Analysis

  • max time kernel
    90s
  • max time network
    92s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-06-2024 05:07

General

  • Target

    Wave Browser.exe

  • Size

    1.2MB

  • MD5

    1684aab6fae1ed888cf6d3c45e3f5fa7

  • SHA1

    6acc87b81836575bf7b497f0e8a9a23a221f06b7

  • SHA256

    4114122c0dca23f637d83eed33f9abcdc92709e2ac6f63ffd55f5aae519b58ab

  • SHA512

    6d4bafe21686ce62cc129082e8dcd4da87fa7dcaea5eee9862a99adbb0142e89fe0e9d097ee2b9a9a6b6eab3ee23b6a26c4fa587d7ce1782a1d2e2c1454c2e71

  • SSDEEP

    24576:2s/RUhtSWUeNXoCPxjyJVhGi4vGuOg9ajduJd/WDj0uX:2oRUhoK/9ecwjd6d/sIuX

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Checks whether UAC is enabled 1 TTPs 6 IoCs
  • Downloads MZ/PE file
  • Checks computer location settings 2 TTPs 48 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

  • Checks system information in the registry 2 TTPs 3 IoCs

    System information is often read in order to detect sandboxing environments.

  • Drops file in Program Files directory 14 IoCs
  • Executes dropped EXE 64 IoCs
  • Loads dropped DLL 64 IoCs
  • Registers COM server for autorun 1 TTPs 55 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Enumerates system info in registry 2 TTPs 5 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 16 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 43 IoCs
  • Suspicious use of AdjustPrivilegeToken 59 IoCs
  • Suspicious use of FindShellTrayWindow 60 IoCs
  • Suspicious use of SendNotifyMessage 52 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Users\Admin\AppData\Local\Temp\Wave Browser.exe
    "C:\Users\Admin\AppData\Local\Temp\Wave Browser.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:684
    • C:\Users\Admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe
      "C:\Users\Admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe" /install "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1"
      2⤵
      • Drops file in Program Files directory
      • Executes dropped EXE
      • Suspicious use of WriteProcessMemory
      PID:880
      • C:\Program Files (x86)\Wavesor\Temp\GUMB4E8.tmp\SWUpdater.exe
        "C:\Program Files (x86)\Wavesor\Temp\GUMB4E8.tmp\SWUpdater.exe" /install "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1"
        3⤵
        • Adds Run key to start application
        • Checks whether UAC is enabled
        • Checks computer location settings
        • Executes dropped EXE
        • Loads dropped DLL
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of WriteProcessMemory
        PID:4656
        • C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
          "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /regserver
          4⤵
          • Checks whether UAC is enabled
          • Executes dropped EXE
          • Loads dropped DLL
          • Registers COM server for autorun
          • Modifies registry class
          • Suspicious use of WriteProcessMemory
          PID:3732
          • C:\Users\Admin\Wavesor Software\SWUpdater\1.3.133.0\SWUpdaterComRegisterShell64.exe
            "C:\Users\Admin\Wavesor Software\SWUpdater\1.3.133.0\SWUpdaterComRegisterShell64.exe" /user
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Registers COM server for autorun
            • Modifies registry class
            PID:2232
          • C:\Users\Admin\Wavesor Software\SWUpdater\1.3.133.0\SWUpdaterComRegisterShell64.exe
            "C:\Users\Admin\Wavesor Software\SWUpdater\1.3.133.0\SWUpdaterComRegisterShell64.exe" /user
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Registers COM server for autorun
            • Modifies registry class
            PID:2132
          • C:\Users\Admin\Wavesor Software\SWUpdater\1.3.133.0\SWUpdaterComRegisterShell64.exe
            "C:\Users\Admin\Wavesor Software\SWUpdater\1.3.133.0\SWUpdaterComRegisterShell64.exe" /user
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Registers COM server for autorun
            • Modifies registry class
            PID:1528
        • C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
          "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJTV1VwZGF0ZXIiIHVwZGF0ZXJ2ZXJzaW9uPSIxLjMuMTMzLjAiIHNoZWxsX3ZlcnNpb249IjEuMy4xMzMuMCIgaXNtYWNoaW5lPSIwIiBzZXNzaW9uaWQ9InswNjlEMEM4Qy1CNzBGLTQ4NEUtOTJDMi1DODhGRUIzRUQwNEJ9IiB1c2VyaWQ9IntiM2RkODA0Zi01NWNiLTRjMmItODcxZC1jZWI4YzliMTcyNWF9IiBpbnN0YWxsc291cmNlPSJvdGhlcmluc3RhbGxjbWQiIHJlcXVlc3RpZD0iezU1NDVCRkRBLUU0M0QtNEJERS1CQThFLTM1OTAyODhCQjA5NX0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iOCIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiLz48YXBwIGFwcGlkPSJ7RjZGNjBBQ0UtNzFBRC00NjEwLTgwRDQtOTI1MzcyOUZCNEI3fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMS4zLjEzMy4wIiBsYW5nPSJlbiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGluc3RhbGxfdGltZV9tcz0iNjQxIi8-PC9hcHA-PC9yZXF1ZXN0Pg
          4⤵
          • Checks whether UAC is enabled
          • Executes dropped EXE
          • Loads dropped DLL
          PID:1872
        • C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
          "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /handoff "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1" /installsource otherinstallcmd /sessionid "{069D0C8C-B70F-484E-92C2-C88FEB3ED04B}"
          4⤵
          • Checks whether UAC is enabled
          • Executes dropped EXE
          • Loads dropped DLL
          • Suspicious behavior: GetForegroundWindowSpam
          PID:4268
  • C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
    "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" -Embedding
    1⤵
    • Checks whether UAC is enabled
    • Checks computer location settings
    • Executes dropped EXE
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1960
    • C:\Users\Admin\Wavesor Software\SWUpdater\Install\{287379F0-EE90-494F-B493-0C619B577D85}\WaveInstaller-v1.3.16.5.exe
      "C:\Users\Admin\Wavesor Software\SWUpdater\Install\{287379F0-EE90-494F-B493-0C619B577D85}\WaveInstaller-v1.3.16.5.exe" /installerdata="C:\Users\Admin\AppData\Local\Temp\guiF26E.tmp"
      2⤵
      • Executes dropped EXE
      • Suspicious use of WriteProcessMemory
      PID:1300
      • C:\Users\Admin\AppData\Local\Temp\nsjF500.tmp\setup.exe
        "C:\Users\Admin\AppData\Local\Temp\nsjF500.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\nsjF500.tmp\wavebrowser.packed.7z" --make-chrome-default --installerdata="C:\Users\Admin\AppData\Local\Temp\guiF26E.tmp"
        3⤵
        • Executes dropped EXE
        • Registers COM server for autorun
        • Modifies registry class
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:2448
        • C:\Users\Admin\AppData\Local\Temp\nsjF500.tmp\setup.exe
          C:\Users\Admin\AppData\Local\Temp\nsjF500.tmp\setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.3.16.5 --initial-client-data=0x274,0x278,0x27c,0x244,0x280,0x7ff7e4aaea10,0x7ff7e4aaea20,0x7ff7e4aaea30
          4⤵
          • Executes dropped EXE
          PID:224
        • C:\Users\Admin\AppData\Local\Temp\nsjF500.tmp\setup.exe
          "C:\Users\Admin\AppData\Local\Temp\nsjF500.tmp\setup.exe" --verbose-logging --installerdata="C:\Users\Admin\AppData\Local\Temp\guiF26E.tmp" --create-shortcuts=0 --install-level=0
          4⤵
          • Checks computer location settings
          • Executes dropped EXE
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of WriteProcessMemory
          PID:1544
          • C:\Users\Admin\AppData\Local\Temp\nsjF500.tmp\setup.exe
            C:\Users\Admin\AppData\Local\Temp\nsjF500.tmp\setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.3.16.5 --initial-client-data=0x274,0x278,0x27c,0x244,0x280,0x7ff7e4aaea10,0x7ff7e4aaea20,0x7ff7e4aaea30
            5⤵
            • Executes dropped EXE
            PID:892
        • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
          "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --prevdefbrowser=6 --install-type=1 --from-installer
          4⤵
          • Checks computer location settings
          • Checks system information in the registry
          • Executes dropped EXE
          • Loads dropped DLL
          • Enumerates system info in registry
          • Modifies data under HKEY_USERS
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
          • Suspicious use of AdjustPrivilegeToken
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SendNotifyMessage
          • Suspicious use of WriteProcessMemory
          PID:3428
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.3.16.5 --initial-client-data=0x100,0x104,0x108,0xe4,0x10c,0x7ff9ce5748b0,0x7ff9ce5748c0,0x7ff9ce5748d0
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:1100
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=gpu-process --start-stack-profiler --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1956 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:2
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:764
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --start-stack-profiler --mojo-platform-channel-handle=2176 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:2628
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2476 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:3960
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2952 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
            5⤵
            • Checks computer location settings
            • Executes dropped EXE
            • Loads dropped DLL
            PID:1656
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3520 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
            5⤵
            • Checks computer location settings
            • Executes dropped EXE
            • Loads dropped DLL
            PID:4060
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3816 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:4540
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4432 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:1172
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4528 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
            5⤵
            • Checks computer location settings
            • Executes dropped EXE
            • Loads dropped DLL
            PID:4052
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4612 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
            5⤵
            • Checks computer location settings
            • Executes dropped EXE
            • Loads dropped DLL
            PID:3588
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4768 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
            5⤵
            • Checks computer location settings
            • Executes dropped EXE
            • Loads dropped DLL
            PID:2784
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4752 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
            5⤵
            • Checks computer location settings
            • Executes dropped EXE
            • Loads dropped DLL
            PID:1300
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5000 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
            5⤵
            • Checks computer location settings
            • Executes dropped EXE
            • Loads dropped DLL
            PID:1428
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5116 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
            5⤵
            • Checks computer location settings
            • Executes dropped EXE
            • Loads dropped DLL
            PID:2868
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5236 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
            5⤵
            • Checks computer location settings
            • Executes dropped EXE
            • Loads dropped DLL
            PID:4532
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5352 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
            5⤵
            • Checks computer location settings
            • Executes dropped EXE
            • Loads dropped DLL
            PID:944
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --instant-process --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5468 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
            5⤵
            • Checks computer location settings
            • Executes dropped EXE
            • Loads dropped DLL
            PID:1240
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6048 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:2124
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6252 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:1200
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6544 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
            5⤵
            • Checks computer location settings
            • Executes dropped EXE
            • Loads dropped DLL
            PID:1512
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6784 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
            5⤵
            • Checks computer location settings
            • Executes dropped EXE
            PID:4076
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6940 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:3500
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7084 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:5204
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6684 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:5316
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7328 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5364
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7312 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5508
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7612 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5596
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7752 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5640
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7892 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5756
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=8068 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
            5⤵
            • Checks computer location settings
            • Executes dropped EXE
            PID:5888
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8256 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5960
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8420 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:6024
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7568 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5256
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6552 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5276
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6928 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5340
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6128 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5400
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7412 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5412
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8692 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5492
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8716 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5580
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7460 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5636
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9024 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5720
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9160 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5824
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6000 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5760
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7172 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:3500
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9204 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5264
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9248 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5560
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9400 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5772
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9540 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
            • Executes dropped EXE
            PID:5356
          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9388 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
            5⤵
              PID:5216
            • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
              "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9808 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
              5⤵
                PID:5464
              • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3780 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
                5⤵
                  PID:5756
                • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                  "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9952 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
                  5⤵
                    PID:5420
                  • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                    "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=10192 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
                    5⤵
                      PID:6040
                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=10344 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
                      5⤵
                        PID:6104
                      • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=10488 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
                        5⤵
                          PID:1816
                        • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                          "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=10624 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
                          5⤵
                            PID:1152
                          • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                            "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6416 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
                            5⤵
                              PID:5408
                            • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                              "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=10904 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
                              5⤵
                                PID:5644
                              • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=11236 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
                                5⤵
                                  PID:5744
                                • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                  "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=11248 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                  5⤵
                                  • Checks computer location settings
                                  PID:5516
                                • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                  "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=11196 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                  5⤵
                                  • Checks computer location settings
                                  PID:5512
                                • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                  "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=11168 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                  5⤵
                                  • Checks computer location settings
                                  PID:5076
                                • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                  "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=11552 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                  5⤵
                                  • Checks computer location settings
                                  PID:4048
                                • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                  "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=11712 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                  5⤵
                                  • Checks computer location settings
                                  PID:5968
                                • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                  "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=11924 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                  5⤵
                                  • Checks computer location settings
                                  PID:5280
                                • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                  "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6512 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
                                  5⤵
                                    PID:6152
                                  • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                    "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=12204 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                    5⤵
                                    • Checks computer location settings
                                    PID:6772
                                  • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                    "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=12192 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                    5⤵
                                    • Checks computer location settings
                                    PID:6792
                                  • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                    "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=12528 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                    5⤵
                                    • Checks computer location settings
                                    PID:6804
                                  • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                    "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=12728 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                    5⤵
                                    • Checks computer location settings
                                    PID:6824
                                  • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                    "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=12960 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                    5⤵
                                    • Checks computer location settings
                                    PID:7072
                                  • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                    "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=5940 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                    5⤵
                                    • Checks computer location settings
                                    PID:6564
                                  • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                    "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=9212 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                    5⤵
                                    • Checks computer location settings
                                    PID:6780
                                  • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                    "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=11768 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
                                    5⤵
                                      PID:5536
                                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=4800 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                      5⤵
                                      • Checks computer location settings
                                      PID:2156
                                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=4860 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                      5⤵
                                      • Checks computer location settings
                                      PID:2636
                                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=5096 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                      5⤵
                                      • Checks computer location settings
                                      PID:6224
                                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=8232 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                      5⤵
                                      • Checks computer location settings
                                      PID:6328
                                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=5204 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                      5⤵
                                      • Checks computer location settings
                                      PID:4328
                                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=5432 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                      5⤵
                                      • Checks computer location settings
                                      PID:5904
                                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=11996 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                      5⤵
                                      • Checks computer location settings
                                      PID:6376
                                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=5288 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                      5⤵
                                      • Checks computer location settings
                                      PID:944
                                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=4504 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                      5⤵
                                      • Checks computer location settings
                                      PID:6572
                                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=5068 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                      5⤵
                                      • Checks computer location settings
                                      PID:5996
                                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=6604 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                      5⤵
                                      • Checks computer location settings
                                      PID:5312
                                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=11508 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                      5⤵
                                      • Checks computer location settings
                                      PID:5360
                                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --instant-process --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=6872 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                      5⤵
                                      • Checks computer location settings
                                      PID:3048
                                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=10420 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
                                      5⤵
                                        PID:5988
                                      • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6820 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:8
                                        5⤵
                                          PID:6596
                                        • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                          "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=9828 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                          5⤵
                                          • Checks computer location settings
                                          PID:7000
                                        • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                          "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=11092 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                          5⤵
                                          • Checks computer location settings
                                          PID:5592
                                        • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                          "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=7848 --field-trial-handle=1964,i,16408198027484201709,8260394898643255580,262144 /prefetch:1
                                          5⤵
                                          • Checks computer location settings
                                          PID:1032
                                  • C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
                                    "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJTV1VwZGF0ZXIiIHVwZGF0ZXJ2ZXJzaW9uPSIxLjMuMTMzLjAiIHNoZWxsX3ZlcnNpb249IjEuMy4xMzMuMCIgaXNtYWNoaW5lPSIwIiBzZXNzaW9uaWQ9InswNjlEMEM4Qy1CNzBGLTQ4NEUtOTJDMi1DODhGRUIzRUQwNEJ9IiB1c2VyaWQ9Ins4NjQzNjkzZC1mZmQ0LTRjYmYtYTEzZC00OWVlYWI0ZmU2YjJ9IiBpbnN0YWxsc291cmNlPSJvdGhlcmluc3RhbGxjbWQiIHJlcXVlc3RpZD0ie0FCMDBBM0M4LUI2REItNDRFNC05RjIwLTJDMDdDRTdCOTI4RX0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iOCIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiLz48YXBwIGFwcGlkPSJ7RUIxNDlBRDItQ0U0RS00RjUxLUI3RkMtQTE0OUZBQTRDQ0FGfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMS4zLjE2LjUiIGxhbmc9ImVuIiBicmFuZD0iIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHBzOi8vY2RuLnN3dXBkYXRlci5jb20vYnVpbGQvV2F2ZUJyb3dzZXIvc3RhYmxlL3dpbi8xMTEyMzk3NTc4MjQ1LzY0L1dhdmVJbnN0YWxsZXItdjEuMy4xNi41LmV4ZSIgZG93bmxvYWRlZD0iOTYwMzM3MjAiIHRvdGFsPSI5NjAzMzcyMCIgZG93bmxvYWRfdGltZV9tcz0iNzU3OCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc291cmNlX3VybF9pbmRleD0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjY3MiIgZG93bmxvYWRfdGltZV9tcz0iODI1NyIgZG93bmxvYWRlZD0iOTYwMzM3MjAiIHRvdGFsPSI5NjAzMzcyMCIgaW5zdGFsbF90aW1lX21zPSIxMjY3MyIvPjwvYXBwPjwvcmVxdWVzdD4
                                    2⤵
                                    • Checks whether UAC is enabled
                                    • Executes dropped EXE
                                    • Loads dropped DLL
                                    PID:2108
                                • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                  "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --strtl=di --start-maximized
                                  1⤵
                                  • Checks system information in the registry
                                  • Enumerates system info in registry
                                  PID:5464
                                  • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                    "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.3.16.5 --initial-client-data=0x120,0x124,0x128,0x104,0x12c,0x7ff9ce5748b0,0x7ff9ce5748c0,0x7ff9ce5748d0
                                    2⤵
                                      PID:6104
                                    • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=gpu-process --start-stack-profiler --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1840 --field-trial-handle=1844,i,10392033419771549850,14762269753951861706,262144 /prefetch:2
                                      2⤵
                                        PID:7096
                                      • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
                                        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --start-stack-profiler --mojo-platform-channel-handle=2124 --field-trial-handle=1844,i,10392033419771549850,14762269753951861706,262144 /prefetch:8
                                        2⤵
                                          PID:5240

                                      Network

                                      MITRE ATT&CK Enterprise v15

                                      Replay Monitor

                                      Loading Replay Monitor...

