2dbd1033a26118d27915184864ad2a0add89d5ee3153eca157fadaa62ad19af5

Analysis

max time kernel
754s
max time network
755s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
07/08/2024, 16:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

text.txt
Size

168B
MD5

10a317ca10f0fd2af4bf2043ff8dd8fd
SHA1

c02bdb3aba83817ea599a004fcfbf09c419c326b
SHA256

2dbd1033a26118d27915184864ad2a0add89d5ee3153eca157fadaa62ad19af5
SHA512

192f635707607a716f2d12f191cbb12a42f65d1aa5446ea7a6fc6adfe8b1c88d3210488ceec2528d6e276593ed9603fac14939bb431b689702dd4f1829de44e0

Score

9^/10

bootkit credential_access discovery evasion motw persistence phishing privilege_escalation spyware stealer trojan

Malware Config

Signatures

Credentials from Password Stores: Credentials from Web Browsers 1 TTPs
Malicious Access or copy of Web Browser Credential store.
credential_access stealer

Credentials from Web Browsers
T1555.003
Contacts a large (561) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046
Downloads MZ/PE file

Checks computer location settings 2 TTPs 55 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	MEMZ.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	SWUpdater.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	Wave Browser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	MEMZ.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	WebCompanion-Installer.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	SWUpdater.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation	wavebrowser.exe

Event Triggered Execution: Component Object Model Hijacking 1 TTPs
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
persistence privilege_escalation

Component Object Model Hijacking
T1546.015

Executes dropped EXE 64 IoCs

pid	Process
3768	MEMZ.exe
6788	Wave Browser.exe
7864	SWUpdaterSetup.exe
2788	SWUpdater.exe
5788	SWUpdater.exe
5920	SWUpdaterComRegisterShell64.exe
9044	SWUpdaterComRegisterShell64.exe
2768	SWUpdaterComRegisterShell64.exe
6084	SWUpdater.exe
3956	SWUpdater.exe
8764	SWUpdater.exe
7892	WaveInstaller-v1.5.18.2.exe
5016	setup.exe
5660	setup.exe
264	setup.exe
7248	setup.exe
5888	Setup.exe
7820	WebCompanion-Installer.exe
7396	wavebrowser.exe
5812	wavebrowser.exe
7660	wavebrowser.exe
5164	wavebrowser.exe
7444	wavebrowser.exe
6364	wavebrowser.exe
7912	wavebrowser.exe
5708	wavebrowser.exe
6024	wavebrowser.exe
3656	SWUpdater.exe
6568	wavebrowser.exe
6516	wavebrowser.exe
7872	wavebrowser.exe
2008	wavebrowser.exe
2908	wavebrowser.exe
5052	wavebrowser.exe
4976	wavebrowser.exe
3548	wavebrowser.exe
1960	wavebrowser.exe
768	wavebrowser.exe
7172	wavebrowser.exe
6472	wavebrowser.exe
4624	wavebrowser.exe
4328	wavebrowser.exe
8660	wavebrowser.exe
8812	wavebrowser.exe
8300	wavebrowser.exe
5908	wavebrowser.exe
6968	wavebrowser.exe
8736	wavebrowser.exe
6500	wavebrowser.exe
7132	wavebrowser.exe
8460	wavebrowser.exe
6756	wavebrowser.exe
1248	wavebrowser.exe
7708	wavebrowser.exe
4100	wavebrowser.exe
8388	wavebrowser.exe
1956	wavebrowser.exe
3308	wavebrowser.exe
4940	wavebrowser.exe
1840	wavebrowser.exe
8008	wavebrowser.exe
5652	wavebrowser.exe
6568	wavebrowser.exe
6724	wavebrowser.exe

Loads dropped DLL 64 IoCs

pid	Process
2788	SWUpdater.exe
5788	SWUpdater.exe
5920	SWUpdaterComRegisterShell64.exe
5788	SWUpdater.exe
9044	SWUpdaterComRegisterShell64.exe
5788	SWUpdater.exe
2768	SWUpdaterComRegisterShell64.exe
5788	SWUpdater.exe
6084	SWUpdater.exe
3956	SWUpdater.exe
8764	SWUpdater.exe
8764	SWUpdater.exe
3956	SWUpdater.exe
7396	wavebrowser.exe
5812	wavebrowser.exe
7820	WebCompanion-Installer.exe
7820	WebCompanion-Installer.exe
7396	wavebrowser.exe
7660	wavebrowser.exe
7660	wavebrowser.exe
5164	wavebrowser.exe
5164	wavebrowser.exe
7660	wavebrowser.exe
7660	wavebrowser.exe
7660	wavebrowser.exe
7660	wavebrowser.exe
7660	wavebrowser.exe
7660	wavebrowser.exe
7444	wavebrowser.exe
7444	wavebrowser.exe
6364	wavebrowser.exe
6364	wavebrowser.exe
5708	wavebrowser.exe
5708	wavebrowser.exe
6024	wavebrowser.exe
6024	wavebrowser.exe
3656	SWUpdater.exe
6568	wavebrowser.exe
6568	wavebrowser.exe
7912	wavebrowser.exe
7912	wavebrowser.exe
6516	wavebrowser.exe
7872	wavebrowser.exe
7872	wavebrowser.exe
6516	wavebrowser.exe
2008	wavebrowser.exe
2908	wavebrowser.exe
2908	wavebrowser.exe
2008	wavebrowser.exe
4976	wavebrowser.exe
4976	wavebrowser.exe
7172	wavebrowser.exe
7172	wavebrowser.exe
6472	wavebrowser.exe
4624	wavebrowser.exe
6472	wavebrowser.exe
4624	wavebrowser.exe
5052	wavebrowser.exe
5052	wavebrowser.exe
7820	WebCompanion-Installer.exe
7820	WebCompanion-Installer.exe
3548	wavebrowser.exe
1960	wavebrowser.exe
768	wavebrowser.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 3 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Wavesor SWUpdater = "\"C:\\Users\\Admin\\Wavesor Software\\SWUpdater\\1.3.133.0\\SWUpdaterCore.exe\""	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Web Companion = "C:\\Users\\Admin\\AppData\\Roaming\\Lavasoft\\Web Companion\\Application\\WebCompanion.exe --minimize "	WebCompanion.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Web Companion = "C:\\Users\\Admin\\AppData\\Roaming\\Lavasoft\\Web Companion\\Application\\WebCompanion.exe --minimize "	WebCompanion.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Checks whether UAC is enabled 1 TTPs 9 IoCs

evasion trojan

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	updater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	updater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	updater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
2111	raw.githubusercontent.com
2112	raw.githubusercontent.com

Mark of the Web detected: This indicates that the page was originally saved or cloned. 2 IoCs

phishing motw

flow	ioc
1256	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html
2407	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

Bootkits write to the MBR to gain persistence at a level below the operating system.

bootkit persistence

Bootkit

T1542.003

description	ioc	Process
File opened for modification	\??\PhysicalDrive0	MEMZ.exe

Checks system information in the registry 2 TTPs 2 IoCs

System information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName	wavebrowser.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer	wavebrowser.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\prefs.json	updater.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_473876712\LICENSE	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_396759113\manifest.fingerprint	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_462399166\safety_tips.pb	wavebrowser.exe
File created	C:\Program Files (x86)\Google5640_1002875460\updater.7z	ChromeSetup.exe
File created	C:\Program Files (x86)\Google\GoogleUpdater\e2c14be5-9732-4648-9ca4-6077d9375b81.tmp	updater.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\prefs.json	updater.exe
File opened for modification	C:\Program Files\Crashpad\settings.dat	setup.exe
File opened for modification	C:\Program Files (x86)\Wavesor\Temp\GUT44EE.tmp	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM44ED.tmp\SWUpdater.exe	SWUpdaterSetup.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_473876712\_metadata\verified_contents.json	wavebrowser.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM44ED.tmp\SWUpdaterOnDemand.exe	SWUpdaterSetup.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_396759113\manifest.json	wavebrowser.exe
File opened for modification	C:\Program Files (x86)\Google\Update\GoogleUpdate.exe	updater.exe
File created	C:\Program Files (x86)\Google\GoogleUpdater\prefs.json~RFe6306db.TMP	updater.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM44ED.tmp\SWUpdaterSetup.exe	SWUpdaterSetup.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\updater.log	updater.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\Crashpad\settings.dat	updater.exe
File opened for modification	C:\Program Files\Crashpad\settings.dat	setup.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_1109469074\download_file_types.pb	wavebrowser.exe
File created	C:\Program Files (x86)\Google5640_1002875460\bin\updater.exe	ChromeSetup.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\uninstall.cmd	updater.exe
File created	C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\a272ff8c-aa98-4b22-9fd7-28b7c91d2c8f.tmp	updater.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM44ED.tmp\psmachine.dll	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM44ED.tmp\psmachine_64.dll	SWUpdaterSetup.exe
File opened for modification	C:\Program Files (x86)\Wavesor\Temp\GUM44ED.tmp\SWUpdaterSetup.exe	SWUpdaterSetup.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\44077d8f-4199-4212-8021-64df7c129c5d.tmp	updater.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\prefs.json	updater.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_1622947316\_metadata\verified_contents.json	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_462399166\manifest.json	wavebrowser.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\Crashpad\settings.dat	updater.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_396759113\Filtering Rules	wavebrowser.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\updater.log	updater.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM44ED.tmp\SWUpdaterComRegisterShell64.exe	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM44ED.tmp\swupdaterres_en.dll	SWUpdaterSetup.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_473876712\manifest.json	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_396759113\LICENSE.txt	wavebrowser.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\Crashpad\metadata	updater.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_1109469074\manifest.fingerprint	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_473876712\crl-set	wavebrowser.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\updater.log	updater.exe
File created	C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\uninstall.cmd	updater.exe
File created	C:\Program Files (x86)\Google\GoogleUpdater\44077d8f-4199-4212-8021-64df7c129c5d.tmp	updater.exe
File opened for modification	C:\Program Files\Crashpad\metadata	setup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM44ED.tmp\psuser_64.dll	SWUpdaterSetup.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_1109469074\manifest.json	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_462399166\_metadata\verified_contents.json	wavebrowser.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM44ED.tmp\SWUpdaterBroker.exe	SWUpdaterSetup.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\Crashpad\metadata	updater.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM44ED.tmp\swupdater.dll	SWUpdaterSetup.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\updater.log	updater.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\Crashpad\metadata	updater.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\Crashpad\metadata	updater.exe
File created	C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe	updater.exe
File opened for modification	C:\Program Files\Crashpad\metadata	setup.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_473876712\manifest.fingerprint	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_396759113\_metadata\verified_contents.json	wavebrowser.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\updater.log	ChromeSetup.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\updater.log	updater.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\updater.log	updater.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\Crashpad\settings.dat	updater.exe
File opened for modification	C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\Crashpad\metadata	updater.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_1622947316\manifest.fingerprint	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping7396_462399166\manifest.fingerprint	wavebrowser.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Event Triggered Execution: Netsh Helper DLL 1 TTPs 3 IoCs

Netsh.exe (also referred to as Netshell) is a command-line scripting utility used to interact with the network configuration of a system.

persistence privilege_escalation

Netsh Helper DLL

T1546.007

description	ioc	Process
Key queried	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe
Key value enumerated	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe
Key opened	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh	netsh.exe

System Location Discovery: System Language Discovery 1 TTPs 24 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	updater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	updater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MEMZ.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	netsh.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WebCompanion.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	updater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	updater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WaveInstaller-v1.5.18.2.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WebCompanion.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	notepad.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	updater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdaterSetup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MEMZ.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WebCompanion-Installer.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	ChromeSetup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	updater.exe

System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 2 IoCs

Adversaries may check for Internet connectivity on compromised systems.

discovery

Internet Connection Discovery

T1016.001

pid	Process
6084	SWUpdater.exe
3656	SWUpdater.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	WebCompanion.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	WebCompanion.exe

Enumerates system info in registry 2 TTPs 21 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	wavebrowser.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	wavebrowser.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	wavebrowser.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 8 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133675217580657424"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	wavebrowser.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 64 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{0486745C-8D9B-5377-A54C-A61FFAA0BBE4}\1.0\0\win32\ = "C:\\Program Files (x86)\\Google\\GoogleUpdater\\128.0.6597.0\\updater.exe\\4"	updater.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{34527502-D3DB-4205-A69B-789B27EE0414}\TypeLib\ = "{34527502-D3DB-4205-A69B-789B27EE0414}"	updater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Interface\{C5E89508-3927-4EF5-A3B3-C479F0D4E36F}\ = "IAppCommand"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\Software\Classes\AppID	updater.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{85AE4AE3-8530-516B-8BE4-A456BF2637D3}\1.0\0\win64\ = "C:\\Program Files (x86)\\Google\\GoogleUpdater\\128.0.6597.0\\updater.exe\\4"	updater.exe
Key created	\REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{0CD01D1E-4A1C-489D-93B9-9B6672877C57}	updater.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8A4B5D74-8832-5170-AB03-2415833EC703}\TypeLib\ = "{8A4B5D74-8832-5170-AB03-2415833EC703}"	updater.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F4FE76BC-62B9-49FC-972F-C81FC3A926DB}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}"	updater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WOW6432Node\Interface\{0D311A22-BD24-4C7A-8FC1-117F8D62A781}\NumMethods\ = "9"	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WOW6432Node\Interface\{2C53B9D4-A718-4972-B28E-2E7AF1055602}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WOW6432Node\CLSID\{30FB944E-9455-49DD-81C6-7542E47AA3E7}\LocalServer32	SWUpdater.exe
Key created	\REGISTRY\MACHINE\Software\Classes\TypeLib\{1F1289FD-DD10-4579-81F6-1C59AAF2E1A9}\1.0\0	updater.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{34527502-D3DB-4205-A69B-789B27EE0414}\TypeLib\ = "{34527502-D3DB-4205-A69B-789B27EE0414}"	updater.exe
Key created	\REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{D576ED7F-31DA-4EE1-98CE-1F882FB3047A}\ProxyStubClsid32	updater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Interface\{44367D77-92C0-45E8-840D-0C098E650CE8}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WOW6432Node\Interface\{C5E89508-3927-4EF5-A3B3-C479F0D4E36F}\NumMethods\ = "11"	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WaveBrwsHTM.ZXZFO5MTUBII74EOZKURCGV7MY\DefaultIcon	setup.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WavesorSWUpdater.Update3COMClassUser\CLSID\ = "{9E0CE9B5-C498-40A8-B7F2-B89AF1C56FFF}"	SWUpdater.exe
Key created	\REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{CCA9FC90-B200-5641-99C0-7907756A93CF}\TypeLib	updater.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8A1D4361-2C08-4700-A351-3EAA9CBFF5E4}\VersionIndependentProgID	updater.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Interface\{18D0F672-18B4-48E6-AD36-6E6BF01DBBC4}\TypeLib	updater.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Interface\{05A30352-EB25-45B6-8449-BCA7B0542CE5}	updater.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\LogicalViewMode = "1"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Interface\{E44DDEE0-3097-499E-9DD5-7D5D5DCC401D}\NumMethods\ = "8"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Interface\{64A19E70-BCFF-4808-A320-774FD11571E5}\NumMethods\ = "4"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Interface\{92333BDA-3022-4A7F-8858-081260EA85DE}\NumMethods\ = "4"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WOW6432Node\Interface\{6130C56B-9B2C-4D5D-8160-C7A583B5DC3B}\ = "IApp2"	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Interface\{8129608C-48BD-42A6-9EBC-7B0933A5CFA3}\NumMethods\ = "12"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WOW6432Node\CLSID\{D12748C8-5013-45E2-9A24-2FB7C2EEFB7C}\LocalServer32\ = "\"C:\\Users\\Admin\\Wavesor Software\\SWUpdater\\1.3.133.0\\SWUpdaterOnDemand.exe\""	SWUpdater.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F4334319-8210-469B-8262-DD03623FEB5B}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}"	updater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WOW6432Node\CLSID\{F6994161-37C3-47C9-BE83-C84C33A1CF2A}\InprocServer32\ = "C:\\Users\\Admin\\Wavesor Software\\SWUpdater\\1.3.133.0\\psuser.dll"	SWUpdater.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B16B5A0E-3B72-5223-8DF0-9117CD64DE77}\TypeLib\Version = "1.0"	updater.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F793925-C903-4E92-9AE3-77CA5EAB1716}\TypeLib\Version = "1.0"	updater.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8018F647-BF07-55BB-82BE-A2D7049F7CE4}\AppID = "{8018F647-BF07-55BB-82BE-A2D7049F7CE4}"	updater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Interface\{C0151E6C-8D24-485D-BEC8-B6C6C82E26E8}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WOW6432Node\Interface\{617E37E1-AC79-4162-BACC-C797A1D31D3E}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Interface\{B2083DCC-1D29-45E6-8386-BEE1488D11AA}\NumMethods	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B16B5A0E-3B72-5223-8DF0-9117CD64DE77}\TypeLib\ = "{B16B5A0E-3B72-5223-8DF0-9117CD64DE77}"	updater.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F793925-C903-4E92-9AE3-77CA5EAB1716}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}"	updater.exe
Key created	\REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{18D0F672-18B4-48E6-AD36-6E6BF01DBBC4}\ProxyStubClsid32	updater.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\MRUListEx = ffffffff	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WOW6432Node\Interface\{6130C56B-9B2C-4D5D-8160-C7A583B5DC3B}	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WOW6432Node\Interface\{C0151E6C-8D24-485D-BEC8-B6C6C82E26E8}\ = "IPolicyStatus2"	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Interface\{E4E4854F-9D7B-4120-A207-CF52C875F08E}	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D106AB5F-A70E-400E-A21B-96208C1D8DBB}\TypeLib\Version = "1.0"	updater.exe
Key created	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WOW6432Node\Interface\{B2083DCC-1D29-45E6-8386-BEE1488D11AA}\ProxyStubClsid32	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Interface\{6130C56B-9B2C-4D5D-8160-C7A583B5DC3B}\NumMethods\ = "43"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\Software\Classes\TypeLib\{34527502-D3DB-4205-A69B-789B27EE0414}\1.0\0	updater.exe
Key created	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Interface\{CFDE680E-8700-4808-BAAF-8B1F50F2CC87}	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Interface\{64A19E70-BCFF-4808-A320-774FD11571E5}	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Interface\{894ADE70-1E5F-4520-A281-CE3BF0309CE6}\NumMethods\ = "11"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{ABC01078-F197-4B0B-ADBC-CFE684B39C82}\LocalService = "GoogleUpdaterService128.0.6597.0"	updater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WavesorSWUpdater.Update3COMClassUser\ = "Update3COMClass"	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WavesorSWUpdater.PolicyStatusUser.1.0\ = "SWUpdater Policy Status Class"	SWUpdater.exe
Key created	\REGISTRY\MACHINE\Software\Classes\TypeLib\{CCA9FC90-B200-5641-99C0-7907756A93CF}	updater.exe
Key created	\REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{8476CE12-AE1F-4198-805C-BA0F9B783F57}\ProxyStubClsid32	updater.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{0CD01D1E-4A1C-489D-93B9-9B6672877C57}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}"	updater.exe
Key created	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Interface\{D669BD5D-A9B6-47FD-B558-81508AEF48C4}	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Interface\{CEF9DF20-AE5B-4A54-B479-9C2AFC1C2683}	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{699F07AD-304C-5F71-A2DA-ABD765965B54}\ = "IUpdaterAppStatesCallbackSystem"	updater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WOW6432Node\Interface\{CFDE680E-8700-4808-BAAF-8B1F50F2CC87}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\WOW6432Node\CLSID\{D12748C8-5013-45E2-9A24-2FB7C2EEFB7C}\ProgID	SWUpdater.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{8A1D4361-2C08-4700-A351-3EAA9CBFF5E4}\LocalService = "GoogleUpdaterService128.0.6597.0"	updater.exe

Modifies system certificate store 2 TTPs 6 IoCs

evasion spyware trojan

Install Root Certificate

T1553.004

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 0f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd94090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b0601050507030762000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3390b000000010000001800000045006e00740072007500730074002e006e006500740000001400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab1d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d347e000000010000000800000000c001b39667d6010300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d42000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6	WebCompanion.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 190000000100000010000000fa46ce7cbb85cfb4310075313a09ee050300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d47e000000010000000800000000c001b39667d6011d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d341400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab0b000000010000001800000045006e00740072007500730074002e006e0065007400000062000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3397f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b06010505070307530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd942000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6	WebCompanion.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4	WebCompanion.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 0400000001000000100000004be2c99196650cf40e5a9392a00afeb20f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd94090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b0601050507030762000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3390b000000010000001800000045006e00740072007500730074002e006e006500740000001400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab1d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d347e000000010000000800000000c001b39667d6010300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d4190000000100000010000000fa46ce7cbb85cfb4310075313a09ee052000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6	WebCompanion.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 5c000000010000000400000000080000190000000100000010000000fa46ce7cbb85cfb4310075313a09ee050300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d47e000000010000000800000000c001b39667d6011d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d341400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab0b000000010000001800000045006e00740072007500730074002e006e0065007400000062000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3397f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b06010505070307530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd940400000001000000100000004be2c99196650cf40e5a9392a00afeb22000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6	WebCompanion.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4	WebCompanion.exe

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

pid	Process
3084	NOTEPAD.EXE

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
1356	chrome.exe
1356	chrome.exe
2552	chrome.exe
2552	chrome.exe
5292	chrome.exe
5292	chrome.exe
5292	chrome.exe
5292	chrome.exe
7492	chrome.exe
7492	chrome.exe
2788	SWUpdater.exe
2788	SWUpdater.exe
5016	setup.exe
5016	setup.exe
5016	setup.exe
5016	setup.exe
5016	setup.exe
5016	setup.exe
7820	WebCompanion-Installer.exe
7820	WebCompanion-Installer.exe
2788	SWUpdater.exe
2788	SWUpdater.exe
2788	SWUpdater.exe
2788	SWUpdater.exe
7820	WebCompanion-Installer.exe
7820	WebCompanion-Installer.exe
7820	WebCompanion-Installer.exe
7820	WebCompanion-Installer.exe
7820	WebCompanion-Installer.exe
7820	WebCompanion-Installer.exe
5696	WebCompanion.exe
5696	WebCompanion.exe
5696	WebCompanion.exe
5696	WebCompanion.exe
5696	WebCompanion.exe
8132	chrome.exe
8132	chrome.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe
8408	WebCompanion.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe
Token: SeShutdownPrivilege	1356	chrome.exe
Token: SeCreatePagefilePrivilege	1356	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
1356	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
2552	chrome.exe
7492	chrome.exe
7492	chrome.exe
7492	chrome.exe
7492	chrome.exe
7492	chrome.exe
7492	chrome.exe
7492	chrome.exe
7492	chrome.exe
7492	chrome.exe
7492	chrome.exe
7492	chrome.exe
7492	chrome.exe
7492	chrome.exe
7492	chrome.exe
7492	chrome.exe
7492	chrome.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3136	chrome.exe
2632	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1356 wrote to memory of 1480	1356	chrome.exe	91
PID 1356 wrote to memory of 1480	1356	chrome.exe	91
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4400	1356	chrome.exe	92
PID 1356 wrote to memory of 4668	1356	chrome.exe	93
PID 1356 wrote to memory of 4668	1356	chrome.exe	93
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94
PID 1356 wrote to memory of 2404	1356	chrome.exe	94

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\text.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:3084

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xb8,0x124,0x7ffeeb69cc40,0x7ffeeb69cc4c,0x7ffeeb69cc58
  2⤵
  PID:1480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2040,i,299595895399841426,7683409056343102729,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2036 /prefetch:2
  2⤵
  PID:4400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1952,i,299595895399841426,7683409056343102729,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2072 /prefetch:3
  2⤵
  PID:4668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2296,i,299595895399841426,7683409056343102729,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2324 /prefetch:8
  2⤵
  PID:2404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3188,i,299595895399841426,7683409056343102729,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:4032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3216,i,299595895399841426,7683409056343102729,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:2252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3728,i,299595895399841426,7683409056343102729,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4636 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4612,i,299595895399841426,7683409056343102729,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4888 /prefetch:8
  2⤵
  PID:1120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4992,i,299595895399841426,7683409056343102729,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4984 /prefetch:8
  2⤵
  PID:2120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5096,i,299595895399841426,7683409056343102729,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5072 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3504,i,299595895399841426,7683409056343102729,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5208 /prefetch:1
  2⤵
  PID:3368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5200,i,299595895399841426,7683409056343102729,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4088 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:3136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5028,i,299595895399841426,7683409056343102729,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5044 /prefetch:1
  2⤵
  PID:3716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3560,i,299595895399841426,7683409056343102729,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4092 /prefetch:1
  2⤵
  PID:3320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5064,i,299595895399841426,7683409056343102729,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5420 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:2632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3220,i,299595895399841426,7683409056343102729,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5480 /prefetch:8
  2⤵
  PID:3420

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4936

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1416

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3468

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffeeb69cc40,0x7ffeeb69cc4c,0x7ffeeb69cc58
  2⤵
  PID:3868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1920,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=1912 /prefetch:2
  2⤵
  PID:1636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2152,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=2184 /prefetch:3
  2⤵
  PID:3284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2240,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=2480 /prefetch:8
  2⤵
  PID:1812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3044,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3052,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3824 /prefetch:1
  2⤵
  PID:4108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4580,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4560 /prefetch:1
  2⤵
  PID:4208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4648,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4800 /prefetch:8
  2⤵
  PID:2152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4976,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5012 /prefetch:8
  2⤵
  PID:440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4696,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4952 /prefetch:1
  2⤵
  PID:3916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4032,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4892 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3036,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3896 /prefetch:1
  2⤵
  PID:3420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5212,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5188 /prefetch:1
  2⤵
  PID:1836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5200,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5336 /prefetch:1
  2⤵
  PID:1068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5524,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5544 /prefetch:1
  2⤵
  PID:3500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5656,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5668 /prefetch:1
  2⤵
  PID:4812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5804,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5820 /prefetch:1
  2⤵
  PID:692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5944,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5960 /prefetch:1
  2⤵
  PID:1988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6012,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6104 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6280,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6264 /prefetch:1
  2⤵
  PID:1972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6380,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6388 /prefetch:1
  2⤵
  PID:3684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6520,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6540 /prefetch:1
  2⤵
  PID:2768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6820,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6840 /prefetch:1
  2⤵
  PID:2252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6976,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5488 /prefetch:1
  2⤵
  PID:1092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6964,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7020 /prefetch:1
  2⤵
  PID:4212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=7164,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7152 /prefetch:1
  2⤵
  PID:3804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=6868,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6808 /prefetch:8
  2⤵
  PID:2212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=7012,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7468 /prefetch:1
  2⤵
  PID:4948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=7160,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7948 /prefetch:1
  2⤵
  PID:5312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=7660,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=8076 /prefetch:1
  2⤵
  PID:5320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=8104,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=8208 /prefetch:1
  2⤵
  PID:5344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=7700,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7620 /prefetch:1
  2⤵
  PID:5560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=8412,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=8408 /prefetch:1
  2⤵
  PID:5616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=8556,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=8572 /prefetch:1
  2⤵
  PID:5676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=8352,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=8720 /prefetch:1
  2⤵
  PID:5828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=8420,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7604 /prefetch:1
  2⤵
  PID:5908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=8760,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=9024 /prefetch:1
  2⤵
  PID:5960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=9164,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=9056 /prefetch:1
  2⤵
  PID:6020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=9200,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=9320 /prefetch:1
  2⤵
  PID:6076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=8728,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=9480 /prefetch:1
  2⤵
  PID:6140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=8688,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7628 /prefetch:1
  2⤵
  PID:5124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=9716,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=9732 /prefetch:1
  2⤵
  PID:5436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=8684,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=9876 /prefetch:1
  2⤵
  PID:5820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=10048,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=9720 /prefetch:1
  2⤵
  PID:5720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=9708,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=10152 /prefetch:1
  2⤵
  PID:6168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=10040,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=10336 /prefetch:1
  2⤵
  PID:6224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=10148,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=10456 /prefetch:1
  2⤵
  PID:6292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=10488,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=10604 /prefetch:1
  2⤵
  PID:6300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=10624,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=10752 /prefetch:1
  2⤵
  PID:6308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=10772,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=10904 /prefetch:1
  2⤵
  PID:6316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=10920,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=11040 /prefetch:1
  2⤵
  PID:6324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=11064,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=11176 /prefetch:1
  2⤵
  PID:6332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=11316,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=11332 /prefetch:1
  2⤵
  PID:6340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=11476,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=11368 /prefetch:1
  2⤵
  PID:6348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=11496,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=11624 /prefetch:1
  2⤵
  PID:6356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=11760,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=11484 /prefetch:1
  2⤵
  PID:6364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=11796,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=11908 /prefetch:1
  2⤵
  PID:6372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=11932,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=12052 /prefetch:1
  2⤵
  PID:6380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=12072,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=12196 /prefetch:1
  2⤵
  PID:6388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=12212,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=12204 /prefetch:1
  2⤵
  PID:6396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=12232,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=12384 /prefetch:1
  2⤵
  PID:6404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=12480,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=12628 /prefetch:1
  2⤵
  PID:6412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=12636,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=12776 /prefetch:1
  2⤵
  PID:6420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=12984,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=11464 /prefetch:1
  2⤵
  PID:7324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=11220,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=11644 /prefetch:1
  2⤵
  PID:7376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=6920,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6840 /prefetch:1
  2⤵
  PID:7448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=13308,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6880 /prefetch:1
  2⤵
  PID:7516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=12904,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=13380 /prefetch:1
  2⤵
  PID:7620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=13336,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=13576 /prefetch:1
  2⤵
  PID:7712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=13364,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=13492 /prefetch:1
  2⤵
  PID:7820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=13780,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=13816 /prefetch:1
  2⤵
  PID:7876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=13952,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=13968 /prefetch:1
  2⤵
  PID:7932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=13988,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=14096 /prefetch:1
  2⤵
  PID:7940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=13844,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=14080 /prefetch:1
  2⤵
  PID:8044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=14396,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=14368 /prefetch:1
  2⤵
  PID:8100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=14540,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=14552 /prefetch:1
  2⤵
  PID:6688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=13776,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=14680 /prefetch:1
  2⤵
  PID:7312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=14796,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=14828 /prefetch:1
  2⤵
  PID:7440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=14940,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=14952 /prefetch:1
  2⤵
  PID:7532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=13784,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=15128 /prefetch:1
  2⤵
  PID:7788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=14784,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=15108 /prefetch:1
  2⤵
  PID:7796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=15392,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=15400 /prefetch:1
  2⤵
  PID:8164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --field-trial-handle=15404,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=15532 /prefetch:1
  2⤵
  PID:8160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=15552,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=15684 /prefetch:1
  2⤵
  PID:4204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=14844,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=15828 /prefetch:1
  2⤵
  PID:8208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=14960,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=15940 /prefetch:1
  2⤵
  PID:8244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=16140,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=16148 /prefetch:1
  2⤵
  PID:8600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=14120,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=16252 /prefetch:1
  2⤵
  PID:8652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=16208,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6552 /prefetch:1
  2⤵
  PID:4016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=10024,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6356 /prefetch:1
  2⤵
  PID:6576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=6780,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7448 /prefetch:1
  2⤵
  PID:6868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=8636,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=8644 /prefetch:1
  2⤵
  PID:6980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --field-trial-handle=8620,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7456 /prefetch:1
  2⤵
  PID:4348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --field-trial-handle=7104,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7032 /prefetch:1
  2⤵
  PID:4816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --field-trial-handle=8384,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7132 /prefetch:1
  2⤵
  PID:3640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --field-trial-handle=15316,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=10076 /prefetch:1
  2⤵
  PID:468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --field-trial-handle=5668,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=13612 /prefetch:1
  2⤵
  PID:2072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --field-trial-handle=5756,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5760 /prefetch:1
  2⤵
  PID:3444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --field-trial-handle=5744,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6408 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --field-trial-handle=7508,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=13980 /prefetch:1
  2⤵
  PID:1108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --field-trial-handle=14056,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=15092 /prefetch:1
  2⤵
  PID:3096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --field-trial-handle=15588,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=13848 /prefetch:1
  2⤵
  PID:7364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --field-trial-handle=9880,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=14888 /prefetch:1
  2⤵
  PID:8788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --field-trial-handle=9948,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=9916 /prefetch:1
  2⤵
  PID:5092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --field-trial-handle=15832,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6712 /prefetch:1
  2⤵
  PID:6184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --field-trial-handle=15848,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=13924 /prefetch:1
  2⤵
  PID:5844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --field-trial-handle=16192,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=13800 /prefetch:1
  2⤵
  PID:8940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --field-trial-handle=6768,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=10080 /prefetch:1
  2⤵
  PID:5772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --field-trial-handle=6788,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6840 /prefetch:1
  2⤵
  PID:6068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=8672,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=16240 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:5292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --field-trial-handle=13768,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=16284 /prefetch:1
  2⤵
  PID:7128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --field-trial-handle=5840,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5776 /prefetch:1
  2⤵
  PID:7792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --field-trial-handle=3920,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=2804 /prefetch:1
  2⤵
  PID:7148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=10056,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6600 /prefetch:8
  2⤵
  PID:8508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --field-trial-handle=14568,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4504 /prefetch:1
  2⤵
  PID:5724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --field-trial-handle=6656,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=15312 /prefetch:1
  2⤵
  PID:7592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --field-trial-handle=12964,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=16336 /prefetch:1
  2⤵
  PID:8380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --field-trial-handle=5724,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5488 /prefetch:1
  2⤵
  PID:8668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --field-trial-handle=6500,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=16256 /prefetch:1
  2⤵
  PID:3980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --field-trial-handle=3868,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=16360 /prefetch:1
  2⤵
  PID:6400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --field-trial-handle=7784,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6452 /prefetch:1
  2⤵
  PID:8456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --field-trial-handle=16340,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=13060 /prefetch:1
  2⤵
  PID:2956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --field-trial-handle=16272,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=2244 /prefetch:1
  2⤵
  PID:2692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --field-trial-handle=13672,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6356 /prefetch:1
  2⤵
  PID:7856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --field-trial-handle=7848,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6452 /prefetch:1
  2⤵
  PID:2112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --field-trial-handle=8528,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=13576 /prefetch:1
  2⤵
  PID:5976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --field-trial-handle=7476,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=8024 /prefetch:1
  2⤵
  PID:5528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --field-trial-handle=16964,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6272 /prefetch:1
  2⤵
  PID:8656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --field-trial-handle=14980,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=12500 /prefetch:1
  2⤵
  PID:5780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --field-trial-handle=7108,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=15284 /prefetch:1
  2⤵
  PID:5900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --field-trial-handle=15868,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=13792 /prefetch:1
  2⤵
  PID:6668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --field-trial-handle=7952,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=9944 /prefetch:1
  2⤵
  PID:6260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --field-trial-handle=1508,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5740 /prefetch:1
  2⤵
  PID:8848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --field-trial-handle=16124,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=8356 /prefetch:1
  2⤵
  PID:7036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --field-trial-handle=16304,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7936 /prefetch:1
  2⤵
  PID:6336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=15996,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=15988 /prefetch:8
  2⤵
  PID:6396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=16012,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=8300 /prefetch:8
  2⤵
  PID:5572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6516,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=12836 /prefetch:8
  2⤵
  PID:5700
- C:\Users\Admin\Downloads\MEMZ.exe
  "C:\Users\Admin\Downloads\MEMZ.exe"
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:3768
- - C:\Users\Admin\Downloads\MEMZ.exe
    "C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
    3⤵
    PID:3780
- - C:\Users\Admin\Downloads\MEMZ.exe
    "C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
    3⤵
    PID:5752
- - C:\Users\Admin\Downloads\MEMZ.exe
    "C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
    3⤵
    PID:6684
- - C:\Users\Admin\Downloads\MEMZ.exe
    "C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
    3⤵
    PID:4088
- - C:\Users\Admin\Downloads\MEMZ.exe
    "C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
    3⤵
    PID:5692
- - C:\Users\Admin\Downloads\MEMZ.exe
    "C:\Users\Admin\Downloads\MEMZ.exe" /main
    3⤵
    - Checks computer location settings
    - Writes to the Master Boot Record (MBR)
    - System Location Discovery: System Language Discovery
    PID:6056
  - - C:\Windows\SysWOW64\notepad.exe
      "C:\Windows\System32\notepad.exe" \note.txt
      4⤵
      System Location Discovery: System Language Discovery
      PID:5444
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/
      4⤵
      PID:6916
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffedae546f8,0x7ffedae54708,0x7ffedae54718
        5⤵
        
