hxxps://precisionsec[.]com/threat-intelligence-feeds/malware-domain-list/

Analysis

max time kernel
396s
max time network
397s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
24/08/2024, 16:26

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://precisionsec.com/threat-intelligence-feeds/malware-domain-list/

Score

8^/10

discovery evasion motw persistence phishing privilege_escalation spyware stealer trojan

Malware Config

Signatures

Downloads MZ/PE file

Checks computer location settings 2 TTPs 40 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	SWUpdater.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	SWUpdater.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	Wave Browser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\Control Panel\International\Geo\Nation	wavebrowser.exe

Event Triggered Execution: Component Object Model Hijacking 1 TTPs
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
persistence privilege_escalation

Component Object Model Hijacking
T1546.015

Executes dropped EXE 64 IoCs

pid	Process
7768	Wave Browser.exe
7864	Wave Browser.exe
7968	Wave Browser.exe
8044	Wave Browser.exe
6052	SWUpdaterSetup.exe
7340	SWUpdater.exe
7416	SWUpdater.exe
4844	SWUpdaterComRegisterShell64.exe
5388	SWUpdaterComRegisterShell64.exe
3956	SWUpdaterComRegisterShell64.exe
7008	SWUpdater.exe
7456	SWUpdater.exe
7576	SWUpdater.exe
4412	WaveInstaller-v1.5.18.2.exe
7312	setup.exe
7328	setup.exe
6096	setup.exe
6124	setup.exe
6592	wavebrowser.exe
6604	wavebrowser.exe
5912	wavebrowser.exe
6388	wavebrowser.exe
7324	wavebrowser.exe
2660	wavebrowser.exe
6812	wavebrowser.exe
6368	SWUpdater.exe
4680	wavebrowser.exe
4332	wavebrowser.exe
6412	wavebrowser.exe
5620	wavebrowser.exe
6112	wavebrowser.exe
4964	wavebrowser.exe
6416	wavebrowser.exe
5976	wavebrowser.exe
6860	wavebrowser.exe
8144	wavebrowser.exe
7128	wavebrowser.exe
5268	wavebrowser.exe
2236	wavebrowser.exe
3576	wavebrowser.exe
6784	wavebrowser.exe
4172	wavebrowser.exe
4484	wavebrowser.exe
7384	wavebrowser.exe
5488	wavebrowser.exe
6816	wavebrowser.exe
460	wavebrowser.exe
3048	wavebrowser.exe
2036	wavebrowser.exe
7452	wavebrowser.exe
5924	wavebrowser.exe
6864	wavebrowser.exe
4928	wavebrowser.exe
6628	wavebrowser.exe
4560	wavebrowser.exe
7384	wavebrowser.exe
6424	wavebrowser.exe
7380	wavebrowser.exe
4928	wavebrowser.exe
5240	wavebrowser.exe
5672	wavebrowser.exe
5816	wavebrowser.exe
4172	wavebrowser.exe
5584	wavebrowser.exe

Loads dropped DLL 64 IoCs

pid	Process
7340	SWUpdater.exe
7416	SWUpdater.exe
4844	SWUpdaterComRegisterShell64.exe
7416	SWUpdater.exe
5388	SWUpdaterComRegisterShell64.exe
7416	SWUpdater.exe
3956	SWUpdaterComRegisterShell64.exe
7416	SWUpdater.exe
7008	SWUpdater.exe
7456	SWUpdater.exe
7576	SWUpdater.exe
7576	SWUpdater.exe
7456	SWUpdater.exe
6592	wavebrowser.exe
6604	wavebrowser.exe
6592	wavebrowser.exe
5912	wavebrowser.exe
5912	wavebrowser.exe
6388	wavebrowser.exe
6388	wavebrowser.exe
5912	wavebrowser.exe
5912	wavebrowser.exe
5912	wavebrowser.exe
7324	wavebrowser.exe
5912	wavebrowser.exe
5912	wavebrowser.exe
5912	wavebrowser.exe
6812	wavebrowser.exe
6812	wavebrowser.exe
7324	wavebrowser.exe
2660	wavebrowser.exe
2660	wavebrowser.exe
6368	SWUpdater.exe
4680	wavebrowser.exe
4332	wavebrowser.exe
4680	wavebrowser.exe
4332	wavebrowser.exe
7128	wavebrowser.exe
7128	wavebrowser.exe
5268	wavebrowser.exe
5268	wavebrowser.exe
2236	wavebrowser.exe
2236	wavebrowser.exe
3576	wavebrowser.exe
3576	wavebrowser.exe
6412	wavebrowser.exe
5620	wavebrowser.exe
6412	wavebrowser.exe
6112	wavebrowser.exe
5620	wavebrowser.exe
4964	wavebrowser.exe
6112	wavebrowser.exe
6416	wavebrowser.exe
5976	wavebrowser.exe
6860	wavebrowser.exe
8144	wavebrowser.exe
6860	wavebrowser.exe
8144	wavebrowser.exe
6784	wavebrowser.exe
6784	wavebrowser.exe
4964	wavebrowser.exe
6416	wavebrowser.exe
5976	wavebrowser.exe
4172	wavebrowser.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Wavesor SWUpdater = "\"C:\\Users\\Admin\\Wavesor Software\\SWUpdater\\1.3.135.0\\SWUpdaterCore.exe\""	SWUpdater.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Checks whether UAC is enabled 1 TTPs 6 IoCs

