hxxps://www[.]mediafire[.]com/file/lqlncwwnvq7n1rq/WaveTrial[.]rar/file

Analysis

max time kernel
2700s
max time network
2650s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
10/04/2024, 07:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.mediafire.com/file/lqlncwwnvq7n1rq/WaveTrial.rar/file

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
6480	Wave.exe

Loads dropped DLL 5 IoCs

pid	Process
6480	Wave.exe
6480	Wave.exe
6480	Wave.exe
6480	Wave.exe
6480	Wave.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133572063737663274"	chrome.exe

Modifies registry class 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	7zFM.exe
Key created	\REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	7zFM.exe

Suspicious behavior: EnumeratesProcesses 5 IoCs

pid	Process
3248	chrome.exe
3248	chrome.exe
4080	chrome.exe
4080	chrome.exe
6480	Wave.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
6940	7zFM.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 61 IoCs

pid	Process
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe
Token: SeShutdownPrivilege	3248	chrome.exe
Token: SeCreatePagefilePrivilege	3248	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe
3248	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3248 wrote to memory of 4260	3248	chrome.exe	94
PID 3248 wrote to memory of 4260	3248	chrome.exe	94
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 892	3248	chrome.exe	96
PID 3248 wrote to memory of 4176	3248	chrome.exe	97
PID 3248 wrote to memory of 4176	3248	chrome.exe	97
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98
PID 3248 wrote to memory of 4252	3248	chrome.exe	98

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.mediafire.com/file/lqlncwwnvq7n1rq/WaveTrial.rar/file
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce9709758,0x7ffce9709768,0x7ffce9709778
  2⤵
  PID:4260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1808 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:2
  2⤵
  PID:892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:8
  2⤵
  PID:4176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2208 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:8
  2⤵
  PID:4252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2976 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3016 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:1112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=5272 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:4016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4772 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:1388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5420 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:1696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5584 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:5656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=6200 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:5700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3024 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:1864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=6392 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:5144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=6396 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:3084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5368 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:5304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6536 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:5312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6868 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:5308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6876 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:5320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=7044 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:5336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=7204 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:2976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=7336 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:3956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=7340 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:4292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=8000 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=8024 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=8352 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=8604 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8752 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:8
  2⤵
  PID:6672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8572 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:8
  2⤵
  PID:6800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=9020 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=9292 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:7052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=9932 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=10084 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=10380 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=10524 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=10580 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=10596 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=10612 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=10856 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=11244 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:7136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=11288 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:2552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=11400 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:7148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=11692 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:7152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=11824 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=11864 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:5380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=11892 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:5988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=12108 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=12296 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=12808 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:7280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=12840 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:7288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=12848 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:7296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=13076 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:7304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=13372 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:7312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=13376 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:7320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=14748 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:8
  2⤵
  PID:8672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9612 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:8
  2⤵
  PID:8776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=14616 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:8792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=976 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:9016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=14608 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:9096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=748 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:8988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=8360 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=11248 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:7808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=11456 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:8688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=9064 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:8720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=4528 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=2324 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:6500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6856 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:8
  2⤵
  PID:7280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=9944 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=212 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:7748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=6888 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:8168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=4604 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:7040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=3568 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:1
  2⤵
  PID:7032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=13176 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:8
  2⤵
  PID:1704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7964 --field-trial-handle=1716,i,6012493465200697787,10134073035191525715,131072 /prefetch:8
  2⤵
  PID:7852
- C:\Program Files\7-Zip\7zFM.exe
  "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\WaveTrial.rar"
  2⤵
  - Modifies registry class
  - Suspicious behavior: GetForegroundWindowSpam
  PID:6940

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3084

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1028 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:8
1⤵
PID:8220

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=2360 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:8
1⤵
PID:8992

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2320

C:\Users\Admin\Downloads\WaveTrial\Wave.exe
"C:\Users\Admin\Downloads\WaveTrial\Wave.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
PID:6480

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
1⤵
PID:4452

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
1⤵
PID:5028

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
85cfc13b6779a099d53221876df3b9e0

SHA1
08becf601c986c2e9f979f9143bbbcb7b48540ed

SHA256
bd34434d117b9572216229cb2ab703b5e98d588f5f6dfe072188bd3d6b3022f3

SHA512
b248162930702450893a112987e96ea70569ac35e14ef5eb6973238e426428272d1c930ce30552f19dd2d8d7754dc1f7f667ecd18f2c857b165b7873f4c03a48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000035