                                      Downloads

                                      • C:\Program Files (x86)\Wavesor\Temp\GUMB4E8.tmp\SWUpdater.exe

                                        Filesize

                                        108KB

                                        MD5

                                        57428456c6e6c2ea328c864681db5df3

                                        SHA1

                                        2dc7329e0b346c435b6ea5cf44a3d0a076f8d398

                                        SHA256

                                        ee87747102eba8844939352740d0bb6c4a67f10c2656961cb2722cd42ba99f40

                                        SHA512

                                        40fb34fce07f094fdaf78c499a21c3f534f0c8ae1246b6cf382ea7e63fa08b4de56e6c81eb8fadce8a2e508ae5d03831590a06ffda3d46026fb894e4997f31b0

                                      • C:\Program Files (x86)\Wavesor\Temp\GUMB4E8.tmp\SWUpdaterBroker.exe

                                        Filesize

                                        97KB

                                        MD5

                                        558a3fa51457575ea29f9b041729ee8b

                                        SHA1

                                        7196875ce5b68f088e19fe4b7cc07bec29cda038

                                        SHA256

                                        74bd216198ff11f08542473aaa7e5a619b50574e344ba8e8ca2c19ff497bf284

                                        SHA512

                                        a0afc3650879d6df55abe2ca461631bfa53e78376f1a702d42869026caae035982e22df938d48d7dc42d6482237db614a06df067e2d3f89cdb2b915cda9ed5c2

                                      • C:\Program Files (x86)\Wavesor\Temp\GUMB4E8.tmp\SWUpdaterComRegisterShell64.exe

                                        Filesize

                                        190KB

                                        MD5

                                        10b82dc9d9a29bc4af224981f0e1c6fe

                                        SHA1

                                        bc33b2eeac62916eb9ee93a3f1ed6a0eb7611187

                                        SHA256

                                        00cd644354032257a39ff710ddd03e9fb98348f5323dec31ca670c903d68274c

                                        SHA512

                                        a3c67a858ce7889506572e2448b5d1e936c6d6ada2a04736b1f6cfe12b9ae46e9ee8c925778cda273db54000854f1ec4a544bcf2255770b978c7c6e9e24a1664

                                      • C:\Program Files (x86)\Wavesor\Temp\GUMB4E8.tmp\SWUpdaterCore.exe

                                        Filesize

                                        208KB

                                        MD5

                                        d40bd627bfb2ba39c5452a71a450eabd

                                        SHA1

                                        a0441dc20102fa71225f4f61675537d0549d5353

                                        SHA256

                                        8af504dda28da0896cb0e17273878d285d8cc1f912d304b21a49940fb577a0a5

                                        SHA512

                                        434a8f5154a509bda70ef7af58e0029ba3ad9da0e3803f9975609cae65a1fdc0449d3a8d110a6928e9e621c7ea203ca98d96618c1dde3dee3a8110e806c05499

                                      • C:\Program Files (x86)\Wavesor\Temp\GUMB4E8.tmp\SWUpdaterOnDemand.exe

                                        Filesize

                                        97KB

                                        MD5

                                        29b0571d015318edb1c292aea8011179

                                        SHA1

                                        e3a8019b41ae73f2aa213c10337bb42783f5b5ed

                                        SHA256

                                        cea433e8fea8dcf1705016545abd150a2891291ae122a776cd66ddb802a17587

                                        SHA512

                                        8ca55fc8e86b0f147ab3b358009b294780030137710e356e405ea3f7d48276e4387e83bc479d72bf068196d6d33c0b5524528b52fd145ba1e8161073aea62951

                                      • C:\Program Files (x86)\Wavesor\Temp\GUMB4E8.tmp\psmachine.dll

                                        Filesize

                                        259KB

                                        MD5

                                        b10f0939bce18ad24102c03769ddab9b

                                        SHA1

                                        99b7cc45792f6ce7e270755e46a39f90d949c583

                                        SHA256

                                        442af0a1a403e17b5e5676cb49973d9e3ae067cfe9efb8b669bf413f7b5a2e1d

                                        SHA512

                                        2f7462160d0adaa84e4996cad27bb43a656d991bd8d8957c9ae3161bef4ceccf1923d27b59fe69a8ace048d9b663196ef44e7a7aeb52e9b93b560e10a3069121

                                      • C:\Program Files (x86)\Wavesor\Temp\GUMB4E8.tmp\psmachine_64.dll

                                        Filesize

                                        323KB

                                        MD5

                                        19e105e099b7653cf60ff5783ec59453

                                        SHA1

                                        9d5ad1fba3c03ce4c3841ef41f776b45ca9160d4

                                        SHA256

                                        7e05780afffb2834ec4e2e1d67c9031616c13394ccfeb3a3c678415f19ba1104

                                        SHA512

                                        e065358e22fec9d2d323e7acdcf3c4c81a629f4580e068f9b078cc414f2dc5b53912596cab2cb40d5247a4746acaff2572445596f534940959e0b3e87e43aa13

                                      • C:\Program Files (x86)\Wavesor\Temp\GUMB4E8.tmp\psuser.dll

                                        Filesize

                                        259KB

                                        MD5

                                        71dd0abc865c9d8873e93478707a16d8

                                        SHA1

                                        6cc5c855b93e455c92fc15853a7ac219f62a3b3e

                                        SHA256

                                        a0439f5455ef696b70a230ab76c15f4bc3d7571ad4fbc32fda95247789aa5822

                                        SHA512

                                        9c5cdf72684a6fbf9fc4194f26208a7e5b877be8eaf1f5a334b3691f7cc281c7f134421592a920f4f3a3f45c1287d04a95631411bf2bbb189e137d1d1d143a22

                                      • C:\Program Files (x86)\Wavesor\Temp\GUMB4E8.tmp\psuser_64.dll

                                        Filesize

                                        323KB

                                        MD5

                                        3d08bfc845a13602e942f839e75be233

                                        SHA1

                                        7c8cbeeffb2139e83214f9e66d01eacae35f5be0

                                        SHA256

                                        2992995fe9fbb5b0ff1da5f081f2aabd32ca276ede41889b4e457e6cbcf21efd

                                        SHA512

                                        7a2d2b1afad039f37fc9f7caa819181e710cf60f1348c129b5af7abce3307db653f69485d6200b947bcb42b4de406441587867ad61b48110407e265817b212fe

                                      • C:\Program Files (x86)\Wavesor\Temp\GUMB4E8.tmp\swupdater.dll

                                        Filesize

                                        1.0MB

                                        MD5

                                        d388d67a1861f9d0cc4f6edfa97861b4

                                        SHA1

                                        ca82fdb6ff39fe0b157100d1c8eec48b73c34791

                                        SHA256

                                        b21f99f14b4ccc78c5e01c269a8eba83ae0c5912b46d8c1554f329a1076a7617

                                        SHA512

                                        71879d3dd7b1b0b169e3c80fd88ff6f656778af85462363202c4f28ae57b547ee569e5b43f55d0446cfbed736c32fa249ba91a5c34e8d9363295be86b1d5a3d3

                                      • C:\Program Files (x86)\Wavesor\Temp\GUMB4E8.tmp\swupdaterres_en.dll

                                        Filesize

                                        42KB

                                        MD5

                                        35fd9f0a8fd4a41ebecab887715a3ffd

                                        SHA1

                                        03ce4a819fb75e4c5e756fbe73f8a63b885b0624

                                        SHA256

                                        a535ef96bcbe7f6953fb6d7194540716df495bd7cf25e902dddb6756561189bc

                                        SHA512

                                        e6db60d25de13f5f452fd249ac2f6cddd0958a2830404a2144154ee0e1023cf5cbff3e58831383b14c9950dcf7c4b4b784d15e972b44808f8d02870a44d62d14