evasion trojan

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc
683	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Checks system information in the registry 2 TTPs 2 IoCs

System information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName	wavebrowser.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer	wavebrowser.exe

Drops file in Program Files directory 49 IoCs

description	ioc	Process
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1620561281\manifest.json	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_530006488\ssl_error_assistant.pb	wavebrowser.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUMBACA.tmp\swupdater.dll	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUMBACA.tmp\SWUpdaterOnDemand.exe	SWUpdaterSetup.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1001855180\_metadata\verified_contents.json	wavebrowser.exe
File opened for modification	C:\Program Files (x86)\Wavesor\Temp\GUTBACB.tmp	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUMBACA.tmp\psuser.dll	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUMBACA.tmp\psuser_64.dll	SWUpdaterSetup.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1983067217\manifest.json	wavebrowser.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUMBACA.tmp\psmachine_64.dll	SWUpdaterSetup.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1620561281\manifest.fingerprint	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1983067217\_metadata\verified_contents.json	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1983067217\manifest.fingerprint	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_803603397\manifest.json	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_803603397\manifest.fingerprint	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1001855180\manifest.json	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_530006488\manifest.json	wavebrowser.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUMBACA.tmp\SWUpdaterSetup.exe	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUMBACA.tmp\SWUpdaterComRegisterShell64.exe	SWUpdaterSetup.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_906064669\manifest.fingerprint	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_803603397\Filtering Rules	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_906064669\manifest.json	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1983067217\kp_pinslist.pb	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_803603397\_metadata\verified_contents.json	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1607415737\crl-set	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1820887335\download_file_types.pb	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1983067217\crs.pb	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_803603397\LICENSE.txt	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1001855180\manifest.fingerprint	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_530006488\_metadata\verified_contents.json	wavebrowser.exe
File opened for modification	C:\Program Files (x86)\Wavesor\Temp\GUMBACA.tmp\SWUpdaterSetup.exe	SWUpdaterSetup.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1607415737\manifest.json	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1820887335\manifest.fingerprint	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_906064669\_metadata\verified_contents.json	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1620561281\cr_en-us_500000_index.bin	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1620561281\_metadata\verified_contents.json	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1607415737\LICENSE	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1983067217\ct_config.pb	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_530006488\manifest.fingerprint	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1607415737\manifest.fingerprint	wavebrowser.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUMBACA.tmp\SWUpdaterBroker.exe	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUMBACA.tmp\SWUpdaterCore.exe	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUMBACA.tmp\swupdaterres_en.dll	SWUpdaterSetup.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1820887335\manifest.json	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1820887335\_metadata\verified_contents.json	wavebrowser.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1001855180\privacy-sandbox-attestations.dat	wavebrowser.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUMBACA.tmp\psmachine.dll	SWUpdaterSetup.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1607415737\_metadata\verified_contents.json	wavebrowser.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUMBACA.tmp\SWUpdater.exe	SWUpdaterSetup.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 8 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WaveInstaller-v1.5.18.2.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdaterSetup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe

System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 2 IoCs

Adversaries may check for Internet connectivity on compromised systems.