        PID:8504
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1448,5145635488835921252,16224442137115867038,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
        5⤵
        
        PID:3652
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1448,5145635488835921252,16224442137115867038,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
        5⤵
        
        PID:3308
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1448,5145635488835921252,16224442137115867038,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
        5⤵
        
        PID:5824
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1448,5145635488835921252,16224442137115867038,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
        5⤵
        
        PID:5140
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1448,5145635488835921252,16224442137115867038,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
        5⤵
        
        PID:2116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --field-trial-handle=5740,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=8316 /prefetch:1
  2⤵
  PID:7480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --field-trial-handle=12400,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=12424 /prefetch:1
  2⤵
  PID:8068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --field-trial-handle=14640,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=13004 /prefetch:1
  2⤵
  PID:5724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --field-trial-handle=13040,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4016 /prefetch:1
  2⤵
  PID:7956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --field-trial-handle=14292,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=8316 /prefetch:1
  2⤵
  PID:6456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --field-trial-handle=12392,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=14308 /prefetch:1
  2⤵
  PID:3640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --field-trial-handle=13064,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7984 /prefetch:1
  2⤵
  PID:4816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --field-trial-handle=14228,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=11800 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --field-trial-handle=14484,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=14416 /prefetch:1
  2⤵
  PID:7784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --field-trial-handle=14112,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=14428 /prefetch:1
  2⤵
  PID:7312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --field-trial-handle=13468,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=14464 /prefetch:1
  2⤵
  PID:8988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --field-trial-handle=13352,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=14468 /prefetch:1
  2⤵
  PID:6516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --field-trial-handle=13472,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=9196 /prefetch:1
  2⤵
  PID:6780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --field-trial-handle=12612,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=15296 /prefetch:1
  2⤵
  PID:6524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --field-trial-handle=12604,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=10060 /prefetch:1
  2⤵
  PID:8256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --field-trial-handle=12552,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7932 /prefetch:1
  2⤵
  PID:7868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --field-trial-handle=13080,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=14732 /prefetch:1
  2⤵
  PID:7872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --field-trial-handle=11268,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=11280 /prefetch:1
  2⤵
  PID:3836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --field-trial-handle=12240,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=11168 /prefetch:1
  2⤵
  PID:5472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=158 --field-trial-handle=12340,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=11312 /prefetch:1
  2⤵
  PID:8972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --field-trial-handle=11272,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=11172 /prefetch:1
  2⤵
  PID:4888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --field-trial-handle=10800,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=13828 /prefetch:1
  2⤵
  PID:5200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --field-trial-handle=15188,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=10864 /prefetch:1
  2⤵
  PID:1920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --field-trial-handle=11252,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7036 /prefetch:1
  2⤵
  PID:6652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=163 --field-trial-handle=7584,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=16164 /prefetch:1
  2⤵
  PID:5284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=164 --field-trial-handle=11876,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3136 /prefetch:1
  2⤵
  PID:5296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=165 --field-trial-handle=4560,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=10812 /prefetch:1
  2⤵
  PID:5416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=166 --field-trial-handle=6616,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5228 /prefetch:1
  2⤵
  PID:6052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=167 --field-trial-handle=4600,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7744 /prefetch:1
  2⤵
  PID:4028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5976,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4604 /prefetch:8
  2⤵
  PID:9100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6108,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3884 /prefetch:8
  2⤵
  PID:6488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4592,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4604 /prefetch:8
  2⤵
  PID:2608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6472,i,4745559511987956308,10899323496790782562,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3936 /prefetch:8
  2⤵
  PID:3764

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3320

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3848

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2c8 0x2ec
1⤵
PID:5152

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SendNotifyMessage
PID:7492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffeeb69cc40,0x7ffeeb69cc4c,0x7ffeeb69cc58
  2⤵
  PID:7472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2056,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=2052 /prefetch:2
  2⤵
  PID:8024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1868,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=2200 /prefetch:3
  2⤵
  PID:1944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2232,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=2448 /prefetch:8
  2⤵
  PID:1084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3120,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3140 /prefetch:1
  2⤵
  PID:7084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3152,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3188 /prefetch:1
  2⤵
  PID:6460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4592,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4616 /prefetch:1
  2⤵
  PID:8408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4908,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4960 /prefetch:8
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5128,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5140 /prefetch:8
  2⤵
  PID:7344
- C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  - Drops file in Program Files directory
  PID:4992
- - C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x268,0x26c,0x270,0x244,0x274,0x7ff736104698,0x7ff7361046a4,0x7ff7361046b0
    3⤵
    - Drops file in Program Files directory
    PID:4920
- C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  - Drops file in Program Files directory
  PID:1508
- - C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x268,0x26c,0x270,0x244,0x274,0x7ff736104698,0x7ff7361046a4,0x7ff7361046b0
    3⤵
    - Drops file in Program Files directory
    PID:1868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5160,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5000 /prefetch:1
  2⤵
  PID:1576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3348,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3408 /prefetch:8
  2⤵
  PID:8444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3308,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4444 /prefetch:8
  2⤵
  PID:1304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4564,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5204 /prefetch:1
  2⤵
  PID:6152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5252,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4456 /prefetch:8
  2⤵
  PID:7812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3204,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3240 /prefetch:8
  2⤵
  PID:6204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3140,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5456 /prefetch:1
  2⤵
  PID:4456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3216,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3396 /prefetch:1
  2⤵
  PID:9096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4496,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4672 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5424,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5436 /prefetch:1
  2⤵
  PID:5408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5336,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5344 /prefetch:1
  2⤵
  PID:4880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4028,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4584 /prefetch:1
  2⤵
  PID:7644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5488,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5460 /prefetch:1
  2⤵
  PID:7424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5512,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5640 /prefetch:1
  2⤵
  PID:7420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5644,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5784 /prefetch:1
  2⤵
  PID:8316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5916,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:8708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5948,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6064 /prefetch:1
  2⤵
  PID:4264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6072,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6216 /prefetch:1
  2⤵
  PID:7340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=5912,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5924 /prefetch:1
  2⤵
  PID:7496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6584,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6576 /prefetch:1
  2⤵
  PID:8112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6700,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6716 /prefetch:1
  2⤵
  PID:8108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6884,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6848 /prefetch:1
  2⤵
  PID:8532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=7016,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6588 /prefetch:1
  2⤵
  PID:8044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=7172,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7028 /prefetch:1
  2⤵
  PID:8584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=7184,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7292 /prefetch:1
  2⤵
  PID:8608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=7436,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7516 /prefetch:1
  2⤵
  PID:7292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=7620,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7640 /prefetch:1
  2⤵
  PID:3496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=7484,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6552 /prefetch:1
  2⤵
  PID:7172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=7564,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7500 /prefetch:8
  2⤵
  PID:1068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7540,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7904 /prefetch:8
  2⤵
  PID:8996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=8096,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=7928 /prefetch:8
  2⤵
  PID:4432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8112,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=8100 /prefetch:8
  2⤵
  PID:636
- C:\Users\Admin\Downloads\Wave Browser.exe
  "C:\Users\Admin\Downloads\Wave Browser.exe"
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  PID:6788
- - C:\Users\Admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe" /install "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1&experiments=vpro2%3don%7cSun%2c%201%20Sep%202024%2000%3a00%3a00%20%2b0300"
    3⤵
    - Executes dropped EXE
    - Drops file in Program Files directory
    - System Location Discovery: System Language Discovery
    PID:7864
  - - C:\Program Files (x86)\Wavesor\Temp\GUM44ED.tmp\SWUpdater.exe
      "C:\Program Files (x86)\Wavesor\Temp\GUM44ED.tmp\SWUpdater.exe" /install "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1&experiments=vpro2%3don%7cSun%2c%201%20Sep%202024%2000%3a00%3a00%20%2b0300"
      4⤵
      Checks computer location settings
      Executes dropped EXE
      Loads dropped DLL
      Adds Run key to start application
      Checks whether UAC is enabled
      System Location Discovery: System Language Discovery
      Suspicious behavior: EnumeratesProcesses
      PID:2788
    - - C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /regserver
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Checks whether UAC is enabled
        System Location Discovery: System Language Discovery
        Modifies registry class
        
        PID:5788
      - C:\Users\Admin\Wavesor Software\SWUpdater\1.3.133.0\SWUpdaterComRegisterShell64.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\1.3.133.0\SWUpdaterComRegisterShell64.exe" /user
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Modifies registry class
        
        PID:5920
      - C:\Users\Admin\Wavesor Software\SWUpdater\1.3.133.0\SWUpdaterComRegisterShell64.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\1.3.133.0\SWUpdaterComRegisterShell64.exe" /user
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Modifies registry class
        
        PID:9044
      - C:\Users\Admin\Wavesor Software\SWUpdater\1.3.133.0\SWUpdaterComRegisterShell64.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\1.3.133.0\SWUpdaterComRegisterShell64.exe" /user
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Modifies registry class
        
        PID:2768
    - - C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJTV1VwZGF0ZXIiIHVwZGF0ZXJ2ZXJzaW9uPSIxLjMuMTMzLjAiIHNoZWxsX3ZlcnNpb249IjEuMy4xMzMuMCIgaXNtYWNoaW5lPSIwIiBzZXNzaW9uaWQ9IntDMkJDODc4OS04NDg1LTQwOTktQTI1Qy1BQTk0NDE2NDk5N0R9IiB1c2VyaWQ9InswZjM4NzM5Zi1hY2Q2LTRmNTUtOGFlZC00MTQzNjI1YjQzNjV9IiBpbnN0YWxsc291cmNlPSJvdGhlcmluc3RhbGxjbWQiIHJlcXVlc3RpZD0ie0M2MTI3Mzg4LUZGRjEtNDk0Mi1CMUM3LTZEN0ZBQTI5OEEzRH0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iOCIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiLz48YXBwIGFwcGlkPSJ7RjZGNjBBQ0UtNzFBRC00NjEwLTgwRDQtOTI1MzcyOUZCNEI3fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMS4zLjEzMy4wIiBsYW5nPSJlbiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGluc3RhbGxfdGltZV9tcz0iMjgzIi8-PC9hcHA-PC9yZXF1ZXN0Pg
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Checks whether UAC is enabled
        System Location Discovery: System Language Discovery
        System Network Configuration Discovery: Internet Connection Discovery
        
        PID:6084
    - - C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /handoff "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1&experiments=vpro2%3don%7cSun%2c%201%20Sep%202024%2000%3a00%3a00%20%2b0300" /installsource otherinstallcmd /sessionid "{C2BC8789-8485-4099-A25C-AA944164997D}"
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Checks whether UAC is enabled
        System Location Discovery: System Language Discovery
        
        PID:3956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=4984,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6428 /prefetch:1
  2⤵
  PID:4272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=7488,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=8444 /prefetch:1
  2⤵
  PID:7440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6968,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=6672 /prefetch:8
  2⤵
  PID:1096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6940,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=8712 /prefetch:8
  2⤵
  PID:5496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8456,i,6772382084209682343,7889056723997875482,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=8772 /prefetch:8
  2⤵
  PID:5520
- C:\Users\Admin\Downloads\Setup.exe
  "C:\Users\Admin\Downloads\Setup.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:5888
- - C:\Users\Admin\AppData\Local\Temp\7zS007ED980\WebCompanion-Installer.exe
    .\WebCompanion-Installer.exe --savename=Setup.exe --partner=IN240401 --nonadmin --direct --tych --campaign=20925055911 --version=13.900.0.1080
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Loads dropped DLL
    - System Location Discovery: System Language Discovery
    - Suspicious behavior: EnumeratesProcesses
    PID:7820
  - - C:\Windows\SysWOW64\cmd.exe
      "C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
      4⤵
      System Location Discovery: System Language Discovery
      PID:8332
    - - C:\Windows\SysWOW64\netsh.exe
        
        netsh http add urlacl url=http://+:9007/ user=Everyone
        5⤵
        Event Triggered Execution: Netsh Helper DLL
        System Location Discovery: System Language Discovery
        
        PID:1912
  - - C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe
      "C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe" --install --geo=
      4⤵
      Adds Run key to start application
      System Location Discovery: System Language Discovery
      Modifies system certificate store
      Suspicious behavior: EnumeratesProcesses
      PID:5696
  - - C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe
      "C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe" --afterinstall
      4⤵
      Adds Run key to start application
      System Location Discovery: System Language Discovery
      Checks processor information in registry
      Modifies system certificate store
      Suspicious behavior: EnumeratesProcesses
      PID:8408
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" https://webcompanion.com/en/install.php?partner=IN240401&campaign=20925055911&
      4⤵
      Enumerates system info in registry
      Modifies data under HKEY_USERS
      Suspicious behavior: EnumeratesProcesses
      PID:8132
    - - C:\Program Files\Google\Chrome\Application\chrome.exe
        
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffeeb69cc40,0x7ffeeb69cc4c,0x7ffeeb69cc58
        5⤵
        
        PID:7356
    - - C:\Program Files\Google\Chrome\Application\chrome.exe
        
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1988,i,11727828922472471520,3082780608319075584,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=1980 /prefetch:2
        5⤵
        
        PID:9000
    - - C:\Program Files\Google\Chrome\Application\chrome.exe
        
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1820,i,11727828922472471520,3082780608319075584,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=2024 /prefetch:3
        5⤵
        
        PID:5736
    - - C:\Program Files\Google\Chrome\Application\chrome.exe
        
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2276,i,11727828922472471520,3082780608319075584,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=2292 /prefetch:8
        5⤵
        
        PID:680
    - - C:\Program Files\Google\Chrome\Application\chrome.exe
        
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3120,i,11727828922472471520,3082780608319075584,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3148 /prefetch:1
        5⤵
        
        PID:7276
    - - C:\Program Files\Google\Chrome\Application\chrome.exe
        
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3128,i,11727828922472471520,3082780608319075584,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3212 /prefetch:1
        5⤵
        
        PID:7488
    - - C:\Program Files\Google\Chrome\Application\chrome.exe
        
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3668,i,11727828922472471520,3082780608319075584,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4712 /prefetch:8
        5⤵
        
        PID:9104
    - - C:\Program Files\Google\Chrome\Application\chrome.exe
        
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4876,i,11727828922472471520,3082780608319075584,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4892 /prefetch:8
        5⤵
        
        PID:5544

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2700

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1704

C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
"C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" -Embedding
1⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
- System Location Discovery: System Language Discovery
PID:8764
- C:\Users\Admin\Wavesor Software\SWUpdater\Install\{A9FF4A2B-F3D3-43DA-ADFC-E49493951344}\WaveInstaller-v1.5.18.2.exe
  "C:\Users\Admin\Wavesor Software\SWUpdater\Install\{A9FF4A2B-F3D3-43DA-ADFC-E49493951344}\WaveInstaller-v1.5.18.2.exe" /installerdata="C:\Users\Admin\AppData\Local\Temp\gui8C94.tmp"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:7892
- - C:\Users\Admin\AppData\Local\Temp\nsl8F64.tmp\setup.exe
    "C:\Users\Admin\AppData\Local\Temp\nsl8F64.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\nsl8F64.tmp\wavebrowser.packed.7z" --wid=j7xr4fml --installerdata="C:\Users\Admin\AppData\Local\Temp\gui8C94.tmp"
    3⤵
    - Executes dropped EXE
    - Modifies registry class
    - Suspicious behavior: EnumeratesProcesses
    PID:5016
  - - C:\Users\Admin\AppData\Local\Temp\nsl8F64.tmp\setup.exe
      C:\Users\Admin\AppData\Local\Temp\nsl8F64.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.5.18.2 --initial-client-data=0x258,0x25c,0x260,0x234,0x264,0x7ff7974e12d0,0x7ff7974e12dc,0x7ff7974e12e8
      4⤵
      Executes dropped EXE
      PID:5660
  - - C:\Users\Admin\AppData\Local\Temp\nsl8F64.tmp\setup.exe
      "C:\Users\Admin\AppData\Local\Temp\nsl8F64.tmp\setup.exe" --verbose-logging --installerdata="C:\Users\Admin\AppData\Local\Temp\gui8C94.tmp" --create-shortcuts=0 --install-level=0
      4⤵
      Executes dropped EXE
      PID:264
    - - C:\Users\Admin\AppData\Local\Temp\nsl8F64.tmp\setup.exe
        
        C:\Users\Admin\AppData\Local\Temp\nsl8F64.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.5.18.2 --initial-client-data=0x258,0x25c,0x260,0x234,0x264,0x7ff7974e12d0,0x7ff7974e12dc,0x7ff7974e12e8
        5⤵
        Executes dropped EXE
        
        PID:7248
  - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --install-type=1 --from-installer
      4⤵
      Checks computer location settings
      Executes dropped EXE
      Loads dropped DLL
      Checks system information in the registry
      Drops file in Program Files directory
      Enumerates system info in registry
      Modifies data under HKEY_USERS
      PID:7396
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.5.18.2 --initial-client-data=0x130,0x134,0x138,0x100,0x13c,0x7ffed10eccf0,0x7ffed10eccfc,0x7ffed10ecd08
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:5812
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=gpu-process --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1984,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=1980 /prefetch:2
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7660
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --start-stack-profiler --field-trial-handle=2184,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=2208 /prefetch:3
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:5164
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2308,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=2404 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7444
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=2964,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=3060 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7912
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=2980,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=3096 /prefetch:2
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6364
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4004,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4032 /prefetch:8
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:5708
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4512,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4564 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6024
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4688,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4528 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6568
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4828,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4136 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6516
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2320,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4712 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7872
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4684,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4716 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2008
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4676,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4668 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2908
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4832,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4988 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:5052
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4528,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5104 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:4976
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4580,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5224 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:3548
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4576,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5340 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:1960
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4516,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5456 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:768
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=4532,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5572 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:4328
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --instant-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4640,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5688 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7172
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6416,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6404 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6472
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6412,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6436 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:4624
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6788,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6792 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:8660
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6772,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6924 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:8812
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6560,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6408 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:8300
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6028,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6176 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:5908
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7000,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7040 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:6968
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6272,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7172 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:8736
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7340,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7364 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:6500
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7504,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7528 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:7132
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7668,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7680 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:1248
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7832,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7848 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:7708
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8000,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8012 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:8460
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7688,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8036 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:6756
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8344,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8356 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:4100
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8440,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8428 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:8388
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8120,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8480 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:1956
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8508,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8308 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:3308
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8416,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8068 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:4940
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7500,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7304 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:1840
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8560,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8224 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:8008
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8552,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7868 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:5652
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8136,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7452 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:6568
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8148,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7732 /prefetch:8
        5⤵
        
        PID:7652
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8140,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7236 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:6724
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8184,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6396 /prefetch:8
        5⤵
        
        PID:5992
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7652,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4712 /prefetch:8
        5⤵
        
        PID:9008
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6652,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6576 /prefetch:8
        5⤵
        
        PID:6284
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8456,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8696 /prefetch:8
        5⤵
        
        PID:4312
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8556,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8040 /prefetch:8
        5⤵
        
        PID:7808
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8948,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8960 /prefetch:8
        5⤵
        
        PID:7836
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6620,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9144 /prefetch:8
        5⤵
        
        PID:6352
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=9132,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9308 /prefetch:8
        5⤵
        
        PID:3696
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=9456,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9468 /prefetch:8
        5⤵
        
        PID:5012
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=9444,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9608 /prefetch:8
        5⤵
        
        PID:1844
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3952,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6140 /prefetch:8
        5⤵
        
        PID:9076
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6420,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4816 /prefetch:8
        5⤵
        
        PID:7708
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=9288,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9976 /prefetch:8
        5⤵
        
        PID:2416
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10112,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10132 /prefetch:8
        5⤵
        
        PID:8596
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8952,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10296 /prefetch:8
        5⤵
        
        PID:2024
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10124,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10280 /prefetch:8
        5⤵
        
        PID:648
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10288,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10572 /prefetch:8
        5⤵
        
        PID:996
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=10736,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10712 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:4468
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=9292,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10908 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:5980
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10916,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11020 /prefetch:8
        5⤵
        
        PID:8560
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11180,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11192 /prefetch:8
        5⤵
        
        PID:8404
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11184,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11336 /prefetch:8
        5⤵
        
        PID:5912
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11492,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11504 /prefetch:8
        5⤵
        
        PID:336
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11168,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11524 /prefetch:8
        5⤵
        
        PID:5412
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11480,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11656 /prefetch:8
        5⤵
        
        PID:7460
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11932,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11944 /prefetch:8
        5⤵
        
        PID:1292
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11176,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12088 /prefetch:8
        5⤵
        
        PID:6472
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=12108,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12236 /prefetch:8
        5⤵
        
        PID:636
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=12112,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9476 /prefetch:8
        5⤵
        
        PID:6876
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=9836,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9832 /prefetch:8
        5⤵
        
        PID:1120
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=9964,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12500 /prefetch:8
        5⤵
        
        PID:5700
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=12640,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12652 /prefetch:8
        5⤵
        
        PID:4616
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=12792,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12800 /prefetch:8
        5⤵
        
        PID:5792
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=12384,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12948 /prefetch:8
        5⤵
        
        PID:9144
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=13084,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13096 /prefetch:8
        5⤵
        
        PID:1548
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=13240,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13252 /prefetch:8
        5⤵
        
        PID:7000
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6408,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13400 /prefetch:8
        5⤵
        
        PID:2432
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=13088,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13544 /prefetch:8
        5⤵
        
        PID:3656
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=13688,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13536 /prefetch:8
        5⤵
        
        PID:4660
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=7732,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7736 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:6772
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=7056,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7288 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:7368
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=7052,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7224 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:4372
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=7316,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6660 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:3444
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=8176,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7176 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:6428
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=7136,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10416 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:7832
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=7620,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7868 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:7044
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --field-trial-handle=6524,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7672 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:6760
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --field-trial-handle=8096,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4724 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:3308
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --field-trial-handle=8704,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9136 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:9196
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=9096,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9400 /prefetch:8
        5⤵
        
        PID:8912
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --field-trial-handle=12228,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8964 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:4432
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --field-trial-handle=12100,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9712 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:6968
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --field-trial-handle=11912,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11656 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:3288
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=9664,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6824 /prefetch:8
        5⤵
        
        PID:6756
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=12252,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4740 /prefetch:8
        5⤵
        
        PID:6576
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11836,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4564 /prefetch:8
        5⤵
        
        PID:6568
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=13416,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4520 /prefetch:8
        5⤵
        
        PID:7996
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7124,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5560 /prefetch:8
        5⤵
        
        PID:7144
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11792,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6804 /prefetch:8
        5⤵
        
        PID:3088
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5632,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=3184 /prefetch:8
        5⤵
        
        PID:8020
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5820,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9804 /prefetch:8
        5⤵
        
        PID:7864
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3168,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11852 /prefetch:8
        5⤵
        
        PID:1680
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3076,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6892 /prefetch:8
        5⤵
        
        PID:7064
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5608,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5560 /prefetch:8
        5⤵
        
        PID:7416
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5872,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5532 /prefetch:8
        5⤵
        
        PID:6112
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --field-trial-handle=11920,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12104 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:7456
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5540,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8972 /prefetch:8
        5⤵
        
        PID:4616
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --field-trial-handle=6608,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9088 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:5976
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --field-trial-handle=9228,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6056 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:8120
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --field-trial-handle=6912,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10108 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:7956
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --field-trial-handle=12240,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8692 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:8696
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --field-trial-handle=9672,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=3056 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:6496
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --field-trial-handle=9448,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9000 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:7936
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --field-trial-handle=5864,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12220 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:3540
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --field-trial-handle=9048,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5012 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:8912
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --field-trial-handle=5328,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5640 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:1580
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --field-trial-handle=9084,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5836 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:6492
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --field-trial-handle=8420,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=3140 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:632
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --field-trial-handle=5776,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5084 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:2696
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --field-trial-handle=8988,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5204 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:4948
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --instant-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --field-trial-handle=8364,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4668 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:9140
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --field-trial-handle=5004,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6108 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:7572
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=12972,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12980 /prefetch:8
        5⤵
        
        PID:5180
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=12940,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12944 /prefetch:8
        5⤵
        
        PID:7964
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --field-trial-handle=13012,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13052 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:1220
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --field-trial-handle=12540,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12568 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:2212
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --field-trial-handle=13072,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13384 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:5380
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7560,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12460 /prefetch:8
        5⤵
        
        PID:1796
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --field-trial-handle=12192,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12148 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:7032
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11872,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4524 /prefetch:8
        5⤵
        
        PID:8436
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=472,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9492 /prefetch:8
        5⤵
        
        PID:5644
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=12168,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12148 /prefetch:8
        5⤵
        
        PID:3284
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=12208,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=552 /prefetch:8
        5⤵
        
        PID:6944
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4616,i,6480522441330686863,12195057222213007166,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12188 /prefetch:8
        5⤵
        