                                      • C:\Users\Admin\AppData\Local\Temp\106143bb-97f6-437b-a561-ce5440b19ac1.tmp

                                        Filesize

                                        1B

                                        MD5

                                        5058f1af8388633f609cadb75a75dc9d

                                        SHA1

                                        3a52ce780950d4d969792a2559cd519d7ee8c727

                                        SHA256

                                        cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                        SHA512

                                        0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                      • C:\Users\Admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe

                                        Filesize

                                        796KB

                                        MD5

                                        18693249f3a283e83b8179e692ffbba9

                                        SHA1

                                        546c0d89f8c8096d22c6f6be7e843cf5ce08e220

                                        SHA256

                                        3d828bcccc628e7096856337b178da5608a6c3db99383374e6c49d50a1895e64

                                        SHA512

                                        1ab246fea99daf75831f26930d458a05ff0efd5f9c71c9c4396681a065fcf9f5c04af774df34ad55e140b71d41e42254ee2d9dabbb18009800bdfc62170a8c39

                                      • C:\Users\Admin\AppData\Local\Temp\guiF26E.tmp

                                        Filesize

                                        1KB

                                        MD5

                                        d84489371a9426dca0cb2e83daf6bf0b

                                        SHA1

                                        be3e8c9c84d469d2bae344f8c6f8ee484812d6ba

                                        SHA256

                                        5e1cede4ea5c266fd4ecbd3feb9f6b7a518705c7af061caea58b71e4833caf3b

                                        SHA512

                                        50abee7939bfff66986da51b890a80018551f9a91286dd30b3ceebaa6f327bd2e4f66ac5ec6dc9378d001a5a637a69f4f1325d22b19fc0c89c0f573b54fa0f49

                                      • C:\Users\Admin\AppData\Local\Temp\guiF26E.tmp

                                        Filesize

                                        3KB

                                        MD5

                                        409d4d2ff56da0cd48952726eff9d1ca

                                        SHA1

                                        016b9d8d6646582da0b292006b624091373b8f12

                                        SHA256

                                        72bb1258cabde5860aaa51e3097052fe13f6b9d541b16623aa31b84e877801c0

                                        SHA512

                                        48814b4f9cc95bec6177735454a5dc5f7106464649eb216e51f04f2411528ed5e8bfa1c8ff489637a25dc7323d5b7e4bf953694d2b864671e7ae71360fd0c7f6

                                      • C:\Users\Admin\AppData\Local\Temp\nsjF500.tmp\setup.exe

                                        Filesize

                                        4.1MB

                                        MD5

                                        10311774d51e95a45f7a3cdcb18de01b

                                        SHA1

                                        f36e244f6a8dca0ec4c5f8f3cf4aac9194700914

                                        SHA256

                                        a83f3ae723657bf6fe90e39fdb1816f9ca652a310b98d8da22075adedc21071f

                                        SHA512

                                        a41b14e5091f8c27b728ee87842b588eb85384d2e8f3469fb5ec9019385b15b75ef61e56dfa4953670b11d7be6d7b582b86b2283d4cd3f281e827369dabd1e8b

                                      • C:\Users\Admin\AppData\Local\Temp\scoped_dir3428_1375744180\CRX_INSTALL\content-script.js

                                        Filesize

                                        215B

                                        MD5

                                        ec6c8a879398cf1a9cb49d940f22f312

                                        SHA1

                                        c950d247f78864e7a159e0e6d7deb54c4eacbade

                                        SHA256

                                        dbf6ccdb61c9e9287a12d830a61b3163d943c985a1f5899b2ad00ae8072e1cef

                                        SHA512

                                        69a27d8288900ef30725ffb978cc922b4adb821343598722a96ac1f5f15aa2bf36f5fedfaa54e4f9c130449ee33dcf757596ada2be2c80f9e20755d1acfa7f0f

                                      • C:\Users\Admin\AppData\Local\Temp\scoped_dir3428_992723239\CRX_INSTALL\css\chunk-vendors.67b6e527.css

                                        Filesize

                                        386KB

                                        MD5

                                        a37b786ba2d74b8006c5cc08dc1dc140

                                        SHA1

                                        f056cf24b9a35c5072175dd94362dde6a75d3bce

                                        SHA256

                                        2b6e7fa075a7c50adac2642622b0b4e48b375ba62d10a7d69cd83d2ff27b7194

                                        SHA512

                                        294ef89dae57fc4bb413d47b6e2db2397e27d244417e93b35141b106f403e41e776babb8c0fd9084d4637c0a490e2647936b163012b90f5df5a63d17025ec943

                                      • C:\Users\Admin\AppData\Local\Temp\scoped_dir3428_992723239\CRX_INSTALL\rules.json

                                        Filesize

                                        316B

                                        MD5

                                        e89a86961cc6a5125dbd885e8f8bad5b

                                        SHA1

                                        a2849b637bcec9dd3460b262c7869d8075438096

                                        SHA256

                                        8b8dca5d206ffcfddfabdf3c0c90f97da2bc8c993675ce616891745413ac93a7

                                        SHA512

                                        9b2a87e5eb5ae4c399e8fc43acab07cb73bd3d9762e418b6b3b6e777d2d047f49c422ea9d1dab2b6da885c945b680d0d703f1e0b2e3dbf24d06b5d28bdfecb37

                                      • C:\Users\Admin\AppData\Local\Temp\scoped_dir4540_855556287\Sync Data\LevelDB\LOG.old

                                        Filesize

                                        323B

                                        MD5

                                        604cbd5684413a9d7e805170fb26df7f

                                        SHA1

                                        c32a9a141ff2710ec4609f2d97bd3ee6ea20dc21

                                        SHA256

                                        0f47aea5c2b274c9b17ec9423d9852a3a90ad098b1f2996be4e42332b866145d

                                        SHA512

                                        82044e3cbc1402abf889662e9bb1b218b22bc0e9a5edcba9cd8ef092b149f49fd972d62ca2ed9c256f70e90c35edbaa4adf955f2e0d88dfca218fa24679a03a8

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\64f72c16-3cf1-4c63-a66d-0e5858c1b5af.tmp

                                        Filesize

                                        5KB

                                        MD5

                                        79e7d4bf99bb074aed764d92893a2de9

                                        SHA1

                                        405f10f8bd76c0710db6d7183fe4b23cd4dc4b8c

                                        SHA256

                                        836234e9ecadd61c64c2e4e1dd9ff23999ddad56e08a14fe9c383bc200a8af32

                                        SHA512

                                        7255d83a063dd6379a81eff342fdac9ff4df992c7e7fe5d92b1df586098ec3e02c7f4b287aaae8175a9c7b87f1652c2907eebc00af2ed7fdcaf00552ce219827

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad\settings.dat

                                        Filesize

                                        40B

                                        MD5

                                        ec2f9eecca9c664704b43d97620d8a66

                                        SHA1

                                        4a20e7f0f842d572d36cbb7660920430d803ab04

                                        SHA256

                                        6f30d168ee6031268a5fb73a55152a0e7fb8c0c388f1627abb0b6eb5241d9253

                                        SHA512

                                        d2e393542f39d34c7ff125f54378b97dd99f55c16a66b17b796b9f8a899037cba2eff7dc48dddcd52e0b7a360d4ec0264a5ae0b731dd2703afb20d69bc44cda7

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad\settings.dat

                                        Filesize

                                        40B

                                        MD5

                                        ad9438588a2193199dc50b82899275d4

                                        SHA1

                                        ecf0c7994f8ff5a616ce32e9816b76dfc77441cd

                                        SHA256

                                        649c936122a975ffc546ae02301642e9014269886cebf25fa6f8f9a70d092ddb

                                        SHA512

                                        a6c2629ac2f70b01bfe5a3149edea1b8b42de66b33b71a54d007b9bf07c31464ad7bdbdeebbed9b39b7f767d6e90cc6e8efb2dcf2fba319109bf4047e65ee8d4

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\4e398e06-7c5a-4c66-a85e-616da4202863.tmp

                                        Filesize

                                        36KB

                                        MD5

                                        aa9556307d27a6cf8bc23f67b443ce30

                                        SHA1

                                        0f6781ab92c1f047b97290e96c330160f27b097b

                                        SHA256

                                        ca04e93752beea5d5aafd022aef0fb830bf99349ef8977570de84ea3d8e967fc

                                        SHA512

                                        f7c33e6092e371e8e033150e3c0282d437fa54596399c96505ad03772c588c9b26a453b8a0f63c7a7f4124ca383bfafb87f22d40dd62bd1e03b4de1ffe2c30eb