Filesize
54KB

MD5
bcd140792a4934762c6034da0680b73d

SHA1
ea77262e2b72fda3409ee848f7fb6e24fa66cdda

SHA256
9308d28bfcf063742f96461076daae95c2b44b71b8ca7a13658ed3d562f9a68c

SHA512
b112b8975c17c0d49da6a48af80a066e478814a81ba72925be7b136e0ae27cf74962e8d4252d6d6cb79ae53569c4947830e4e599c78151516f247e553f08fce5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036

Filesize
28KB

MD5
a69ba5fb68ab609d80c17365000b58f0

SHA1
e71bd892f128aeedffdd9671bc765458a4a023ba

SHA256
2bcfff5006b95192b71075f6512b65b2203a31755fe0bb47226c77d328e83822

SHA512
df0eb52c9383736e855adbdacf4b8690087800714f5248549d5fbe822086df42fb5274eca20705a005469fb822faff2a69beff6edeb3383e2f6f4f2d09fd84ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b

Filesize
19KB

MD5
9d43bb045f7444664c73333b4fc58220

SHA1
bdcf0fc36256f6893fc367dac9e4e439a78cd370

SHA256
f9034ce9158cc96e9733081513717b58b14f843d82bc6b06e89e8e421f68f7da

SHA512
fd886e47eb0ba8401db2f8a8fca40a3d046922e6825f200f6cbebed7f8a79d09f8f8f65cbb9a3e8d2eb7e36470bac0f8c185898084cecdde59b4997ac1ac41af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
cbe3059e5253d4053e3dac04d636ab84

SHA1
6417b1cfa3a4f08a822752ff91f1fdc6a38bffcc

SHA256
e68c8f37ef2e1a1f55811386de8d550a5c039bc1c5c396c37a1d385f94654a6c

SHA512
c6849060e2cb79bff9e4ca7d076264b92d210b56be0b15a918034dd6d38fa9af89e17c6a4a2307e08eff399dc4834ff2dec2eb29c247c1d957ae0d5150443856

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
ffccf5e6b23044593fed13d7a0d95162

SHA1
fcdcc35e409b754ffc243e4d3e5739125b487255

SHA256
d5a9bb3fbd4bdc9c3e66d1cae7cb9045392921bb5f204b2df9056b34cebee1f1

SHA512
3c1f3a7d0eb0932d83db9218de6962fdb71ab52f7b702b12b26930bfcdd913eca6668240ea06935681a99f440e07fa2b1f4fa2cb1f6b1aba99647749a4f2b71c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
17KB

MD5
422473ffbb209c49a761bd9e06efe3b4

SHA1
e60c777f48bb4f6da09f0715855909f8b2dfda54

SHA256
7759c73e27fa23a095fbfacdbcb0b4fd046523be80c834fe3c9a1520c7ca50db

SHA512
2cabfc6081949da262564470ce05c0226777afcdc56fdcb4ffa2b764e1d03fb5dffe8ccdb9ddd05a7c513a2f7eea3330f987b39e52c1b7280ec42e20d52eebfb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
22KB

MD5
14e01aadf3ca3de307d91d8d31638387

SHA1
1752c84e7e1ba4e7073bfc1d5e8b71517ef94e45

SHA256
d036940911c245158edf36df55e547045c003a5ab27eae7dade81e0c73c20834

SHA512
0cc6795d8af21c12ae6e8027c8f697f878e2985db55cfecc3c0651f68e73557e7fc6d0709506209954ef6bbcbc1ba20ea1c879ef85d4c33713a1fa59c8d2f5aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
22KB

MD5
6c47095897d201e32b0e22e56850c8e5

SHA1
087719f9997e68a8d0b782b5f162abc7a5b92da2

SHA256
658d1f26802d8983aeb44eb1d5f1224da7111d889ba2c5e71ff68eba2862bcb3

SHA512
a6dab8209d7320b6873e50e0b48bc524bca5d59e3c7f3645df5bb3cb10043310a7a7cd6bd04be3dbaeff78191accc46864bb87bad945a1d9bfd33370d9020fd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
22KB