        PID:5544
- C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
  "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJTV1VwZGF0ZXIiIHVwZGF0ZXJ2ZXJzaW9uPSIxLjMuMTMzLjAiIHNoZWxsX3ZlcnNpb249IjEuMy4xMzMuMCIgaXNtYWNoaW5lPSIwIiBzZXNzaW9uaWQ9IntDMkJDODc4OS04NDg1LTQwOTktQTI1Qy1BQTk0NDE2NDk5N0R9IiB1c2VyaWQ9InswZjM4NzM5Zi1hY2Q2LTRmNTUtOGFlZC00MTQzNjI1YjQzNjV9IiBpbnN0YWxsc291cmNlPSJvdGhlcmluc3RhbGxjbWQiIHJlcXVlc3RpZD0iezk5ODY2OTRFLUFFQTQtNDFBMC04RjA2LTQyMEIzNENBMDU0OX0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iOCIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiLz48YXBwIGFwcGlkPSJ7RUIxNDlBRDItQ0U0RS00RjUxLUI3RkMtQTE0OUZBQTRDQ0FGfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMS41LjE4LjIiIGxhbmc9ImVuIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9InZwcm8yPW9uIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cHM6Ly9jZG4uc3d1cGRhdGVyLmNvbS9idWlsZC9XYXZlQnJvd3Nlci9zdGFibGUvd2luLzExMjA5ODc2NDM5MDYvNjQvV2F2ZUluc3RhbGxlci12MS41LjE4LjIuZXhlIiBkb3dubG9hZGVkPSIxMDY4MTEwODAiIHRvdGFsPSIxMDY4MTEwODAiIGRvd25sb2FkX3RpbWVfbXM9IjEwMzY4Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iNTA3IiBkb3dubG9hZF90aW1lX21zPSIxMTQ5MiIgZG93bmxvYWRlZD0iMTA2ODExMDgwIiB0b3RhbD0iMTA2ODExMDgwIiBpbnN0YWxsX3RpbWVfbXM9IjEyNTk2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Checks whether UAC is enabled
  - System Location Discovery: System Language Discovery
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:3656

C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --strtl=ti
1⤵
PID:3380
- C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
  "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.5.18.2 --initial-client-data=0x120,0x124,0x128,0x104,0x12c,0x7ffed10eccf0,0x7ffed10eccfc,0x7ffed10ecd08
  2⤵
  PID:3464

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4832

C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
1⤵
PID:2220

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
PID:5656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffeeb69cc40,0x7ffeeb69cc4c,0x7ffeeb69cc58
  2⤵
  PID:7140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2000,i,11401139125367409466,18156911467007948285,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=1996 /prefetch:2
  2⤵
  PID:6580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1896,i,11401139125367409466,18156911467007948285,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=2032 /prefetch:3
  2⤵
  PID:3724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2252,i,11401139125367409466,18156911467007948285,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=2264 /prefetch:8
  2⤵
  PID:4512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3156,i,11401139125367409466,18156911467007948285,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3164 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3172,i,11401139125367409466,18156911467007948285,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:4940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4644,i,11401139125367409466,18156911467007948285,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4672 /prefetch:1
  2⤵
  PID:5440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4572,i,11401139125367409466,18156911467007948285,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4928 /prefetch:8
  2⤵
  PID:6236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5036,i,11401139125367409466,18156911467007948285,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5044 /prefetch:8
  2⤵
  PID:9060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=1236,i,11401139125367409466,18156911467007948285,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4016 /prefetch:1
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3272,i,11401139125367409466,18156911467007948285,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:7728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3252,i,11401139125367409466,18156911467007948285,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4696 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5320,i,11401139125367409466,18156911467007948285,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5040 /prefetch:1
  2⤵
  PID:6332

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:7592

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
PID:7132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffeeb69cc40,0x7ffeeb69cc4c,0x7ffeeb69cc58
  2⤵
  PID:9184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2056,i,2754736292102054912,9420357036536497789,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=2052 /prefetch:2
  2⤵
  PID:7780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1896,i,2754736292102054912,9420357036536497789,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=2424 /prefetch:3
  2⤵
  PID:4212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2060,i,2754736292102054912,9420357036536497789,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=2528 /prefetch:8
  2⤵
  PID:8864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3168,i,2754736292102054912,9420357036536497789,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3188 /prefetch:1
  2⤵
  PID:7220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3196,i,2754736292102054912,9420357036536497789,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:6392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4776,i,2754736292102054912,9420357036536497789,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4788 /prefetch:1
  2⤵
  PID:4108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4928,i,2754736292102054912,9420357036536497789,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4952 /prefetch:8
  2⤵
  PID:1184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5076,i,2754736292102054912,9420357036536497789,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5104 /prefetch:8
  2⤵
  PID:6280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4968,i,2754736292102054912,9420357036536497789,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=4952 /prefetch:8
  2⤵
  PID:5548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4560,i,2754736292102054912,9420357036536497789,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5360 /prefetch:8
  2⤵
  PID:8436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5508,i,2754736292102054912,9420357036536497789,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5520 /prefetch:8
  2⤵
  PID:3916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4424,i,2754736292102054912,9420357036536497789,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5304 /prefetch:1
  2⤵
  PID:7160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5424,i,2754736292102054912,9420357036536497789,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5336 /prefetch:8
  2⤵
  PID:5180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5752,i,2754736292102054912,9420357036536497789,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5452 /prefetch:8
  2⤵
  PID:6800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5724,i,2754736292102054912,9420357036536497789,262144 --variations-seed-version=20240807-050119.407000 --mojo-platform-channel-handle=5848 /prefetch:8
  2⤵
  PID:6496
- C:\Users\Admin\Downloads\ChromeSetup.exe
  "C:\Users\Admin\Downloads\ChromeSetup.exe"
  2⤵
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  PID:5640
- - C:\Program Files (x86)\Google5640_1002875460\bin\updater.exe
    "C:\Program Files (x86)\Google5640_1002875460\bin\updater.exe" --install=appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={C4B623D7-47CA-4571-EA2B-DD85BD328F67}&lang=en-GB&browser=4&usagestats=1&appname=Google%20Chrome&needsadmin=prefers&ap=x64-statsdef_1&installdataindex=empty --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2
    3⤵
    - Checks whether UAC is enabled
    - Drops file in Program Files directory
    - System Location Discovery: System Language Discovery
    - Modifies registry class
    PID:4684
  - - C:\Program Files (x86)\Google5640_1002875460\bin\updater.exe
      "C:\Program Files (x86)\Google5640_1002875460\bin\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=128.0.6597.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x280,0x284,0x288,0x25c,0x28c,0x118c694,0x118c6a0,0x118c6ac
      4⤵
      Drops file in Program Files directory
      System Location Discovery: System Language Discovery
      PID:8280

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:8876

C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe
"C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe" --system --windows-service --service=update-internal
1⤵
- Checks whether UAC is enabled
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Modifies registry class
PID:2252
- C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe
  "C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=128.0.6597.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x28c,0x290,0x294,0x268,0xcc,0x116c694,0x116c6a0,0x116c6ac
  2⤵
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  PID:5032

C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe
"C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe" --system --windows-service --service=update
1⤵
- Checks whether UAC is enabled
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
PID:8896
- C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe
  "C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=128.0.6597.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x280,0x284,0x288,0x25c,0x28c,0x116c694,0x116c6a0,0x116c6ac
  2⤵
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  PID:5540

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:8644

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1904

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Netsh Helper DLL

T1546.007

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Netsh Helper DLL

T1546.007

Defense Evasion

Modify Registry

T1112

Pre-OS Boot

T1542

Bootkit

T1542.003

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Browser Information Discovery

T1217

Network Service Discovery

T1046

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

Filesize
354B

MD5
d4927578fc92dc543365aa4e43b202ba

SHA1
5e1aeb950ac6ac3f071fa02f90a4fbc0c8e5304c

SHA256
4ac029c04a6e82f4c588237f57a798b4285c818bdbb4250c20f11a5b95d4ecd1

SHA512
4c6cbf4bfb4279edc6d6bd816ca4d1d4dbc8b7f06d875493ffeea3a8782568f49911db28aae743a41962bbe4fe34afc531e119be58888a2acf0623e99df38e95

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping7396_1109469074\manifest.json

Filesize
76B

MD5
b5dabcb6b1744da449b7ee8f85258f7f

SHA1
6602da5eb5d1e64644f5427f210ce1e57544bfbd

SHA256
082775d5ea6bacc6bee71f31a68e966b4a7cf8d39adc681894b0e1f89bfbb47b

SHA512
f89296d1dd2f6acffc102c45e1d51516937f4c143eb642cdf6c79d35b121a1c712063f56fdb6636765882246fadacd67cae71131831346f7b5770952070d76a9

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping7396_1622947316\manifest.json

Filesize
300B

MD5
01f3de10093b3b262105724e85817fa6

SHA1
97dee66ece41b53a27cbd4579f44c204e35d19d6

SHA256
be1b2d4b5880584961c46ec8ed276b6ee43ea595da56720268e05bd3d5c95340

SHA512
9646b13e23c4214bcc45715fbc60eb9afb29f934d5d33b3471ee89a6f399a68d83b5bdff14748f73ce6a7c2c9fdce782a4ce849f855a900514636b529e9b400f

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping7396_462399166\manifest.json

Filesize
72B

MD5
d5aa769547c3e82d22eea169f9bb5503

SHA1
0c6920524b9832a74510dd11e03c92aec6def0bb

SHA256
9a72c32fd87b2b214b8bf46857f4d2e1364201ed3797a612a11c274cb91dcd24

SHA512
a28364e21868df9b108b55269dd4eb05a88abae52023a348b21b49516af8139ac3be820709d6fb321efc379538c627540434ba8b575e20637d608835df2c23b7

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping7396_473876712\manifest.json

Filesize
95B

MD5
bd035c7120e73a0af34bb632ebfb3a0c

SHA1
6df6c4157bb651a94ec13a503a576104d66204b5

SHA256
3596c6dabff147c2e971f2cce34a96124aae0f6e25861f4d7722e4f460323aa1

SHA512
d2100d63b7b4b9150a63737bb2220aaaa64a741572abce9c03afad18a23adb1b59d82039295014bc94479b48f2aa0b62c4745097d66b7b3cbc0eeea40bb8fc7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\643e7465-8a99-44a2-91e7-529ed6201e09.tmp

Filesize
99KB

MD5
36a44eb51b2e9e026841fc87e11999b2

SHA1
0ea61db4aae9bd4d748d0486c2ef190bb81aba99

SHA256
47f29c73c2f8b08be098575136c6c90d9565b4b82b4d26373a51577fd9506ecc

SHA512
d2165d917dfb7a9a4101120e2c8e46bee7e74f94d36779c7456298b2ec5591fb938114f88ffb218855b7bb3cc559c3d993302241ef04a132e733802d7a652cc4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
4cac357bf24f523841d64a4775f0aa54

SHA1
78b550849a3899d802ec8798fac15a7401580ba9

SHA256
04e85566882a2bc4e8d6d31ceefcd36b4c0a5b3cc3885321ea274abf780ce5c2

SHA512
f9b9107b26c3ac0ae71c1a24c5e240f984663322eea15ecf6ad4d2e30cb444b78bb3da3d3c9229c37ebba39061fa283f94f02376524abd7d09f02cdb632159d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\5d0df43a-7391-4422-a3c8-3218cdccf1a6.tmp

Filesize
17KB

MD5
b7a808d922dbea1e3d98e560f17c6b77

SHA1
38396c1e4028ee4a964bbc6614119325e798cadd

SHA256
47961a8164bca99732e64a87a72a20f6d4c5200cb3aa70306576888b8119e928

SHA512
65133f3fef0073f73b83f79de700180fed670972088182c751f76b639fbf030ebb551f9702cf78b2624e88f135a9c4103a24cf3fc73102999d25fa2fd232a5ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Bookmarks

Filesize
2KB

MD5
ed24f276030281afadefa563d1a3f3c8

SHA1
fe4d61f1b3e7c5baa047ff603bf4fd7c5724f17c

SHA256
6e113c8f644bb7c23bbcfe2e46e9cc3c419bb3b05630e676d78e52c31b1fc508

SHA512
caffb06f0629e58aeb9ea3cf3baf6ebbe9fec23d632b77cd922377ea6728af8394997817094c3bbbd262ac86f9c4242266cbbffe0f5f85d57f503675f650679a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Bookmarks

Filesize
2KB

MD5
01d81822bbe64275ceeadde61224671a

SHA1
8029a032c943e7f24495b11917e318bb60ef6834

SHA256
f7f79079ccfa544807c036a46f2d02c02f755ef2b73e8e1a0b5bd75fb4cdd292

SHA512
b18d36dd98d3a535a11c18fe60731c4de74f0d82a2e1e961a3c7a3f8058218de573efdbbfc99b76876429407ced01ee6296afa523eadd062b193543fd3b76905

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Bookmarks~RFe5b8e13.TMP

Filesize
1KB

MD5
a02dd1f6b6f60c4028c1877fac855de1

SHA1
858931be72796a7e827581ea4f538ebf56a37489

SHA256
d919d0c194f5604b029a5edbb10703afb5e930731f8e6be7712d3d04f206a9ef

SHA512
a8726b95acbe2b52e541ee22487e092812ce08a728c7e37460e33a094dcf86e9c6226ce1bd4e8bbb020076498e572ad871650dd8f00d4f700630bdd6adf91dee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
55805bc81cae5a784cd64f33797902d2

SHA1
bd83d7f305d0680cdf4f3ec7c91866d4299830d8

SHA256
31ca7dabba01e0026bbd3496e2d6a8e75667f2c6eefab9ab2b15e25797831d1e

SHA512
b025edff543f0bce80326b642d6661eca59b186f5211d05c2cc424ac6adb5d7e0a905ab7c1cbe51802c824421a1a337e7b1ae9c455736e6d870ea3751bcc7679

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
21fce3eabd0bf9315c118979b1e10c92

SHA1
64337ab9885c83fc64bf05b9edaba7e3b8a02fd4

SHA256
9ccec944c7937fd48eccf273536ff221c8f9d2c00a458fc64e55af4598f45e69

SHA512
16bdf1f6a0ec11abd445839389a9cfcff2bdb9e309b7604a15d830ea22ef6ae6afbfe86cf8cc2800683a3675af4a2643b0ae70a5ec3d2a82066e5fd814d1e48c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
de76bf52c589acb7077ad09ad9eb3769

SHA1
1d3c66c6d01491c9c5122a093dee7071ba8c465c

SHA256
e493a7a941014c0d518149adcb55b222960175949b50cfa2a87fefd9e0379427

SHA512
90933fb6233727753601b70534a76ba0fdb78806a387c63962c891a098d594c610274b7378185efd1edcc8789bc729335d6ccad8f0e87fb92ae8d992fe8e6aea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
4d37f0892fef656cb583f2fc23c32b41

SHA1
e117cfb6912bacd8df7c5261d4379ae63439d16c

SHA256
ed32d3a063395e5e150a919197fcdc86795632e86dda207e59d460eff50f6df1

SHA512
52548ccdfa2e646abd2234058d4f4349794fe38bf664575eb14c171174a9e4b82174761690e5e57e265a75b89d9e5ac51300f92707455b310bdf0c35913e6eab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
210KB

MD5
48d2860dd3168b6f06a4f27c6791bcaa

SHA1
f5f803efed91cd45a36c3d6acdffaaf0e863bf8c

SHA256
04d7bf7a6586ef00516bdb3f7b96c65e0b9c6b940f4b145121ed00f6116bbb77

SHA512
172da615b5b97a0c17f80ddd8d7406e278cd26afd1eb45a052cde0cb55b92febe49773b1e02cf9e9adca2f34abbaa6d7b83eaad4e08c828ef4bf26f23b95584e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
24KB

MD5
c594a826934b9505d591d0f7a7df80b7

SHA1
c04b8637e686f71f3fc46a29a86346ba9b04ae18

SHA256
e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610

SHA512
04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

Filesize
41KB

MD5
450b386f93729c3bd579f567f450b5a6

SHA1
e12491ecbe1776cf9723d4fab415ab939db09870

SHA256
39724ed4454d8897e7d131601a6b7f1f72a5c38478c42d55a2e16179300a072f

SHA512
adedaae418d45f9b374f57a9ad1219237c9fa3ea15459056925665b85ac8ac5ceae62d70c39b15266c1743d71599bdb2953a9d2c71b64ec6b1e2ee39348350d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
51KB

MD5
59237d38a7c508cdb29138b4ec5cbd1d

SHA1
946afab2fd9b4aacc820e8eedccd4d44c5b9c468

SHA256
cb631443b0925a02feacbac622cadc2b8034c38a9fd1b5ae99b5de42ea29eda9

SHA512
4f00034f36888b6d9a34c34c82f49ee0146339bb970e77d16b0590a53ba48056db26e4e5a31a0d083031cd5204f34462fefb1ca240eb680438ad64e9c38214e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
45KB

MD5
38c3e4eadeabcf36cc2f849572be2d3e

SHA1
f998af335b22800003d221aa9571a6c564c0da03

SHA256
b16f538bdae71ef384fe88e179652c9d5c1677c9f7321295807c78f7b1116e8d

SHA512
14bcdf7405993dae0fde33074732cc03cbb37a495e43e4b0372610bf699140a5ebd80e8b2d9e56428410725c3471215c3c2e3139094170dedaed61ea02a46c41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
36KB

MD5
a6459d7aa3feaf360e37f9d662822e92

SHA1
1531191afb4b66e2e7a3960fad89257b04b428fb

SHA256
2a8f19d74aa15af786fc049ec414d09a773e43ded58e95f39b10f49d7bab724b

SHA512
ba20d1720755a35a996911b59c5a03d506cfd677a8e23ac9524332ca1d41f16438daed84d97c247ecc1fc7b2d23ebbc405c6259dfa18e0d9a358730932acb86f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
48KB

MD5
7f180350bc7fac1370295a5f6ab78e7f

SHA1
556e6057d179d9d7106fc72df7c902dc3ecf0b54

SHA256
c03afc4544303ca92efbc15cb166e230cfcf2062ac7dc69ab54576343b11b14d

SHA512
d89ba69e54eed93c835ea26d1019863801ad6bf013782fa31fc2e817c1adbfafd863bcf28a3bfc0d95bead3b93b20abe770daa42189d0c987a1c4555d5f3c11d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
47KB

MD5
ba5d2bbfbfd3576a787720bd72805341

SHA1
2638c8c82aa05ee0dcbd29b82e39a99ae1b814da

SHA256
4ddbbd7f1c61c69788742e9f161f30687b1f85fdf6da9229abb02245b17f07a9

SHA512
135a8ed16501b6b3b1d85d3b8630c6e229bfef761008ae9d3759a7c1654061131b244b4112987ac50a65c8432f0b84f37d753b0d2d1dec8ac9a1db7e96f64327

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
30KB

MD5
cecc57a1f875657941e6514d1d62f1a0

SHA1
7fc57148e52772ee8d6a0b6578d6de82e0418760

SHA256
a94c1f1edc2a87088c41b5232e3cf785cc1b98028c179390fc1aab7be87c1610

SHA512
f5027050ddb653088c6fa99b5abc8a6d252bd715811746b90034f72f2ec026cf1565352181c18309ca8c57853279a14314b19986e9b14d6255fcfc28fdd62a93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
31KB

MD5
eb62064591e028c4ad0f043ab6132e30

SHA1
25b21a71ece7f07c7b3430e86d41b34f3dc8f7f6

SHA256
2877a15e8ce3a00b3b0d0c74a447015dab8c535d811a8874f9ed31d73ae5c2b0

SHA512
e6b73e8378800d92bd7902d51c631eee187d40cd3e65c4135f9bf93421e3bd20219c6cb586958e2035709e743ccbf72ab67134c2b7e1cddb1b254a73b7bd7f28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
17KB

MD5
28ff1522a726bd843dd148f4b9d692ca

SHA1
af71d4a3c82cacea122416b0a4d575585893f167

SHA256
23de4f256fd294d2504385db78de28962f46ce0286ed4a05b00503144a01c715

SHA512
96c0647bae768f83c027daca97a4ae456feca5dc7cde3ad932ad9b614503da13a4779e7a0238978a1373e16952b193bee37ae234b0c5e45b6b0d114c51d88ac9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
35KB

MD5
fecf2e28b6f06c1dff063686213bc324

SHA1
9e017fbc86e8a0ad96eec5797b3a2c1b6a20d9fa

SHA256
81dac1b5db80c3490e9d583b5daa74e634ebe4d1ddd0a31b5949b9d583269863

SHA512
d4ce326bd9f39ec1891629eb3081f4c8966df9ed5c0effb091b96e21c34b54269e7b21f05eb47d6bdf0cf81e24753eecba2b5dd9d0623860cec1980f9d5f449f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
37KB

MD5
89637a754baaca53f7d3357a0ea70b5b

SHA1
32598f5abb6a7806ad1705f4b3a36fbbc33c159c

SHA256
468e8f163e81e0ece86fa961626674d7c13ef28d231eca3095f3f2f79930b10f

SHA512
bbb49b31bb1841824039bd93ff9e21622616dfbb0dd85d818dd86517a8f28c0b69edc8c74ee5dfd1e65de187a20c3200eb245e46bdb9f15e82844abad27a84d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
24KB

MD5
87c2b09a983584b04a63f3ff44064d64

SHA1
8796d5ef1ad1196309ef582cecef3ab95db27043

SHA256
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

SHA512
df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
177KB

MD5
16c847398506cd29c8e476940b0db89c

SHA1
2778db7c07eced48a08146fd7032a7fb1d415260

SHA256
759e6fda590d21dc5ef24b744d06b5d54d74f31610659cc96d035162735b856b

SHA512
65cb7b3b2c4a3bdb09a7c55eea5f8715e09df5609de519b9c813a1fcb5353ebb6ec2124c2641dd27784890378cfd4ce806146512c92d038a41935377fd570f6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
69KB

MD5
314025075985d92cd9a743d482dafad0

SHA1
709a1050e7a81b54b48e4b43e44140ee8295759b

SHA256
f8ee013eb443b8c1d03179b33d6b550441f2e9772849853ba26755c34c3fad25

SHA512
ea69d1bab3267ef52f7fe7cc75528fe357eb8fe50fc87ef56e4627483288e897d00b4824948749e6b39f7ee064884883903ca634eee0d8d461dada8718847244

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
403KB

MD5
1b26c53db5cccfc56dd74078cb5cfca9

SHA1
6933f07a9177d9c4c8d53152843055d37ca78cb3

SHA256
3965115b33d132aed00842356964296735940b97e50ce2c0d3808472c15b895e

SHA512
adbf350c0d1cf40358c0b8bf250d64843d128d628173b6041032d9a1534f510fd81cec9aba8b8966ed28ace7ce641a54b879a56b451b4c4afcab993d44dc12e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
190KB

MD5
7835dec82befc19425f1525d709c7610

SHA1
2d9f205350f31ae1f8f54b2852ceac3dc03b25b8

SHA256
38227166b7df2095d5a32b9b46e47c202051f393d8e996cef0e2b9f82e832341

SHA512
c9e59d1cea3253b1cbbe0092e99ec7057f009fa3fad0db4cda0f4c59ea45c750efa63c659a99305c7f247847a493261ce0cb2ca05065309a41d14948b0ecaf0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
125KB

MD5
f7d74b12bafda8e8a4cbc279cdb27523

SHA1
2bca87da5e5dff1786794fd11ab1cd2dea6d1fc0

SHA256
f416c7794beceb68e43e36ab5ca3fe85acad283104bb0348b869126c33c8dfa8

SHA512
2c41edbb5b1a5a2a0f60d10aa38a7896e7d38b5cea124be00e00580375828166bd6932e14457ece2372960ba65ef4de5100b8803ace56a95b55d912d1bed9a07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
24KB

MD5
8ba020c8dc9c3ea8b00cc400a8216819

SHA1
d3325bf2a7e3af2b7ab354e3e7b4d25b92baf10e

SHA256
89274781ddc774f9e9e1e62a148dbdf0e9c4a53432261573aeca8b8a0d99c123

SHA512
f0954fc2fc2d37f576df3c96cd2dfed4732214be6c274f934dd5c61dfe1b0096d86a56e1ea223d5f5434d398301a4df0121582356327da35d936e69a16182a17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
27KB

MD5
5629677e39396483f8418bf4b04fc58c

SHA1
86d61555a43fffe2f5585cfb22cdefb8f96e026e

SHA256
8ae048af63fa0a566a34eb99fc7e7939cce09c62b689eaf12d1913670107c13e

SHA512
8cf4dc2394abbac633d052ea8b810f4cfe2f4496deda0d58d9ce253634f15da540d2714d583a4119d73c15edb6b6407f3e902ac2d225d751dfe4bb8a958db86f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
254KB

MD5
844389e5bfe79fdcda68be692545eca9

SHA1
64f86f883fce2215390fcb689ffb2db5811f5507

SHA256
d44026cddafeae880dd57dd208d48043f5d36d285b8eb3d64d281768471ba269

SHA512
926529ebfe70850309241f2370b4ab154aebb70e1cbd101dcbe5f2b6f300a6726ebdbb08fea78581752e13e88310daa528deb72a2be516029e2a2ccac43db089

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
168KB

MD5
0e74c2e7f4fd593099cdb867dfbbd37d

SHA1
8a9c2fd13400f47ec7cb0c84d6d67ef4caf849fb

SHA256
de32be4d864177e537d0b72084f9a72ed7547a4f87eb95045e88cb39cb757b07

SHA512
967579162a35121392ec7516b7ff4074e738fe449a890ac38428ec1b003fbd81667729a693043c05984f189ba07bcbbd0f185b62af530d50acd3eec77b2700ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
23KB

MD5
19a65fbfe8315f6a5dbbd1a8f48071c0

SHA1
4d9cb64c5c6c6b85bf1397ce172478212c79c49c

SHA256
1fe2c2059495835b248a7955b1053de3781c93bea950b42ee54f012335459cdc

SHA512
91da5752aa4e74a1422205e6be9d4a8cc8c7997e30555ac23eb376f6d46f4874fc5643df72be7e97dc35bf9812a18ec13876a02ac1ebbacbdcdf209d9ff43bff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
282KB

MD5
b4ebde0428b06a67bb82433c43c16b06

SHA1
31f91613554917b130032c78b6e3fc6f8437d5c0

SHA256
d5b119bac75b405ec846ec36775c32f686c4ee6e4d52b97e1c2a273e5434f9f5

SHA512
d81673bf529da26c47943852e6d5238fca08e8d0dd8a5f587fac158a2b7964272ae65502890bac72e769dbfed4b11ca74e2aecc00f91178bbd45c0c6869c3f68

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
246KB

MD5
80fba3e7dcd98bfcb3e25e221039e4a0

SHA1
4403a024f8a1fe9371679b6687d9a2aac8500447

SHA256
6bfbd54c3505ceea6bf2edb5b91a5f2fdf310616879cd905f810365053f729b7

SHA512
fc8716f24ed023fa4548b8dd1ca5f4db5e3c9c093253a9363efd984caf7a215531df1c62e5032ce65cf0a6145f66c8f27c8950441d645de2651a17d7b25a18db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
174KB

MD5
930cd30ee415952607f02e842d4c9463

SHA1
b42c777212925fc26016ac2ad1031962df980d6a

SHA256
3b63b744e0c485966554dbba93a9be6e656373f3461fc6cf18a697db89db62e1

SHA512
4062e246ba7a4a52b9cf0315912ee6f9d186f1205d1ffa22db1eda5f3ba15bf3386780f3f13b3ad158067f7540d2adc0e1dd78c16cf3dad6771b1b2f473900da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
101KB

MD5
e0489fefabde7baa90fb8ec0ed635a68

SHA1
a6edc2a2d2d6bed46a79c41e8e232c62760e8868

SHA256
08f52ed80d3209725a78ca422e3bbfd31c64731dd26ec0c73580a9b1b66e025f

SHA512
040b60e310b6cb3994f50bfa0b12f117b83bf449e1da7008967dc7bb1d7eff05bc1f2c5405f9ce6d4fafc7073d0e2fc1f8ecde6f768d402364877273f3042956

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
30KB

MD5
43a4cb11b0c8993d92f4334b41964cc1

SHA1
e582761d1e8c955053f532e04188bfe3fae67b8c

SHA256
54b1ef017b8f95c8a0967b18aab46b24fe7fd1efc8769d002896cccf31ae747d

SHA512
79a3e48ad7dd7553d2db9c483088f5f92511e13905c5552d98dda05c929c9d2e3e10c90868d3786ac3cfe6b6ffd0aa98e84c34481f835fb8310e9448c0652130

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
27KB

MD5
37830fec451e96cd1416dc8bc5ede8fc

SHA1
955554da9380e61387babee7406e1f9a365bf476

SHA256
6a60ed96d986b2bbf427d34a7b174db62ed569d8bbf515020df6e97e0bb61888

SHA512
691f338930104b4d5538153d8f2c9a7971714794e37a97417f0b7e9bcaf11decececc3844598ccb70d6b18590083123477545dc6e8b3bb803c91df3c0e03997c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
41KB

MD5
1c1581a70ba867bd826fa74feab4999d

SHA1
54665a1cc9f3dbc8dccbf8c978db4f3c7e6afd07

SHA256
679c4820e76e98cd9c67f652545227283952589b778196ebd93a9dedfed11d1b

SHA512
c6983669225a59fd245cf165f617da7c2253e4ee1f987025bf61a333a01438d854e55698fde19435f4ec10f3028beac2868082858ee175608740154b5b349c45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

Filesize
49KB

MD5
b57c8dad2f202f7ca98dd2c754a0a155

SHA1
3764f9682b6bd57b3e8d5ed727cae89c3e7ec850

SHA256
f76b435a67bdcefcc1c60108251cc7d2fcb25dfb014ad829f9d238b841563220

SHA512
e8cd650d5336b0366d82c46180a69e0fdbd0f102fa74369c7bd9e9725ed3f63d1342587272de4e6e1ca8fa8be46b6af4b1397d479562905cfcc308f6b31db1ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039

Filesize
254KB

MD5
7f881805cadb75276f49a22c8ec057bc

SHA1
e1ee6c8f9d4ebbe4bd44381268180bd0919b8195

SHA256
be2434750e34c62ca4874f902f2708c7639393b512c1ceb17f9eb5d0099adb1e

SHA512
3052518422fe8a4b294c058c594fd73adc9bbbafc3d9555f505c84c7d2b08e331f792374f80c3f796190725243b3be57103cbe63358a69d6e502c2b4927b8e28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d

Filesize
168KB

MD5
fadf5e0f926fc2ee6dce48f4047f5d25

SHA1
0ffbdbaad8f9569365dbacf298377e738bd3db34

SHA256
e476cbe22e16471cd7542b8f57f281975adb5066ea4e9efa4a1f5d2a54a1dbbb

SHA512
147794e93a993d118a40b3aff4c312dedb036bc3c322630e4acb291bd1d5b620da13721da7799c05b09dbf9a2ae7a2fa8a24ae659a7f8250223f0ba0b9a1f1ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003f

Filesize
23KB

MD5
d38a8cf80dde33b8d2f1dea0281cbfd1

SHA1
522881991b5a3836abf456663e807252069d3bb7

SHA256
6a557ac7a116a89ddd8fee65a4f85692856ecdef83c719de57f099e85a7c81b8

SHA512
e785c0f67a65df60eb8cddfcb6676db51254c504062aa92ef0f272c27277717fe48e120883a58164904032d53ac5528deb02dd3ffb7f7fac11a1ac392d164a5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000040

Filesize
282KB

MD5
24a8f95f3365c2cb6a30cbd8bfc8fb5d

SHA1
88ebecf9596d382d00abfc67ce5bebeccd6c5b3b

SHA256
26abcc889eeb3267a08c2bf67f0005d96b1918e01aaf159c1fa8c973d1dac7be

SHA512
3358d75b752c064b96b3572cf98620c0dad03733c33e50759ce8f442fa3daca35f3291e73f8e9016add7b82a3751112f37a6f70274235ad60f56f45b6627db6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000cb