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\9f569abb-99ab-411e-ae13-d214876a49e9.tmp

                                        Filesize

                                        173KB

                                        MD5

                                        dbb809c9ed271936f6842f22d0647bd0

                                        SHA1

                                        0276c592bacba0d2a3aacce241b3340c46a13f80

                                        SHA256

                                        b40ed97fedcf048b92224e3c6cac62dd8286732e7a945cdddefc49d8cf5bd398

                                        SHA512

                                        0e7edfcc08cb0969aac0e07461736a85e175ba8652c564924140f70d251dc0a7ab0da26a6d1411ce7070d45d6c7a95d0fa9f93165483cd6d3cd33d5d20d85f22

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extension Rules\MANIFEST-000001

                                        Filesize

                                        41B

                                        MD5

                                        5af87dfd673ba2115e2fcf5cfdb727ab

                                        SHA1

                                        d5b5bbf396dc291274584ef71f444f420b6056f1

                                        SHA256

                                        f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                        SHA512

                                        de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_1110679144\CRX_INSTALL\background.js

                                        Filesize

                                        141KB

                                        MD5

                                        b16b9e1d4c53cff89988d614c9e06f0a

                                        SHA1

                                        54687c14aa10eb4cb7fa9408bd80315549d0cb1c

                                        SHA256

                                        acf3f0174db217be8b313a4b8c405c54d6504a53515209dccd87d221213e4cc9

                                        SHA512

                                        2e107227fd4cc973d63929ce24344c2d82229c5f1ad877f8f4161510edf89638f88d5a792f45810842d1bdd3a92067d238ed497188f143db1c4c813a5109bf54

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_1110679144\CRX_INSTALL\icons\icon128.png

                                        Filesize

                                        12KB

                                        MD5

                                        75bf627df24fdc7a83ba01d9d08c4952

                                        SHA1

                                        cb195ef8841d309426549da494dac455c020c02e

                                        SHA256

                                        7e5cfa06a8ee0e6581b54abe90e96bba2cc08f30512c926fae7d8148f53fecb7

                                        SHA512

                                        6996575a4778946ddabf4a9a7461a5a0b5b7af043023ac6d42dd9540cf380d72277849669714586429ab053a89e1cce55d5dbc907c94b78fc41c70859156bfb4

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_1110679144\CRX_INSTALL\icons\icon16.png

                                        Filesize

                                        774B

                                        MD5

                                        50e58666f9b75f209d6a972bb251100b

                                        SHA1

                                        2d6724970409c92d3b11e0d5a0e90860b95384d6

                                        SHA256

                                        e5389525ba1c4f04b7d5693429a357a5c6277ae931abd2248a965cf5f8d427e9

                                        SHA512

                                        903a2c6162c8c34077a9d7fc964a8713320347fb08911865a4bb3805d23cfc7a3fabd32e91400ceec88fa87b0417938f367b5355fa9791a6c92e7f069b8e676d

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_1110679144\CRX_INSTALL\icons\icon32.png

                                        Filesize

                                        1KB

                                        MD5

                                        ca97c6cdc62f2396e375ba03fbdc1a52

                                        SHA1

                                        64805d7a5959d06825ac10c2b8edc4b253e64f57

                                        SHA256

                                        d989185077f43440d4adf982c585964ef3630d875c6d3cb9b82ce5c1735c2cf2

                                        SHA512

                                        504524289fdb1eaef5346c679c6b9ffce0531d9ebde984ce7b6a18777a97bc6a2506e422b71aac78437e35c2ae7dd4ab53766b53c223766ee2cf132dc69e278c

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_1110679144\CRX_INSTALL\icons\icon64.png

                                        Filesize

                                        4KB

                                        MD5

                                        6a24faba74f6ab6282066353ac1b2ee1

                                        SHA1

                                        30c1e8e030feeb4fa79b256df1b74ac9781fe0dd

                                        SHA256

                                        1fdbb30f30aca89656b46743706f68ac6e04560e87cec534549e4c31ede697a5

                                        SHA512

                                        79b80757045a01cb22d93cf6174361344a6902c66387bafaf5ecb05d46675ded72291311a2ee8de54654b031504c75503e2767a30fef9382f02cc0669ee38160

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_1110679144\CRX_INSTALL\images\chat_notifier.png

                                        Filesize

                                        1KB

                                        MD5

                                        4eba440d879297b53e81849522de4a12

                                        SHA1

                                        fb2daf0785f98b4d9635aa87a7c7c1363c784bc9

                                        SHA256

                                        5f892c3cc9aa33d8e054e0e4ba234ac3e3747ed765b0be87b6e1817d3cbc5a56

                                        SHA512

                                        b1c670c1bc8fc4675f15449e3517bfac68d07e24902b53ac14c604cc3981976a3a500921c277ea963c774801222a660465a4df426d18925fd77008a29c92b99d

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_1110679144\CRX_INSTALL\images\icon128.png

                                        Filesize

                                        3KB

                                        MD5

                                        0bfba0954935e27aa71671f0779f40f4

                                        SHA1

                                        bb265d4944b6c9eacdd10c175f431e72b69923d6

                                        SHA256

                                        f0a2377fad0525feb0254df9cd50fe8070bf415da7657afd559ecdf3e9d8a5a1

                                        SHA512

                                        d975a61db626a79914c3c28bcf24bac6456784ba46115ac51c6f954586317c1da52be8a3a5a23bbacc6c5976d7879fdf37ee0a74c7a4a97624b42c2e5f6cb9d3

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_1110679144\CRX_INSTALL\images\icon16.png

                                        Filesize

                                        501B

                                        MD5

                                        36c63692c9fe7b9e3c4d35d27bfea22c

                                        SHA1

                                        82215a6191dc31d30f35d34c609b52f6a3afec15

                                        SHA256

                                        fe35a48804ea6068efff3b2578244922b4485636d24f0f61711bffe7b4c25338

                                        SHA512

                                        cf21010ab67a956eabcaad8f867af62a0bb1130c9fb066bbdca57534ce09c4cfd397d53d7ff5600f5e0aa54b0116aebbbc04b4c417876282adc1ee81ba80ecc9

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_1110679144\CRX_INSTALL\images\icon48.png

                                        Filesize

                                        1KB

                                        MD5

                                        0f118b648f5281260ce531a01cc60433

                                        SHA1

                                        1aa39c1127276ed9416e1e584e1a676a5cbad444

                                        SHA256

                                        562adcf2274dbda895c3af3ae1a76d55cbc848749bc45ce3004f2471a7ed6436

                                        SHA512

                                        191432638562b55f3d76bca6745b4c4f99838079905f76e3835c1be4a0c48c7e092bf52e0cde5702891e5af861ebe03dd064753b0f4a5c98b1cef10d1d7e7ddc

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_1110679144\CRX_INSTALL\images\icon64.png

                                        Filesize

                                        1KB

                                        MD5

                                        e879b5b5b5aa6a1a5d8c2bcbaea4980c

                                        SHA1

                                        f5c3467392265bdc7efbdb5b763f7e02c0ef9fc0

                                        SHA256

                                        0e53df9f306c6ef1b7166557f16ea8e1a3623e3b9435c4d41b38cd9675ede020

                                        SHA512

                                        f885886bd3ed8f60abd94be9afd4091e5c258a736917383ba2634f4b02f8bf7766091986bb1bdbe29f2d9213b9f7b40c2305bf4e79d973a097d1a3d931e1bab6

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_1110679144\CRX_INSTALL\images\messenger-logo.svg

                                        Filesize

                                        889B

                                        MD5

                                        4fcc5269a37a3d5772612db23bebe777

                                        SHA1

                                        513c73e431b6b4a0e572dcde4453431515f05c7d

                                        SHA256

                                        d4e5cbf1780329e64b2a0555f28d437c7feb3019e4fbec9a11416b0e3c9b7408

                                        SHA512

                                        582c630d2f57e3c79d6767504b88546c187b8cf385240cc22ac21222ed65bf9ad319d7e3bab67aa4a225c058957c9524575277b9e84762c638559e83281b8a4d

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_1110679144\CRX_INSTALL\index.html

                                        Filesize

                                        1KB

                                        MD5

                                        a705c2853ee7104c606695c1dfa30193

                                        SHA1

                                        3b1e4bcef2dc77c98952f5dae211cfa7dfdb776c

                                        SHA256

                                        b08a7e81d0d405202e0a9be7d4370b2d224fc9969c60ae70e3ebe47dc622e805

                                        SHA512

                                        64822c4f19402382ef5e9b771459102fc7b979609028e55ed426b8f22abc35f9d6156cd7a3392dfc6c9c3956257ab4685cf1d62ebb5ccd39c663d22d216bc62b

