624
                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=13572 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
                                                                                                                            2⤵
                                                                                                                              PID:9748
                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=13560 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
                                                                                                                              2⤵
                                                                                                                                PID:9756
                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=6440 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                                                2⤵
                                                                                                                                  PID:5780
                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=9524 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                                                  2⤵
                                                                                                                                    PID:9992
                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=1684 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                                                    2⤵
                                                                                                                                      PID:4900
                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=7540 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                                                      2⤵
                                                                                                                                        PID:7856
                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5104 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
                                                                                                                                        2⤵
                                                                                                                                          PID:8196
                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7588 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
                                                                                                                                          2⤵
                                                                                                                                            PID:8348
                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=10408 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                                                            2⤵
                                                                                                                                              PID:9052
                                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=8276 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                                                              2⤵
                                                                                                                                                PID:9236
                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3712 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
                                                                                                                                                2⤵
                                                                                                                                                  PID:6364
                                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7212 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
                                                                                                                                                  2⤵
                                                                                                                                                    PID:6384
                                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8280 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
                                                                                                                                                    2⤵
                                                                                                                                                      PID:3788
                                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=12176 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
                                                                                                                                                      2⤵
                                                                                                                                                        PID:5160
                                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10400 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
                                                                                                                                                        2⤵
                                                                                                                                                          PID:5888
                                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12280 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
                                                                                                                                                          2⤵
                                                                                                                                                            PID:4304
                                                                                                                                                          • C:\Users\Admin\Downloads\winrar-x64-700.exe
                                                                                                                                                            "C:\Users\Admin\Downloads\winrar-x64-700.exe"
                                                                                                                                                            2⤵
                                                                                                                                                            • Executes dropped EXE
                                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                                            PID:5732
                                                                                                                                                          • C:\Users\Admin\Downloads\winrar-x64-700.exe
                                                                                                                                                            "C:\Users\Admin\Downloads\winrar-x64-700.exe"
                                                                                                                                                            2⤵
                                                                                                                                                            • Executes dropped EXE
                                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                                            PID:7524
                                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3820 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:2
                                                                                                                                                            2⤵
                                                                                                                                                            • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                            PID:6620
                                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=12028 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                                                                            2⤵
                                                                                                                                                              PID:10148
                                                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3820 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
                                                                                                                                                              2⤵
                                                                                                                                                                PID:4056
                                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=4736 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:1
                                                                                                                                                                2⤵
                                                                                                                                                                  PID:2240
                                                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12164 --field-trial-handle=1872,i,10793316083122429709,12912692401641952713,131072 /prefetch:8
                                                                                                                                                                  2⤵
                                                                                                                                                                    PID:10212
                                                                                                                                                                • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                                                                                                                                  1⤵
                                                                                                                                                                    PID:3932
                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3172 --field-trial-handle=2232,i,3915538061666887171,15629965885515244134,262144 --variations-seed-version /prefetch:8
                                                                                                                                                                    1⤵
                                                                                                                                                                      PID:10192
                                                                                                                                                                    • C:\Windows\system32\werfault.exe
                                                                                                                                                                      werfault.exe /h /shared Global\b3aba66128c54e7db9c71d6203602af8 /t 10080 /p 5732
                                                                                                                                                                      1⤵
                                                                                                                                                                        PID:4944
                                                                                                                                                                      • C:\Windows\system32\werfault.exe
                                                                                                                                                                        werfault.exe /h /shared Global\17d745c25ef44cfd9916e7ede42f1d01 /t 7516 /p 7524
                                                                                                                                                                        1⤵
                                                                                                                                                                          PID:6880
                                                                                                                                                                        • C:\Windows\System32\rundll32.exe
                                                                                                                                                                          C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                                                                                                          1⤵
                                                                                                                                                                            PID:7364
                                                                                                                                                                          • C:\Program Files\7-Zip\7zG.exe
                                                                                                                                                                            "C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\WaveTrial\" -spe -an -ai#7zMap3775:80:7zEvent24585
                                                                                                                                                                            1⤵
                                                                                                                                                                              PID:8608
                                                                                                                                                                            • C:\Users\Admin\Downloads\WaveTrial\Wave.exe
                                                                                                                                                                              "C:\Users\Admin\Downloads\WaveTrial\Wave.exe"
                                                                                                                                                                              1⤵
                                                                                                                                                                              • Executes dropped EXE
                                                                                                                                                                              • Loads dropped DLL
                                                                                                                                                                              • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                              PID:9224
                                                                                                                                                                            • C:\Users\Admin\Downloads\WaveTrial\Injector.exe
                                                                                                                                                                              "C:\Users\Admin\Downloads\WaveTrial\Injector.exe"
                                                                                                                                                                              1⤵
                                                                                                                                                                              • Identifies VirtualBox via ACPI registry values (likely anti-VM)
                                                                                                                                                                              • Checks BIOS information in registry
                                                                                                                                                                              • Executes dropped EXE
                                                                                                                                                                              • Checks whether UAC is enabled
                                                                                                                                                                              • Suspicious use of NtSetInformationThreadHideFromDebugger
                                                                                                                                                                              PID:9492