Filesize
20KB

MD5
29c8790cb3d6ef2ec6006362691396a6

SHA1
8b0be810bfc77bee0252c9887b9c93134e9bc833

SHA256
e206e55cdf83ceb6a916807e3094a42f04d6ac28aac83f5f5b57eaf735e9c0df

SHA512
a58cfff5f0be24a8e5eaa9509ab8c16a95a3f8faa2c0007e8566e62c7eb0a8bdeafda5303f7fc7211fa6bf5a2f26f3c45af3b948ec464f37d1323cb5e538b48e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000cc

Filesize
45KB

MD5
ca6352c9fff3cd8ebe4ebf50ac9f6fd0

SHA1
64045279a02e4276a9be340ebb719e75e2869ea6

SHA256
d2d86625e997770230029b90779db889d161e3ea7cde96a225b16f3149d7208a

SHA512
f389a782848a746597dd05a7e6fe67568f22a0e177a5b8b886f691738415bc60c3e1dda662bceec563b1d8f59d4fc28e94e45b402f3e02b903b73576c39b6f0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e1

Filesize
77KB

MD5
57767877a617d2f534b2ee84642ceb26

SHA1
e0d9b7882d932890b40724a76aa90b8951e70c23

SHA256
e9f68e51f57d4ef875ccda7310bf731baf293f0fe20407803a9089fed6a7ae13

SHA512
195e8146dff4b6af3e3a83a8d875337f0379c73592544f7bd0e5fed54ba279126b0e8e1e55e9f6a8cb72f669538f46d0f003947d170676f5824d862ae3371ae7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ec

Filesize
20KB

MD5
6931123c52bee278b00ee54ae99f0ead

SHA1
6907e9544cd8b24f602d0a623cfe32fe9426f81f

SHA256
c54a6c3031bf3472077c716fa942bd683119dc483b7e0181e8a608fa0b309935

SHA512
40221fe98816aa369c45f87dc62e6d91fcdb559d9756cb6a05819f1cde629e23a51803e71371f4e4f27112a09489d58ed45b2b901a5f2f00c69c082b3576057f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f7

Filesize
22KB

MD5
b39069244283d0630db35bfe0af50515

SHA1
0f448e4c3a3e5c61c0d8bb434250f289379a1daa

SHA256
6e484fabf582df6de3f99d0c363909a6d404cc29bdd8cc76f393a978ea49e0a2

SHA512
2c70d5a82aade4014dcfa03ae0b83cd17b50fd2e995fd27c463980dbc57775da16865d47c8b533dd87baea735e011aab6f3969873e5bd305647ae1586f2bcdce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000121

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000139

Filesize
47KB

MD5
fd1f79856510e1cddd8141f1d82aff4f

SHA1
659aa5c13b63adfb1480856cf8da6acd4fa624f4

SHA256
d2c922c16632143318a2792e0ea9345ea5c072ad583a84d8ef164cf952fec4f4

SHA512
7781c5280010519da7e71a849a9cb5e37f7b29a1e800bbf9cc47536eaa937abeecd1a2d61867c2744b7de83f0cfdc88b72255ee083501df0455fd018b0f86376

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00013b

Filesize
174KB

MD5
1ec8133dceb7cf310ddffa9358a9ea96

SHA1
132bc903cee423fa46d76a995188828bb3d8bd05

SHA256
733421aff54195b173eb5b4748ce0a74fa37d35d1adb0dff1d45ee991953db29

SHA512
f286c01ca9fb3b77de73e89b5b3216da594f7be07cb1b7683b7b2116e2de3c39b00a1831e23362e06a7d83ea4d594b397cf0ee09256ac8431f40af2166895842

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000149

Filesize
38KB

MD5
f62c23cfaddf3f4bb1450e304bd8baef

SHA1
b6f050e8c025ea9341b630c2a00dd532257c0af5

SHA256
c8f85288f5afdbe5c3cec1d15757e87a5e98818c320f8d6401cc43cda55aab25

SHA512
6f2c2d8f98bb5784e0b12ee2932f6ef2f8191a79515b2833e4dcaac4facdd996fa79de1620c3fb57e37d473839703adb199592baaad9480a936957bdec271f83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00014b

Filesize
51KB

MD5
f61f0d4d0f968d5bba39a84c76277e1a

SHA1
aa3693ea140eca418b4b2a30f6a68f6f43b4beb2

SHA256
57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc

SHA512
6c3bd90f709bcf9151c9ed9ffea55c4f6883e7fda2a4e26bf018c83fe1cfbe4f4aa0db080d6d024070d53b2257472c399c8ac44eefd38b9445640efa85d5c487

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00014e

Filesize
28KB

MD5
bfb4ad144233248db8f0b493c9f53943

SHA1
75f204ac49008ca945d35db03568db5ffa2ee27d

SHA256
57819395af403b8697d446c0ef64388fd0f4b33af5647bf8a79d0616cd903393

SHA512
0f5f4ffdc046a81da203998f22ce0f156036b3c14646faa1b1c30d6bd0cf5138b70b3d5ac60b2b6eed36d2beadc108b78119f757bea84705ac71a8f1b3d4dd6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00016a

Filesize
76KB

MD5
d3846160209c598d147461115cfb7065

SHA1
ec7147774e48861c088c03e9a44f986527788313

SHA256
a0d059f256c2f0acf821bd5cefecb58aa1e1523d609cba6ce61390e477d36aea

SHA512
27acd12387fb69eab86dc5a1a5c10a5ffc699d994fe267188884dc192dbd67879bd8b4be151aa2775b13d1660261fe82b9efcfeeebe9c5c36d25cba30658447e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001a7

Filesize
62KB

MD5
0800f316866f3b20e5443bf0b6c133a2

SHA1
0c26d720ec1078b683068d5586b3a204ec118bba

SHA256
8bf6fdda34cb70a0e5abb753af6440a64d37ed2fee81ab1d9c478f7d77aff84e

SHA512
84d9961ef0b3890094c0809750708d57ab23a9e21f76fbddae37fe04443b44c693dd087e51ed06e5ea2900f1fa7f2bda76f8991d3f8396dacfaf923438e48d75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001ad

Filesize
18KB

MD5
8eff0b8045fd1959e117f85654ae7770

SHA1
227fee13ceb7c410b5c0bb8000258b6643cb6255

SHA256
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

SHA512
2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0001f2

Filesize
25KB

MD5
42e84ebcf5470237abd1f9e322b751fe

SHA1
a828a45804554507d9e8521c36109e8bc3d5eca2

SHA256
a9fc7baee3689f0331e46617f60d6e7c3ed631209b7211e7dd09cf20d22a64c1

SHA512
36606d42aee5689819dedf221af3c6c0da06aeb9997b9ce84b42db42ab80a0926352219f1e47f2287dcc850fcc96e4eefd5e487e09e1f1228102eced11271e25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000224

Filesize
18KB

MD5
c83e4437a53d7f849f9d32df3d6b68f3

SHA1
fabea5ad92ed3e2431659b02e7624df30d0c6bbc

SHA256
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

SHA512
c2ca1630f7229dd2dec37e0722f769dd94fd115eefa8eeba40f9bb09e4fdab7cc7d15f3deea23f50911feae22bae96341a5baca20b59c7982caf7a91a51e152f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000225

Filesize
18KB

MD5
115c2d84727b41da5e9b4394887a8c40

SHA1
44f495a7f32620e51acca2e78f7e0615cb305781

SHA256
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

SHA512
00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
884735588ea2924ef2be2c1fb3f7a756

SHA1
d5c22165a9a8d282206f02dff3e7346f7c74b4a7

SHA256
18810b9bcaa35234c47cb2febaa74366cacf2114c7f66b9abb9a6a521ed6598d

SHA512
8c63a15bac6eaa40a854e8c46971b912f56a27c6fac1f7268c5f3b9ddbff67e66e2570efab728b5d17fa8acc00b57452404028a07d31db033945fb6987070b63

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
d92e71849314585c79f9bc6f5fafa0b8

SHA1
fdf93395c6c0276e7690571c9497bfb2a12e63c3

SHA256
f4fe0fbd90d8fdd80a5f49721da15d6b32daca325aff17d07a84baab5b10d59e

SHA512
52fa5e5687722d883550c2099c45f93e38312bbfc20e5139fe2ef7e9b11175e31db742611da63ce868c095fee3518d0e44d00ab601f5cc0ee17b28a2ecfca160

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
16KB

MD5
d356bce8bfe82ee72a1127967478ab54

SHA1
16a83cd211154a90f3f26452cb8b192a7fdb894f

SHA256
def2d7fad2d00b16cd0e93ec87302e8695317c0159aa29490b01a706a26de950

SHA512
ceed4c5ad47a7abde8b7fe46884cf02ee72b90c637a76f7ef47b227db8b9bdcb0fba9be1c3866d02fcf20f5a96683215bc69613e29bc1ea2624e8f453400dee5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
17KB

MD5
ab270c49985c7029ae8228ae580cee8c

SHA1
db5d393fe555d0e456af82800e8f4d89df523c18

SHA256
e4289bc2c2b4d5abb1b3b4a160fe9164581481b1296e6e7d11b680bc1193bb59

SHA512
15e673a265496a1512c84a1a06486241e580dd9e61ac2917ac32352977ec09e308536ff69e967eac06f429d105ebf7cd8b236627a8f4d94799324d6db3305678

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
ee3f913efaeaaef04fedb70091780ddf

SHA1
ce5a5330e93a2ed0bc9582b99e4d615b84908958

SHA256
85431a583241368ec6e376305cc4d4175d7d8926e2aca1c229fc4562d3e77208

SHA512
a76f701d69f06155ad7e9876421eac7daeaa4d5760f059e579f52157676e2452d0765f7b1e23d861b6694d456e905123484b5dc492d726b94ba4a925cdfcf1c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
10KB

MD5
1fc3ece2251d53f2d5f791f91854a381

SHA1
8abb6f00baa23ebda2989b866784cda2aac845f2

SHA256
21d9314f174f01214fb3d778b74013e1b63769c6adbca1de7a8cb0bdf99d5a00

SHA512
eab7634fa9ab3b9aed06ceee645cfedc20fc3e3b4719ad8949de3b537479b48488955259562d2805c801db9624031765410dba08f4b541e5c42860a112484f73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
13KB

MD5
ba23cf1ae8080679029f3d13f9a85028

SHA1
f09762e17ec7c45bd7767e0755e0aec642a00e69

SHA256
d54d87cec8aff4f623456dbb0292c4c6e6a4f7093991281bd2addf64203df0df

SHA512
2a1d3331889819dec52675b8435570892150ea4292cd757c4a90dbcf06e34cdf32ccf196377ea9e7c1c1b734bd1456cb407c1b2963254f949f960529610536a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
17KB

MD5
6bd89ba53f32ea8bd703f826ab0d3e7d

SHA1
d4589fd88ce82d7a799ac85f931169fe4e87c455

SHA256
84eee28d22e81f98fb59a4b8844ef383d09a2917118364bc02d4a57841d16224

SHA512
46d969b8a2ade4b7c4e9b1f4ee78c3523b6c188d506ad44c788e3101a85ca3865b85fa81ff4798f8e93f8011c3ecfd75ab6eee8ae3a62216b48358bc142bfc98

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
10KB

MD5
6241abcd1a61fb575d0771a0d5015e1c

SHA1
ac7110a0f438c608001ab34f2de5c0607936ef38

SHA256
7f03a35da0685e9b89493ae37052d20dec5f87826ea49e6e3c0950984b0e7f40

SHA512
44357fd67b1f04ac507d4ad0d80c76abfdb47dd6ddaddcf0b10c51d06a7ea0f5e654ff75147d5110c830db6ee28012d97ca92620cc0885590f56a9dfbdafedfd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
15KB

MD5
538c2d9c237edcbe06c262a58b2be3fe

SHA1
1c2ed5d0b6458b148850760eb47fce9fd27a16a0

SHA256
00d1b2231cd0beb26b7bf5d8c28b3350071b062cccb8f169933b1adf2968e08b

SHA512
f6af80ae7b2d8c7587408d066b6487230e43b0706053428866f02c7fb9c9b733d90a98d3d395af334301e62248f74ed299a88d22608e3f1b852300ec16e34171

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
17KB

MD5
4029596be5d6705c0adecfdfc58f72a7

SHA1
29f3e9f1293770addb2a381a223c40868ee16fcb

SHA256
e6272e46601b047f1d2d3c0ac604965d927a2bc09f8ae45c650502420db4d92e

SHA512
7bee6c3a98a8712ac11dcef6c10aee94404527a5184643c0e84538daa0de634871571dc6d79db4519f65e2cf9294fdf552b5412169ad1e66a21bb88eb3d56f9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
771a870f3a051fe6e36d50be348cc28a

SHA1
faa00bfc1a4b703e79400273d9e24842a94cc906

SHA256
2bca98f4e3a3d8c2df850b310ceb4e236250d21609642b2ef15ff04865b0d5b4

SHA512
98bdde5dcfcae61aa04d05aa5cd5b8726613abbcdd686134119a9f3ab716d249994bd0bd562693c2f505afffba13fc4adf62a0d6212914d669e4d3a184247aef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
ad83287a329d05e5f014f3cf3d09490d

SHA1
cd341e3456a69e01fa8c57553c17813b1b7598a8

SHA256
03ce64ae95798d0485d9181e09c1e73d5f1013a8e2917f8769534bbae2ba886e

SHA512
7a90bd2114ced0ee83fbf71ae5f6b15793c00b80076aa7ed07229e26c9560465916fe58f169691187e810be242cd8eae12c308f4d5d998b4539c0b4964c6a86f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
36KB

MD5
300c205a8028b67456e94fb252940729

SHA1
bcb43ef7a16c6e34f235bf635ca919a0ac1eb7e4

SHA256
5f6a96c59e806489c92fa0e4317b20834cba0d3c073d1d7f59767e09f3abe1dd

SHA512
58a71dbb98bba71ea4ebc4a04692f0c6ca60f882feb88ed7d4fbc1b48534b627703f0f4ea3813685924871da81d71382e39ee18e86ae11e5adb94d55fa879f07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0

Filesize
44KB

MD5
c9c377bb4a0f5fe1f3e6697deb2d471c

SHA1
270f1d40cff3576d3b4d2a76c95bf089b7c4163a

SHA256
4cd73493133bdd43a93484d83b2cf8567ba9529799e733b5ee6e25bd5aad671a

SHA512
dcd492264dfe16954bb4fd0db3fae59f5379802dfd7fc2fa585f8eb0a0cab18e801f9b42ca666da5293c794d149b97355ffe73e4d83816ce1769aaab9f73bbdf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f1321d6fac7b5c1e6bf30cc5a3c432dc

SHA1
b769b4127b068d3fb33295af52edb24c05b639ce

SHA256
30fac4220a7de46886e7200e810746316e07cbd4ae7b537a9f6004aae36b084f

SHA512
fa292fe27e97dfba1fbe8df68284110ee163fd74c4bdc7aade3b658de3630aba857d31562091124ffb94b6b48bb60aa54254b9680f84ea19cc48cd1c2aabc3ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
160KB

MD5
84d83ab8ee6b3db7679fbee3b1b123da

SHA1
f2702f0618024ba10dc14293ce5833844152934c

SHA256
17e7fb627692856b8d23df1071733b292f20a3dd730ed0b4116200d289e64860

SHA512
c49baf3140c1f546800baf52cd9ab7e4c224e891f6fd31cb3ad33be075240cd1f72f41f00d048f1c973b798430604dc5cdaa8a2b37c02a973e5e121813eaab43

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.usmagazine.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.usmagazine.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsRecentClosed\f8ad7183-384a-4518-97e2-80bc95f808de.tmp

Filesize
27KB

MD5
3fe53456525a813eedb427652920629a

SHA1
f00d4c5d2be596eb9f58f2b20da1a47435adca07

SHA256
b8b1ba46924fc779469bd8fe55c2e083b20fb761337ea568120ec9f3bce346c1

SHA512
d8c9cacf85dc2ec124c45e2c57da154c11b1598043e15f399f4375ed829564ed5050ba600a1d2d1bef53ecabb8491a9db6b89c1eed5bee1da4a3b64ac06a29ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
b41852409e74fc963e5ba2a32f71dbbd

SHA1
78a9b25b080a5b921e486bd03062923baf639728

SHA256
dd313996677711462a0a6a559e6f87bcfda84cd8e224c321f10342522c7ba432

SHA512
613acb017133a1d0201cd5bd287806be37347478b7c8d5b890478d0e3679a46cda7fc54568681dcf67ae6f2c8b1850f9a2ce835a91feb5f76f3701a764f04c59

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
80KB

MD5
84c14274c3cc361e4462ff337bb1cc8d

SHA1
cb26b02b67981c958f0d60c34f1ebb2893547bdc

SHA256
d7c0e01fe6682adcee53178ee33689d0072ffa3a740f3882b5c2e9b9b155d9aa

SHA512
acc18bccbc9fd5dc912162543a747572684ddc490055f92e82d8f72a139ff43f05ea018567a1029f89d06c06478d89f52c50fa6cf3f1d30dd0b8f7332ac4752f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
90KB

MD5
0f1fc8b9d4369c6004b871c48ab79dbf

SHA1
15a0c968041b71ed3d9471ec4b210bb12b0932cd

SHA256
d513df80ea7daf44953baf88edd71b5d0cb7ff3dfb062276343480ea002b3236

SHA512
ecd7827f2df308e8a7dd1380ed97d4b4e19df1ca73625fc32fb5df9c35433a35324c0e07db8934684e29e9be568e57bc2611d67381fc74e527d7d79e4d89907b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
93KB

MD5
15295bdf98a568f1b21a640490a25d86

SHA1
da41c908186fb6f8b661c46c7367345470c615f2

SHA256
9da6f26f3c97f3199be61eccba160a3eb1e24d57ef7075475d302f6962e61f09

SHA512
dca74058f4e2382f4493b5092f9f5cf38157e231314586db7b13c218bad89e0dfd30ec512b166713b033ea8551c589bcaf18038eea85958859f9c1c0bf70c29e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
105KB

MD5
86185d2272e8f9d9f9c64c2c94ad7037

SHA1
24f0c1e99b7012ae7278e6206b538339ef662a12

SHA256
50c5c2bd302d8e51901478df21b7824482b642f2bb2ae82c9962b8cb23630dfa

SHA512
e443d81663739fa5ac549d16f4d76504a47c5b9b0934b130422253dac8a2286685c577ac70d5de1d2d8ba8ee5f1cd224789f61d0b4d8e4621e34fce7c7cf8cfc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
44b4bda8e4b39b14cd3a30641d779962

SHA1
5262d9118b8daf12a613527b341b20317da263b9

SHA256
14822397a96e9a2198062861ea08893707e2892d4ff3ac95824e444e7cd21603

SHA512
545855abdaf0b1a86546499bb7a64af6a0e62748c000b17941597ebe697b57158b36b5551dc95e15264bf23c6da8136a86024ea9ba3eefa2b1e0bbdb58ae3ec0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
105KB

MD5
e1409d467a0f4eec4d056b057570c703

SHA1
7f5ae6bca7e3e0f117defa8d9f54518367181ddc

SHA256
185f2bde10985a355980a9bed235cf0ef32ca5f4089c615cc766659386c18b78

SHA512
27c3f230784b3f69c0e89a2571616d454903cb61fc5fbaaefeae21627e6d77c20f787032bcaf6171a8637db88c74394e22a6b0d24eb0716c5e367d143c271888

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
105KB

MD5
f3facdb8850cdb6e5f67619bc4b97965

SHA1
3f1178d7ef2d6565616d67a43bf3b53f10ab5cff

SHA256
a4e946efd65c0ab7ac6227170a15a68ebd3c4f2e6840dcb414c1a152003023a1

SHA512
0e97d98ab60c0009f3b437f478a1f0ed58fb1bb3b7dbe5ff504b436b809f4c83ce33e6be8cad94ccaec847080d5716cc4c7dc30cf634e314d48b80f56532a55b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
95KB

MD5
a364494b3ca0ba89427f9caee5eba772

SHA1
37478437963a00666bb266bb5b9d82082c5d4732

SHA256
42f1f8c4fbd1fe4ee0e9fcc9baf2b65bbf8d6807c6e0fdd134f4d442d1c80ce3

SHA512
08f965bbef2bfd027cb7600566af0577429f96ac719fa28bc3f7f9bf11d6cf2ad9b8da56aba1a1cb9b1b123c3f235d23e7d0c7ebb45de5c18edd869820756314

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
102KB

MD5
25e6dece833abb6fa8e0d099ae5f5711

SHA1
4d8d948cdfb5e2b11d7e1dea589245739f77d763

SHA256
954e49b47aeeac57184e8842b4c666a1187132ee9f1d84761f7c379fe3013533

SHA512
9a759c1d87f6212fda403d8c1fe0f0b4c04c06db8b6bc9a1c7884a8cefc77bb19c2ed12dfdfd4a2cdc2631e6d02cebba4cdd35ba1bc561918031b56ef38ea6f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
98KB

MD5
bae283cbbf1a602d7561765aa0167559

SHA1
680dc87840baf570b440401013effdd15c2d2ae1

SHA256
3baef167e8bf02f6948cad0d74f12f40894b4b240488fce559fa95690154b5fa

SHA512
cfdb38e43dd11d2de8450fea291fce6841a096e36ac9c35ddc7e4d2a685fbc13f60ed5b038e2cac756b02e831d61582edddbf194c2832ddb82d16f22490e99c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
105KB

MD5
c4773feaa6b8ae1cce922b5da6e18494

SHA1
7bc34765b4f56949e85744c639606dd9adc7c24f

SHA256
4bb953ecf28071b09ac5336c835e5ba6554d50492c97e6c6b90899438ea31da0

SHA512
e46f815c25308d61c22f0213e19d1e407b3fce6ed5e47f35732b81a069b4650b1c745a2cb1fc7e1e491265dcb218775a12d862a9fafe80ef874811d2e5e26581

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
101KB

MD5
95fbfd2f060f346d857d919aecc8ebe0

SHA1
95b4d581c241e95e753350e299c28d799576b509

SHA256
75d3247c4f53f193b3ed9099b30f6183b3395e7eb5b6f048e60198040fea1f60

SHA512
94bb4ee782fe5d347db10195a180b2f6b407feb092fc7f5e00f92210b0fc06dbfd72a52049e94c8647f3031b35c9c812cfdcbe666571c0aa1c711a76137d07a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
98f9b9a432e73e87cf058390788dd293

SHA1
ff0baf3cb829fe6b13e4b7a809fc72f894fbe5b7

SHA256
79e2cf68009ac7ac87e7603b25a59c059844f1b51ae61e9e30500e4a3caa3830

SHA512
71832d97387a36f6f2d199806cb3adb73abbc82afde1ab8d9bb60439602ddfb0c1c9a3dea0a951c156591a5f4a89816a92ff5200a7658559b87f70d8ba0e1fea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
8d6ad841f1aa3529cfe4db57c9c6e7fd

SHA1
92e859995a4c68d0fee03806f2dcc1fd673ed799

SHA256
52a7e841034e57f120a557408c42d591eb7affa6bbab2f9537ab749a27325e8c

SHA512
d248db36c9e530f7a6fa828580c3424491ac6a0927de6097e2dd12a8c339e18a2d56fec50e7214872653451f6b450e32948d86139a84546773f555461ab6f334

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
17a948b7619d5a56861d488b346f1c29

SHA1
d63b289b8be682fad46da8f17109dc704359cb17

SHA256
fb734826c05e3c878ead2f952ef58e9dd39c5e6ce82cb3f3f2ede7a585676787

SHA512
6d2e3faf3e3d2934a214c5151f5843fda115eab96a6dd4b2379a47434e45a45e74aced71edc3f7fc4edcdf0f1bb30dc6a2437dbe3d3a95ae73fe5a1552e2fd5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
88be7a0b8fcc55256496421f9156bdbc

SHA1
c7eba35fc1a44cc7c42aad0e5742c3e6b525b761

SHA256
8ba79dde02fb00af69cb52c652e7a2d0876c5f91555b3289e647a67006077d38

SHA512
a7554f761983ebc12ca778860cbb506d716a3047f5629e40bdbc7a0db1a63eb9467a47a5933da90087bc0b75e70238242ac65e01d37a628f19b57c8250e895e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
b6bb3236968b0ee718182cca56db58ea

SHA1
3215c53e2245f24c16a90a99f36e3496ca30bbba

SHA256
0326732baed04690d2bbc7e0e626d843d8495b147be7ed1470e6f1d7376e567e

SHA512
b4a6ce5e6662f640d9e5ca02e9787fca5e6884c0723d56a1cb97c774316c4367751ae3a013b0ddb57aab675cc77b06fdd8b5f679b762813f26f6fa35989e1bc9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
8KB

MD5
52450570a80f7fa6dab66a33a7450a8c

SHA1
11224a39bbca617bd9acb9bf5d0c735c1d7d1e16

SHA256
65344873efb89988fc09c7a006eb7738fddc62d5298507d88c61e4a83141f78b

SHA512
c731aae31719e919319eeb83d528b2976f5206715128e97b72a98458c9c1f7f511e8a04a93c200ac0846eedba7a0bf0c8e4a97b1fd487a34dcb17d62870d0dc6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
9KB

MD5
b4a828ff24f1ef5aedcd24b2c85610f0

SHA1
60d208946fe9707bb6647c92ee058e84d01743a0

SHA256
f7d07db22cfef08aadd8bc3dea144bd248d0005fce38bbea5b2c168570930da2

SHA512
5b71a98e6aef369d3cce957032883d7f2eea5c3f4d34f78af941fbc1e8e19bb576a1d170b3a244e9d90457e20789ea95d4a047bf2eb5af8a373e19d5e6f536a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
10KB

MD5
31cb06cc7e0046eb25e6e4cbc186b3aa

SHA1
9382961be368c0670c2be6bd970efd35d937ca9e

SHA256
da855ad1d610d3e4edfb0127c857a489650dc9af8885b6fd07346df97967f75b

SHA512
d3d9a059b633b72af71693c47678be721c9d03b513fcc2d37f9ea399d0e77a636716d017144f126ef6b8a2e0141c0f3b25cff6629c3996b9ca75510e76681888

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
10KB

MD5
c3c97c1a24137cf4eecb8ea1803bd571

SHA1
96d8454f22be0cbd02ec5a4c486d034bcdcf986a

SHA256
8874b22da6d9791e059b0b2fbcf752891891be34f2ad82b1d3ddc8931e198e8f

SHA512
36559d9841f2e1a6ae743a4ec0a9162b5fd3a6c123bca711cc0a5f856dfbf8dfaf685712ba29a183a74716ad45fe19e1911a6cc74b73869071cfb6acee8ab5d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
14KB

MD5
6822e4c15e027febb16c2261d191c400

SHA1
a3376ec766c5ba414fe87f237f330c5467782bf6

SHA256
9d1ce2c60bb1f8a1d44ed0fcb787282a4495fabdd4850454da947affba9a59cf

SHA512
78f7efe130d20f099b66de7fa66f1f9ab8fd65d7f60041de3e304a1204fcd020da986f38071be90ce4d6ad1a394cd21416030631b9a57d6fbde59caae2773046

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
14KB

MD5
e0413ab5e073886cec4e0668f9e6c002

SHA1
c27deba7243a210081af1a1404ed2246763ee433

SHA256
236822cecc8d0906d9258a9b06d512c969592e6ff2bcb967b29e27a7a4c755e9

SHA512
0d5ff94d3618e28da392a23482b8dffc3bb605cfdbd76ae3bd875f08fc7800b988bcd2232996705b9f2247a51fc6fabe864312ecfc303f853c36b04a7f273ce4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
9KB

MD5
622e82f27c564f99852e0c21b40e3f6d

SHA1
550ec11c3aac9f375edf96069dfd10d4624b1208

SHA256
41e2d2ad4464e75e34590f6bbf44bc48f79d13d9995811fb2effa7c1afcd26b0

SHA512
6570f78e6b9e2d84df05c1139e739717773d1ff3d7f285b715474912816407a9b48110564c956ba6c9f1b2196266ec574796eb6e23fa065c861e19b6cf7055df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
9KB

MD5
00c950313a1de102da4169c72626c94a

SHA1
f3054993100ad11ece898743338e385c68aa4c00

SHA256
d50e09324c142303e68d0210b3aa18ab7183555d74671c940f29a3f6f53eb565

SHA512
e9b85bcb84ac00d8f5c89d4020a71947ef9a3cf74696f29c496096679b1d2d23c564b80f7e1f5b4726b18d7eea63c08465c65ffc941939d88d82ba79d9366514

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
12KB

MD5
5135954079812230ef6ebad6386c65c1

SHA1
81bee765a55fdd63e79455960ada29980c598630

SHA256
3d59e0ef570b828853ed2fc886f59e6663034aa12ee80bda77b043c0dcb3218e

SHA512
346acb864c32d6972f46d0f58484145f4f13374939050407b44d2b02788d82e9a7bd843c930b2087dbd18c1abd8c6435d0304a81223e082a9af04353e820faa6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
14KB

MD5
3f8a76aa2d3cac6243119d6c31c62537

SHA1
6d9470cac9b32788a3752609e77cb716c7800fcb

SHA256
0ff9b76be0d4b5b6a8d3c0482a58d50362da1b2c4774a914bc89b7bee1bc323a

SHA512
805ebf41519eaaaed0d90f4fc020eb9f1baa8b833b8b193da6e76ca724d28e0cde71c633a8019111a75dac5463ecd574f5461833ae1f02cc4309650552f5b22f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
14KB

MD5
38a397ca9fa1a749278eed0279218d60

SHA1
d334e0fa76c0babf025096c412a3fc298bc3b21f

SHA256
c2b753ac7a163a61ad2a5f18f710b700df46761a6c710664d74ff272938721a4

SHA512
deb72783cad720fc1874ad716d81c03f50b8dd925a9081ff018c6a6923ae06cf40e0c7f108a6aac9dc91cf798a2c86e241b081ea586fbb3acb1b150976532a8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
13KB

MD5
48ed98340dc5650add3444fa19aba198

SHA1
16c29b880d158b5f928ba7d4d072d48183300a25

SHA256
c3e0f3f80574de1d707932782f8ea67dc4530cdfa8f5d91b59e11f3de0aeea12

SHA512
052b472e7db20cb0446b475e9ccdf540cee827ecb14f59d23c68ce6ff1fb3aa5c48ffc5097ca899ae98f3bab025e065aac05d77e6321fc565c18e4819eb0f8ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
9KB

MD5
5034e3310c292636666d2769e760ce0e

SHA1
efbefb9a6896afcc06752b942f84e1cfd1523b40

SHA256
f190c31a9caad00eefd3122ff20a04da75e9dbbaa43156fb06fc3e74b52de9d0

SHA512
94b00cc7f53586989f1d0c9505a5196fd229c747bd95d7db92284428a853376b2f0ba7c5bd047c9fcdbc6df1d4372c3b54c15f96751e118f01ad2d82037306b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
11KB