MD5
599fd5c25fa64a1cd7981143dfd828f3

SHA1
62d8ebb7d85e395959aa3210657f64f01f12d5eb

SHA256
0b14c36344801cbdf76cfd85d21877a9d3a79a2c7481e641948650fe81f95157

SHA512
77471d133537888ddedfda2af67a5ef86cc9e5162274d6f9a880fd9e2ad3cc2da0e1baade42facf9500a94a45f08cae5ab2718fd3a9989f11e3f4cd272ac1dd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
22KB

MD5
6fb2e118a21eed4fd4b911a598bda65f

SHA1
c947662c9f3dbf1f7d9a10fb616b6b64ca30e286

SHA256
d2203f894dcaf46f558219cc1b3282806d479c465c3d3ff3184e086dacdf7c94

SHA512
920a98a28a9a78e1b3ed06aa8acd7ece2c62acb22a363fe78ff28118b6fa86fa9c8e194795bab76d7f9d4c8cba70e6644f507270b6d08d0a494e4b8dc978c28c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
5152c1314528a2d29228dadde00d80a2

SHA1
ea6c5dca202c08fe065562a973e3c4d72168e26a

SHA256
a0d16aeb353903d5e58909e7a794c5e60c44cf1b4dc072fc62834dabb088e6d7

SHA512
fe618bea7903826515927691600abd3e29f7bf8a42b258dd72d73574917c8d1c2a397592f2d56f806a5a99d6a0b7f2ba0145f1be4c7612d82bc813b50ded2bf8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
03c406c66a91583b4a0be8b2090384e4

SHA1
5c81acc3dcf12ccb3964e8ec1a744e241234af38

SHA256
ea6527a033377dc4ef8c6299182b0d9d7c033e1cb90743c65a004427a9b05d6c

SHA512
3312cda5422c44f9e2df3cd0d5fd39d64b349404b20d7453239b10f268dd06a191c41d23b813b15be87c035b6e1ff11a839498df77b62aa3f1e7296b99682352

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
eef53a0d98561f29cc8005688a97a264

SHA1
d80859000d6f554a285aaa7b10eb333d6363d425

SHA256
978e4d197e02b50978e9de32bfc9696b2766f4be1caa4b24e676e9ef4f733cf2

SHA512
fc47c3e8b32ec2816a795a98c2cc22acf15386bf2024f6d438455eb8c6c030b2fb669d2416702d25ce3b5d6400d104e5472026ab8cdf99d913c83bf728d2c1a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
d5445e34683f32f0b60d97188db9abd4

SHA1
e4e90ef6a2516e8ae7f33d287dc5035632faa146

SHA256
16083d98658afc0a613e36a07db3a27ed8e94ddfc5ec92a3e3d5e3ba99bc4463

SHA512
be1d949e51ddd51d1b92277ea6feecba1e077ea00f03ad1ce3a67cd21babc9ba534f5173f2e787158374556366018cfd214286dfebb86944ad1611c291efda00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
143fdccdf59b4bb4d64e2559cb88f4fa

SHA1
4f08a77b0339ec735b3573746a7e5a2be7a6c851

SHA256
cf2fbf197e29f0a5be27248ed0bbffe2fa76d5559d2a22202578cbd1922e7fca

SHA512
dc6cda1c353870b2c6e52ac56aa218e9bbb77142ad7226e12b71e574d43354ce8b62e161473290cdfa780591471206f5a6008ed747619b6cc45f43abd1d9ca62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
afe490248b760bd9c15cb135c2178ca2

SHA1
c5b8da056bc1d128ebe612542cc3c074aff1414a

SHA256
f6b479c503af994d9a2dd6bd0d008b982348e6c83589bfdd5b9859bc98e91b36

SHA512
41c5d80bf40bc3afbc9827cee7e5d27bed8f7b4b7ab30476296bc6210e0341e68a68539b60ee3e4969e565f9b9b245353ff7251851c82140f2d2e6db0eea9c4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
41a44637fa2ece7591cd6e100f863820

SHA1
d71d93e4719f6b5bb5c8d6e12ac2071931a4afcc

SHA256
64a0a9c4e24b0382cc631a0be2877c7d615122d0d18dada819ddbf0a2a8d71b2

SHA512
6ff9bf1b7ef727a4f4e172c5788285808ba21060d9f360d5b8df04589ceb8a589a5fac58662d7f588d86896cb09d6e6809972ca83b56067d351bc4daaef5b046