discovery

Internet Connection Discovery

T1016.001

pid	Process
7008	SWUpdater.exe
6368	SWUpdater.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	wavebrowser.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	wavebrowser.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	wavebrowser.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	wavebrowser.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133689905884037858"	wavebrowser.exe

Modifies registry class 64 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{E4E4854F-9D7B-4120-A207-CF52C875F08E}\ProxyStubClsid32	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{D669BD5D-A9B6-47FD-B558-81508AEF48C4}	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WOW6432Node\CLSID\{DB982438-E7B9-46E1-AF0F-CFD8947957E8}	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WOW6432Node\CLSID\{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}\InProcServer32	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WOW6432Node\Interface\{62A51DF2-CCB8-4DD9-9069-34B8461617FC}\NumMethods	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{97518FC7-7CA2-4921-BC40-F4A07E221C1C}\ = "ICoCreateAsyncStatus"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{E4E4854F-9D7B-4120-A207-CF52C875F08E}\NumMethods	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WOW6432Node\Interface\{D669BD5D-A9B6-47FD-B558-81508AEF48C4}\NumMethods\ = "4"	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\CLSID\{F6994161-37C3-47C9-BE83-C84C33A1CF2A}	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{C5E89508-3927-4EF5-A3B3-C479F0D4E36F}\ = "IAppCommand"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{6130C56B-9B2C-4D5D-8160-C7A583B5DC3B}\ = "IApp2"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WavesorSWUpdater.OnDemandCOMClassUser\CLSID\ = "{1BE9D40C-2307-4213-830E-7E3CE9EDF0C2}"	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WaveBrwsHTM.RLAZ7WW6LBECXB5FCNTU55MY5Y\shell\open\command	setup.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WaveBrwsHTM.RLAZ7WW6LBECXB5FCNTU55MY5Y\Application\AppUserModelId = "WaveBrowser.RLAZ7WW6LBECXB5FCNTU55MY5Y"	setup.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{C5E89508-3927-4EF5-A3B3-C479F0D4E36F}\ProxyStubClsid32	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{C0151E6C-8D24-485D-BEC8-B6C6C82E26E8}\NumMethods	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WOW6432Node\Interface\{44367D77-92C0-45E8-840D-0C098E650CE8}\NumMethods	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WOW6432Node\Interface\{92333BDA-3022-4A7F-8858-081260EA85DE}\NumMethods\ = "4"	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WOW6432Node\CLSID\{9E0CE9B5-C498-40A8-B7F2-B89AF1C56FFF}\ProgID	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{CEF9DF20-AE5B-4A54-B479-9C2AFC1C2683}\NumMethods	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{50363C3E-2FB2-4EC0-A827-CD3314F526C5}\ProxyStubClsid32	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{E053F7BD-D525-49F4-9ADE-5D7E6FCEE775}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WavesorSWUpdater.CredentialDialogUser.1.0	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{B2083DCC-1D29-45E6-8386-BEE1488D11AA}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WOW6432Node\Interface\{E053F7BD-D525-49F4-9ADE-5D7E6FCEE775}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{DA4EFC2D-B243-4BA8-8A14-8937D867B699}\NumMethods	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{894ADE70-1E5F-4520-A281-CE3BF0309CE6}\ProxyStubClsid32	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{E053F7BD-D525-49F4-9ADE-5D7E6FCEE775}\NumMethods	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{7DFF302B-EA41-49F8-97B1-9413CEF98C68}\NumMethods\ = "10"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{894ADE70-1E5F-4520-A281-CE3BF0309CE6}\NumMethods\ = "11"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{730EBDF4-7AD2-4516-BF1A-6C6F28C60CF9}	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WOW6432Node\Interface\{C5E89508-3927-4EF5-A3B3-C479F0D4E36F}\NumMethods\ = "11"	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{C0151E6C-8D24-485D-BEC8-B6C6C82E26E8}\ProxyStubClsid32	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{8129608C-48BD-42A6-9EBC-7B0933A5CFA3}\NumMethods	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{CFDE680E-8700-4808-BAAF-8B1F50F2CC87}\NumMethods\ = "12"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{DA4EFC2D-B243-4BA8-8A14-8937D867B699}\NumMethods	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WOW6432Node\Interface\{CFDE680E-8700-4808-BAAF-8B1F50F2CC87}\NumMethods\ = "12"	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WOW6432Node\Interface\{6130C56B-9B2C-4D5D-8160-C7A583B5DC3B}\NumMethods	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{50363C3E-2FB2-4EC0-A827-CD3314F526C5}\NumMethods	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{E44B162B-4287-40B0-8E7A-6E251D80B3DF}\ProxyStubClsid32	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{E44DDEE0-3097-499E-9DD5-7D5D5DCC401D}\ = "IGoogleUpdate3Web"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{62A51DF2-CCB8-4DD9-9069-34B8461617FC}\ = "IPackage"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WOW6432Node\CLSID\{30FB944E-9455-49DD-81C6-7542E47AA3E7}	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{64A19E70-BCFF-4808-A320-774FD11571E5}\ProxyStubClsid32	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{6130C56B-9B2C-4D5D-8160-C7A583B5DC3B}\ = "IApp2"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{3BE77C6E-0029-4F24-B677-32C9E15CD8F1}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\CLSID\{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}\InProcServer32\ = "C:\\Users\\Admin\\Wavesor Software\\SWUpdater\\1.3.135.0\\psuser_64.dll"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{7DFF302B-EA41-49F8-97B1-9413CEF98C68}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{E44DDEE0-3097-499E-9DD5-7D5D5DCC401D}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\CLSID\{9CD78CBC-FD21-4FFF-B452-9D792A58B7C4}\LocalServer32\ServerExecutable = "C:\\Users\\Admin\\Wavesor Software\\WaveBrowser\\1.5.18.2\\notification_helper.exe"	setup.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{CFDE680E-8700-4808-BAAF-8B1F50F2CC87}	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{068FAC78-4F23-4F74-99A0-F7C4797D5ECA}\ = "IApp"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WOW6432Node\Interface\{DDF98EF0-2728-4A8D-8B0F-32627DC56437}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{E4E159E0-7B9C-4D75-AC11-A80628173DE3}	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\WavesorSWUpdater.CredentialDialogUser\ = "SWUpdater CredentialDialog"	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{E4E159E0-7B9C-4D75-AC11-A80628173DE3}\NumMethods\ = "8"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{617E37E1-AC79-4162-BACC-C797A1D31D3E}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{CEF9DF20-AE5B-4A54-B479-9C2AFC1C2683}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{DDF98EF0-2728-4A8D-8B0F-32627DC56437}\ = "ICurrentState"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\CLSID\{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}\ = "PSFactoryBuffer"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{44367D77-92C0-45E8-840D-0C098E650CE8}	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{44367D77-92C0-45E8-840D-0C098E650CE8}\NumMethods	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Interface\{B2083DCC-1D29-45E6-8386-BEE1488D11AA}\NumMethods\ = "24"	SWUpdaterComRegisterShell64.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 949022.crdownload:SmartScreen	msedge.exe