MD5
90c89f63911de87f55b29dce95cc0c14

SHA1
7f0c3605ee5f42c4b94237fa1c3446c966b7a540

SHA256
78438c9cac5b22fb6382071de683fee2b4ba26f4b22527680f7756db7ca5b643

SHA512
8a2fcd178cb4b6e8b349c4aa58fcd99af40687016c16219816108eb5e5040282e31f603e0d18af9b3f208b1b9ea0c5cb2a9543458af99b63d54045cc23fc94c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
14KB

MD5
8e55a6fa434671d4932b1920185aa76f

SHA1
883252440537062f3952d5de24d4ba92f963df79

SHA256
c164c21607cf99ece5d2edc98623babead95a4116831226b625abc31d1d55a2f

SHA512
d50779c553ce5ffbef75ee0073ce3aeb61bc0ef409d112ea222566056fb14ea2ceaa41a2b0c7ad3ad6a101bd28f6ca6614cccb7ec22843cdac9793849ff6b5a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
13KB

MD5
d2c063597e25259b17328442c38e13d7

SHA1
7a4ae1e96417ca6c922a25acea4d42041f776596

SHA256
4430aa6e00c1657c32bf689bd621a21af0b70ed526c209ce8c730fc8551c3ada

SHA512
2b129602abb9f6fa1ad83bb619a43366d51fdfbb43ad6cc5c80d69725761c4d1519460e7bebf8d1ad02e6f34ebd55d83e595d076019ac0d6c32643758e2f133b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
5994c8ea93573e7699d706e6c9293d0b

SHA1
d30153c24c7ecef679f49946115c0766361aeb8a

SHA256
bb5b9ff287d82f8db4cc831b9cbde26cd49b2aa30ec22a36b7cdffe701180089

SHA512
f1f381fc811372db568d8bf9c232a05e094f9b32196cdde0ec8c11ca1275f5bf432671e0c64b1797350769ff7539902d8bb09a5ae341c89c326e7f21d11091ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
10KB

MD5
6648fe79fffcb4c2113aab9c04d01e6d

SHA1
89c490d17ed80083f5c42b5cc5e024b318639944

SHA256
92741f9e659eb99cfac39b3d2a8b01b204058501550371aa9bb3b71a4aa1fd5f

SHA512
742a06fd27f265369632b312067019b10d13005ac59e2c787e8b3c06cebcfee46437fdd6aac838da76b0b9548e7dd3260dc66afdd400b847b96d8aa19aefff05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
14KB

MD5
9f90a37e5754939b33a42eeed2c4a5d9

SHA1
7273e560a50e916be7650274525a5240a7ff1956

SHA256
26ad4a4ceeb5f3ecbcc3c58b6c4cb7e874831946abf32d96e05454fb3c0b6190

SHA512
88998a0da543de631cbdd58e4e9a4e8bb3ae0ba3c4a72de9239d73ac1264bfc8f1972bd4e1177b033824b2ee068249619a8fff20bdaf19b0d7a0b1346fb4bdbc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
13KB

MD5
09f125c007ac060058298eb390a15462

SHA1
d53242f89948e722a12c6611fdbdc5e88101192a

SHA256
e479f85cf5ed8b8018ee8e9e432cc62d87a55612d795c29d421cf4e83463a113

SHA512
ca60a46c5595c0f006c3b70da8314cbf33abfa77939a0f852af022eb34f06803a2a632a9e68d688ced17c234a2a979c916181e6461ae460bae12b86fdad0ec0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
10KB

MD5
ccefbd33f72464329580bfc07ce896c4

SHA1
c7e49083927a21dc670d81c08dc9a33844bae898

SHA256
d6ec0497e94aad1c0df59f680fd55762aeb1b42d6e76a1ce12f7f7541ef8a102

SHA512
7d3d8e3ef17463d69b57709cbe3f77386d21597bf3d461056480e845ea5d3d6065668f3fe1956b077392191a67f5b5e78b67a3f2cd710c644815491ce02243e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
12KB

MD5
3299658e4ac5355529306346fcb7a92a

SHA1
31a2f64b5b9528d112e8d8fba9628fe017747fc7

SHA256
3248499a3ae22aa686348ce42033048c64b45ea094c436f06a8d29dca206d673

SHA512
1f7999e298100b18753a0c129ba46302aea599ccfb9984c77b6fc2f9cd94808f415ad4855f747df152a1ae908b974b42598f0264104b1aaa5d423c8d60996dd6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
10KB

MD5
51596e868ce1819f471bddcfeee5f7c5

SHA1
50cddf7b46da5e0c89edd630f27429d890579fdb

SHA256
032ce1f6d27dfed05891c5888d30f0a418b1d4c9c3acfa54662e00dd93bb8bd8

SHA512
687da5a2df0a371b1ed0b06df15d9defc3b6e8ae84077a6b19f8770c5bd78609b41c49f8c379095e94df5703e9c6d987f0d3416d76a867cc1de704c1de709904

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
680772982bbe620bfdc4e0a3d2f1f8c4

SHA1
06604f1754f3503fe228e00fdba26bda7f5fcc01

SHA256
b5eec69d13948bc7995caf4d71998f281a297480956438ec99b6d8a145be0128

SHA512
fdc102df8b8fb00232d98657ec0f59f2368adc3ef42e12e87f95c997e49bcbea6cbbc14b423c78179d6fef735fb746bdc8efc5aee170f04d12f08ff1c144dfe4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5851f1c9bd619df94312cee816d627d1

SHA1
4a5603e7de35f56ad9a35f1fa97025e674fde1c9

SHA256
00976696457681c1c706c3636535c094b1442c49220cca185cc05030ac4ec9eb

SHA512
404c98272ec6865611b6ee1767911b91ab1561e50456845d3827e3b8051000e0cbc1e23b3babc655c6516db1179850b405e58f2e60a5fc530b6be064ffab9be9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
82882fea3236674af9d8003ce55b0b50

SHA1
68ee78d6dc471b055d79af6f2ba1ffb0bcb89b86

SHA256
bd5a418479c7817cd85b6b6a3c0042901b7e5524d78dfea5030294219d74e443

SHA512
cfdc0724a91f8a1d5ca433cf2542b6fa2f9d926e4c3998c0e2142b24009e943c73bff012d9ac2edc5890e3f85e378b6dd2acf363540a15c6e3837c7702799d68

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
879e07df78f6c0d77e814a9a07840920

SHA1
319249224ab21cb46bb0dd4dec601d607db8abfb

SHA256
80c53183ac61d4d2a11a6020894bba3317597449dac24e54c803e0841d27b13e

SHA512
475634b904d369bad211648b92be0ca82e84a0ff71b8f5f6c5a933e41c1fa5f6e48951b8b3b98a74d02438eb9159eee13b3a3f8ea810c05c78e738d0f104f49f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d97d611024c6d1347e061ee9bc4a1eb8

SHA1
4fa17d3174d463820b842f6136e2a6f816fea1a2

SHA256
53adc11ed3ab778386f8c7a093a21bb4165ae47df98e400951ceb8d95ea02571

SHA512
15bffc96cb14920b677a1629842a3f61064619c48a0aa1e45f26558d464bd96d89576fb4d04491025638e7984dde6e7a2528c51d57f46b4b9c8126cf14b790df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
e5398a8283a0fc26b0905f20d6cdfdc0

SHA1
7ce6311ca9ed7e38f401674cb7773beb812e4622

SHA256
be1c139e642e83834b3a0cdcc916ad365a2cba0ef5aff2d77c94235a7b1fc41f

SHA512
b7fd32b9a6fea47b060878a095f644ac1da4039bb48692a953143ae06ca538e9b181de3ab5913f7c4a9434ddeb4004aa2e7dc165306d7dce99455460d49cb050

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
789e3169ead93093e43044648d276a9c

SHA1
de3f4cc1928074e3b41a66417595a0604bb84b7e

SHA256
99c7ad079faf9d8be0527c01db6183a30a377bf6421bf49aa683e64a01fc19c1

SHA512
0542618a83ec447498676b9920a7892276dc19ec40314405252dae05479fb2158e584be38ac912964872edba18c6089803859b03fbdbf7cf429103cdd9fa92ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
15KB

MD5
c2b6fbca34af536d275ec72114e5b840

SHA1
c66c66a19e2426f1f2300c312ee51c210829ea98

SHA256
783ef4772fe9947b64eadc4ebe9b9c11475fc5ba7e0a5128d8596bb7b83b57b6

SHA512
8868b9b6ec39f6be70a2ea1bba8e157bc1c91a6e095dd7765ca521c9f0bef77ae75e7d16c9574456342bd05d12e57dd5f39d9a3bffd3aad60657c5266ec10230

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
16KB

MD5
de88cced3bfc807c3527e23ca1a85404

SHA1
67c6d0dd45160e0bf898b678967cd3902194814f

SHA256
d773ebf69c1ced61b964cfabca7348863344f5bfee46cc9147d049b305424918

SHA512
34fb3612cae93452d99fc21f9c40e2af32d46dcbee88a533076152b58f1c87fe21d3e88a8300624656a1e599a59778a0ee4e1dc04a972de4268e0f30b7e20e1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
17KB

MD5
6494c11b087d1ca3b4decbb49761c8d9

SHA1
77b48565a1e04641b8ecc9c266bf3d1360beac7d

SHA256
da841ea941ce8f7a4b5de3ee6fcce0d8dddf7536a21b76f099b3b30305d6dbac

SHA512
2f3fb9437eafbbdf2a25e8e580b6232f2f5eb57c357350b6384c9fb70b9f62ad702c9a2746add4e49083951d89ae4db632bf67f3b8c72a2dcd52681f0075bde0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
18KB

MD5
a5b16e485be06315d55167ebb587ffef

SHA1
18c49f4835501b4f51ed0dfcaa4ebbe42e193a46

SHA256
9f37bfaadc5a99df5e7c6abbc1921dd65c786bbbc616cfb00ca0a8ed69c3b7a7

SHA512
e7a3ae9c045300cfdec1795b2ccbc70db432c94025c4620072cffe229e035d85848e7ed05d3dd2ed2aea446401819421e9388cf4c8c79fdff4d0a044f4000758

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
20KB

MD5
d3c7d0cd8727b663bdd7cf4b8d5970f1

SHA1
ef514d430b79fdc11a3067afc8ff49bb6fdebc30

SHA256
38e408f8814dd77a4ba8bafb8d46debe21457808c2d862ba5687faabb0ad9588

SHA512
e3f31e62841c63708a68ae1f65d7d8239631a9323579e42240daa27bc17f38abd7bdb25fc455b1cfea6d2922bd3b414e3aae2c8522a6ecaf9a933da866117ee1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
21KB

MD5
4f347713aec6c003a68ceca7e98899ee

SHA1
95368bc1be03fc8e272971e48deaa1a4cab738ec

SHA256
09e0f4288fa8871659d4675d70ec4d5f1ee43c37e23fcf119da1a7c10b378900

SHA512
a2ab9edb1cd25da2bcb98b796356b5adcc1f9bd2b3a9db8eaf1a7a55852df38f52ed2327b4eb9d44aa3d1bb98e75a4441e7c3668f6483bd1a0d123046ad6dcab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e4e6a4017f69a3a36de1294edcea7f22

SHA1
d6ba6e790d2e214c182b7ad70d5a2c91b499aea9

SHA256
6f27e9a9c563a6cc9318ffc08ff65ac5bb594cdad9534deccb233536571abc01

SHA512
02543c033b6727401a910580c0e67d570faa7b2be73fb8077a0902c4067d9b81b0fce16d10b6cc202d556a904cc24d07de230649e52cfaa1dedc0c6aaa868675

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1ddc0ba85c28620e46bcd4f6b3e4da27

SHA1
16485046a62b3a2ce7234a31dfb08d17506482a8

SHA256
10cadcef11872b15ff3ddaee5b22d2b755606eea736a0544d814f491d7dd7ba0

SHA512
16cc613aaade5c287d2c38c1942666116d7ae74220cfe7af73672918c6fb465b4774862e4c17c580281793cc8e4f911019a156bfa268e4672891d4c620fc254b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
2962021acfd346dbddc884325690df6b

SHA1
53f0b84ab4c14e8c532e9df09ed5513a567d5efc

SHA256
0d689e88de887fcfc1e08c20ec743ebbe82352fc37f06e9e0696b549d7efd68e

SHA512
db90bfc788382b978e3345549ddaaf333e6df450d5c5b85298ca77750ff10f14e8443f1ac8e248ebe1156e31f2e9eae97754d0d334d1bd1b56d661f5dcc7b804

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
34b930ac8048ecf651264759ec84f900

SHA1
24964d6e270cfaf6a074bcba9888287e3322b6d2

SHA256
c907fa5ca0514363a74e7f5355134bdd7a7f66cdcf05ad2e692a6eb100c5ce9a

SHA512
e125c3f448654df991bd9b119cdad509cd9ca00f85cb120127921f81ec74915b3cf9fa5b5e720e6a4505d999748ebe9150eda12161a298e4cda2491d7f43952f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
15KB

MD5
49ced241b5a9636c93457af87a8b64b4

SHA1
d5a1a155b5bf8a2e9fc3b11f9bf09d2fc336640a

SHA256
098986adcd015cbe262ea099e52006cdc322e1beb639d1c6a5d9830f196058ed

SHA512
96dc76bd9babcd4a46f88a4cbeab1e16ccb12087d94a0776a74562eb0a41ab74936239b61a2f40e6de34efa338c174502654bb9233088b3a8db6477d3e1d3eef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
18KB

MD5
529861b4581b11b86427d05afdba9598

SHA1
67b761cd0e6a6393261206994c9e7f2b170cc116

SHA256
a9a0e6ccd0992f3d0c045491c509e3f9dec016981d3b6102bf87426c2d5f9a61

SHA512
209a4cf8f4d6cae7cbe08404252eef8b3e93d591935f8def5deb65f80a3b623b530b8191481dcdb0ec2045731559a8e08fb6c5b3425836df412e20c972e4cb58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
20KB

MD5
935d57c5bfda8efece0306db78e2fbe0

SHA1
99f3af717f8a8004e5d7d5217b3936c8643021cf

SHA256
0347cfa952f360a82aa8c8c5c6a609724c5e21054449e0e819625a8823113aff

SHA512
02a3bc000965279b7c1e351585e1eff7557552467f0e46ca7eba80a7907bb2723b679d1b413292ea4ba871f1193c1cf21ea7468bd49dc14fae30889f8f1ba494

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
21KB

MD5
fd266dca02fde9098c6af5e8f5d96979

SHA1
94fbcaa9f42d285164464d3bddaaa807e07c33d4

SHA256
91080412518714157ba192979b47b265c2ef7b579949d44fb09274b58386068a

SHA512
bfe874d8530458b031509a1ec19bad312b53ac33e76f36b522abbd7f532fb4b90effe2424e54be1dd2dca8812af1a342ef5b12bd1e9e1df1403085465e877cd5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
21KB

MD5
b3ab61cda268f8e71e58e1ddeb1200ba

SHA1
2a4ba1b388dab5d75afac878ee78eef5dcd9ab90

SHA256
12c254b8cdc99b2cff2477b753014099b8a9d3cbe34ab65e7a06a04fab0a7db7

SHA512
c9f3c2c99c854456d7057722927d2fa064066a19011f32886417f02610f1fdadc03787759164f073e47e8bb720f6a724cc06097014271d93a85ae6c1eb5063c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
21KB

MD5
05cb9cb93a9aa8fa108041bd1f9b6454

SHA1
04720e9eb88989aab5db1c5cbf4511f35d6196b1

SHA256
fa136bbab75abc527b31eb9251ed96d8b00b797352973bbc480e3b11a54816f2

SHA512
aedce6e2013d58254bd58306e8a8582e0bc2a27a029cb4b8750e93a6e5ca4c849d3115a6d69f0c04b6a2ed3e966e3eff2c5d556c6bbf271ba1fcb4ba1261919c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ebb5d4caf1da4584df8ccaaa3f87a66e

SHA1
c023b0a81c3f88edffc04aecf3294296113755c6

SHA256
3760eab2437d6d167cae676c4eb2704931e4f006ec117700bb1382beda7bbf77

SHA512
7d1bbe255f7780a06ae2ada890f8511680358c90e51c28d292a07f46e44230101f659c726b02255375a9693cf42135ea97f45231e687c399c6b04c388a8b2f7b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
89b4b1d3a7291cba5424f1ab00de63d6

SHA1
6c2f40d7a502dc750c4fe8878a9b0f88493d3850

SHA256
145575158dbd1bc5bd55fea4c6cddf16f61034df1e5c5b6813c105ff3c2c6730

SHA512
3311e556f00890ef0937b675eebe905306984033df0ef74c3cb4334cd8e1d8f232e891343fdb428578d23b2bcdd99011e76840de4a8469f4c5aaaa7322d8db89

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
15KB

MD5
e60d8ef503ba4a6fb603381a0735ff1c

SHA1
8f756be52db979cddfb7e0991491f6d443c5b49a

SHA256
7a71cea7325bc83d931d5f75516877fba44569dd0a8c36440e4954b7fa8f6381

SHA512
9962c8263e1507205edcc46a110c8a33f9ae3eb8804013ce8ed548067e65b52d6d0b79390d579aef2ca00122060d7dc314feb078b27c64f95019752e27b5f920

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
18KB

MD5
b502dbe7e80b5ab46d9ca45d95bbabff

SHA1
6409c3f3c7965c6ca57accb0b7f3f811f577bf6b

SHA256
463892fe1527ae19cda386b1bf5947edd80195486de68db402d1666d394acf12

SHA512
8987231b1fdabcbba2e16ff600283ebf878fbddd4ae5232b508b4b1f109670ff04146cae80a64ff4391a979efb8f7f32af1c0eec329f1b0876122181e8ad3af3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
19KB

MD5
4ea6b93efcc108a725b33f0b5c699617

SHA1
abd2d40bc026fdcea4e467389e6787f8a1e3f602

SHA256
69100611b89e622593dfd634e0f1530fca329ef1af5668fb7daacecc6850cb1d

SHA512
ad638135ff15ba30be969f9bd00e3721d6546ae4fefe93b61ecae56aaa33f75e7fa8b888d12359582ca60ee83eb7e58faf2d77e0a404b162d508218007305e53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
20KB

MD5
25b3884154aaa32034cdfbb33105f1b9

SHA1
96bc89c38d03aa951ebf958e839c369ac8cb2d51

SHA256
3c40b6e6b0ce213bae7630dce8ed0f7f32f54afe13f38fbeda86f53745f4c49f

SHA512
0bd0a12a3add57ef317afa07703563ea8a98123deb9a40c4cf60ef9c08e53214cb5ccbf2a1687fa1e79dc08a09200f59f37e4ddd92097f13bddbcfcf52d96361

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
21KB

MD5
08fef7fd22c542e7a845680e969c2e12

SHA1
3e25d502bd3ebaeb61869050c88b04e462fa4dc7

SHA256
8dd2d0ecfdf3bb1b8a751950ea4ccc1426a034a9a9fec6de4ae0a0ff886dd5ff

SHA512
26a310b0ea1f16a6506458eaea25c80caf4355ee13a5116124649b2824c725d750c505ef4cf0d0599f7578b62766951b5c3ed1811c2e139cdef1d75cdba0ab57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
fa1b99c769a8ca8450685d4b9900955d

SHA1
b25500bed9df51161cadc910c302c1ff4bb11fc8

SHA256
06834dcedc5ac2819fa0f8f1904fae3a363049572e7379f3e03b27b66fbe7fb5

SHA512
5f70b056bdeee96f2e7b89824ad2e140607168d7cbe114294f273bb9313ee1132f2a080edc541f53ba37580f3f894c3e119358e85b9f905fe0141648ebd61b84

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
da26723281ece6b787b7c21246aa2eeb

SHA1
535ba7707556451d9756a9145f81eb392d622ae2

SHA256
5f55683281d4ec58789d7b9ad314f6917b7e62d0a99261b674ce010825787f8c

SHA512
775a6304e1b9111cd240f4509d8ba63f1b42d0ca5a7ce6b041a1a894586436e2b16f05278c6717d22df833931df587a550d157ccbfabdfae4d7d1201f19b26a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
3e44bfbccb61dc9c40b965ef00b91e61

SHA1
8e0ec4887321857082ba8bc5cfe915ee394ac786

SHA256
5b6fb4ac82bda713f921b9d390506a80e94d5c30c9cae4ccfdcaf30397bee6de

SHA512
d54877fbdae4c9b0d008079104892d2521fd4605f234dfbe89b64ebc7647f3f807ced509951c86261ee5622bb5679b0f656929daf1452344d1fe6287fcb095c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b7a0950718673417f7a38e2b113dd4de

SHA1
9285bf5d076ae64b6f6e7dc28a768ac348586b4f

SHA256
5644eb5c320976d3e7956c3587a5bb64233f1c6c120974dbba1f1561090de2e7

SHA512
51f42f36adea338a83abbf096e4d4bed95647ce5a31d28945c7d5f7cf3970b697fea6c6ed113b3d43c03bc8d11b9a5be14d5dfc6ac9720a7a33ceaec37abcc7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
3bff7daf84d6b5fe6c7fe2d8d8e2a7ae

SHA1
00d25acc6bbb316c62a59a72659b936d0a6eb80d

SHA256
61a15791c69790c0479d653918b10751febab547c6b394f04583e23754be0694

SHA512
94677c923282c27d7f906d28b24d9fee70edde9286052073fdfed3341ca3dfeca5ab43270fc543dacbfc6a18d11ece5cc317aa0703f740a18a0975e786b0428f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
15KB

MD5
65987ed7ecb0bf7453fc28ba6c111a61

SHA1
2635c9d036ecde67736604c649267f3f5c0a3ddf

SHA256
34e8756ee0a0f610a5ec4d7cd014e760f33f2095b2a77c21a273d5a19587bd42

SHA512
09a99a066f71f9e4b1d529d8c63b9f8500393c7ee12f1c3e3ccdc9535545977f1ee043d35f0c53d04062e0dda49ce1b9f934ce84e1c2ba357c3c34d149200bed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
0e0f62287cc57007ea6eeee4c19627ac

SHA1
d6eb8d1003ad878bb25c06088c674d0e4d38de5d

SHA256
ce893eca79be8f5736d6def856dcb056f550820c93fef13d516182861fc1c3e7

SHA512
88c0ed1af6dab4de1b1cfd1eb15bf1b7969227a224226ec44dd552c26a85679adc8b68b14bc687123b4dfb6e63fb7ffc72594b3d38ab910906c55468977fb179

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
17KB

MD5
8d06a9335c1da184ac2b8478afdd60f1

SHA1
b837d02728503f6a14329346876381e0656e5c24

SHA256
3271199408b2b18f7a5759bbc4b03aa627de96775c8cac10f7891dd92a87f507

SHA512
b20e789175366bf7ed0743551f2cd86d01a125bcc879f3cdfaee50d40a077193562105532084950b2d6d339b255dda9a6b938d48ec2b1ee0b810f89cadf07eaa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
19KB

MD5
8743369c31a9fcabe74b0e91909bfa2c

SHA1
05659d39d648709986c15e611e7e586bc11c9cff

SHA256
b205932c5983ba3a5cea930453dbf047073b0a360509eb973d6f8fb8e5767899

SHA512
f1f222983865367b8f1dcf25ce06171ec82d13d8b5fed720f025a2b422e9ad6545a0fa96cefad3de5255bb66481c9e40c7b43fa294c547c3d9dbae3c615ede31

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
21KB

MD5
43e488e2a30b4009b4de2596c182f71d

SHA1
705e39c524d04adb5b6b7b92876f6d44e8f3d62f

SHA256
a0460173c29d2da55416b50b443a4b3fab2c7fbc83514a04ae19cf82183ef89b

SHA512
563825e3506040d764d5c69a1abcc65e004840a740c3bda8b38a76e007e2acaa383d643f1757d6979f247c0e685cfedd7fbe13e075b3fce24f871ceaa129afda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
21KB

MD5
07b76326c14dbe8dfe503949d2195574

SHA1
e870fcd361105a169903f7b4d1035b83f2a98b29

SHA256
8ca1eb333ebd94e3c7b4a7b44704a20aa140e1d92402f3be2e9433a68b463059

SHA512
b214fefb59e26c66f65e90d6d172f52c721f7346b29a767cdda812c1cc6d57f8179e07dd8076ef9e5f3b3f2fcde59b4d7cfab87cf4c8eb0756857be279e3f886

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
21KB

MD5
106a54d5961b496c1bf51b09e9591617

SHA1
a5f1bdd5830167caee1ee479dc4a4a9a1bab4520

SHA256
41aeda529833703fe6b4dc084c804c9f5cbed69b500e87137fdaaa675a893953

SHA512
53ad19974a23a25b0d9517e91188511ed3887b302fe394de84def4156d1c0a6b3055f932bfdba3190ae8a1f7dad6b7c2c0b918b0f8a3c90f759f4148b397c25f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
18KB

MD5
46d13f73a94718a1391c702e7454b050

SHA1
177314d5b0639fd21ec85e02ea614760f2aa73b2

SHA256
13c286f94d82f10c1b69527b4f9a5895d07edd4ba32fe84970d328adef4719e4

SHA512
7c7a5a92d13fee7a1328b90e5d2035b6615dc04f84bce9c603d1836bcc5abdf73d6a0ea1fee72d796d5b9023b6d717ed5176e0900fd536b5bd29550a504a030a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
18KB

MD5
a9ce4487d617286aca71ed86b814b864

SHA1
74e0d03e05438b25dc8386e817ca3f481c9c24fc

SHA256
6372aaa5051faf8759a69a47e456bd8ba99b3cc5fb64e5e64c504b6d69937520

SHA512
ad37ec1b5c40c7363de67d5b53dca7be6e884f1db8b7700509ade52b3a41c9c8e17abdffb051b635fa6b386cc87b1a8eb3e60c05df129a28fc788fe0a5ee181b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
8d89ab00ca81ad11d5cf4c9da2eae2af

SHA1
89056b8adb1517c02c23f5cc408fe544ea8a026f

SHA256
4ee2dc2bf6a9387714a00af8ef82fe99fab4632fc9517f3ae56e91703fa113db

SHA512
9097dfe44198b9416010c06f39b514ae213d82eef082bb3f434af8676559f680cbb738f3c2bbf60151e89247d074ed3ec2d4d1ea244ef82e4ec058b8125009fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
15KB

MD5
c0591e05d71eab569bf9a36b5cec6c2a

SHA1
fdf3d0757b60666bdd614bf2f306894e82ef1e8f

SHA256
764d2b7b6139762c1ca622fab7490536989b2bed3bd0fb41fc1a6bbebaadcc67

SHA512
e480e7e0d8d81a83f4484248aba86fe8f87e4287786c077024961827a0c86d936cb220512b5208d13c3370588ee8c17b6902370b1d53b336789bc9a380d41279

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
19KB

MD5
d24e85022e629eba9656b53185ac926f

SHA1
ca7076b2d94e053bb8fd4f5f3d686318043244a2

SHA256
1c5eccd27db41ca96882d3663d9deba368f01899688940541837292924f6168f

SHA512
7a208f49ce037977afa91985e2b307d7ff99851aea573cfb1bd9e5665805226f3648b20e5b0d654fff6457fcc37ce80a835a74928c1e66f75b99ae56924475c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
21KB

MD5
4516d3420bdbe3bbc582497acc098abf

SHA1
9fa08368a7bb84aaff83a1f84c7641c1b6a7d8fd

SHA256
a81a5c06210c9c00c4005f73446a3e29bafd9e8789f23f88ef82c6090b350467

SHA512
ea48055420971649b13479bf05e661f73622af75bbcf999ad46a0dfbbc32e9af4f6fca7aa7c88a624a1c445140a729ccbbb4dad2722000bcbe1e6ded7f739b0d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
16KB

MD5
0d7416a36296d98c09b88537a1b6cb61

SHA1
88b1d8852fc3bfe747c02b04d9910d62fc34363d

SHA256
6ea528ed1d227c2b96c34531540ca517f7aee42acc439745e091845074d5026b

SHA512
4cf4e53c4f8e5c076997b90135b84097313ab5107fe796832ae4835be20b74851d20bf0ee1b3e954f0a0cbd1fe908560549c725d78726bb29e6ab1fd61b3eb70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
5aee91cbb2d72fa89150342e21ea8753

SHA1
436aa70141200f1c56aaad2967daa14a07542f79

SHA256
6419b7bf8b6ec730da64c73bd33469889d3f190d4b5511c189cd348e229b3fc5

SHA512
ed2220f8f42aded773a8633bf971c13504c8600b09ac280e2808769454e4a6f77fcf2f981b64fa19e835bbbac47ee4866c3b6c00646c0a223507764af186eb3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\6d048e3e-2f27-49bc-95ac-d8a7113fa494\index-dir\the-real-index

Filesize
624B

MD5
444de706761284ae00b24a4883082a4e

SHA1
f1dab0dbaec0dd214bfafa35a31ba50f87460717

SHA256
a691b3dbb8e5a44142d8c77e1c488545c0042aa07a6dcdd7d286db02ef0bba1f

SHA512
b39dc71b7be3d21a74c2137fdb0062b03ee3daacef395aa286a2bd132d152774c23386b05793124e3a68ae39206fe184efc4412df8085c515e419ed4ff751164

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\6d048e3e-2f27-49bc-95ac-d8a7113fa494\index-dir\the-real-index~RFe5cb57c.TMP

Filesize
48B

MD5
45be00d923d153745d042a169094c2ed

SHA1
f1074e883870656507462959d4d8d633970a679e

SHA256
25ee3203f86e8883a492733c8a4050203c080af82975c4a9401c192537e55cff

SHA512
f6dffab4e34ceb70db8a4f2dba9b36b2ff8432a97e851e5aebff76ff602850ca285fab041422830cfd2fbb92ad754a64e2152db871b09ab611a6050d26110e9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\f45ce1ea-02e2-4f5e-8001-e5258cb2372c\index-dir\the-real-index

Filesize
2KB

MD5
68ab4ee5c13d570c93a7352af088941b

SHA1
36afbcf289f89bc78e049c9c45ef0a9ee0d8e9e7

SHA256
3ab3741be4d56f12792f5f7ccc8084d638a4bdd38249edf38b105c6a04e3809a

SHA512
77301a2b04d8dbedd30719dd9fb4a01c7172f096292ad15b86242053dd29e2449f4dc9b44a6bea20f8386f3cc59ef54b00117c3494f65b46feadc21c252023ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\f45ce1ea-02e2-4f5e-8001-e5258cb2372c\index-dir\the-real-index~RFe5cacb2.TMP

Filesize
48B

MD5
88344672ef18e3080667950a7e81b144

SHA1
0ecf8002f663e71b5c1439b4f79a4da0683dcabc

SHA256
5fdba2b7bfda6b508901d52480eada730caee8363662a575c7a27883b1b95b5a

SHA512
446590124ca2be876fe80e9ae0ae8c0b2a39571b495d129866b020cf0b5f6a35657dbed43dcb54018b03acc170434625a60e4f85ed9a7a60dd6b3659019082e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
04f63a019bfd357d63b5dccab484c67f