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
a9b243226aa790aab5b5c2b6bc5cd0d5

SHA1
c949f218d4230224cd97439e433ebf789397fcae

SHA256
1c93a4976f9ef0a2be24a86a35ffbc7c53118e7c420f386db3e7b0bf9550bdc6

SHA512
af37e8f498493f40c0e7c10e18980604d9515f37a2d9dad3302c884101afe886f93f181536ce53e94880bb8b534eadf406a07e795809a69d8e26d475f5733cad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
3637bc5a5e50b1b4c12578068f7338b0

SHA1
452317437309b1fe5ca9861bebb27608b5524492

SHA256
5f074239919933cf5e3f4d8688abec71246c7c79fc824295f7462bd831268b48

SHA512
8c2c130bee38965e99ad2cd3da13631622e64d5fc29d64c44badf26ca52914c89b0a1fa326a9086e0b406301ad12b8ec6977570617b13d121bfd46c6f7af53fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
d12fc012ae3154a3ac50c3f9349f8fad

SHA1
e3cfc6b731e3c1110690da83570263fc57b52676

SHA256
4a34b91e77b0f4d1cd7854ce610ad13025089810c7e838ffd79a68470984623e

SHA512
28d89edb44811e9db2802295f08b1c7f4cc34548acd557871f647ed2eaf3851ee4114cec554bed135c784a284121371e6e9e3bd4c17f90a4b103a5cb9d53d67a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
412a0f9fce44de671f91d31b29b33ba1

SHA1
ca6d92df57cefe893ebdb597a8a366f3b053f128

SHA256
797f641f478ee8f96a5e23c6a0f91b6ee2be33a0bc7e81422f4b38c7ae964105

SHA512
f133c1e9fcbb891ef8b192c31ab22fe3cb8a946c8aa58ea58c197c9a606cdf2df7142f26655f432610565bafd3bce9dd210f5b958e687f23a0c3c366ec3d03ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
da35766f9f41b45dd345d96882768d0f

SHA1
957709da6d2731bac3e832f91cf87ae25ec61b7f

SHA256
db72442869ecfb75192c3454d9537b0de4c6f19b5cddfc753472368611fc6fe0

SHA512
9f6e0810ad0bfcb9f98e8a92ae215fd74b500a4c51b6e28c9cc2a41976899e3bd7e6c4c03df31a66529f43beb06bd19bc9166e8d5f11f465c22b2a52326786a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
0251de8df223f18f0e436e9bd2ae6d36

SHA1
2b76aae93586dcf6371d108215512e1233df7492

SHA256
7a3899ee660d2b64660ab7ea1d5bcd0a226fce5e79dada875dd3e594e38d6d3d

SHA512
1542a65d08933ecebee0033c22f114585d26a63f60f9b0e0f22c293a3182d9000a63b968b489ab94f9cc46c29609f3f2566e3800bfe129619d4d86bafdfe3da8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
79b0e971006ea05a9139e2ab2852425a

SHA1
340b3c44f542a8a14966ad4632680e07a896fc4b

SHA256
e68e875b77a2a0b8e53b16410207176a29de658172dedde998bd4e533f27d2ba

SHA512
2a327e9613d7443f0500a750e4c469322ab91e1d1d0d6f66f5a273b78b639bf8e995b539146812c9b7e8b9f010f65b2166a76463356e7accafd025a7ea32d6d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
7dd707afcfb95fd98588bcbe42751881

SHA1
46d8914300d6e023a61e8185d8c4b6abac8b96ea

SHA256
7069410fafed67f0505258d92a39656e2c800bacd3af2b2e0b369d7423a23743

SHA512
c6540aa59573c3ecf6294e384ab3b367bc058abab377fa1579f1a4302395e287684eea0ff323d49111d256f284d77e18f5689c883c9ac1c1805dec3f9ef34807

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
37d8f42efa271261093e29915bbac23e

SHA1
578c8ba6a846b2b04c9e6f840d3363132e23a1bb

SHA256
7b75a27baa78009a3a91b7fa5f452a57375e688a027138bdd6a6095a76c40caf

SHA512
c42b935d16c3f7c4d090044f1ab74dfd4f4c7e071d1e618b73816192d914803452df674347d62c26e8e5377545140470a71688a55b0170628b02c4147706c96d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d14ef96a2868aa6d0d2dc0562f362611