Suspicious behavior: EnumeratesProcesses 30 IoCs

pid	Process
4872	msedge.exe
4872	msedge.exe
4536	msedge.exe
4536	msedge.exe
3836	identity_helper.exe
3836	identity_helper.exe
1564	msedge.exe
1564	msedge.exe
4560	msedge.exe
4560	msedge.exe
5196	msedge.exe
5196	msedge.exe
5196	msedge.exe
5196	msedge.exe
7620	msedge.exe
7620	msedge.exe
7340	SWUpdater.exe
7340	SWUpdater.exe
7312	setup.exe
7312	setup.exe
7312	setup.exe
7312	setup.exe
7312	setup.exe
7312	setup.exe
7340	SWUpdater.exe
7340	SWUpdater.exe
7340	SWUpdater.exe
7340	SWUpdater.exe
1064	wavebrowser.exe
1064	wavebrowser.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: 33	4164	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4164	AUDIODG.EXE
Token: SeDebugPrivilege	7864	Wave Browser.exe
Token: SeDebugPrivilege	7768	Wave Browser.exe
Token: SeDebugPrivilege	7968	Wave Browser.exe
Token: SeDebugPrivilege	8044	Wave Browser.exe
Token: SeDebugPrivilege	7340	SWUpdater.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeDebugPrivilege	7340	SWUpdater.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe
Token: SeShutdownPrivilege	6592	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6592	wavebrowser.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
6096	setup.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe

Suspicious use of SendNotifyMessage 55 IoCs

pid	Process
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
6592	wavebrowser.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe
4536	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4536 wrote to memory of 2200	4536	msedge.exe	84
PID 4536 wrote to memory of 2200	4536	msedge.exe	84
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4204	4536	msedge.exe	85
PID 4536 wrote to memory of 4872	4536	msedge.exe	86
PID 4536 wrote to memory of 4872	4536	msedge.exe	86
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87
PID 4536 wrote to memory of 2672	4536	msedge.exe	87

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://precisionsec.com/threat-intelligence-feeds/malware-domain-list/
1⤵
- Enumerates system info in registry
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcc0da46f8,0x7ffcc0da4708,0x7ffcc0da4718
  2⤵
  PID:2200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:4204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
  2⤵
  PID:2672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
  2⤵
  PID:3800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
  2⤵
  PID:2432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
  2⤵
  PID:3552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:1
  2⤵
  PID:2252
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3484 /prefetch:8
  2⤵
  PID:1884
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3484 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:1432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1
  2⤵
  PID:3628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
  2⤵
  PID:5188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3032 /prefetch:1
  2⤵
  PID:5424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1
  2⤵
  PID:5432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2328 /prefetch:1
  2⤵
  PID:5624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
  2⤵
  PID:5844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
  2⤵
  PID:6032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
  2⤵
  PID:2320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4772 /prefetch:1
  2⤵
  PID:2120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1
  2⤵
  PID:3956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
  2⤵
  PID:5472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2548 /prefetch:8
  2⤵
  PID:2800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6112 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3664 /prefetch:1
  2⤵
  PID:5864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:1
  2⤵
  PID:408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
  2⤵
  PID:5940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3464 /prefetch:1
  2⤵
  PID:5136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1
  2⤵
  PID:5248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6416 /prefetch:1
  2⤵
  PID:5260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:1
  2⤵
  PID:5864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1
  2⤵
  PID:6132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1
  2⤵
  PID:3048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7236 /prefetch:1
  2⤵
  PID:876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7360 /prefetch:1
  2⤵
  PID:5656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7504 /prefetch:8
  2⤵
  PID:1280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7784 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7728 /prefetch:1
  2⤵
  PID:5684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7496 /prefetch:1
  2⤵
  PID:5520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8196 /prefetch:1
  2⤵
  PID:5704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8216 /prefetch:1
  2⤵
  PID:2236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8812 /prefetch:1
  2⤵
  PID:5992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8776 /prefetch:1
  2⤵
  PID:2932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7236 /prefetch:1
  2⤵
  PID:4756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8540 /prefetch:1
  2⤵
  PID:5564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6444 /prefetch:1
  2⤵
  PID:5716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6836 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7552 /prefetch:1
  2⤵
  PID:5520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6904 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7572 /prefetch:1
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1
  2⤵
  PID:5896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9032 /prefetch:1
  2⤵
  PID:6080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
  2⤵
  PID:3692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7032 /prefetch:1
  2⤵
  PID:5660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8636 /prefetch:1
  2⤵
  PID:5632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6460 /prefetch:1
  2⤵
  PID:5260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8264 /prefetch:1
  2⤵
  PID:5448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7392 /prefetch:1
  2⤵
  PID:5712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8596 /prefetch:1
  2⤵
  PID:5804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8716 /prefetch:1
  2⤵
  PID:3524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8892 /prefetch:1
  2⤵
  PID:4560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9920 /prefetch:1
  2⤵
  PID:5264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10036 /prefetch:1
  2⤵
  PID:5392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10144 /prefetch:1
  2⤵
  PID:5416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10200 /prefetch:1
  2⤵
  PID:5372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9252 /prefetch:1
  2⤵
  PID:5884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7920 /prefetch:1
  2⤵
  PID:2368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10512 /prefetch:1
  2⤵
  PID:3620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10520 /prefetch:1
  2⤵
  PID:3976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10640 /prefetch:1
  2⤵
  PID:1060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10772 /prefetch:1
  2⤵
  PID:4144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11028 /prefetch:1
  2⤵
  PID:5256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11656 /prefetch:1
  2⤵
  PID:6228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8784 /prefetch:1
  2⤵
  PID:6784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11792 /prefetch:1
  2⤵
  PID:6792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9364 /prefetch:1
  2⤵
  PID:6452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10800 /prefetch:1
  2⤵
  PID:6472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11544 /prefetch:1
  2⤵
  PID:5428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11444 /prefetch:1
  2⤵
  PID:7116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8508 /prefetch:1
  2⤵
  PID:1704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11376 /prefetch:1
  2⤵
  PID:5600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10544 /prefetch:1
  2⤵
  PID:5948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6628 /prefetch:1
  2⤵
  PID:6488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8228 /prefetch:1
  2⤵
  PID:6844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11800 /prefetch:1
  2⤵
  PID:3212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3056 /prefetch:1
  2⤵
  PID:2144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9732 /prefetch:8
  2⤵
  PID:7264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9732 /prefetch:1
  2⤵
  PID:7468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3472 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:7620
- C:\Users\Admin\Downloads\Wave Browser.exe
  "C:\Users\Admin\Downloads\Wave Browser.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of AdjustPrivilegeToken
  PID:7768
- C:\Users\Admin\Downloads\Wave Browser.exe
  "C:\Users\Admin\Downloads\Wave Browser.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of AdjustPrivilegeToken
  PID:7864
- C:\Users\Admin\Downloads\Wave Browser.exe
  "C:\Users\Admin\Downloads\Wave Browser.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of AdjustPrivilegeToken
  PID:7968
- C:\Users\Admin\Downloads\Wave Browser.exe
  "C:\Users\Admin\Downloads\Wave Browser.exe"
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - Suspicious use of AdjustPrivilegeToken
  PID:8044
- - C:\Users\Admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe" /install "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1&experiments=vpro2%3don%7cSun%2c%201%20Sep%202024%2000%3a00%3a00%20%2b0300"
    3⤵
    - Executes dropped EXE
    - Drops file in Program Files directory
    - System Location Discovery: System Language Discovery
    PID:6052
  - - C:\Program Files (x86)\Wavesor\Temp\GUMBACA.tmp\SWUpdater.exe
      "C:\Program Files (x86)\Wavesor\Temp\GUMBACA.tmp\SWUpdater.exe" /install "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1&experiments=vpro2%3don%7cSun%2c%201%20Sep%202024%2000%3a00%3a00%20%2b0300"
      4⤵
      Checks computer location settings
      Executes dropped EXE
      Loads dropped DLL
      Adds Run key to start application
      Checks whether UAC is enabled
      System Location Discovery: System Language Discovery
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of AdjustPrivilegeToken
      PID:7340
    - - C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /regserver
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Checks whether UAC is enabled
        System Location Discovery: System Language Discovery
        Modifies registry class
        