SHA1
943ca61f757c96b90b4bbf7ebbdad99417cbebd6

SHA256
9f902ddf74ac34689ec713f4e85f1f04ef24c7b0c0a9d549096dbf1b2c9bbf3a

SHA512
460eee44643f1f2d324e8ba11613a499f74bc1dd9258c5dce6a5f9becbc0bd7b89bb159e9fcca09b809a8f3f3fc93cfb6aab1e0b235c096af205bcb6c38d1864

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
71b91d93be3ba5dd3360ae1895155647

SHA1
0bd9e4fe958d7c4de6dc23ba02131eda5fef95c2

SHA256
b98fa59202f5d9d97ce4f8b8ae7f16b8d7a811ff11ca93b89a3ea253a04ad1b5

SHA512
c6fe47b6117e3c3a8fd2c4f0081e3944883fc60d82fb7ae48755f07152fc3507e551755aaed398f30f5419a96ebcc7fc6a16cbb7c0fe35e46f8fde1f86fd1956

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
187B

MD5
8172568587eae76e01d66a417747047c

SHA1
4bf655b1529009f7895ec706a2333685025ba85e

SHA256
463f5abc4ba59d1c237c4f1bd00092c458347b9ed097742aee8b928bbee74553

SHA512
11d9bc749962025c074518cb3bd1d639bb1535fd57dcecfde1eba2b346113db7f7730f3cc63a7558ff5c6f20fb638ada973d135255eab699ddfa437f57cf6441

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
c8ebdffea87b78050915d57087b273ef

SHA1
9924e8d6a18c944fdf0c708c5e983d584ca2ff4c

SHA256
ae012ca192c82ce2f0a8e9e120616f8afeeb471faedf791f479900296fac79b5

SHA512
4e1df54232a03f25b38e80b50317a25dd38bcaad80928099e19ef86973cebeeaf30c7b9959a37eed05203489339280b8c7ad49818bbb93a594d8fb34a1a2c28e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5c55e8.TMP

Filesize
119B

MD5
de9710c1941770e22270b57a38c964cb

SHA1
86f22a0a58cea485af988221d2094d6fe4bbb278

SHA256
c98d62f6bb7ad166f54a43525bdb97bf462388ba30b102dc7c644c76c9f2982a

SHA512
94b31fbcfa86ff369d23b4bd1553fa7e0973012e8020f53110a02f6f1d8b00310eb1bbba5a93c6694e533a22c08438955bd0a84801e2cb7815d26235b9246abc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
fd0cc2bfbe56173a0312047bf60cea99

SHA1
fa5304576c8548fafd913f914ad2aa3ecdb46703

SHA256
13cbbf58346d1d29f65f05c9acb60c389298ac032996ec0512a04d4896c6deb0

SHA512
ea8d896caa82ab1e525553513c690b5669b4229028b6f4b30848ff1793425c80a230473daf4e06e6c7b27752d5a5d00cd738b66597c1a1bc7a13610d2b589cd9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
168B

MD5
c8e81900a3c308b62997da6ccc34f37f

SHA1
00405b90425b5e083a67628cf8b1863d15e02dce

SHA256
c2cc0324cadd56eca0b3a0363419ffa8612f3a5b846114c77fdc6bb660ee0cdb

SHA512
a72581e3804f3baba9e979fcabb4b0e063fce0dbd38983ff8f8a2814e9d57583938532f191441aa9d7493d0c93779af1f0f99f3cf8a3187fb205cad8f878c379

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
b13e498f3af490c2c639ad1c546d54b2

SHA1
ef9294aad1219d6d834ba48879bdad53a69e574f

SHA256
a63d432f86543e5658bdb8ffec44fc0d56647e6f4c856f743989fbd3dd51cef9

SHA512
7aa8bfa67b5acaf730c87ffa99ff39483f5f17c6753e57dd75310e2f7b6de5ef16748bcd1f0e8cbcf9a645f8ab002108cda3347c25e8e692b8d6578350dad3d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\2bf92799-f28d-4f6c-9b8d-ef9764c48ad3\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

Filesize
76B

MD5
a7a2f6dbe4e14a9267f786d0d5e06097

SHA1
5513aebb0bda58551acacbfc338d903316851a7b

SHA256
dd9045ea2f3beaf0282320db70fdf395854071bf212ad747e8765837ec390cbc

SHA512
aa5d81e7ee3a646afec55aee5435dc84fe06d84d3e7e1c45c934f258292c0c4dc2f2853a13d2f2b37a98fe2f1dcc7639eacf51b09e7dcccb2e29c2cbd3ba1835

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

Filesize
140B

MD5
5df5a52d3156bed5559cc1d9ef69d0c8

SHA1
bd07837fe4e548386aa240f4e6b59acbc7dd8f51

SHA256
6da804a69daf4ed46d58b3952616f12873d037e186c01ae829ca1f95854600f4

SHA512
0c7574f00e828b5d2b65aa17dfb396f424bbac38ef92e1d7cd40b403c7c973890c07fa0347bbc49e1ccb85817434a50947420a13fd0d14fa6e09887dee476ba4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

Filesize
140B

MD5
3009497f017111528bbeae3de7c0deca

SHA1
3414a882e79bdf306bd497d888935bac199c60a1

SHA256
d668e87aeaa9a03a8ba6326623251356084461f52098e7e3398e3572c31094f6

SHA512
cfa7a82c0da2093ae31aa225ecc25b53b4063fda196b99379884f2a0604fc5848ba1a79f267664e8e10b51715e0fe0d3a2e99fa4b37b23a1dfaf27b900da0e05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe5a983a.TMP

Filesize
140B

MD5
b6baa6d32f661ab08ca5a3b0b2d91e6c

SHA1
53679b7087aadcdcacd4b408e8ed19ed7ea1a400

SHA256
feb0ce2c6d26216f37adea6045b05b29cad9d23c380b83a31bf50b74de6e5929

SHA512
3fa51fdefe6623e29a5bcb6e313e4a3cba126d673c662cfeca55aa4cfd6dfb1a33363773f6b59228575693f31483d6e50ae0c7b9ef1487b3b89be0f8d9ed961f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b9414388-a234-4032-a722-da4731e52449.tmp

Filesize
16KB

MD5
0f2e0954af35f306b3e9aaef0de75315

SHA1
8eb2d7b283f8d85243675b2b3c0890427ccf7173

SHA256
dcb6d0e823d802b96a841c2820b7491c72d18d55b8b4a242a62d22b69d3bed1f

SHA512
d81c445ec574c1c0e2c21d72b49bb8c795e26a2cf9564fb1aef515016eaca96aea8256ca5a8bd1bc99dece2dbc84e52bcd5e6288abb90001115dcced5df5cc07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\f4c6c586-36cc-42ba-ba3b-c95302540a72.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

Filesize
47KB

MD5
349f739b554abbeea396764b1dc8fafd

SHA1
2c117109621e31e8c9d286b7d567c662d878a3c7

SHA256
f060b639bcd2351de1a9adad444ac661c3f12c5d55dee55ea20d6213c35f3751

SHA512
f9b35505a0d7c240cccb63cbb1d8bb80d06de673e7f675ec3ec5fe4258af6fefa1dd8400e9b530b838148e396751721b302203d32496c1d789b8845867b2d1df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

Filesize
44KB

MD5
ea8170dd62a96165a7617beceec20382

SHA1
b49b46eaf01e7b1a63f6d6f38d71660b33927e64

SHA256
a7e8fb3fb3302c612a213f8c3c20b2c0b658806fefaebf5e7eff1adb8746d436

SHA512
c2ac62997f8ef6c92748afce347059f570bea37847e5c47a714ab0fb5bb2610f76d708eed86b80f1ebe36a82980d86377ce5bc1b5a0f616d1f4b7429bb411088

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
286c9429ade79739cbad94a7ab75e60c

SHA1
4a91c09b478f94e71315184322be902339aaa628

SHA256
375ffcb73f8d1f0ac706d2176218ca2df96d282086ed7c3be664a0b04dc49112

SHA512
6e4190a93b7d58b18e39858d1cf18fb2c0ee57e5f348c97fe8429fda4bb9a891f3671309de248b9b5317c75e82698f2a517d41c91aaceba85fe2f62fc9e681df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser

Filesize
106B

MD5
de9ef0c5bcc012a3a1131988dee272d8

SHA1
fa9ccbdc969ac9e1474fce773234b28d50951cd8

SHA256
3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590

SHA512
cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
ef48733031b712ca7027624fff3ab208

SHA1
da4f3812e6afc4b90d2185f4709dfbb6b47714fa

SHA256
c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99

SHA512
ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
ee78a0820816b9feb5129872fc96f610

SHA1
cd28e486e96db6a6ed9b051f22336445f7856c18

SHA256
ba30b09d78c94878308d8be4c71e2a5cc6e077c442f9e3f3ff9b1e5c4218eef3

SHA512
ddf0649f54bd8d80ecc43d83e69e49e2634207fd05263033a5241bf0d5915dafb3d1cbdd75f85e925e3822b87cfc67915be7e8c200e15bb5b8fb65d9027f6e19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
0e983fad4ed710ade31f3bde4f987b9c

SHA1
de25297277355ea4619bc4ace9b59847d12c94d2

SHA256
1174c3f3c9ee19765f69dd6b4b612c80e58aac581578620c64f7247f77f9769a

SHA512
41e055c88cc55fa189a035a809d74e3c93227ea35ac28f3f4113a3c624d5b5bd9cfb65a24076878480c3ae1fd0d3f4727ec9eb78f762dcafcd868bfc8cfe1dd5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
756d6cd30bec6ffcef1784e4e2279c20

SHA1
82385ab5d61ed0faaa82acacb0dd0c6b3016959b

SHA256
3896ef6a007790b4c1031a10a39f849047b830fac1d36afc13506a0cdaa9844f

SHA512
b20361c48c6dc48bb71165144287445e4b18a1c70d6629c8ad675217df1826e5a9d4ea009161e5d6f9a786c54ec1b960b850ddc21f4c1bc370156389f718677f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
9abec3cabc7fbe166a8c628ebf65cab6

SHA1
1fd3934fdb9bcbe104d4475803b1a9671aa98a48

SHA256
bcefc807ea103b35c118c8c45c788bef7037af771412178a7f5cad2ae1e80619

SHA512
1b9f01b5ad5198d6907f247b95ac5e4133322575991552a54da620ede67aa4cdebbf4716494d4d72d5dcd7690ca4288648e05c216ceb80b84c5fa6edd1992435

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
7f4a98d65f7a7cbc0f87d52a16117a76

SHA1
54edbfb2b926c852a060dad62e0b5a271eed99a3

SHA256
44dd81e410598d7ed28bd3276ffa8145790e1d0f396901f7973d5f93ab1799ab

SHA512
d348264819e1a5049698d881da5e7deccd532b47b619307a752c1ca8f45f447cea4fe587f1f16cf80bf84e023186314885d1bc4489b6ece85c6a878b884b2dd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
795736491988e7b3a521c093462a7a41

SHA1
89995fe80c52027252ffce3e685ac7b1091d695c

SHA256
0b37663b77f2f831a1ac2ae16a6528380af1179769932f19141cc39380837bae

SHA512
559d586d6c69f86efce8685a7d4c4b867fd8818ee57ca82ba73fb1f11e56e4e025c29c7b622160e314924729757be3e88f7ac446b5fa3a5eeb8a20c584a917fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
0579e90c113ea30c9df76cc63789bbb6

SHA1
ba4dea4a86474001107ffbd0b7f4bc70a4b5c564

SHA256
581a2512da2cf73e36fddb8a467f8498b801cd5afaddc20324a51875c4eeb4f4

SHA512
40693e9546dad040d3cf13f61e9fab240e45d0be919d7d75b949ae936c23b12d412a291ee61128fa00a09f30cb89223fc35b1da2f0195caac619fcbdeffc88cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
494f5130fc32f7c08d8948fc9cf69a68

SHA1
bc1a2f5b06cd67f8c2ab8b044e3121151d8654c2

SHA256
18afdb7f729bda037c49938ec17bf1c77de2dee3f45ddfe2bbbc6d5647835b6a

SHA512
b7753334b39d8b4cf3441a32f50dd9607ea2cedbd2479ae56afa966d74bd1bf2362c4cdc756ddf4ab21703c2bf783c3961e9d5719288f8372d103d481ac5946a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
6c4ecc7f5fcb41c591e9876fa82434d9

SHA1
dc6190919e8481c4054e666ff508013047dfaa44

SHA256
cf9d0b743db6b3f16b0157324114c88cf33ba8f60a3f616c84f3b7fe699b86a1

SHA512
f96e405ecd032cebb0bd71f4a9fb334f0aa696a665547550fd17116cc8950bd60c2cf94c0a536422c3f72899711b8e07827a4723be947da792680aaae29a7972

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
3b70d2f4aaa1df2a4c867b87039ad7b7

SHA1
d090d2e118943658d2c880235bc0e9bb8fa5d612

SHA256
c713c669dec25d6e44d4259931ab7b3ed7a5dcf8e8834d864a144524e7e4f865

SHA512
2fe3a6910e252f422effddce59680347b79171791d9dd45fa26bd305cc94f760c38dd626bf0e633c23e1f18d1de62832f228a63210d869411a442efae576f291

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
d4932101bd9145cf8b733b26b256a316

SHA1
2c6efea4dee037f89da6e76fe17507088a94575f

SHA256
32469aed8e43ae0f4af4011b11b2746b734c100438523174ad1c46c9a97b145a

SHA512
c5b3e14e8130f8c0e2a43a9afa90c8e8d051af512f6a50e5467fb516f0284d8a71f85016799259f3b0ff1dcd28fd41d2ac70b129d836086dc7468c652d9ad614

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
2e517c891538d526afbb82a6cf4627e5

SHA1
95f9e9ce848a32035f078baa86d918a6bf5747d3

SHA256
a5a9615d3c3452dfe2cde0f273056fdf7c8b52e222cd3ab2f3605c2c82f3bdd1

SHA512
fbfc8ce4c7e8ebefa839af149cb1d359dfda5e20999396419e6d49de34946b1e959fdaa7b1514dfbbcee4a1d3c6c1839d91bd509c1630e3ec00099d6bcafd21e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
99ef85b5ee1bd303c14c696a7f22c5f7

SHA1
73568e636b9c9fa17ffc13d6d8bc3a503c0d07d8

SHA256
5e231e4d6e1f75c05a1e6797fec02d87422a9ba57e1a38207183ef437890ac0e

SHA512
ff82305959a8c923798682453cdf0a7d164206b4718703da42f1e20650105a7c89a8e715dd88dd7f8ee5512e4fb76d8e67000da9ba2ee7cfab1f496fc2d4d466

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
dc345da26a13d7fc668d68f3f5e7d98f

SHA1
004c70ea09fc515121c1860a3c61517e5b8ebc09

SHA256
44a0c79d5e201770e916555145de471011d9547c8d2b9a71d9a8043de82acd64

SHA512
c05a887a6fb9cf70888c46c97c31ddc756c1796946ca851b5118237550eabb82ea903d25aa4afc4f6d03bc422fadb69f552f58b199044a7534dcdcfbfd5b2264

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
e928192dfc1afee04654e0dfc5e52094

SHA1
7d5345917e9c0dc10c38950f954c38050ea1bf4a

SHA256
6e919c96145600fdd6b9d17e75e116efe488332632353a3d4fdb8bb387c7b747

SHA512
bcc92671648a8adcafb5c5fe7fa2bfd9f0509126f93f8595f26ea3992d7ed6d63419c515e05c4012bc035e76f7716c5bd6b9468642b78e3e7b64ed439a2e081b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
7a8b0c49b5e21eddf49b9b5f513d7601

SHA1
dea8afe444ffa434fd38a0302dedbcc501282e91

SHA256
03f2a4fedd337beea2aa7d6673dc657fa2e46dd09b0c73f27ded12e967530f4c

SHA512
7018430a110756d270c3bbd86c9086298e368092346ae7c1b69e17dd482fd7398cb308f01f949668250514fd0b4e56e170dafe4edfba125cbd986808b3a20393

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
88208e0b0c9f72987d09e488033ce81a

SHA1
0a1913d1e70b49a4a1ffd1c93712728beba725ae

SHA256
ed23083f7cf9cb83cc460633e1c887b8d70d11ad83f230f38d3063d6797c5660

SHA512
72e78bc4fe330376c36121dcaaa3b9c26888a08afc876e7157041d8227229f3ccb3fe95e276ab77e25524e7fc2dc891d3f0ff3c62307b7fdeceefe43f26340cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
106cf96c90aea0517e9c2bd6c0a762fa

SHA1
4943d9041383d982e27bbf41974484a9115db979

SHA256
bf6336de1446dde4c97a73073cba924e194378999339337789fe728a2c70a206

SHA512
1bb1b278661192f9cdb749f85d463ecb89b2c9d4d126e26fdf4ef7c33f3d78d9c5171c142234729eae47355d6cac7248316113ea0f521b49c1b8c4789f0b0cc4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
e99cf376b54e18e6b22e4a602fd16363

SHA1
210049e6fc3c84cc51ecc953959814a38c9668a7

SHA256
b465e435ef428be8843e745a675406f8ad18903df2b4f27c1b6ae9d3c33df36e

SHA512
079e53b8693a55b7d792ba60b18e29ec95069823795d02c7c8fee2252598fbc9c399ea4ee2f0fde49a22fbc31ee0d74de8859a35abfab86becd8acf73e46c3f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
6a69678c87fb365421f724d88008cb66

SHA1
00bcc98d46b6392a62ba2c697a257071b2baee98

SHA256
89129507cd8112b457ceda995155f835fbee31cdcdaf7025ae189bc6931a08ba

SHA512
fe33c6b0551ac916d0a46f0157bd08799009bf9d09d0c73005f4f97ff7760278d17d708b8fb4f7b6620b6bd24b75e19beeb9dd7365e2a12e13371e521fd8a0a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
b544a00d3865cf0ecde16c1b8a76fb4d

SHA1
b107bfcbb35520813bd9666f706866a31870f780

SHA256
9b0734b8bc072442dd27c05633219ee18bb54f6a8fefb1da72f69fa708aa4366

SHA512
a442f5b2f21ee831bd6f3fdffc136419c9684230ca8e7f8e0d165fb85f4315f329c4920cfabb86655bd8b349b5fcda939f2e28bd2996ea881e40836b5a85e1ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
b7d78d2b990168692663558eb7c2b09e

SHA1
721ab26c862534188743e356caaf34f78899c965

SHA256
ddcd80711197b6d00c2b3d9dbadeec7ddbc01232442f8572aa086f821a2bea86

SHA512
61ddd03e0b55274c94f627c26764136ae2ac030a118f378fecb1b29edc831c8cf4c0707642aa70977a4fd54f43e9a5acfb1faa9b67199127f16f250f1ae564f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
6f5bb668602523e6f97bfba6d9fea33a

SHA1
6eeef034f247bcf07663926ad10f70cc1951f849

SHA256
f0e7e128019c9ab82d0696d1e276f84e87bf35715162f2d0479aa94d9a9b3457

SHA512
a49e1aaa95e63f6a02b31a59e5ceea46904a764aaf90546ed840e47a12158d9acb4427cfa27dbeac9e88d95be07da6f343bd0976d9cc30e6c5692c06e7ee1cdf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
800ddc547eaa22e9a9bafdf0d57a35b0

SHA1
b2df7f9824780316aabc5f67b06d12deed4d1b0e

SHA256
e17f15272123a992fc50ab0f9e7e7fcdec93016adba3d95e6ce35c882a03ad02

SHA512
832858e44da3ecd4798ef076a57fe79a186c0873f0412da763462a77f1a447682e545f1db556b1611ed4775ab09b53cdac1f60f737c2daaa513f883384a4712a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
15ba687d5c1980755cd90a72887e254c

SHA1
5bc5f406a4f6a1f6de0714ef269eea573b93ef26

SHA256
00724bce3cf0a307e2571ed4b6a10386492b103a44a2df095e9b1381afb34608

SHA512
7291dcd5de6e6c0635a6bb426042f93fef914ce167e268d991858f0d2f2c29fed18ed8fe1bcdb16751ca73d17b3906e1c77b7b61b9e7d421df0cd52646152e97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
b0a88059c8feb26124071c560b568545

SHA1
1df08d1c0b01824efe6d657b43d0467d90c7008b

SHA256
a79bf7b184f69bdfc0e11f3adc79d399075a02eee92099cdd676bf42333df6fd

SHA512
abd11f1f63e05961789eeda1faa94bf5953540b80d87537c09a3787e5b88a55a0fa33ffe9e15ab140aca0c5ea6507e42a31efe47f6fa9ef8fcc0e02b6f57fca9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
7297bd9cd8f9280d8cab9c1f252ea519

SHA1
097490cc7d2f4c17b5086a859eef7788c8db85c2

SHA256
dcf38bb6cdb784cb333f2d9fa2033233a2d5bb09dd476bd35031b73c84fc7b79

SHA512
02ae7758cb908fbf9ca3c233d7985fb233310aa3c41f6c7bdb29082ba4eef637f649bb17f7e04bd5f53bebe3d5e7d7110ed7e7c9b327c1bb6c56426c1ef90370

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
768013b20163eaec806696b61cf4a784

SHA1
e520dd64ed3e0c3ed5dac7433244dcb1a92b5f36

SHA256
ae51d53e21b8f63cd5da32b9d823e3cfee08851c7c6cfd64e21b6fc013236559

SHA512
3074817820905bbfa2c8aceaa1711eb29d6755242002e64f9a3c032adf4ee4cb13d582826eafbfdfd0aa285659923c80cc648a1dd2713683d38c2966cfb0b8f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

Filesize
28KB

MD5
3a25f1f48c55ffcf855f6cf63235d231

SHA1
2cc1d795607c7b6a936234c0c26654ddcb1fca98

SHA256
22726952dff010756b51ef88058655de1e4aed6ab74031d6974653f00aa69cc2

SHA512
c2e831eab03c2e86f6bb6cd6806c6bea7428500b7928786e4443b5ff3acdbfae30bc4071c08c49da7521de81d6093e15094eb926b4417586cd8f57584d37956f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db-journal

Filesize
24KB

MD5
2329ce627731f5cc54853df826f7c5d4

SHA1
41dffbc8550b8a53d8cfd24a196571f6c6c60bf3

SHA256
fc644a3f691ad471cade7e08c36977bb275b71ab027472547035c580442b02f1

SHA512
15cacdac0c3ddef19fe676e6736a364ec737f5e4d25fb44b46d8e425589dbcd743e5656dc860c04e055847be737ae61572bcc6116e3aa88c121dd4df92b132a3

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log

Filesize
4KB

MD5
2dde2b64b4f848f6e563b964230dbe92

SHA1
a28cc8846144ab92712fa43351dac5cf3142d4a9

SHA256
063bf02d4160ecda1053e1c65b4cf44a8ad7e2995c050cdbf7c19ebed2d065cf

SHA512
0b67f3aae83daede1710e4e05b4e8f7358db02141666b8646a5db55788ac7ae30c73cf8d46a3cc67ea4994fac4288ebfdaceeaa42453c74200610b3304e9e9a8

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\1bu1np0z.newcfg

Filesize
2KB

MD5
64232363d1a3a85ab3dda74d609e0857

SHA1
33817ff4fd38389c01666949f6441ed41da424d2

SHA256
d8c6c37b77f86de44f1e50aa9491dde1a49f2ad856cf543353bab73f0aa946ae

SHA512
548fd2d4cc0c3780aa9d0b73b0451d431b91d5df4b5d28a87b1de4c335c893a35415a7cb849367c030ae3ce83064a3ff18e971fe46f6451f1b76a6e5ee18e94a

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\40b1a2ej.newcfg

Filesize
2KB

MD5
43b3f7386f19f015d411025c3274103a

SHA1
3fdb4fbb6f2c7db0e24321a0ac4441d158b03468

SHA256
1c8ac2aacebae51e1d5d504e353d09e45f39fc456c32b96dbf9b45148b65de52

SHA512
fa349f100ff353a52a377e205b255d7eb1d89d819d93b94ee41aa9f9a994572c231c664574ba7a4bd196b780717f237cb0908f2fc23824093c302a9c1317a931

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\clpfmkfq.newcfg

Filesize
1KB

MD5
1e3f56b1c69ea172acdbf14f6cba39e4

SHA1
628d53d6eace73ecdf0f7800bb24dded714a4c11

SHA256
e8e3b3086a50e2ddbfa5f007435d0c03310cfa7d11fd9f06b04b6f1073612281

SHA512
1e1852e61aab29c1fa271cdbd05217c550b20a76fe38defb6006e4c3dd970fcaa56a9ad9812fe272e96c312ab60d8331fae5edb0ada1b9b17c2ffd0f0488719b

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\egld4121.newcfg

Filesize
2KB

MD5
1524e39b4dbd5671dbd869a354ac3f67

SHA1
af5c5ca3e041e06726df706cc2813bd237d8c577

SHA256
aa44c0319eed488b52d7ed0ae1b5ee468a1e4413beaf7f97daf828fec7bedec6

SHA512
61aec18a299763f39ecd15e493805825c04d722a1950c2cc9ef88ee2d34b7546ed929674d6335fa1ded1e244d7e92b65a88651a2b16884b3a38b73920b75ab4c

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\gqj0rrts.newcfg

Filesize
861B

MD5
8fcfed0307b17dbe792fd477141ebaa7

SHA1
eadeff417fee31215a1449982f3e58b9f52330bb

SHA256
04119e97067e832137e094aceaa61f131aa4984fff9a8930592ca8c30914f982

SHA512
ffa98e1347556f207e958c923f0a98f84891682ed5c28f60e81b2b7d8ef10d5fcaec81dfe440d51eff53dbcd77249596bb8c471e0056f807a7985a3f47e27544

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\kzbuw4l1.newcfg

Filesize
2KB

MD5
637ba4524034c11e997ce4fa01bd2f09

SHA1
3ede2a599d282584bddeefc83354cbcd0b5c83e3

SHA256
c0f680ccb50ad0172c76cf44facc3fa3a36dc89c2c02baebb75a3bdca57fff31

SHA512
cc3ad22e3f8514051b23f2981bec04715ccb0e953b4ee1335d7fb3bedccb1ff810ceaa31ed2e5d8196e89868b683665b592a03b54c94beb551ec12c1b84a42e0

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\njykbv1n.newcfg

Filesize
2KB

MD5
05ba6119fedc5313a43de495926b7f2c

SHA1
01fceba0a3ff1c72ec5e461e7d601f7a73efe3b2

SHA256
76820bf7975de669f9bb88c6016c952f8a82427a0340450c901a3040ae15d3db

SHA512
998b1342d0a92a9c4b5ef32c19c0cf55f09faec40468e6b8cc26fe804f290cf3f4ecf9878dee07dba493eefe78fe3a55b205647c0bd90b5360dcfc19c2ca8bd2

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\qa3hufq2.newcfg

Filesize
2KB

MD5
0f05dab9564d4bb9fa58e14c701ac72a

SHA1
73b94c2eacc4176b6e3033992b4af98c84e35a59

SHA256
9b97fec8f6d17aaef6444df07f43e4eb824fb4e4f2b129aebb9e6b7a44ca6a54

SHA512
194f61595c7fb322db10edb2cf3959a665753ae671e290b764bced24d0913faa080783d3211168ac242522c7ed6c439d65f39922717b44b86483d99d7768f4c6

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\swst4m4d.newcfg

Filesize
2KB

MD5
d352b153f3ef9548bbc15139b5cf3974

SHA1
e2fbda1d7a64d1d6cafbbdc87893bc8152f89e96

SHA256
49c326a5416252b842eabdb441535ff2b5bc54f7fb1e6f1062008fb9d554bd15

SHA512
f1b651343e52527e8e3ff2e13bc3b4534316768b777ce1157aa18a3c51ed910881f2a5351382aba2100c40ac81d405d99e738dfe19450491c2d3ac34bc1de2fd

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config

Filesize
330B

MD5
335d8b10a6988eb38995ef38644b1552

SHA1
6e7f535cfa1e3ba2a2117a5a0801a00c6ec1e523

SHA256
aa0da1dc9950d1e0ef36e6429976cd1388561b5320aefef1f3f99a1a7b05c1dd

SHA512
f5060a2e0f2d5d5bba229a8a34442efe0b5334b41c9b76fd52f09325efcf6efc599f87e59f3a904ee299fbc9eb6519843559d539396ac25039a4696f045bb3ba

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config

Filesize
462B

MD5
6c7428ee170827af95a42c36eea3c79b

SHA1
0f3c9a3ed6b8ddb27afe69932de2b96a5ec2a84a

SHA256
acb6dd2a0049c987baaa2d46c6fcd6de74cc90aa79f3b5a5713454fceb299a46

SHA512
e4fe547e171e2d90a48876592dbfcd688ac61d63ff2c69fca4ab9bd4935600f362bf18ebcee1d7b2e2a8c16f15695627c28133d55e79be18d48c27c63c2e5b54

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config

Filesize
594B

MD5
d2a31af04b72f10b334cf6d83e329178

SHA1
87ce6a8c7c38b66bf229932daa43d10acd43f5df

SHA256
be6034c3d1169b8b945d3a6e939cfd25759ac788ade5b59dde8aa299d1cec49b

SHA512
f5dcd0d132ee4119550ef8f2c6675120e03647d36e2a1dd4e5bcae2bef0445398f4fcb4dac8287ba745a14e89d93c7cdae7c6701e4c6ede89a869c5b354f95bb

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config

Filesize
1KB

MD5
503758332f80d2c0cd5445e7fcd507c1

SHA1
897977a2e51e562e20fce5af1af7cde0fa2ca136

SHA256
0022a59125e8f274ec86835d3218f0b89baaa85cf2d25a4d8cde5e7ab1626822

SHA512
fb7b9f690b73f559edd5e3ea60e450bda2ee7438f819aa766ada3485a67a683623f381337726f2682615f9e0e266bef2417fbda6870c31c65fe05000ac29b285

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config

Filesize
723B

MD5
eae39683b5f9117fcde036e28aa6ea09

SHA1
b362a0882a2afb7d470b94ec9d72dcacad82737d

SHA256
e205315b625f88ba5db9fab72956be091f45fdc9e298f06d3408f04bacf183a0

SHA512
44d032ef7a455e11f20425ad351c743363d5583554db23003f3cdfa3aa12a0fd7c175f5b0e2d363619909d76ba92617784705f370ccb902295f2e96c2b6ce5fd

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config

Filesize
2KB

MD5
f8f3df6da68ca6d27245a3e6d4e41bbe

SHA1
55226de2ca0fd3f14d0b03400d24865a7a75ceaf

SHA256
5481efccbb655314afe91652ec988d2af7d257c8f5141a1490340e8daf2d8e64

SHA512
a6d886fe7dd92c924ab38f25d539c6c0f3af0c5a06fe1fe1ab7e5be8b5eb0d0a96f14756baf032eec146c25f0a20d1f6bd437e97dccb639b84d47b938fccf681