                                                                                                                                                                            Network

                                                                                                                                                                                  MITRE ATT&CK Enterprise v15

                                                                                                                                                                                  Replay Monitor

                                                                                                                                                                                  Loading Replay Monitor...

                                                                                                                                                                                  Downloads

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    40B

                                                                                                                                                                                    MD5

                                                                                                                                                                                    4a0b907083f8afcc81fd894fb6c45d01

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    7161d696223d3373ccce860cf81249d7f738a02f

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    87b0af1a5d48c9852603c2cd73097e27beb903aca92354231262ceba0e276e4c

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    9a917882b29ac03f6af556b1c4cfb99b5e8260a4bf9a179b91cb1a1ddf47c1cd5543b8d7f008d955320e567dd4fc0236e187717d4bda748289700b3fe920aca4

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000043

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    19KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    d426c43c6cc7a7743d76db59c58610b8

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    a7c12e4dd37ff6845d6dd4a44186ec2a0a9f3c7c

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    c4b8cdbb769d3093115c63894cb191f91fd40cfae265a140ea300e09578081c8

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    8fc77be70db2bcb89172fd5251367534eacfbaba60313c551a1837ca57a0ab3d4ca15ac9e6cb48dd9fd1c31b7084a92eb2c301f30e9857e21b5b64bac72415b7

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000047

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    38KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    2b7ec9fe5044c75348bc52964bf50b78

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    039e784c53ba423877c5c845ffb044abbf4c110e

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    71c9403962b1f930169325d2c812125a0088d2a695609486bb6f31185e84ff97

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    92cb64599e198177093bda32e1c962fdccaa049d9875292b97c6b014d0d0afde750dcef27151751dda3f8639df41bed611bce7816c04d4e581b17b132d169016

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000052

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    20KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    b4ecf05fe49c7d270978fd43997bee50

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    14e60bc37d6af6907cfa60553ccab5a63d2e5a34

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    0b06ca55c1eb4674bf666bee6cd0193d8e72d3ed8535b7b5df6160e0391d84fc

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    dbf781ba95ba296226eb9e31afac76017ba8dcdb3ebe7571e54256849512673414aeca5e2aff4e4e77baa640f7f52b507187b4290a15e46373dd948cfd3fe877

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5620c17dc9022255_0

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    53KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    e10928311969de5eceb9d2c6ad0e2133

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    765751a5b8772bcb40488dacbf41f73cdf65e65a

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    91e3b9d5448c0059aecc8cf287d89894b86cbac2cab17a9f6771601c50a8458a

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    20ce1a77612a8a29f5585d288f84a2573aed796b4dae6fa2daf1a2137c44a7666c9ba604bed02da9ca1f6c36f5f0986d8406d6fa4f8f60bb25bbdd6848cb814d

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7ece01b0cb477166_0

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    290B

                                                                                                                                                                                    MD5

                                                                                                                                                                                    85d9bcbc38bcfcc713c6e6b0321a3124

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    710813e83550ced54c5edcd3fde6e7279fc33ced

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    b66fd44b01c66fcef76c608b596d979605895ef3f4ea182476fa5496dc23cab4

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    d7ff6eb76a2daac32a0b6268a2af4810007c16f36772ebf7d8afe4b7461e2e051428d5e1ad99899b303d60398b1416a73523c354fb6a3c7d5a9abd16259d5098