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_1110679144\CRX_INSTALL\main.js

                                        Filesize

                                        1.3MB

                                        MD5

                                        2be0de383183641905ac812e718bde63

                                        SHA1

                                        ab95210aa7c5db31354fb761cc85b2a53f7e0f7c

                                        SHA256

                                        1721f74838edfcc96c81017d19e94e903c5f343b66596f5d9613bc92add67ca2

                                        SHA512

                                        051e82f2192587cfd83dcaeb0cd77f2580c0624a8d3926c7326ba3afc68922ebcb98ba6c4109f4128339b7fef3e8aa96c24e78fe89f7ed8437b3290c455aaf47

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_1110679144\CRX_INSTALL\manifest.json

                                        Filesize

                                        1KB

                                        MD5

                                        788c1aaa94807e4ea6064bc215a114e3

                                        SHA1

                                        41592d660e066c628df6dc3406fc6f7a62b42e08

                                        SHA256

                                        2d4b2baf75297258071663b7bbfb4f12bf5748349e8c8c617d076c5e3a1f1806

                                        SHA512

                                        be9ebe997f00559b70a0906957989b382e3084c609d9bcb4ae3993cc05c2b0aac355d4d2836858275f28bdc166683baac5d346e05e26d0002dbb194b3f8929ae

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_1110679144\CRX_INSTALL\message-hook.js

                                        Filesize

                                        1KB

                                        MD5

                                        e088a86c8b14038a719ca0c5990b30dc

                                        SHA1

                                        76b5ae33796d26be67b44f5aec02d7ed94e10903

                                        SHA256

                                        87179e85e074330c367b64bea5c1385ab53387deb150696709a974bfd52d6a43

                                        SHA512

                                        16f5f541e6f8194e1da05639d24573ad3046e5d8eee97a03a343d64170ce673e0b479ffb2e1bec5f2607580854eb6fb28415d4d7dff88b7e83d14d1b087a7432

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\_locales\en\messages.json

                                        Filesize

                                        175B

                                        MD5

                                        3ae47e124645df64a994f09171695c66

                                        SHA1

                                        32e1f7a89cb14fe2e516f400451f113ae8135c2d

                                        SHA256

                                        c5cea8c6fe04b30d8a5490f0bbddd0b3dc3fa4382dde777105bb3e80d2992dc8

                                        SHA512

                                        bcab9ba96d0ecb78cac7821296c7a6b0f684aa04b09e51a6c52ccbd0a299a87f165ecbbb6e1f2935e7727f7fc710d2431ee346c6ea7606d1cfc1a049c28397c5

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\_metadata\generated_indexed_rulesets\_ruleset1

                                        Filesize

                                        539B

                                        MD5

                                        91d36bb6f1b9cd523789bef49d18745f

                                        SHA1

                                        2fc34cd560f04d428ef2965dbf15cd730a77ebdd

                                        SHA256

                                        1b0293509d472f044cba12851e475f17067a86586b3d1a96017fe3855416aa4c

                                        SHA512

                                        7a0dfb513878db0ec7f008b9926c7d37fa63afc7d23cf9ef5c3d21eddb92f84b263782a4c9c8b6758c3fb764e159b3fb9e9a3752e086f5421509d09a0ac1ebec

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\bg-wrapper.js

                                        Filesize

                                        84B

                                        MD5

                                        63abc1bee2e752534021d902bf4c8319

                                        SHA1

                                        e77685d175296c90f04bfb586f71df7fc5c1e44a

                                        SHA256

                                        0a48213b9a577ba7d1dad1f28e6d7394d6ec81ddb6a3d240b6fa21071a22243c

                                        SHA512

                                        0f5c3f5e6fb161600ef9d046e387626150ce3acb5e8f1de5b48544fdc4eae2089f7715f2ec0cbd516d4c879b6b78d829a628118e367f6eafbe38f9850ccf0976

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\css\options.e6e84e00.css

                                        Filesize

                                        613B

                                        MD5

                                        d696e922b473abfa555eba5833752121

                                        SHA1

                                        b8112f53a9d92e666c4de5258d2e909d238a2864

                                        SHA256

                                        11db5186be7fb14d46e0e42cb0229831754682ee3cacb8ce2613ae9b6684c4c2

                                        SHA512

                                        66086f99b3deb1766bd8245cec2faff73a27a993a8ed60633d19e7feb2353c56a6c9ad2a5f3dd7a66507d0722d1a433c42a38976198b7ca7cd67ec6973f5334c

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\icons\gmail128.png

                                        Filesize

                                        4KB

                                        MD5

                                        abc4ccd4708424476971338c85ba3c58

                                        SHA1

                                        0db30888ee3aff9279f5882415a8de0277664934

                                        SHA256

                                        ccdaa6965bb0b82ecefb62919324815cabef742506d77de79e36f7beab3fa573

                                        SHA512

                                        4b8034cf788e726a63a20d43f06764b3acc21ec94ee3c8f7f0fc91102efe54cce7f1be40262c3cc59797a4a2236dd3ac93011f52291cddc680f94db304c843cc

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\icons\icon128.png

                                        Filesize

                                        4KB

                                        MD5

                                        0af6f1fe3add74f14580e3f1b59996ac

                                        SHA1

                                        6fa6c2294ced9031cddfd415995920fca4da605c

                                        SHA256

                                        4579d09ce9295a8419245c2aca45ee91169e182d5861cd7abc061145c53cdea9

                                        SHA512

                                        8dc2c54c9f387da1f46b1ffb986f698e94769a4e269ed7f4108f0540ebe575e50808a7ff0901a350ab624fde0623ad4161c321593832350f450d9a68fd78c18b

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\icons\icon16.png

                                        Filesize

                                        501B

                                        MD5

                                        eaa867a24d9ad853f918a6aec3c20033

                                        SHA1

                                        6cc629b399440b27cba3feecd3c10233b07112b4

                                        SHA256

                                        5de849a40397f1535caa858fc91b7281a806a8a64b05e4e4ed9c572b42b99325

                                        SHA512

                                        a1f5ca680b1df9539d0a29d1c9fb312a4b74bd124baac133ffd2536a08b4e767ea827f43208654800be6a744ec82f3ed3834a53e839ff4cc0a5fde4a4602311f

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\icons\icon32.png

                                        Filesize

                                        1KB

                                        MD5

                                        35384c99cb09faecb98e1e9633c43e1e

                                        SHA1

                                        a150602bd52796f39a2a516fa433fd2a0ea74cc0

                                        SHA256

                                        e5f75e716884ff58c46b29e1d44f016ec85b6ecaabf4ee6abf302e76b935c387

                                        SHA512

                                        acd095bc4ca7d4d7781860fa6c49faf5625f0b2ac3624b85b29aff6bf07e57d8523892c6a4b5acea0b14e34a279831efc4c04123f75296cb29f7b51cd572f8b3

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\icons\icon48.png

                                        Filesize

                                        1KB

                                        MD5

                                        eca4662bec924a31459dfc29b3584330

                                        SHA1

                                        8aa3eb4a7f8671e014a8897ba79f59823393f59a

                                        SHA256

                                        6643ff55eab8446c16581b4b98ea3688d6f087a747a91382f15c6e740822d172

                                        SHA512

                                        5dc4ae0a32f2ce8c140f75c7e9b8fed414b76ea55c5942d5bf0c1c9d13a3e388ee67d34dff37e32249462413fd280464571ee8c921bef0d9ae630a9cdf900b85

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\icons\icon64.png

                                        Filesize

                                        2KB

                                        MD5

                                        5250676fce3d9420ccb8d8d9fa8195bb

                                        SHA1

                                        3a9cde2bb48e1439c7f77deeb98ae6d8b92dd2eb

                                        SHA256

                                        d51dabfc17737b69a588a29a215cdc6c9e1442588555b8d4f58eb885b79b3b55

                                        SHA512

                                        1941fd792b635415fae49f0dafed8a6e226b0ebe295fe2865b5fb4451e61f1df72acb4725a7225db1b11b1ad6f54bf6db5455f3e574377a6076d871f3ff97b44

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\icons\ymail128.png

                                        Filesize

                                        4KB

                                        MD5

                                        0c60ef8ddf9a2a85653dba05eb30152a

                                        SHA1

                                        b578eb165163f1882b0ce2331413e02c19ff7d55

                                        SHA256

                                        90c24565cca615f4c105adbc869516d104fc4ef4b8e16b687b138ef1e3ff4b52

                                        SHA512

                                        87f15e363fb6f4a279875f86a401827ee07b8ee7583d4b1a762816803c532620153fffdf4364e9b53cc4891b5fe90e11754021e821e1d6ec4a73dcaa0f594dd9