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config

Filesize
1KB

MD5
795d789a14f3e3c3b05eada8723d5c74

SHA1
fe7d81f39f13e7f0534c6f1b94959dd02211fbda

SHA256
8dec0b1b55eb48a37cf6d808057b1ee24ce1a3e2ffa744fc0580ff45986349c9

SHA512
f81cb3c1b016cd4fcfb1ace427b6f36d2b83e5a08b65a051f956608ac97045265575c7774443a47cea56a25447403443fd3c9dc958f5aafd1bff42199a7200a7

Download Submit
C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\13.900.0.1080\user.config

Filesize
1KB

MD5
481d5862be71cda0c19fbb6cc9f0d3e9

SHA1
42a7369de40a40df7af689cb5a9fca43b381d41d

SHA256
ccaf93c0ceaf7bcbb5e831d2b631359fa6b2bbd42f421f895f3a38423076b6bd

SHA512
4a8c8290c59a5222cee0fa7e261af5eb14ef788d96db1421d1515e6e2be0a62950db93d9acadc1a05590c502609d52dca5ece0981e7faf7ce45a1bff8119550e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
983cbc1f706a155d63496ebc4d66515e

SHA1
223d0071718b80cad9239e58c5e8e64df6e2a2fe

SHA256
cc34b8f8e3f4bfe4c9a227d88f56ea2dd276ca3ac81df622ff5e9a8ec46b951c

SHA512
d9cf2ca46d9379902730c81e615a3eb694873ffd535c6bb3ded2dc97cdbbfb71051ab11a07754ed6f610f04285605b702b5a48a6cfda3ee3287230c41c9c45cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
111c361619c017b5d09a13a56938bd54

SHA1
e02b363a8ceb95751623f25025a9299a2c931e07

SHA256
d7be4042a1e3511b0dbf0ab5c493245e4ac314440a4ae0732813db01a21ef8bc

SHA512
fc16a4ad0b56899b82d05114d7b0ca8ee610cdba6ff0b6a67dea44faf17b3105109335359b78c0a59c9011a13152744a7f5d4f6a5b66ea519df750ef03f622b2

Download Submit
C:\Users\Admin\AppData\Local\Temp\0bfac837-0a75-44e8-9682-9b634a5dfb26.tmp

Filesize
1.2MB

MD5
7a3bc6142be9b7c9664464759974c08b

SHA1
7055fe5cf3e31a24687c3fcbc06394eaf097c6ae

SHA256
446839b455f486943d42e46c8230b6b00d59943de94449fc418ee626aba4dbef

SHA512
c881916068cfbd73425e1a6662d1049f02b8f1ed34b8546a9555d43b2b05ac3507e94f996435123a7694a2f2ddc4ef9f97d839b9a9584ae3ebca37f1b45d63cc

Download Submit
C:\Users\Admin\AppData\Local\Temp\285ee028-6c1c-49f4-a96b-49461422a99b.tmp

Filesize
187KB

MD5
3008e7672855a4e6fbbb835c2a4d3e18

SHA1
fd1cd9538985773ef4b6b1cca8f9bb99e76fc8eb

SHA256
cf40f88d5b46c423f0243bd7ce1adc39bf52f19208eb763f08c36388068760a2

SHA512
6e1752f5bd155670c8aabe0ef97631257f4f2780b080978251df7a7bb0b18d1bea25dbe27a4e2a37cd77df3842f6b314001df5077fcd168d87fb239985f4e153

Download Submit
C:\Users\Admin\AppData\Local\Temp\5c905364-fbcd-46e5-9919-f9206a2f3d58.tmp

Filesize
856KB

MD5
04398d23bf4733785de3a5ca05ad80c5

SHA1
72b193836a47aa3f0b7182de92a6a3f6f862131e

SHA256
a89ea036242d4e3345ad54ea9bcdb5c73ee5b78fa320996398bab4ae46cb578e

SHA512
1e7ba8e738c16af9267e7f9da427c23f2159214839d6e59bff66228375e9c7aea0f86c1ebd352cae248fd8508f762c1e81dd680e27cf7c1b5bd8084ab383148a

Download Submit
C:\Users\Admin\AppData\Local\Temp\69f8c027-c2ca-4a39-96e9-74c047f2a2f3.tmp

Filesize
344KB

MD5
9772cf99f14ea49a1696d332d5fefc66

SHA1
9f77dbf43b70767f316228be37fd1e2e0b1ec1d3

SHA256
03ddfcc1603ec9669159a6398e586d7f54bc3146fe265c16647b2f5bd8758b70

SHA512
6f5b2c0124ec7d4a6038a51e6d5d8ecdf3594aa37e9973692bce325789ec276f02f4679606176e36db84e9eab0e2524e1039fd1c970862ab9da5776ca650b310

Download Submit
C:\Users\Admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe

Filesize
796KB

MD5
18693249f3a283e83b8179e692ffbba9

SHA1
546c0d89f8c8096d22c6f6be7e843cf5ce08e220

SHA256
3d828bcccc628e7096856337b178da5608a6c3db99383374e6c49d50a1895e64

SHA512
1ab246fea99daf75831f26930d458a05ff0efd5f9c71c9c4396681a065fcf9f5c04af774df34ad55e140b71d41e42254ee2d9dabbb18009800bdfc62170a8c39

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir5708_309662335\Sync Data\LevelDB\LOG.old

Filesize
324B

MD5
05cd5759dfc8af72ddf642e85b327a7c

SHA1
f034f54c80846e3815f95550e5d83e617741ab93

SHA256
4013b78d8dd0a695dc7902ba62591d37a7724303968ae3adbd6fc6e514cb7834

SHA512
c2b22b984c4d39ba867cae214b8c1cd4e42e3cc56f30d3ffcdc68c0023b224ec6cb5df0c52fea9a494d968ba112a53b37f5cc20b6a41ba9fb74c762ade6ecdfd

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir5708_309662335\Sync Data\LevelDB\LOG.old~RFe60bdf5.TMP

Filesize
321B

MD5
238cb66fddaed7b4eeca9d7c6970709a

SHA1
a30a91f3a2e7b1f72882029e219ec719c3993f3f

SHA256
ba923823a61f47c542b83a326aa4c774fea2734594779b21a5eea237d4c09a25

SHA512
b3606a0530e0433467b097f1f21f333224ec1dc6ffffc4ec5eec221b0046ca92f4c1e5b8c7b4016e23b64e244364736951e749d80068cf6b444f9acd855b4cdc

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir7396_204619604\CRX_INSTALL\_locales\en\messages.json

Filesize
162B

MD5
bf28ef9468e4e1cbc5f3e055adfa69e5

SHA1
d5cff2ec3851f3fff649d688919f9f4f8511420e

SHA256
0e86dc475bac19122a3134a18cf8af26b83831df3346bcf5093739ca2891b4b3

SHA512
7b37e27f56b8ef1aeec6f25bbe7336ad0bec837af4390e47932adc67c9ed873c6b7cb5d643b39d0b6f383d79c7ee0ab8aa39e70f894ce8f2b90a884d1325c3f5

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir7396_322170288\CRX_INSTALL\css\fb.css

Filesize
40B

MD5
c862cbbc1b82064465f98482ef73948b

SHA1
0e49a12b9d1fd903e0c44cfe9c9db0ae7a5b50fc

SHA256
988dfba4289e28ef42d0ce93bae58926ae7a9528de7bdf97898d1c2cd2f2016c

SHA512
12befd2966f25464dd21377d89b5d3c9b8fd9abaa8f257fe88bd1d80759fc5375439e6160f99dff7ec7a61135d9616992b611b63d1a6e094fe2eb29e23420559

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir7396_322170288\CRX_INSTALL\js\cs\fb.js

Filesize
3KB

MD5
35a10dd7924dc7a4205fb3807812896b

SHA1
53583f9a14b35a9529614f7cb8c2f26a3a2a31a4

SHA256
43cdb582f3881db7584ba1cab29ca88c74bf51819033ea88a02b0614e398ee8d

SHA512
a7220a4c8cf583c334d78c108b7da9402a79eb2c57c428c5f740f8b2c6c19ac1c761da8d57074f2b9cfb063da84410f6558a8b61f978d536d9ac48428448a681

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir7396_322170288\CRX_INSTALL\js\cs\lp.js

Filesize
3KB

MD5
b6ddadfa381c9d9297812d2dca3d92bc

SHA1
9f83febb785d4c87730164f7cf020d036e0e11f2

SHA256
6b2d97ac7dff812bbb826852feb506a4a300b7876fd6985e6b8a16ad710efe89

SHA512
d89a308fc1b9b6ba055e88ac91a830169547c8aea734a773762767fe4c6a76033a8d3f20b8e82c094239d25c8e2f17e4c9b1bcd083d294db368aa28f2cfe85f4

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir7396_322170288\CRX_INSTALL\js\cs\native.js

Filesize
1KB

MD5
8307716154566dd5d4b7f87f7e536824

SHA1
5b746f1c97a036b190d4cf1db76760902ae1ed87

SHA256
a7e44db42aa52a276edb6a2dea7dae1a8d1f683ae67d0179b5930271e3138d12

SHA512
8dcd2e9dea6c147a4c9578b42fd1613a55e790d3a6ddf98809f123cb06270784b0c0e3ae27bf2957e6066fd8bd831cc09777270e2bb8f6f7c144721f95e3c5fe

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir7396_322170288\CRX_INSTALL\js\cs\yt.js

Filesize
1KB

MD5
8e84151e901f61a135d941979efd8ff9

SHA1
52841c4272dc039438ce59943489367d1f2e4482

SHA256
738e199707a5027486e17e9bfbd50a1dd295d2d6d5c48ccac17fecaec91b70a1

SHA512
c2e2c027d3655bd549ec59d75cbe307c8e6b66838c72949b965ce2c7ac3c730ffb873a948cc055f6727964cf048d403262e8262c6c6559410ae682e2963c013e

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir7396_469961731\CRX_INSTALL\bbddbf12672a339b7dc0.png

Filesize
103KB

MD5
d6506d55722e451f4d13151ee693f680

SHA1
9b2f8a60d9da27b05429a9ab30d62c1c518da669

SHA256
d496c91adef2aa2223dc421188e0af4b083e052552d3a246e62d36483ffe269c

SHA512
55cfea26435d14a1bd5486167f79f1e65bd965e3aae05be36d61e0b38f813012621b8f2d32f2f0087f41009ab579def4f777ba5268deeae1ccbaaf9665c7120f

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir7396_469961731\CRX_INSTALL\d3897737645de49087f1.svg

Filesize
10KB

MD5
136d1b4bf4b7adf44865978068718c94

SHA1
3383fcfaf01c48b73f9ce7f2f662d0115577f9ac

SHA256
1f345b3511f67dc4216077e858defc94df174e04e0c917a72f35f7c708b855cd

SHA512
e9d16dabec6a07f7652d97b340cda70f0d7b2893f940278a9b3b621ce0062294e335614dc2f397d4726c866355a176ad0048b272614e36a55247b32c2dba2ff7

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir7396_469961731\CRX_INSTALL\popup.html

Filesize
230B

MD5
8dbeb11860aa56321c607337cbcb86e6

SHA1
c209b2465a5821a5ec9e8d30b90fad362a500933

SHA256
d05e125f910c646a127da2be326c62a1648bc90a3ca682afdfca6a2bfc5387d1

SHA512
1f3ffe249bdf93a935ded209a27436d6645acc83efee224a1d10b934eeda87599a1ea7cf14fc333691e5c5cc8e2ca05534ff41f17f3721b085ca50766b8be449

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\CertificateRevocation\9008\crl-set

Filesize
21KB

MD5
9c4c48e26677994381daf3a0fe648927

SHA1
68191dcd3a0c3cef9359cfc68e0e1d4384e05d37

SHA256
642cc5788a5b5ed31452d57d9f18d42c9f4576033f6af2c702ca4d9e0174d951

SHA512
ab6d87a7fb6e1f0042aaa30786fac67b7069b4107d3c6b57171267397c793065cd1d34809c8f0a2d8e497c446f803fba6c444a4e812869455c70e0916e2ee607

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad\settings.dat

Filesize
40B

MD5
67493e840aad5cf87407fc24c7f0d363

SHA1
e0de2f0c821b5ca6a0929649b4bab9520afac272

SHA256
2d03c4762f91ea5bcf2fb2c1bc2da17ad9f501d184d6f37c4f8b1cff3b79b7a9

SHA512
94ea8aa5329a667e9040bce433b2d5de5546eda22cc07e193fad3ac1f919003d51b0efd55c303e96b9e76064cd8d2d1af6bff07b99b9c8f47f76c2d19c0de65d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\3dec7c1c-0d7c-4918-9c7a-b3e95426ac3b.tmp

Filesize
173KB

MD5
f3d32d9918947cd0ee98a95e6782ea0c

SHA1
7d352e9a4799b5a180e11eaae4a7ef1a6ae51d2a

SHA256
33845d8a8dfe591b8eed4b27f2c47dc856b11d86c6bfec08074662c559ed4d01

SHA512
e4818c7e56b2a7f28610f14f738fe92018528517182e5cfa2e17750796bbdecdc2bca3af71afaad2e27a19a17e487fc321e8e20c286268dfb7a126135817804d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000005

Filesize
47KB

MD5
8e433c0592f77beb6dc527d7b90be120

SHA1
d7402416753ae1bb4cbd4b10d33a0c10517838bd

SHA256
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

SHA512
5e90f48b923bb95aeb49691d03dade8825c119b2fa28977ea170c41548900f4e0165e2869f97c7a9380d7ff8ff331a1da855500e5f7b0dfd2b9abd77a386bbf3

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000008

Filesize
232KB

MD5
b31dfcc1e16ebea709da2d412786b14e

SHA1
4c4970947b90b93e007e7f2a42ae1cec4194d138

SHA256
514d6d87b199299635b56af4d5b13c3a306ea7c7799e13d46e6af299646e566d

SHA512
0ac5298cd259f36f3d443056a6ca5da997fe196e0dd35d42014576771f4cb9a5fc39f1846d68162a80d9a9c61c68817785c207bc7683bff954bbbcd6b7aadf26

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000009

Filesize
184KB

MD5
f63bbba2a9f9040fdaae733b9f93cff4

SHA1
c00190fadcfecd8ff5f3d66aea8efa31d74ccb2d

SHA256
b5c8ce9ca2f72377b44fc90e8eb8cc67c0a2ecf70b7aea1b052a46a938b0a617

SHA512
b1647fb0151e114fa9f01eab8d095711624dd7501bc91db14f9217cf4ceaf188c22c91656f6839b50064b8ca179494a32d23f5e572ae7196abd4451b94d5347f

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
2a8a1ca81802e5a6b1e8b8a2a564d2a3

SHA1
b31b4718efd35c6130b2ea68c9210694d1769d92

SHA256
85802342ab04d33d4562d6fd0eaba793710f3953221f3712a8a332abdc966810

SHA512
05eefe68e9dc873529aea29ca8109c5b77df5afe36931469955e8c16e9ba0e1d6acc2abc3be4df944262b3da59cf967debb5a35b8659cfcd0edbbe4ffb0c47cb

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe617629.TMP

Filesize
48B

MD5
cedde79035b428d49280a6d4c1d7befc

SHA1
ad8df6a99f2778c313cecc04a33661c0820bf91f

SHA256
9f35e076f0d8f0ded9684e6baf538d887c2bae0f0eaf94ffc8e28ae095a3ad5e

SHA512
fbcbdb368232e8783c533c3b7c1ed8fca129359dd0188ecf8df2cd4671d049e9ef544f88bfd64764fa8f51496cf1ff2560a6cf4f720fc8fd45e457c7aaabe60d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\background.js

Filesize
197KB

MD5
a4bc45976df2440091fa127bd8c44c65

SHA1
1d7af45f71962ae53625b0f4c302ed97bd50157e

SHA256
bb43178ce7debf9c993a72e764a4719725d92932b05b754f9de5e0e66813a7af

SHA512
8732daa7a3b041a9e9cf3dcb43dee7006fe05a1e2d5d933c6025d78c2d9d5d760e40b4aebb1b33377cd33f2a549a46c152331f4519648c0ccf149ba50ed19557

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_active.png

Filesize
12KB

MD5
7025023ed527694b815c4b4518a6a9e8

SHA1
18943edb97bbf5e69faa3e0c92997c9c4ce624e9

SHA256
f5df828a3b73ed42fd72d7c54af685d562cb7aabf61abc7e61bffd8488f72ad8

SHA512
9f9b4af1f1500f5b0f91678215cb76e7e9afc86ff18322ac0c0bea3350d1878ee0ffe94fafb834baba2bc347aba5937cdf39b738b31da2acee1f90186fe9caf3

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_active_128.png

Filesize
12KB

MD5
81346649cb8375946c672e32d3bf9b30

SHA1
0c00d3bd8092954d0530be4c7d8fd9dee2e9a927

SHA256
c3a1be99ecfafd90e4710770d50c1260c92f150215f7244d22e5518e6202fd4f

SHA512
83b2af6163679ff038c919d94c5fca20fed3deec5a182f47cc397ffeda54959cfb6846f423a4904845c0fdb035b7eccf5e369496ad1b2b14a537f1bd1d53c0bc

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_active_16.png

Filesize
785B

MD5
a17aec844c2ec3e2c6d008711dfc26f3

SHA1
4bf42eb9ae3f6596fe9c1fff6fd3c080244ce186

SHA256
1186fea81c63be4e1458228de1082a7b1c9aebee6b4859853c2d0bd3c6f305e6

SHA512
09eedf3d49291cab2ea0e73f5e7b0cf2ec7ab097d700800e72c8bf90b587f2eb766bf6c329ff4f4492a6fdf9099c8f786c03be4322d11c804d7237152e8354e8

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_active_32.png

Filesize
1KB

MD5
4ea619db394f5bdd0a6b999ea4f90a21

SHA1
6c8a2f6def5d420c3a2959c8aee20d02b6487221

SHA256
5ec7e449f1b3b289276a5eb2a3df29b05a821d1644b7a922a4da6027533e9249

SHA512
44f8e02e9d8d7c04ebc846f3c5800c4e0109ff5032f1a2e5999d6e829adc15e71323a2148ad527b86138c1168267395144dcf46d29bbb7332b42e0e6ea531e03

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_active_48.png

Filesize
2KB

MD5
c337db6be4c45b2457a8bc317b8f5faf

SHA1
c934300181a555e4b87d2c53ff773a837e4e18b3

SHA256
c56fac799b899785b5104c4b44467027d9fcda9158cbb0b9e7cd1fb1293da6f6

SHA512
1c86d736e62af07978e3645788f8f0d08f0b6914d3b774127f72e6dc02f2fcb828b4eaf2eff61b83cd224dcefdbe6a2b5b96f6c4eebf8da578829fd0b97b02a7

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_disabled.png

Filesize
8KB

MD5
74e6dab6dbbd5d5f33528d4f3aa4d035

SHA1
8c4c17f7a4391ad5663aa450ddd70d47c0cee368

SHA256
869e9c156f96d0463156e9b2f28e276a706b9e6b41eaacf41ee5b45568ef7148

SHA512
3ecfafb76bb9983fd3109dc914f66530ee53c14d1a9babd6983befb8785a94ad5707d48f3b33da4b8faf35f873cda98ddc813b0c45eb066b09e0c1765b03a44d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_disabled_128.png

Filesize
6KB

MD5
dc0ee05d8bf51d7fc83adafd09fd303c

SHA1
ae16e45464becb6a5e5caab2b085acb1349b69de

SHA256
84e9fcc162434ce32e0147543d297f785ee68c1a51d9ead1722af63e7f620512

SHA512
56c333c1ec1598600da2abe10c840334a1b82590cf083e7fe190cd4f1f53e19928a536fb00b0e66a4dd33eab712ab5f49d4abb37a2a2a02cce06f60a9657d644

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_disabled_16.png

Filesize
675B

MD5
486b9faea77d0864251ef8d4666ade5e

SHA1
de162b46c9fb7fccdcf89a4d8977d67cb5400edc

SHA256
47b21d13eb7e258e884ea3af2d61c2a3a2ec2d94f84171081d8cb9a3a12385c0

SHA512
755ef069cb929db1ef2aeb534a69e0332fa1ac290d070ad35a8045fd9e03d1228b0bd99b9ab0b3b193f6dd7cae827362e0694f21db79c1e1dc8cf8a2033ad26c

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_disabled_32.png

Filesize
1KB

MD5
99123906febbaff7bd182013b6cb4392

SHA1
b6eafdfa3bb2ce6c445709b97037c5d42f47042f

SHA256
2fd54e16073f6fcf4aa9a5966acb384706328be970541abcc524b8ba462a0884

SHA512
b23e140d01eae42f9c1a0a25062a4656a6a11ba37f882693a9c7c07539a71ee3619f7b593c93b016cd5a7d97143b75ae08c2cc49a60fd8839af0f976396f422a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_disabled_48.png

Filesize
1KB

MD5
1ab56914d18699507389967e231b0687

SHA1
e2d5b7bb61c0f3b478ba35f12a4dee5bcb0136ee

SHA256
382c9f3a1eaae396c07bfce46aa9b311b281d8f64bf40f4012d62fbe6ab3e856

SHA512
d43bad6a9b232e7445eb7670d162b9370488345566eced88238420e25d7d9cd2050c3c25c629bf3969f23681d337e8ff0008c5ce93b4b1812f25b4346a0060c7

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_warning.png

Filesize
12KB

MD5
9c15aebec8ee6361c1ba9a9edeb431a8

SHA1
fed944b15d59b3f69789a2a82da0f1d813709ebd

SHA256
7681cd645c126843720a72e21b3f8485d948c194320910aca06091f3cebf5285

SHA512
1939d8e34a7866d658cd21f96922f8d6d0ccbe5fbdcd93278d194fc9e7aaa3f0d58ce32407cffc3960a6fc5aaf0df5abd8c6e5d61e47faa72fb698c04a310372

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_warning2.png

Filesize
11KB

MD5
3bb8509b350f21f21343c2e8a4eb22e7

SHA1
a33c97cdd060f3fd1bf652f5bcbdb1571f6350a5

SHA256
2fa980c9bef20989d200998c632275ea4e5cc2dd1d1c279395ff27e56329f2a0

SHA512
7e0c55e764a53583e2103e023ab003688aa9d44a4f53cc1e586489493285c57c2fda87e83519a2adbe71a5d0d8d80622ad0a73bb27d6fb2a91f348f5872782cf

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_warning2_128.png

Filesize
11KB

MD5
3295521ba38f92deadf975a21e239a29

SHA1
7078ab97f03566f57b5403db3bb45047126873af

SHA256
6ba4f2be7251c9379d3ecfbb231464b8fb7b2fcbeae7c63a8d99a074fd1b7dc3

SHA512
3bbd77f8f25e6d5ecbe00acd6c75a992bb4688c835932aa2264b317496cb2257edcdcb88ccee8f46ffbb1388eeaf1f22165923088c76d87c2e1fae2d8c78b67b

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_warning2_16.png

Filesize
1KB

MD5
c5d0c0f7f9f37bb352e5bc8c2030a1b1

SHA1
7852eab28175c5f64cf6c9a8e26edf7707133d3e

SHA256
04fe3f3d477e7f5c548871d9e3e8b3064e35996a4063a60a370dcee6a204db45

SHA512
166412cb822fabcf8480f9d5c78fbd6a1e5f83ca6aeee712ce8cfdb4671d7a0979f486bee97ff01365ef7da1ae0790c7ab1d791e9b313beaa0ab9ac6402d4063

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_warning2_32.png

Filesize
1KB

MD5
addd7e9683ddfe9502a4c6cb84fec358

SHA1
cd06fe06a9151d7df976822d11d23349ff779d10

SHA256
b3d2181f3652885081501b31c30e6c1d7f6e30ef4378c20a1caabee7f92d6029

SHA512
7a803bc03e36ef5f9639fc12a21da1a602380f47e822a5df879eefc45a3419d20fed4b750bfaab4ba951e132fbe72d7da79e398970f8e6351d8ef995e2bc913f

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_warning2_48.png

Filesize
2KB

MD5
d7c76d7bd1c05c82ffe2a94f987e9566

SHA1
01b9351d8320734b8c20ee2533374d820fb814ad

SHA256
8dc1c6ae1561486b4da74a55b74b9470367d5ce040c55448af3ba17c214fcaff

SHA512
584aa9d9ab355326788ffe7f1745e8d7afda5303650d58c7fa85d0ac6a63356b3b2fcfb3163804c42bf7bce549ae4eac7660546e4b495aa4c00bfdf335b679c4

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_warning_128.png

Filesize
12KB

MD5
d4ad565db4d1579ee2500aacad91b9d8

SHA1
069747cf07e26049d82afc520c826ad5b3b477ce

SHA256
652a2d5d2406fb45dbdbdd03fbef0f21a3efdf41beb1d654c0989f1dbe40b026

SHA512
b7994cef1a7988aa3120b7224af657468a6eb5f2f9fe8bf329ca2e0d58b170d129ee0a46e30c1297c3186da2486576a5c54ee7d0447da5cc0d1014affd58ffd5

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_warning_16.png

Filesize
1KB

MD5
c3d1964e49f8c4c2bed7e6279dc88272

SHA1
9874b2e441315f1b5d372d047178e5e502a3014a

SHA256
48295d2a05fe12fca99472d29de1646628723ff7856e84dcb85ef2f3606f4fb3

SHA512
25f8a9ebebc7e1a1376755bf367b1b5b5792692dec215bf076a837b87e18f08a44c272614d16384473108bc07b1d90a9670a0d006c38557a41fe9e2c4b9c936a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_warning_32.png

Filesize
1KB

MD5
402a2bc59a0a246d2292abc910de85b1

SHA1
e7d2a897066d629e02e29df062063e4b0d8bb793

SHA256
e1dedf486f3073698c8895ea9a4b88e4c2d241fe66be75167f6ce989ea8475a3

SHA512
114042b9e88008f379d44ccec186a7c5ee4a9f4899736bc286841b1d3112b6b7840b651c4a1810540c02d01471799ebb7e2a8cb055109dce7257e0e2ff8e67ae

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\icon_warning_48.png

Filesize
3KB

MD5
be6f1c1dc7f6bb33016092b100281180

SHA1
868b191c047e5518789a7cee51ae41a4bf5153aa

SHA256
200d816fdf0e8649c7dbbd63c7088aadb4dea5708afa39b0bfaabf3721bb8667

SHA512
744a443b2c1b246961763b15bea84fe88e82ba93e69fd6f85b3501dd55a32e6f4c24209e8abf067f8b4bb3036f05715a330951a052668d8993b8a5898e7cbddf

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\icons\warning.svg

Filesize
2KB

MD5
408375716fb2a77720319b68a8004099

SHA1
4cb7f9007ba4c268df39d5859580ec22c4676c53

SHA256
57590da87b240ea2425384bc4b06c2de9a97d25cd3700aff91827f62607c88fc

SHA512
7f300dbc7a9835dc2f2b694305225403ddac0204dadb9cbfbb5cfdf734aba4f140525260a07b2cdc2caaa3e833ea4d469268641c1ef64bd40180b75bcbefc643

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\manifest.json

Filesize
1KB

MD5
c1fc1094d80a1dd0310285a724d8ffdf

SHA1
eec342f83ed6fce6e53b51a7e2f779c0e1ca6e2c

SHA256
45bc49661f5776c00adf7d15a6d5320a61b40dd01084c997b4f3171965f6069a

SHA512
05b31904407be1abc47acb84722f2b1b56d2428a6fb926b264bd7bd4576dc13b31baf0008f192013bf22d9f263f2f6c254b10d6f139a06bd36dbebfbeaf77450

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\popup.js

Filesize
265KB

MD5
669f0c4e8887610b9c9aaee834beef8b

SHA1
4e51dacca348d1a898bd697373eb0f829f076858

SHA256
de98670bc1b6d73a979a75789ff1fbae52f307967b899742b2881a9471cdf63a

SHA512
037b4b20219f6f0c82bfb2c18a351af30641c10d320e3eda7cdd4dc258676c8cac40a908c119ed8ca34f4c2b76394bdae3ccb753781fe3034edeaf202042b25f

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\warning.html

Filesize
635B

MD5
6f6b09cef174e705e742183653fe758e

SHA1
665574533f57864d79be4de7c99fa7722245d50f

SHA256
c0b2fc1e63b6f7ef9ccdb9d43e4bcbe9865d8acda57839a4016087553f265faf

SHA512
006f99a860a6ac6e23a07e6fa3dbba060096a1f50ff839a8a21a0d6cd114fd91c432b9425dc96b78adb5571945a1d03b5d94af02bbd6127f042fdca45cd3f541

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir7396_1338110890\CRX_INSTALL\warning.js

Filesize
64KB

MD5
2520c3027fb7fbedeac649d66a93b4ab

SHA1
22f3341f06a6afbdbfcf1ae70773fe74ddef694c

SHA256
b2e000980ddbf4e1f2fd6f7cd5b71143663503173e59a6affb4879d5fbe82aa1

SHA512
865af2d54af5768eb5bb71694c9604afb6622d6dab6534bc840af4827350f1d3780e4def31206ca5a9cedd1c53225b8a4302dfadedf390c47112fa49bcc7bd72

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\hbgjioklmpbdmemlmbkfckopochbgjpl\1.0.0_0\preferences_schema.json

Filesize
7KB

MD5
a192304f63ef26c80086f835cc4b7ada

SHA1
6963e90e752209132b728a938844c4c64dc94d43

SHA256
4f72309f9378f04b3f1cb8f46b031ff513ac63e5056d96272f2bdc6d39dcddf9

SHA512
be619909cd0c3465966a4018847310c1493bfdecad6f07bb28293f3dcea73dc377f5d52cca040d626368e17828eae28384fe51d20c4a71925c5f31eea8e18561

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\mccchmdkmjpgjlhckmbinjaioihkcnkc\1.0.8_0\images\x48\icon_a.png

Filesize
2KB

MD5
c05285aad074c0872dd78908176b1052

SHA1
b8a5926d153dfbc503a38a749baf9099903c289f

SHA256
9a4a7e0c2969562d5d1299f80317d4560265b4a843cf17491c7d36fa74a91cc1

SHA512
6006b22ff83d0afdc346179a4c2dbbf927efcc62fcf9105fb45efd768bdba62af5839c3efb21e2555e0090639ab2dca76397d294b51db0dca768def53ce00a1a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\GPUCache\data_0

Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\GPUCache\data_2

Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\GPUCache\data_3

Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\Network Persistent State

Filesize
8KB

MD5
d9ea490e451ce339c60419a3f395cdd0

SHA1
f105e338917f514d166ee5cf94e29f03975a487e

SHA256
8ad9bc38319af74ea9efbe5d68e7762218979e28ef1e75f28bc64afed06c3528

SHA512
5eaf84846628b6ea6da31710cd130945b5176fc419cfaa343745452b9fe01f384f2d44399ab7e004365949a13c30f1341565f58054be51302f4f10f526e2ed52