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b279c33e7361bde5_0

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    33KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    e1af221f8adbda6c9f3ace0f9b072949

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    ca7fcb793759f4702554a3608b5a0dd5eb3abc73

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    7eb65227549ab9bc90cbbe5c4a808914c550b7299012162cf96ef6b3b340e0fd

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    40fabf5c61effc39263035c6fe02cfb12909f088cb334a3dfe61d831708c8eb8962a4fdfd94a14b83d7f826c0558f981e878aa99bc0ca7066b16ab06c345fad5

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cb45fc9a639f0741_0

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    303B

                                                                                                                                                                                    MD5

                                                                                                                                                                                    181e050eefa07e99cf0c49047542d592

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    550b6654b4d26670f3924c8dba5313cd43776310

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    b0da1f8613de30ea6b08cbaa1a613cee8e2f69d9a66a945c0336a2400c79b96d

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    a9b344b624eb722ce9908f82f6084d0c2c623fe828d7054d152fb109eacdbb512d9736abc55dee0132bb4d7be2037aca4bb546e1c66e1aec5a3e5e4835137292

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    3KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    5d6066df02135786b5d2e58d7c8e5634

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    568bc999b75f81dc9ffc49c240c72e62a87e5b1f

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    bf07a369cd254f540ca67b3dce9f482d34709846c0caa6dc8ce9c14c97dd2cc9

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    413ffce590d00fd0dee36f33f374a436f8fbc5f13d4f04fd277b62a9adaf9c71bd36476431cf24430aae2863b888effeec56bfa96cabad7f1bf695657415462c

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    3KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    48a7da1515f5dc454e5e84bf649e8c6a

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    8568367410482e033d09640c50d68b2cab59eb8f

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    53202fbb6c70cce069da91e13f39f853955938be27caec36a503747cef0b7811

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    78fe533db68c12daf455e2ef8004c9008da80af73b601da945c1087eee481eb8588ed3d873e3431b31abe7f77384a80fe4819ebb7cd90223de2a08617e302d1e

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    24KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    2209c90cb566526f1f24d9746d8234f2

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    a3262e1d0b977890f8c7f0090f7cbac305d45592

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    5e7c1f5f12afacce3a7d72cbbbb4675f378e9c678a2b8c1c07ae99a798e28e69

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    709d8932b3f583e922c8eadf624e5a3df622fcc6adaa1bf521b0b1b367f6af50c9140802c4a9f80f373631c6309e7339aa5f6b50240a7a9d717e9da3a7f02a57

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    8KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    74c269949986f281830e8007e28bf80a

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    266536c082e4bf4696bcba50547e0bce9f45547c

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    f6a5f3e899aa0af638da49c232af82faf0406e1b16640b8b46b263018120f24d

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    79f6d26b868ea2ae81b5699e333a42fc7742cb061ab5fba1ba5baccca19b7389a5f776537ec67c8f9bae380e9d41128b133c6de5fd41940eb4710a6694969e50

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    1KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    2af01e1a2f9d1fab5ad6a35fa67e0603

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    12d4bf820f14e76c886dad2f2e8037cd575078b0

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    c044c94ccbb7ebfcd6561a8a89125fca719f57055f7c607cd710a2abbad85357

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    e1d145fbe62b1d16f80035e89bb381aded676779201d7c635d27bae316eedc284554cf02271165a6d71e70e72fee41954d0616058cac135577b2054052fcd26a

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    4KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    a1731278fc58cadaf6002b9630a9e3b7

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    d7c1a88d1691c052a86fa157cd15e7c4bdc08069

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    d290f49c1fd35d9ef76d572bf1aec9759385f76613fc9781dcdb42b20656ec07

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    f4b3bb999be3bdc536e263416b700b5d6736cbdda2ef495769cbc4c7ae4edbe2e4e220f8ce5bc5f629cb41b17acde39d16e4770c2c7a6eba79b541533243fe0f

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    6KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    d36c0c6145f45dd0774fecf2ddcb602d

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    d549d7e6d3a906eecdc4774e849ac39da700e55b

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    bbf57fe9360869acc1227cc3986fe79051ec2919afdeb3b3cef2f9f777c970f0