SHA1
7f4bccbc0b32873ee9cf461b3d471eb6db3ec3a7

SHA256
cbb0fa511295c289c931186886d3c55418a36564deaa9f70d114aa98f5de892b

SHA512
e97e302249c9f0ee48abde3b8e39f284f6ce04ba9213c18c2d4b229d4a36f487e0b5e28e6a203084de2fa719aad83b6ddcfe16cd47150b4edb05af4807e8dc50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
000cdb2ab71897db7a7f92dec60f6bbe

SHA1
70dd6fa46ab9785673e8c94324c45eb606c7c6f7

SHA256
ab08446e6bf0b6d7a20162987d0a61c1c2f74a5731ad75b610bc45696484bf06

SHA512
1e64652940410463bbce444dee0170922340b71692c4e19e80372a1f90d614c16daae72974dfb6ad1896b9c5beb5c88411e367e15a872344d0320243273ff4b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
07a2e292a591a4dbd3d0f1e471877096

SHA1
6b9b82a0405c882980d69690539e8c65e4c66f57

SHA256
f7e032ecff16f7b66be17a10510f78fa47a327f10412600694538eb2c2f63867

SHA512
caaef812c3371c60354cc36c25c038a1db19b70d58c9a19a56947bcbb6d3fedc42ab10066569e52de8249354d314c3aa341c2a332f19dc27dcd6e7bd80502490

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
c15cfbe920d1b3021d056cb4616d4cce

SHA1
9a7b63c0c165653a090e62ecb16a971906682e83

SHA256
c8644e53feed4ca2f1701e8fdc3a1bcbf46a2a2886dec394036f4db0ae72a3cd

SHA512
b6892b5cedb4fc901c1d5a3c11bbea2bdbb9aa27e60858d41319ee641ae13d49bd82553cfba28d27cdc7237a8c6c823fc1b4968568d2a6fb83fcbbc9a0ff52ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
53d959d344221b03af1a321f52d82d51

SHA1
51952dadda70be86cff130d226e9ff02aa6c7a0d

SHA256
341cdb68d8d9926d3f2abd811b9f09502a969380a45b01804b070722cd78b1e5

SHA512
dbf968e8b6ad36ffb719402234b667892f2b19f9fcdb6efcaa413b90bad13e0c33f38d8443e07d1252e2ee741104c59b41b50169b58f855961211b1e44d2163d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
1da47c2dfdd8911d1445e405cb9e061d

SHA1
46a1ed9e67019a9c3071fe671d769d022272c062

SHA256
24e137ab727d891cfec9f83df469b0c93b9219d4ac7ec4d1b242549d48f7b345

SHA512
10160799915ffda9504c31b4609764204c5f8a632bb38319db7786f038272991fec87f956e39ecb25673fc3596ed26c1fa2b89f429c91ecac903416a5601bee2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
e4456a3930a9b15fdac2473a3dc07cec

SHA1
48e962ab4496bc829b6e637195a3e76f84a63ff5

SHA256
ee7948c274e47729e16dbafebe9cebe78495d7298acb41c7c443a94c8e06157e

SHA512
642416a7daa7becf8737602e57f0051bb8e9aac0b94d7d0a5a1c0a0fede6eca9ea4231b167dcd669146391e40455c58f0488d3ac4a0d913ed3d6e93c8a15879d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
128KB

MD5
a55dc84516b30b1928a9b2627f74312b

SHA1
644b6d559167df26654b7714ce5f0ed306e981a5

SHA256
eabb3a4c96deed87c29e34e6874750431abef9ecaa259953c2bbc611950bd5cb

SHA512
570c9474bea1bbc3a0860d26d0cd4df8268fe26c697d1dd6189c3637ce2a9118f4b78eec1a9c05c09cd8b8992ab4d38a5e3e4810542e9a905bddf46dd8fc193d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
114KB

MD5
50dd74ae70db56853a6f55417d246d56

SHA1
dfd93ec5e3182c495335f94d9f9976d674485a70

SHA256
7de37a0360cb6afa46a4f3f5f7de55a8ee9d741078b21487d1a29076cca21fcc

SHA512
cc4ebaafb8de8542290359cb92bfb46c05dda6f7ecbf9b0a560d2dad36ea891d8d73ad290df6162f545ccfa04fdeec0a0d4df1f6e94ccdb129a84fa48d4c02fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
120KB