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\Network Persistent State

Filesize
8KB

MD5
9805b1bf3a25e07ee563ccc3091be11b

SHA1
78672e41835972fb786a88bec4a5b614ccf948cc

SHA256
c7f73fa511485b0abe92c53e5f3bf76fb5a4401cea5ce16909f519a1e9a4ea31

SHA512
4bc904adbce492f2baaac2547d78ded7e618ee9e985d4a8e0fa6483eba3f2940846b8d8f39c887b0754a6f696cae2e655ca347acbacb4d5a97d2df2578df38d1

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\Network Persistent State~RFe61cf84.TMP

Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6ee5525a60334fbe33b58fb19926f3d0

SHA1
c1c99230f912c84739d5972a51adca16f96410c9

SHA256
becca52fcfaa2a24dcce926b8044048638deb18d4fb83bdd25cedf1b64ab50ec

SHA512
a9988351e768e2508a6a7c01b7a9ec6de0b3c56726554a3552b2d90bb4ce7181f02e0c8f903ead2f5cf17d7828e15e661b39f1a239d423fdda3f65778508fdd3

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9b68a73e2051574a90d00627192f8cae

SHA1
03ec05e688b7e15eb931e9c67218cbf395026bfe

SHA256
24060411a7220703ab8baa4eae8d0c4dd50e87344250106cf3e1d2b3e1d0f027

SHA512
8ba74bb28092fcdc4751adc43cc6a386422d859c2667bcaa923fafce0883923af4513be90a6c7279c35b1ad523b6f624349b6996296784c8d466fadae79e1f0c

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
9ac0dc43e39328749b1d16f403f89402

SHA1
23e94535b89251d3364020e343aae8818fc5e94e

SHA256
f917079002cd1a83066663b4739e90df38924560693739453a99913f806015cf

SHA512
cc0fe84f1444cc14eb383f08cff9fe50a60714882bfc337b8aac82a86033ca470060196dd49551d5733af668dadeafb8bf6e4cd9c2ede746f3db66496bdd5a46

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity~RFe610e09.TMP

Filesize
1KB

MD5
a103160e5ef225e1624ce4240f5616b0

SHA1
9b5d9f78101855d02b2eec92b3c64e3890914e14

SHA256
d8348c5888ff2746d8c7083408059b892e3feaabdea30b0e02929bc122b5abcd

SHA512
3c5a483029b42b8974f0add05a7df4cf0a2098fd26122d0f980d66ac8596ad1d2de72960befb84637c001fbceaaaf1972e76fa7c3f6b5ffe78b71fa2207d41e1

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences

Filesize
16KB

MD5
e36f02334711b0f480f822f7f4cea65e

SHA1
8279a5ec1ab70b2d5a85d9c9d230302edd00d1ca

SHA256
e259aa93cf6e007a78b19733d44021c45cb00c918ed727f19c38656f59edf124

SHA512
1ce9fd95b31a7352ae53a574351787803f2053fc7ce3e1621e1f960489c4681e85533270057aaa300bcd6a7c86b7fa2511ab86d7fbe0d4fbb67211ecdbe9c799

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences

Filesize
16KB

MD5
db432b827df15c5ae6aa1d22a1dffd28

SHA1
4adffa7effb2e29eac1a9c4c1083bc08a232bf4c

SHA256
afe8d8ba2fbc2d6dbb719e081075d2d5520b46f6f999f1f5f0d2e1359794ac8d

SHA512
da17afc357e20df4052aa3e88bca603a799b3bda5db7e9c6a6974fac5d96254035c33a8342b8468578030c0989cd72fd1c4cc83f11b65b516ec02b44ac78392c

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences

Filesize
16KB

MD5
60bd7ed56c4ebd754e730b1f74dbfc85

SHA1
9bb65faa2f21cdcfe25f5b8b7faf1f25b92e20ea

SHA256
555430bf2c2a9d66d669c69d738a50e3f6f857d381fb2bd1d098c6d869ea6e03

SHA512
fe82c5c0cb60d33751a7cfdda0ffd33067ec711234268abbc1fa899668cca70eb2b31e84b56b23d8a27114b048076883c29ebbec011ad7d3c3b64ec32108b0cb

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences~RFe60e34f.TMP

Filesize
5KB

MD5
b3893e5a0db5e296b1ffd08f6099fd25

SHA1
09b51c991b97659be517ed726ffc5c1fbfc5c207

SHA256
0b0e09a35f0f94822b5488c66a2ba75fd6e0cadf900236771f07258f64ac17a1

SHA512
6ad901ce5f30ac77ae9a4f2d0a2a17a2a71bdfa3f030b843d0fbcbe1c35ab6e617b15f6968a86e2829bf2ab7f3a87e9b0ef67c788075f6f4e2fa9496077a0349

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Secure Preferences

Filesize
48KB

MD5
383dea9020480ca43057431981c54b28

SHA1
10362a61ff2c3f1b7422bd9631b52d48b4fb683f

SHA256
887866f1a4deef7e9c7460b8320488683f12de887a7eea81581ed741017daaa9

SHA512
22259e90ce31c9db82d39fd9a6ed001d8a710ef638cccd750cfa27eb4a3005323b1cc1409bd01de6b8a000e6739a144da42ccf37fbcf2d1ae924f6d0dc0bc0a1

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Secure Preferences~RFe610a7f.TMP

Filesize
47KB

MD5
e2a8bc935b2bb64904923f66bec489e3

SHA1
46ef0a6d1d9fc521d43e99a9396d1141c4eae735

SHA256
6def45c1e26f83ea7f48ca1c9fd2a3fb70cff4579aab6edb68a25a4a2ef80175

SHA512
f3c6d40d4ec5674690c477eaf403e5a838394d7dbe1a91bdb9179ec67cb5caa87c2bfbe24ad9325ce40930f0b8cbed91193c27eaf9c385bb217e00163be1c0d5

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

Filesize
35KB

MD5
6503ef5d32f49b183d0661909785e1d6

SHA1
917e95421b7a8dd133b9f371b6903bdd54a6f30d

SHA256
d0229adb3a856b9891622787b035f0692ef2eead6bbc37cc215b3197f273047e

SHA512
8c35e9afd13bcfc7b8ab24d625bb28c9625e2fbcd932442d69fe0a684222a97f0a3504cbe5a5eff264785e03625d63a7cd96235b0ccfc94fec45dc2afdda2875

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
288B

MD5
024ae44956e33254d6a496a498ede9ce

SHA1
4124a551664c7a1998302b4adfc9d93004e4c496

SHA256
093e336df48cee457a8490516c7aba4ffa3035e14ab278633dbcd4c85122cfcb

SHA512
1f4c542aa0d6f64546e7101b0c53ddf60882ea3ad83792ddfd3694e6a2dff9ef44b3cbe0ddf0ad70785c8165f7881371dc2bb6b249d9c3dc72189ac9419bd46f

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe613c2d.TMP

Filesize
48B

MD5
0e4a8798f29951efbc6fff53b43b69c2

SHA1
367832c1abb94fa3bc3c8f62e2f0966735decf6b

SHA256
351fa94bda886969d5841572a85b1f7de0934bd00f3f3524201c662775c12180

SHA512
63aba80ba89639f72148d1953f08f883afdbd9d6b619ed241cb6e3020db9bba2f49c9681cddcd0cdbdd1f021a4429e45933cbbb9fd8eb565426c26d7a8b68c37

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\FileTypePolicies\66\download_file_types.pb

Filesize
7KB

MD5
b486a2d22e22545b4d7ce820c38245ca

SHA1
3be7e3d4e07c581b9638a73a062809fb1f535ca8

SHA256
2f490c4adc51b58604c99546925f091dbda66ce6e54a0ea5b75e675d1fbe019c

SHA512
5c47112085670e0726401d436984accf4ab21c23fd785f0031997b786238618a163cd194749b8f625c3ab18d211f31711cc904c3164671bbc9347550c3b72ace

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Local State

Filesize
7KB

MD5
9e92353e85c07d70aa051fa272b47de3

SHA1
6ce7f1bb492a7bd4f1cf022e59a0a8d2b87b0d4c

SHA256
8f016b2fb09d9f8972a60f67206a24ad9bd3996ecfae108e84749649b9ee2531

SHA512
1411b0e30b003e038fa89989b536756416637b1df298422f9f70d97dc59b96904030fd8ff30acc89e8e08a6184032932c992aeb1dc02200e26b155613aa90a66

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Local State

Filesize
7KB

MD5
3089d688a6a743de13e66071c732bf3c

SHA1
af85f87e4530977913808d867495b2eac18f2c0e

SHA256
1579499ebfa1dbcef580c37eb18104d1ecc1f3857729d3c359db2124f6d5bea7

SHA512
6b6541061d993e23868b0c12d448f23e296bdd5cb2cf0a74806333cdd5910ecd7527ddef32f5ff709bf5ef0aea2d196a3a641349f4a0986e5fed945597a1d6de

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Local State

Filesize
7KB

MD5
dd59ef2fb0c93e4baf8739a6aa2bf497

SHA1
7009248dc0bb76efc371536fe415139deadc7250

SHA256
270fcfe537f7e4bc26701a8f51045cd693eff7bebeeb3f65c9ebbb77e2061345

SHA512
a06e57f9c63fb40aeb4f9173d9d0962da40f6bd8934fc3a8733e49f6d6156812dbd0b27e6c0ff91fece8fc30be2af6f17138f82210614872262b9e1ecb5663d3

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Local State~RFe60e2b3.TMP

Filesize
4KB

MD5
5d226e2e83cbe0c0e95931dd24e0c54e

SHA1
2cd21fe966dc2bf9755525c544e935e658516fac

SHA256
b1acfdcbeed5064b73a45a1af083708964da6fe85a04985b10170e5a6baa8b27

SHA512
d9878c9791f5d25f55cc9ba666eba3ba841e65f56093a2bd704c6dadbd5f86ecfe4f1834c5c1b58256063abd568515fd07e1d630f3abfe6848bf5416cafa02ec

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\SafetyTips\3038\safety_tips.pb

Filesize
154KB

MD5
60ec8890171ef29186ef10e14334387f

SHA1
740b0a3888fbbe25fbee2f906df666d91cbf7c02

SHA256
4813873b42ddd0e989cab4d79c9afdd06d94eaa9594adae588c380a3ce8560fe

SHA512
720d2884be0cdfc2e3bfe30d5d8d8e5d249b79f9dfa32f24af0730363627136d440575527447a357b9b441157f098be4108cb56ddafbb0758de5236a328a93fc

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ActiveFeatures.zip

Filesize
404B

MD5
8103fe08aa2f6b9ac6b4a7d7f0cdef9b

SHA1
4d32021634e303ce600c3f84589c1fbc5eb33147

SHA256
1a4c41334f087744dd1f74168ba47dd9e93eca2e66c07588881e49fda5addcf9

SHA512
4a0f1c372769e53cd6bdbe2c18c47e40bd3aa42d032b76a367ef4fa6435d21b7232622b28a0890ed971a56ba083be3bcd09e0bd1b7442a2bc7e009c8c4143962

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ActiveFeatures.zip

Filesize
404B

MD5
db8a865ee264ad348f1fa964f6f62dc5

SHA1
5e798dfc7bc7880cd7b2ff07f095cd87e7787860

SHA256
4c0ae56065b992cd337ffaa23ff0f4eb824ac1a345832e9183c1ed4bc780220f

SHA512
e86b74b4bc3c6356ec1ea480c48f0b7213f05448f7d40d6f524b02c40b1581189965a8313243aa655231d62cf241ff6c26aa45d7fcef1b3ac1e11e128874c0ec

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\AppSettings.txt

Filesize
332B

MD5
590fd86ad024f2b655deec8333e240a9

SHA1
f1946050248dd1aea834f139063ac8eb3e41677e

SHA256
7afe6a8c5bf14cace6e9bb2d40df2adb5f31325fc024f448138106cf7b63f7c1

SHA512
c19bf730552e548b6caaa27f5ff2c5b34d34ac9408b3b6e388361635ddfd4f619b9205fad76b9141f2804b8dd364cd843dcbabd4d9d7b7b712f320f6729d87ec

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\CData.txt

Filesize
209B

MD5
4f0dae3c48b9c85ba0ec68e866a2616a

SHA1
6a9ca164ee620b0a90d9e8c0d7bf5e12c7f9c286

SHA256
980721caa671c83772a96f75f970dfbb524a570c41c719379503a3be83cf1ee4

SHA512
7590169c08b906a8e69d1b1ea9a1c61dc2e007e747dc32591c271c6a978e8734e6506c6820115bfe8f41a8bddbc89c88bb573b571c6281cda4c989e10ab8a841

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\EData.txt

Filesize
207B

MD5
b9897c16d7f045649c75a67418a71fdd

SHA1
bb66b5b05480e447babf6671f9f88f4ce2fcd4c3

SHA256
162afb9302a6769011e1eacc15406debf06b24ee76242d4c4d160ce12f4d2096

SHA512
577c6abac6d0ed7f1b89147908f2c17fd04bb82b68dc2ff70697371109107b7310585258cd4224b45dee21e10c4f4759fafedaa7571cab17808dfaa0d067be13

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\FData.txt

Filesize
208B

MD5
65f7647af4d50277872c0341db16409c

SHA1
4733dc4d0c57c0f2aafb90272f37cfa9c84d3b35

SHA256
0d44b80ca80b207c6b441310f71c4cede33585162add2dc8b69f5b9c4064448d

SHA512
aeefdaee2e97d5261f490d4b26efc9ba698ada8db912c9d0f6fd663063ed0f28b7c86c81bb529636abe9ff29d1913e778f6ad8a07f270d53880c92c2efe00b80

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\FeatureActions.zip

Filesize
656B

MD5
a60437529829cfffc0a3035cc668f908

SHA1
617955aa13cab56952bd5a2ce3702b2b8f6b18b6

SHA256
04fc3ef6ac03950f1073c01fa01476a4fc6ab160a740804a0034ba653bf5cf87

SHA512
4c583c7f4fcb098519292acd8f7bab7df580c2b43e828604b335f27040ed8a092e251d1846dd846cb6086d271dd27e03008ec3d81c29bb014573eb14b6aca5a9

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ServicePartnerInfo.txt

Filesize
185B

MD5
7b59bca28357919ad0066af8a6887abd

SHA1
bd51f2cb027f77982b372a1fc7b6f27149dc5577

SHA256
5961126103d2bf40e9b6677c160ca64b3fcf84efc82515650765973526da86c0

SHA512
3b1c2e9b3bd2163d6b4dd0443a97bc68cc80026de4ae76246d12e7c3e44209302b3dfd8434ad06c08056e601dda5779afc5588b720791201dfe81caf0699f45c

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\WebProtectionConfig.txt

Filesize
308B

MD5
0cb1cc6ebd3113ffa4d08cb8e611b0c1

SHA1
c084178a890875d41c400e8950537e1f8a58a50f

SHA256
b578ec7cfe4cdf6690c83daa66b068fc585a8b35fc3a8722e29f2dc0fabb26e2

SHA512
c86f4c9a16249313e1a4e0561dc6241e931c5d382a830b64e3aa9d1447734716417bc2f08e4860edc0d2945cc5091170b90039194c90985395d33a36662fffec

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\statistic.db

Filesize
2KB

MD5
4783e1fc429d5231ed3970ab54f872a7

SHA1
cbd539c9b9b9e215bdc5a76076b94c4b86d22b3c

SHA256
ca9ade4befa0f40b3e36a5737af17a1974290df7cb6bd787905456621b5dc3ee

SHA512
0c0241c564036a28941599ee80189d256db1e17eda8a82bdcdd2481a280c6682cfbf5baf6c5aa076be62766eaf173317f3f8ccd630f9e30f4c182c9586a0f9b7

Download Submit
C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\statistic.db

Filesize
2KB

MD5
2afd6ec4a26ed8f206d07abf98337ecc

SHA1
9e802c04f77cbc80fa16d0cb23e6222f99395110

SHA256
e1f5d9ae3453156da8c3b13ac6e817265aa158eaf3739ca669ff25feb389ec7e

SHA512
895b5900d77883e626f73e3d7158064f853afcdc95dc0089cdc7f291ab0f540d9f3cf8497da8a25191df60a8e37b37c52e8a883526836324f865d72d990efeac

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
16KB

MD5
2a6c317e16a6ab014c2a4c597b2246a8

SHA1
b43649bc7ec79f335f73287477322f9a482a4c39

SHA256
45b0cdd4859907840755795c8be6d16a8fba2d6470b994f8f89b22e5aeaa0b4f

SHA512
c49e4cad3569b5d53d5447aaf0f2ea1c0cf6b8c97b7d99ad724c92fab156719d9b0b0395811617c559c66dffd7c7faa3f16462ce7b6849d6a4a845663360338e

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
14KB

MD5
5df54491b3fda998a8a07ba875dbcda5

SHA1
33f304f4dad21358d655523dd480cfb85f89020c

SHA256
d688dabe7ab098c208d6c3366f9f299905c6618e3d5f101e75afe0767d1cb7d7

SHA512
77aebe37a14d9b82abaaddc221bb10faea4d787ba3647492a85b6b2cd3b273966ad7222ae07220fb11268ee77ccffc847c39cdce20fef045efcfe51e314506c5

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
18KB

MD5
0f0036697619ae228491d8aa286a8d60

SHA1
4737a6149e975fab7d4f34d55a94c90e338de057

SHA256
fab71224fb10f3900b8be1a8a0d6db097478e299d930e47b1ec6d076aff4b088

SHA512
9a916bdb50ae2ab390923660e0c0dfb59bb4b4555c6a34c9e1b5b09ae2da4e1b9b676dfbb631aac04818220d06cb01186986a6e99b9b599873c9f59cd2d9649d

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
14KB

MD5
dd35e86e337e7147b98868359a780d33

SHA1
27a483ea398dd09060ada57c699c219757605018

SHA256
cf2a947c3862358171d90b7d21862dd5c9ffeff64c77ff9898d540ed3b06864c

SHA512
81be57a68c406fa58606dd648bd02a10ad56f1bcad2a7243edc9c2e5f88c779ccd3b0a5e3f41b764e99222ec3b7d726aa476a2531e45831cd70e82c63f0767ff

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
17KB

MD5
a1ce15a8c23f5194fd2fe8b91c2726b1

SHA1
cbdea70891b7c6bf10a2ee507ae73c9e0a57b88a

SHA256
03668a0e455966d2bc4364d26811465ed3f7078daea7a11104199decb4032f95

SHA512
e56cdffbb88999ddf7b907ea2031b88ae53c9e28110b03a9be2c95a6b6a9a7f5d7bc8780a113486609a7a852db67f58269b10838cb20a529ba3fe268caad9014

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
16KB

MD5
59e50986f920c37a68a5429aa66f0ef1

SHA1
aa8b9d361db6959b717291f431b80a3a5a3597e0

SHA256
7d85031455be2dd3ed1939fb11b3067881b4e2f973c745bea76f2f5812c87bf6

SHA512
ce70bfa34c6da4f77a47dccb84dcb60b8e8d57ca4d9a4936a71ecd56999bce642be6952e0e8838598ffa72a24c931c7b70bb1fec5a2c68cc27ef5d2f78e7db53

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
10KB

MD5
1c93b667a7ffe7774efe6048ff1cae33

SHA1
bc854693db7c5811bfa12b47fcbc752b6fc3e779

SHA256
00d2d76790cdb18870d68caf38054eb9e34f6f1b3109389bc36ad89b899a43a4

SHA512
b4169e8234ac0dece11361f01086eb8c2e18a127e98aa39f8a136b7ae1328fa01873943152f9abaa2e8426b956d06c0fa6c78eb604f60ad842a904d51f90a6ff

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
16KB

MD5
c233b3d402ce22b33902e8af5805301e

SHA1
043c8079af3846b05d990bf84e904e5a56be7943

SHA256
1302bab8274ed280a17bb5a9d03bf8890f7a21887321c77bf86570edca73ad16

SHA512
c3fc0f105393c1d4b8d5db531b0cf1ce956f981b18e7479de730ae3be7d46355907fd07a8da028b63563033bc476da427b585119e5ed7e5ece19f69a159c850c

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
16KB

MD5
4796b21b40e3037f6638df8e544e9f2b

SHA1
e282463af09b7ff8b1d91969de81aa793670458a

SHA256
d556ef195bebc967b5c0f61cf5d0cc69628c1d933a407553caceb1c07a990181

SHA512
6f323ca1514802b18629c32cf3033fae579136c0ca7a5b00758ffd134e844d1733984cb384feffdc9bf39effac5305baeec1c681e00cfb8b2a95db6d143b12c1

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WaveBrowser.lnk

Filesize
2KB

MD5
6d4e6e916bced5ef35bed24101593d1b

SHA1
96450fe3338a5005f8de589c4c07bed4156e0362

SHA256
ce20f43e82b8384e69bb225a6280ce565f51ecba295b71b6284695f6839e457d

SHA512
597440d7c55b5ed81bebd8876c55af02752996cabb2030ba0615fd9d96aa944a552da8d6fceec75cd9d3b00bcd785eb1de3baa33621f558b117b7980a21f32ba

Download Submit
C:\Users\Admin\Downloads\027c5e26-39e4-439a-88d5-ea01a3a6ae84.tmp

Filesize
49KB

MD5
944a47120812136756202398329c1b26

SHA1
e505844487600adb99bc22d1a85fd0028666cad2

SHA256
b5d386a6a4069c61bb30aa2c0c6a8c88a79cb5baaf37e44ab4c281d93ee0d215

SHA512
ce5a8c4f44f5b364b925228dd0792140bed90a0a4c34c07d18a28dddf1f4be87ee2deff3b33de5fc17712082a61b5d57e8a4ec093876fc794a1c13995c64dadd

Download Submit
C:\Users\Admin\Downloads\MEMZ.exe

Filesize
16KB

MD5
1d5ad9c8d3fee874d0feb8bfac220a11

SHA1
ca6d3f7e6c784155f664a9179ca64e4034df9595

SHA256
3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff

SHA512
c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 169657.crdownload

Filesize
532KB

MD5
511344f98a8446546e3bd3d3a8f1b278

SHA1
1a49256e7d09f5be10090c06b385b8c76284a77b

SHA256
d4af4c8e70dd37a45b7369a967f0793344ec9f198af90176540976af939a1307

SHA512
fd817bc7d352d5faabb36b53ebd4e218ac044d401ddb741d6ee4a9411f1241491b997bfebda9e83119718f08d0ee0d2bbea9985bc78476b4477aae3fe1f9b1fc

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 782710.crdownload

Filesize
8.5MB

MD5
b91e27a90186027b628d1ec6b9a733e0

SHA1
918fa8fb18e245bbcadb78d492cd33aeae1361b5

SHA256
12846cf608a1728401e8aec4abdfd0356a90bc4ab2168787f097c65b950d5aa2

SHA512
7eed5a4eaebad05c5baa9700c6d55edbb1c501ec9cb6137de10f6d7eade2bd0ad5c938773e058482841f977f5ed683d975c58a75cc4394f1603903208c638afa

Download Submit
C:\Users\Admin\Downloads\Wave Browser.exe

Filesize
1.2MB

MD5
1684aab6fae1ed888cf6d3c45e3f5fa7

SHA1
6acc87b81836575bf7b497f0e8a9a23a221f06b7

SHA256
4114122c0dca23f637d83eed33f9abcdc92709e2ac6f63ffd55f5aae519b58ab

SHA512
6d4bafe21686ce62cc129082e8dcd4da87fa7dcaea5eee9862a99adbb0142e89fe0e9d097ee2b9a9a6b6eab3ee23b6a26c4fa587d7ce1782a1d2e2c1454c2e71

Download Submit
C:\Users\Admin\Wavesor Software\SWUpdater\1.3.133.0\SWUpdaterComRegisterShell64.exe

Filesize
190KB

MD5
10b82dc9d9a29bc4af224981f0e1c6fe

SHA1
bc33b2eeac62916eb9ee93a3f1ed6a0eb7611187

SHA256
00cd644354032257a39ff710ddd03e9fb98348f5323dec31ca670c903d68274c

SHA512
a3c67a858ce7889506572e2448b5d1e936c6d6ada2a04736b1f6cfe12b9ae46e9ee8c925778cda273db54000854f1ec4a544bcf2255770b978c7c6e9e24a1664

Download Submit
C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe

Filesize
108KB

MD5
57428456c6e6c2ea328c864681db5df3

SHA1
2dc7329e0b346c435b6ea5cf44a3d0a076f8d398

SHA256
ee87747102eba8844939352740d0bb6c4a67f10c2656961cb2722cd42ba99f40

SHA512
40fb34fce07f094fdaf78c499a21c3f534f0c8ae1246b6cf382ea7e63fa08b4de56e6c81eb8fadce8a2e508ae5d03831590a06ffda3d46026fb894e4997f31b0

Download Submit
C:\Users\Admin\Wavesor Software\WaveBrowser\1.5.18.2\Installer\setup.exe

Filesize
3.7MB

MD5
2b117301b1e7ebfe62bef6b9fa9288e2

SHA1
d5e3fcab4526731ba3f5bf0ad914d616d4bd474f

SHA256
c21b934852b65af249b78f95a45df6ee7afed09c35630ac37ab3c646df3a9c80

SHA512
8fbe5c2e33b9429da123e9025cef8f13d93a51035f5fa232fe1187783ddb0d57d95fee7eb780ad840de8938ca6fc140a3b335469ef0ac13283381a6e3b4f945a

Download Submit
memory/5696-8005-0x0000000072710000-0x0000000072722000-memory.dmp

Filesize
72KB

Download
memory/5696-7987-0x00000000054D0000-0x00000000054F6000-memory.dmp

Filesize
152KB

Download
memory/5696-7986-0x00000000054B0000-0x00000000054CE000-memory.dmp

Filesize
120KB

Download
memory/5696-7985-0x0000000005310000-0x0000000005330000-memory.dmp

Filesize
128KB

Download
memory/5696-7984-0x0000000004F40000-0x0000000004F90000-memory.dmp

Filesize
320KB

Download
memory/5696-7978-0x00000000003B0000-0x00000000006F8000-memory.dmp

Filesize
3.3MB

Download
memory/5696-8288-0x0000000008B90000-0x0000000009134000-memory.dmp

Filesize
5.6MB

Download
memory/5696-8254-0x0000000007FB0000-0x0000000007FCE000-memory.dmp

Filesize
120KB

Download
memory/5696-8252-0x0000000007F30000-0x0000000007FA6000-memory.dmp

Filesize
472KB

Download
memory/5696-8233-0x00000000075E0000-0x00000000075EC000-memory.dmp

Filesize
48KB

Download
memory/5696-8197-0x0000000007E30000-0x0000000007E64000-memory.dmp

Filesize
208KB

Download
memory/5696-8120-0x0000000007400000-0x0000000007478000-memory.dmp

Filesize
480KB

Download
memory/5696-8366-0x0000000008650000-0x0000000008672000-memory.dmp

Filesize
136KB

Download
memory/5696-7991-0x00000000055A0000-0x00000000055E8000-memory.dmp

Filesize
288KB

Download
memory/5696-7992-0x0000000005B40000-0x0000000005B7C000-memory.dmp

Filesize
240KB

Download
memory/5696-7993-0x0000000005AC0000-0x0000000005AE1000-memory.dmp

Filesize
132KB

Download
memory/5696-8004-0x0000000006490000-0x00000000064A2000-memory.dmp

Filesize
72KB

Download
memory/5696-8003-0x0000000006300000-0x000000000636E000-memory.dmp

Filesize
440KB

Download
memory/5696-7990-0x0000000005540000-0x0000000005548000-memory.dmp

Filesize
32KB

Download
memory/5696-7997-0x00000000061E0000-0x0000000006202000-memory.dmp

Filesize
136KB

Download
memory/5696-8002-0x0000000006260000-0x0000000006288000-memory.dmp

Filesize
160KB

Download
memory/6788-4588-0x000000001EA70000-0x000000001EAA8000-memory.dmp

Filesize
224KB

Download
memory/6788-4589-0x000000001EA30000-0x000000001EA3E000-memory.dmp

Filesize
56KB

Download
memory/6788-4587-0x000000001E5D0000-0x000000001E5D8000-memory.dmp

Filesize
32KB

Download
memory/6788-4586-0x0000000000590000-0x00000000006CA000-memory.dmp

Filesize
1.2MB

Download
memory/7444-5011-0x00007FFEF9080000-0x00007FFEF9081000-memory.dmp

Filesize
4KB

Download
memory/7444-5010-0x00007FFEFAE90000-0x00007FFEFAE91000-memory.dmp

Filesize
4KB

Download
memory/7820-5146-0x00000000073A0000-0x0000000007406000-memory.dmp

Filesize
408KB

Download
memory/7820-5244-0x0000000005E30000-0x0000000005E38000-memory.dmp

Filesize
32KB

Download
memory/7820-4946-0x0000000005F90000-0x00000000065A8000-memory.dmp

Filesize
6.1MB

Download
memory/7820-4947-0x00000000056F0000-0x0000000005740000-memory.dmp

Filesize
320KB

Download
memory/7820-4948-0x0000000005740000-0x0000000005752000-memory.dmp

Filesize
72KB

Download
memory/7820-4949-0x0000000005760000-0x000000000579C000-memory.dmp

Filesize
240KB

Download
memory/7820-4950-0x00000000057E0000-0x000000000582C000-memory.dmp

Filesize
304KB

Download
memory/7820-4965-0x0000000005A80000-0x0000000005B8A000-memory.dmp

Filesize
1.0MB

Download
memory/7820-4977-0x00000000069B0000-0x0000000006A1E000-memory.dmp

Filesize
440KB

Download
memory/7820-4989-0x0000000006DF0000-0x0000000006E10000-memory.dmp

Filesize
128KB

Download
memory/7820-4998-0x0000000006E10000-0x0000000007164000-memory.dmp

Filesize
3.3MB

Download
memory/7820-4937-0x0000000000E40000-0x0000000000EAE000-memory.dmp

Filesize
440KB

Download
memory/7820-7425-0x000000000C370000-0x000000000C3A4000-memory.dmp

Filesize
208KB

Download
memory/7820-5287-0x000000000CDA0000-0x000000000CDD8000-memory.dmp

Filesize
224KB

Download
memory/7820-5288-0x0000000009CD0000-0x0000000009CDE000-memory.dmp

Filesize
56KB

Download
memory/7820-5259-0x0000000007890000-0x0000000007922000-memory.dmp

Filesize
584KB

Download
memory/7820-5285-0x0000000007E80000-0x0000000007E88000-memory.dmp

Filesize
32KB

Download
memory/7820-5286-0x0000000007E90000-0x0000000007E98000-memory.dmp

Filesize
32KB

Download
memory/8408-8521-0x0000000072710000-0x0000000072722000-memory.dmp

Filesize
72KB

Download
memory/8408-8941-0x0000000008290000-0x00000000082E6000-memory.dmp

Filesize
344KB

Download
memory/8408-8942-0x00000000084B0000-0x00000000084BC000-memory.dmp

Filesize
48KB

Download
memory/8408-8970-0x000000000B740000-0x000000000B748000-memory.dmp

Filesize
32KB

Download