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    f4a63b97f780396375ba2d86e9c6c62fe6255a47a3765612b4f8d89b2fa732895771504820ffbd39f4f12e9cd0d69f55dc3c43c0aab0c09d4f265c68d6ea740f

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    7KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    5bd2811b97e14454a27077eff8f10fe6

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    7043151ecbd8bc51acec1b2f8f1d4a1d1ff50c45

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    f9ab12cf488c10c114824ec116f05b5811a408b146136920c9efa50ccd6c5225

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    3e4465617fed54fc9076ee7a4098c29c67965082769267a11d00d0f729cbadea9d468829a83910a00f278583728127a430ac0c51ddbbcfc8863c7ffe680e92fe

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    7KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    7edf409f5b48822fbe160fa7a25ddf35

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    780d4919dd4f645a338c788c3c4176a976b97407

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    9e0e5cff0a6c84b5609adf5c3c6697bc1939613eed440855440cda8a3b0d92b3

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    7a63f9ef28aae31a7b6a693d99c6c2ff991dfd4b4daed8b36c01ae4a32b9425af609bd2b6da6adb013b3617568052a5419ca66d721f4aa775a01794ac7fbb0c8

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\a3546c9a-c6f4-43df-afdd-cff0688665c9.tmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    22KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    2107ff206ed97eb41d0f1838f8de06cd

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    cc7c3a73adfdc6a706c094f6f4f2770fd05f2483

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    fb5d0f0a3a2c642f9f6e9e569b9afe06193af90781c4801d62b965a26c917714

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    d9720cc08010a6091a0834a43ac0e171b7159cd537ce9e57ed43da2b4d4f495a4fa731a458c961924617faa623bf35db19d4a38c6168eedeb190bc4959d9b44e

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    6KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    8c33a58ea5ee4aab707e3e943717c5ba

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    6dd180e5b2d94cdcebbba22fe310661c45a31f03

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    1a2be05a55e89e7d0029b19ebcc636f200f8a5befee5823d76ffcc015f31a87d

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    3299e524d34e5a70ed69a8f24ab4ddb4183f5d358ba93ba6dbe359b0bbd8ac25094c9942b67c8109fef95e170fb625321e9447cb3fb3d22e973ace3ef6ecd101

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    7KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    8b007138ac1deded040f72d89842ffab

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    8a0b142785345e2c5873a779c466859675c1fcf0

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    b76c1ab718169b4a9c2a7ac936f82c9e12a2c34ef697b0193fd01964bfccf548

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    3a1c4bb2578bdd96458772b512e2ca8feabafb7d35aabf5a48cc55567842f5725d2b70a1005721a62372732a63d6bd41af3550f1b9cca0aae8f5ab242b8e1835

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    8KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    3fe6c02e3230ed8f92efbbd911166e58

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    7d94d7a31b4cf097a2cf3ac1d41fb49c6b795613

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    a3c92d8d2d83ac5ceb82b35020bced0c815767ee3a2824aaaf309f4648199b27

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    b4982cfd274292c7ff2ac59a65eb0dc5327db1c0f9639d4671fad26d2f6a84a6152bbe8becc9d71a150c3650233bbfaaf88b5f200c624c60a897c264c863e515

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    8KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    6740628ed060cc5a5bb3246b8b6c681e

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    a2dbebe10d0252838ffb5050fc31a4b030a422da

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    608a01bb02664741aff6e8222231c9a58b14ed03445d2eb2beafe2e57e5ab3fc

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    8dbdc3ab8d4ab71864196422bf2f3eedbecbb3567e2b678373db60badb14da0be45e533079d72919d4637d03212e96b89fc4d499e77fdf6b82482e272fb22f79

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    8KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    ccdf31d203fbb76be7a369d75c88c026

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    e0de5d0dc16f653030199f71030add475986b10d

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    627c63fde220003a1bf78a56b41f0045a2762ee1e333e4741fd25ce7e149bf6b

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    8abf8afc218a0e3f5793c8312f701d29d5c9b3d888992403703bd0c4564a932b44dc9c8821e95add41e4f4a74448a3d3c7bf3aa9f292722da6e27a43bbfced94

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    8KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    16dcbb02571dae0fcd7563d80304000f

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    fdd77c0c93f9d3d23898143f13fc121c123ba0dc