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\js\background.js

                                        Filesize

                                        168KB

                                        MD5

                                        4d658c9546ed50df1daba2028a25aec1

                                        SHA1

                                        3bc39fd3a66e322418f6b36ef95239342c039cf8

                                        SHA256

                                        a0c6c4ba721d577350bcfc10ffa4491f87abc04f2fc7eacf0fb650fde4e8376d

                                        SHA512

                                        cac5c79d90713f6308f850010a38b8c0ea9444ca8d08ea6667fcee14d7bf5c7bb423cabba9f05ee2c9a167393d33696e07118f075f971e7a6ebdb3fda7ea0be5

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\js\chunk-vendors.8d4b78a9.js

                                        Filesize

                                        289KB

                                        MD5

                                        5c8bec2413d1a2d5ed3c6f56a349c756

                                        SHA1

                                        539f1a5a0735ef004ab79946cab89649f835c0b8

                                        SHA256

                                        ed951b5d3a0416421fbbb2ce879297b258c169c7c05744fa21506e6547c28402

                                        SHA512

                                        97c52262619a70e2f4b1cf7723952837c4a380a1487cf2f1004bf92e9e253769a804948916dffabf954c7ec02a340c9afb644848179d320401422b2b94dbd4f7

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\js\options.00bb6fbd.js

                                        Filesize

                                        36KB

                                        MD5

                                        a80f6bee855becb1170da53175c84af4

                                        SHA1

                                        78740f3ae6f9708b4c0c8449c84280ffc1b269d5

                                        SHA256

                                        07faf94d6340d2f5ca395c57037b5e98f6277bcbadb72c6091d092508dbbdeff

                                        SHA512

                                        7622930e7cbd2f86b1b71528adc2170a7b7a2c19d143329ddba621093e579386622e108b4f5e47f351c846712436e87176b36c54eaec697ffa67eccc563c78a8

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\manifest.json

                                        Filesize

                                        1KB

                                        MD5

                                        b5d0aab89982a7990c677db8b1e50e47

                                        SHA1

                                        1d3db6f2f96a6501ccfe8c854853cecb48b1fc91

                                        SHA256

                                        fa430dc95ee3e43237f36cf6832e75cc0a8cdd472467c61a74e50bcf20b03872

                                        SHA512

                                        ccf05bf42c36a2a15449f99de4eeef21842751058750c27d6768a55d8fbfdb2118934da13669ac2b30641cc730783dab6bcce88bae6b24d3496361ca9bd13637

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3428_489197799\CRX_INSTALL\options.html

                                        Filesize

                                        1KB

                                        MD5

                                        22f534e02876baa5e6734db9dce8911a

                                        SHA1

                                        d4be3bbf0c8ebd23416a95fd7a2200955affa260

                                        SHA256

                                        c661f2ed61e9cbf0bd28cf19e3fa9ae1c888b72775d0e378a726160a4be40c3f

                                        SHA512

                                        22f06e242acf1a709133c7a4ff4ebe5053d2266fe6b01d0537ee72264b746e02c50e649d4ef380919dc398acc5c21f99a125ca5942c09a045e970b5aaca513e3

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\dnpmpbbfdefapbnfffohgcejpogkbjbp\1.0.4_0\images\icon32.png

                                        Filesize

                                        1KB

                                        MD5

                                        93ffbf5247e3685efb761b6df853139e

                                        SHA1

                                        239f8336050b3f167e0992b99763b110c12f4c9b

                                        SHA256

                                        6b8407040b26f8076c2d8cc044c92e33c9c7d3ad6d29f32c5091d81380350f97

                                        SHA512

                                        2efc34903adf059250daa726a74696d39f5aaa94e569e0ecf12a61bab0b5ee497394f0aa889430bb17472a5778c7f7e9a222cbb30386c85c4af544c6e2e09a52

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\hbgjioklmpbdmemlmbkfckopochbgjpl\1.0.0_0\preferences_schema.json

                                        Filesize

                                        7KB

                                        MD5

                                        a192304f63ef26c80086f835cc4b7ada

                                        SHA1

                                        6963e90e752209132b728a938844c4c64dc94d43

                                        SHA256

                                        4f72309f9378f04b3f1cb8f46b031ff513ac63e5056d96272f2bdc6d39dcddf9

                                        SHA512

                                        be619909cd0c3465966a4018847310c1493bfdecad6f07bb28293f3dcea73dc377f5d52cca040d626368e17828eae28384fe51d20c4a71925c5f31eea8e18561

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\IndexedDB\chrome-extension_dnpmpbbfdefapbnfffohgcejpogkbjbp_0.indexeddb.leveldb\MANIFEST-000001

                                        Filesize

                                        23B

                                        MD5

                                        3fd11ff447c1ee23538dc4d9724427a3

                                        SHA1

                                        1335e6f71cc4e3cf7025233523b4760f8893e9c9

                                        SHA256

                                        720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

                                        SHA512

                                        10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\SCT Auditing Pending Reports

                                        Filesize

                                        2B

                                        MD5

                                        d751713988987e9331980363e24189ce

                                        SHA1

                                        97d170e1550eee4afc0af065b78cda302a97674c

                                        SHA256

                                        4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                        SHA512

                                        b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity

                                        Filesize

                                        1KB

                                        MD5

                                        668c68ac1f2f8381e9d3f909ea399d54

                                        SHA1

                                        ae11b8e771600c4d7cf6290711c938834d1a9699

                                        SHA256

                                        66d4c941b39ff403dfed15acf0369324e4a30fb157a44bde92ac67fe71dedea1

                                        SHA512

                                        d6b61874c14a50a671d9166883ca7f99ece6b577eef5ca52a01d114cc4708491f96b90a755d4590558532fbf71c5558473d44c6f499099d4f62df3c9b0418495

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity~RFe588855.TMP

                                        Filesize

                                        1KB

                                        MD5

                                        ef948ed16f041e0f14770c96424889ac

                                        SHA1

                                        5a5a996f83982a70caf998cc0d6da82c1fe13e8e

                                        SHA256

                                        7460c6180133f8790c1160326078f2a73920d29284d2f638d9b12fdff3240b6c

                                        SHA512

                                        c49566cb3748acfffab6eff977e7cbef335ca6634035c56e26af8473b341f9456732d439a723e1d554507374021d0b59f6701746c77120feaf18a5b4926e75d5

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences

                                        Filesize

                                        12KB

                                        MD5

                                        f985d6aa96511249644eaf0827e596e2

                                        SHA1

                                        94beb29541e96b8748888c9f5fa60401aa345ee6

                                        SHA256

                                        2564ea54007f5a0d8ae955b56f8f42f42856fd40fb2f23e51fe017a852cb3c33

                                        SHA512

                                        4862ea2980b8694c2e2601674e26a8a34ed19328c97a26203d33bcc58a99eaad76fca14e5d97b74199112d764871e34ccd8478046e93b419a7ab9d58680ca931

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences~RFe5849d5.TMP

                                        Filesize

                                        5KB

                                        MD5

                                        2cf944a886d0b01f8436ba10a2418e80

                                        SHA1

                                        f9a9840615ca21835790bc092459410103ddfca8

                                        SHA256

                                        582404a96c57df32ad2a42b1a62f277e5f053f2960018cb36df7b02f45da2401

                                        SHA512

                                        7ac37ada83ae1a7a6744f0576abb09ef82ed75e7ae3cc75aec665808c3f879aa7255df45081461eee66acc84b476c28a735fa9bf5885802b5c4722dd45e6b8fa

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

                                        Filesize

                                        35KB

                                        MD5

                                        db4e38bd8a1f7b90ae70629ad99e30cc

                                        SHA1

                                        174f749345bf3fd59a151c8c37aa314358fa5068

                                        SHA256

                                        7fd1b31f221e4cf526fbd7da58665ea3f0cd7e7802c2d460f1a7c0c60152f062

                                        SHA512

                                        ceafd0c27cdf36c2632ede56d16e1ec99e68f582a89424263311199a9fed94ba8c8b8d2a1a5cb0a3b8a8757974e661f7422b60efddbc4496f8cef178edc68870

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                        Filesize