MD5
4a53e23c3637f7b95db74383c19aa172

SHA1
abd56945437283cac418ee199fe7e5316a9841a6

SHA256
82c3252f54b5454e08d8c23a490b731d65412854184071834284a54f1fdaa7e6

SHA512
ff2465f4006ff9da1ce5b95ddd9d59573554db31743dbdf8bc662d5e60eb6905800f48861f80d9a71d8d7d72a4417f47e22c18391d26fc4db44ddebfccc43588

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe59f2e2.TMP

Filesize
109KB

MD5
48ed5d1043e5f447a0cc73c3ac91b401

SHA1
f1d05bf9f83884ac44b4f5a07c08491ac166417c

SHA256
f76a7b2e4d32cecc6a12eef535aef5077ccd0462f1e0ebd44d9cdc2885e61c5c

SHA512
a13f987d10d8c2feb212824f9a43f399d51989eb12a09a19c9ecb4b66fe1b29a6e756c6755ee21a5904d25c37583d816aac781047bef45ef35de5ffe51018993

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\WaveTrial.rar

Filesize
156.4MB

MD5
0159c8632597db4afc30105f24cdd3ea

SHA1
5e80272c6ff0d820cdb0a4f98f7fbf0d558f5957

SHA256
0ff0224edb6a27b5c23adc7fb759864bb3c645f2cf2f38d0a0290c1fa691fdd2

SHA512
587e4dc7ae21036f3aaec3e99955670ef0c457fab23db79b71f0963acc79a1f2eca61b2233b6770672a139b0f8a9ae98ad65bed2431aac476fe7d4e293e666fe

Download Submit
C:\Users\Admin\Downloads\WaveTrial\dist\client\assets\index-daab.js

Filesize
3.4MB

MD5
a19bf5e804004e0397a4547f9a8568fe

SHA1
daad35851be0986f1a99f5563976309c2f7fc800

SHA256
66909b895c0b86eb1edaf95c0d728939a4986f01bf5112023bf52a6afc021155

SHA512
2e98dedf48e2f16543ef28cdfad832f77a6250f6e71cadd2245e58aa4872a91934f390ad8552a1c59b035ead123904b95c31a1fb3d7ba3dbf49968b018755c5a

Download Submit
memory/5028-1641-0x000002C77E6C0000-0x000002C77E6C1000-memory.dmp

Filesize
4KB

Download
memory/5028-1640-0x000002C77E5B0000-0x000002C77E5B1000-memory.dmp

Filesize
4KB

Download
memory/5028-1639-0x000002C77E5B0000-0x000002C77E5B1000-memory.dmp

Filesize
4KB

Download
memory/5028-1637-0x000002C77E580000-0x000002C77E581000-memory.dmp

Filesize
4KB

Download
memory/5028-1621-0x000002C77A240000-0x000002C77A250000-memory.dmp

Filesize
64KB

Download
memory/5028-1605-0x000002C77A140000-0x000002C77A150000-memory.dmp

Filesize
64KB

Download
memory/6480-1561-0x000001DAF5E20000-0x000001DAF6528000-memory.dmp

Filesize
7.0MB

Download
memory/6480-1568-0x000001DAF8140000-0x000001DAF8150000-memory.dmp

Filesize
64KB

Download
memory/6480-1567-0x00007FFCE5FD0000-0x00007FFCE6A91000-memory.dmp

Filesize
10.8MB

Download
memory/6480-1566-0x000001DAF8DA0000-0x000001DAF8F61000-memory.dmp

Filesize
1.8MB

Download
memory/6480-1565-0x000001DAF8CB0000-0x000001DAF8D96000-memory.dmp

Filesize
920KB

Download
memory/6480-1564-0x000001DAF80E0000-0x000001DAF8104000-memory.dmp

Filesize
144KB

Download
memory/6480-1563-0x000001DAF8140000-0x000001DAF8150000-memory.dmp

Filesize
64KB

Download
memory/6480-1562-0x00007FFCE5FD0000-0x00007FFCE6A91000-memory.dmp

Filesize
10.8MB

Download