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    e2c52852e245df13b138e9ad2b25e2e9f6b4588fc85ec956a380aaa3914f2a72

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    59864cd4195185ad952d08b5eb1f3d715f6ecd43b15ec966377865d49d16dc15466614e4fc561c7a31332553ae65939ef1c96183780199e0dbb736ee0cb93021

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    136KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    7589655fdfd51a717a884ee8c8107f27

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    8289e643e04799c4033831348c362152fb69b781

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    28e2dc86bcbb5f06558592504617c3265a16b5aff5c30baae3e119b781333fde

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    56ab4f0f89624979cdb0c3886a58f1fe21a07706e3479d2386c68797d61275cb0a94ca7a5fd0e57d850d2721ce4db60e9e1aa30a03714a1ede028e238734cf5f

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    136KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    ed32df3f8c634d5ad5a946aaa7a0a437

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    e5041cfb6054c5b7985d960bc32d755be51c6f75

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    17245105a3dce28ee6ee3e23bdc7d82ef67fb5a995e325b234345bc2e95a28c4

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    3e70e19c44cdf6bc24b6e4108a989a715fd9bd386dbd30ae3bcbfa05558ec7ad6b98bdd65dc752ac91772455c5afafd391ceb32669c97f9dcbb2f14cd9c50136

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    136KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    261e08e21be9d2ce961b2dd118ccfd19

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    d6613235f4cf9a99108a088da2067c398912b048

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    622427a2fa4d59f924844856d84f388a58bc1eb6be1407044c701f27f4151774

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    1d36cbc8297154a7631ed274018ea982712878e1fd82ac0f49d4d57bb6a9c1feea6b74e931cce0562009f2edcdfc6535fb6bae55428c4d1f9922f9a95f99d56c

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    136KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    2405a3120fbe93809eccd03fd9d76700

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    328ad6643341abf624f327be268b38b966f67927

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    4228bfb10c97c8c7768a7e6ad22457e3d5ff5be36b1be3654983bc7948ab6bb8

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    8db7a9a5b00748c162fe496182258ea68f7c9b53b545dc14267cee240371988d1a88f9904737317f7a31c80ba2b9a844187c2aff8d503093d90798b132360089

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    136KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    b3a883d07ace8091e8d5749d0fb29887

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    704809f8e51bf9ebc0cd50eabd1dafab987f2579

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    5c6c2b9f453787feb79cbc9ae16198382a4510bb166a09b5e5e3777f1e55590c

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    f49db9c86d30900aa97af43e00bd840896809bda4be16cb6c5d842d1cb6f58185408ce15a45068774e30fe6c6de1b93e7450c9a709a746c2baf53ffd6c191a2a

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    155KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    19ef1389486dae17d75560ab6207dd6a

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    c050f5e4ceedcafea9be3c32a250b46218114a5f

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    56a319125534d17521c520806a55d546b85c5acfa0496b53eee1189a1d5026fe

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    edfd35866c246802273926eea0a20cc11b960b636dc70400974e74b109940386715a5da2af7ea9e755dfd0e840a122ab011222d9758690be34a212ac3b5ef746

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    118KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    27e16e9e5b1f5847d3d97940db8fcf96

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    428009b727fadd38c3e43f71d6d4252ad3fa3042

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    83571adff0f43c0c2f529b009090ead1d9e716aed6e749c911f8eeb64a72cf2a

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    1efe3166b9daeafa9cb19522ca47e3ea95cd367af923ef95452a4c1de7390ba36f042c67f9216541d2722dd2bb9fdbd9d161e198155ae83aae1093f10af64990

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    117KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    6075dc7a93fadfa23713a025e82aead0

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    6883e5264f594325dd691eb2645da6feec8e1134

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    b8880efede64653449a000e5f9dd7d64d340aa89cbf6325ab5e34d1b7005b25e

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    19fdf73736f32e0d09ab563451a187c5b623d26dd3b06bd592c97f01ab8035fdf74feded57b762e8ceead7699c7946bf42254bc56e30134272c46f686191ffb4

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe59238c.TMP

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    110KB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    56558b7a6f89d0e1ddda71b211912eef

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    ff3da313a70fe22d5c6d33b334f6375a1288e0b7