                                        120B

                                        MD5

                                        ee92ab1e488dbc2718ce67f9f4579625

                                        SHA1

                                        71b6b4e004c094ffcabd373eee127e031bcd081c

                                        SHA256

                                        eec664a5cfc61a3917617f8435fddf4f92253ab154823f2904bd206327d64aa9

                                        SHA512

                                        85c0f44b9fb6e445d53682292947216d5f9555ff89a84625d5557e962b6c289576fb5af7f4e6100eaf59e1d7322a047401686502b28e9e745c66fde96dc7eb00

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe588f6a.TMP

                                        Filesize

                                        48B

                                        MD5

                                        502d01b362c29551a2c687df3f09efbf

                                        SHA1

                                        7179f618ff3f91c92b411597cbe4c4251010b299

                                        SHA256

                                        dc7cb184cce679192c85e2c1430d2c504869d5c3371162d0266f9f01c1f793b8

                                        SHA512

                                        eb2b46087af8c47c97b1aa1925b2793898e5873ac47733c94314d731fa3c77d63b7bc2517409fa4b1ae060c397afac08c4cafb92ca6e1abc3d9e3c489cf9280d

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Sync Data\LevelDB\CURRENT

                                        Filesize

                                        16B

                                        MD5

                                        46295cac801e5d4857d09837238a6394

                                        SHA1

                                        44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                        SHA256

                                        0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                        SHA512

                                        8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\f61201f9-9f85-4356-8c1d-9857ade995b1.tmp

                                        Filesize

                                        12KB

                                        MD5

                                        9e3b0e04bec5b5b93cfa5798c91cf71c

                                        SHA1

                                        c2dc71c786620c1784afdee7c72ac3c03d9d13fb

                                        SHA256

                                        3cc5ae58fce3521088991999b410bb5e459b8c1c0c017ff091c67d82f342047d

                                        SHA512

                                        7a68a8524aba2339e2f723f5584bf290e0c9992b700d8a72d58b4ad5d4a0858543f31c20dd31179088d33bd0c7acc41ddd1113dd057adeca2d3c2ea39d05aa0a

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\GraphiteDawnCache\data_0

                                        Filesize

                                        8KB

                                        MD5

                                        cf89d16bb9107c631daabf0c0ee58efb

                                        SHA1

                                        3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

                                        SHA256

                                        d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

                                        SHA512

                                        8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\GraphiteDawnCache\data_1

                                        Filesize

                                        264KB

                                        MD5

                                        d0d388f3865d0523e451d6ba0be34cc4

                                        SHA1

                                        8571c6a52aacc2747c048e3419e5657b74612995

                                        SHA256

                                        902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b

                                        SHA512

                                        376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\GraphiteDawnCache\data_2

                                        Filesize

                                        8KB

                                        MD5

                                        0962291d6d367570bee5454721c17e11

                                        SHA1

                                        59d10a893ef321a706a9255176761366115bedcb

                                        SHA256

                                        ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

                                        SHA512

                                        f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\GraphiteDawnCache\data_3

                                        Filesize

                                        8KB

                                        MD5

                                        41876349cb12d6db992f1309f22df3f0

                                        SHA1

                                        5cf26b3420fc0302cd0a71e8d029739b8765be27

                                        SHA256

                                        e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

                                        SHA512

                                        e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Local State

                                        Filesize

                                        5KB

                                        MD5

                                        0e76b4535c4604d8810596a30f8ff3cc

                                        SHA1

                                        02d56c884a2ae3b5117a311e18664c415476ccd2

                                        SHA256

                                        9be88f0155a6f98ca74e53440a406daede09f9c34c8eee2386af55355e708e5f

                                        SHA512

                                        1c8981bb249b34ea75987819d5b4af5ba5b3166d2b8fe2f81d350e0b6b9e2814b5055683d05b1987107f694c31fe1956a529657465e3a3b7c3b90ec5b6a88f92

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Local State

                                        Filesize

                                        5KB

                                        MD5

                                        11654d26e697f667cc8972f465c3c00d

                                        SHA1

                                        05f68caeccbe87da1e74b27882e8a53008d5e450

                                        SHA256

                                        559610dba9baa9dacec156852fa6fc514bf3e9e06f8328efd98677f8c44eac1c

                                        SHA512

                                        fe4a44d5f017842d83f199054e4717c038f56bf46ed80f00dae4bcdeded806ccb26a85290fb10d8d926e3c856481af5d44eaa6970b5de80c7cd5d47b01dd4bd8

                                      • C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Local State~RFe584987.TMP

                                        Filesize

                                        3KB

                                        MD5

                                        a800d6ce2102409fc42b48e0788b1455

                                        SHA1

                                        e23565a551938cccff23eb940a934970a8bc9d46

                                        SHA256

                                        f17a7b1c10784ca2aa63a64a56510d3b581174be2661532aa823357170e7aa8a

                                        SHA512

                                        cc47e23680e36295be99c8acafee3b93e738bc642f7d55a565175793d70755575b25de0c860011d05d1a439c1b449601ac90081ff85645ee2d011b9a2f539267

                                      • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WaveBrowser.lnk

                                        Filesize

                                        2KB

                                        MD5

                                        9aeb0cddbdfeff87659cda2752b19c57

                                        SHA1

                                        2e149e22963f1cd5881ff915415ec87088ba9e77

                                        SHA256

                                        ba0c6d2d334e031c60be955e22a2520ab04a8732f58400195196508c7ba6aab0

                                        SHA512

                                        77757baf025af269b84bec9d09598b4decc0c93620b4ae9bb86758038e0ea9cb7662ead5e1471eb08951a4728335c49a8107b50381aac75cc3cd519318b6061f

                                      • C:\Users\Admin\Wavesor Software\WaveBrowser\1.3.16.5\wavebrowser_elf.dll

                                        Filesize

                                        1.3MB

                                        MD5

                                        64bf5349bd5740de1041d6bcbed61137

                                        SHA1

                                        6ccda58e1718424d1ffb5fb4845361779b0643fd

                                        SHA256

                                        424201e215f733462764e3291b0a679ec40b41906b6122fcf46ed2f13c4637f8

                                        SHA512

                                        fc4b15029f9a8467f4506eb3ca8c7f9be272459d1bc03e16865d13cc9423bd3d5a78260a0886284e4ade2c84bd9c167722ce06440f54498de84e1a886a0a9d3e

                                      • C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe

                                        Filesize

                                        3.0MB

                                        MD5

                                        7c9abac1daf920c2330f139dee040a8a

                                        SHA1

                                        9dd5c32ab9cd59f5f347e6afbc83c44d9eab3c7e

                                        SHA256

                                        c451206e59d0e62a8f9f0b0d6d475dd47a6610e0463440b8c8a208654f498a31

                                        SHA512

                                        3c52e593f972ea34df600f9b5c6c2311129dd04b90658a46d0402440fc4e26a4ddc61a2b7da0d43f0add327b294ba17aa6962c5987f56f713482ca2423487f5a

                                      • memory/684-8-0x00007FF9D8670000-0x00007FF9D9131000-memory.dmp

                                        Filesize

                                        10.8MB

                                      • memory/684-3-0x00007FF9D8670000-0x00007FF9D9131000-memory.dmp

                                        Filesize

                                        10.8MB

                                      • memory/684-4-0x00000000207F0000-0x00000000207F8000-memory.dmp

                                        Filesize

                                        32KB

                                      • memory/684-5-0x00007FF9D8670000-0x00007FF9D9131000-memory.dmp

                                        Filesize

                                        10.8MB

                                      • memory/684-6-0x0000000020870000-0x00000000208A8000-memory.dmp

                                        Filesize

                                        224KB

                                      • memory/684-7-0x0000000020840000-0x000000002084E000-memory.dmp

                                        Filesize

                                        56KB

                                      • memory/684-0-0x00007FF9D8673000-0x00007FF9D8675000-memory.dmp

                                        Filesize

                                        8KB

                                      • memory/684-2-0x00007FF9D8670000-0x00007FF9D9131000-memory.dmp

                                        Filesize

                                        10.8MB

                                      • memory/684-1-0x0000000000D90000-0x0000000000ECA000-memory.dmp

                                        Filesize

                                        1.2MB

                                      • memory/684-9-0x00007FF9D8673000-0x00007FF9D8675000-memory.dmp

                                        Filesize

                                        8KB

                                      • memory/684-420-0x00007FF9D8670000-0x00007FF9D9131000-memory.dmp

                                        Filesize

                                        10.8MB

                                      • memory/684-10-0x00007FF9D8670000-0x00007FF9D9131000-memory.dmp

                                        Filesize

                                        10.8MB

                                      • memory/3960-256-0x00007FF9F5270000-0x00007FF9F5271000-memory.dmp

                                        Filesize

                                        4KB

                                      • memory/3960-257-0x00007FF9F4A40000-0x00007FF9F4A41000-memory.dmp

                                        Filesize

                                        4KB