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    2c28fb92c99901918d1bea7868c21a67e45279fa0e5f959fb9f98a87e32e05c2

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    eaac1818e587f649a6d0be214df4b37848edfaddad20ab8fb78b3ed52d266e78b4c075bf1d434a01c632f1de893d43174f54e633818ae6a1f0a829f6082bdb3f

                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    2B

                                                                                                                                                                                    MD5

                                                                                                                                                                                    99914b932bd37a50b983c5e7c90ae93b

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                                                                                                                                  • C:\Users\Admin\Downloads\WaveTrial\dist\client\assets\index-daab.js

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    3.4MB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    a19bf5e804004e0397a4547f9a8568fe

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    daad35851be0986f1a99f5563976309c2f7fc800

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    66909b895c0b86eb1edaf95c0d728939a4986f01bf5112023bf52a6afc021155

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    2e98dedf48e2f16543ef28cdfad832f77a6250f6e71cadd2245e58aa4872a91934f390ad8552a1c59b035ead123904b95c31a1fb3d7ba3dbf49968b018755c5a

                                                                                                                                                                                  • C:\Users\Admin\Downloads\winrar-x64-700.exe

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    3.8MB

                                                                                                                                                                                    MD5

                                                                                                                                                                                    48deabfacb5c8e88b81c7165ed4e3b0b

                                                                                                                                                                                    SHA1

                                                                                                                                                                                    de3dab0e9258f9ff3c93ab6738818c6ec399e6a4

                                                                                                                                                                                    SHA256

                                                                                                                                                                                    ff309d1430fc97fccaa9cb82ddf3d23ce9afdf62dcf8c69512de40820df15e24

                                                                                                                                                                                    SHA512

                                                                                                                                                                                    d1d30f6267349bb23334f72376fe3384ac14d202bc8e12c16773231f5f4a3f02b76563f05b11d89d5ef6c05d4acaacc79f72f1d617ee6d1b6eddab2b866426af

                                                                                                                                                                                  • memory/9224-1554-0x00007FF8CFB40000-0x00007FF8D0601000-memory.dmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    10.8MB

                                                                                                                                                                                  • memory/9224-1546-0x00007FF8CFB40000-0x00007FF8D0601000-memory.dmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    10.8MB

                                                                                                                                                                                  • memory/9224-1547-0x000001F4DCE10000-0x000001F4DCE20000-memory.dmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    64KB

                                                                                                                                                                                  • memory/9224-1548-0x000001F4C2CB0000-0x000001F4C2CD4000-memory.dmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    144KB

                                                                                                                                                                                  • memory/9224-1549-0x000001F4DD060000-0x000001F4DD146000-memory.dmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    920KB

                                                                                                                                                                                  • memory/9224-1550-0x000001F4DD150000-0x000001F4DD311000-memory.dmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    1.8MB

                                                                                                                                                                                  • memory/9224-1545-0x000001F4C2170000-0x000001F4C2878000-memory.dmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    7.0MB

                                                                                                                                                                                  • memory/9492-1564-0x00007FF6711A0000-0x00007FF671B00000-memory.dmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    9.4MB

                                                                                                                                                                                  • memory/9492-1565-0x00007FF8F3AB0000-0x00007FF8F3CA5000-memory.dmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    2.0MB

                                                                                                                                                                                  • memory/9492-1566-0x00007FF6711A0000-0x00007FF671B00000-memory.dmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    9.4MB

                                                                                                                                                                                  • memory/9492-1567-0x00007FF6711A0000-0x00007FF671B00000-memory.dmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    9.4MB

                                                                                                                                                                                  • memory/9492-1568-0x00007FF6711A0000-0x00007FF671B00000-memory.dmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    9.4MB

                                                                                                                                                                                  • memory/9492-1569-0x00007FF6711A0000-0x00007FF671B00000-memory.dmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    9.4MB

                                                                                                                                                                                  • memory/9492-1570-0x00007FF6711A0000-0x00007FF671B00000-memory.dmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    9.4MB

                                                                                                                                                                                  • memory/9492-1571-0x00007FF8F3AB0000-0x00007FF8F3CA5000-memory.dmp

                                                                                                                                                                                    Filesize

                                                                                                                                                                                    2.0MB