        PID:7416
      - C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe" /user
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Modifies registry class
        
        PID:4844
      - C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe" /user
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Modifies registry class
        
        PID:5388
      - C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe" /user
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Modifies registry class
        
        PID:3956
    - - C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJTV1VwZGF0ZXIiIHVwZGF0ZXJ2ZXJzaW9uPSIxLjMuMTM1LjAiIHNoZWxsX3ZlcnNpb249IjEuMy4xMzUuMCIgaXNtYWNoaW5lPSIwIiBzZXNzaW9uaWQ9Ins2OUFCRTY5QS0zMEQwLTQwMTUtOUQ1Ri0xQ0FBREQxNkNFMjF9IiB1c2VyaWQ9IntiMDE5Yzg5Ni1kMjhlLTRjNzMtYTMxNS1kN2NiN2ZkZjA2NzF9IiBpbnN0YWxsc291cmNlPSJvdGhlcmluc3RhbGxjbWQiIHJlcXVlc3RpZD0iezE5NkY1MDRGLTZDNUMtNEI4Ni05MjY0LTVGNjU1RkE4REVCOX0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iOCIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiLz48YXBwIGFwcGlkPSJ7RjZGNjBBQ0UtNzFBRC00NjEwLTgwRDQtOTI1MzcyOUZCNEI3fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMS4zLjEzNS4wIiBsYW5nPSJlbiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGluc3RhbGxfdGltZV9tcz0iNDUxIi8-PC9hcHA-PC9yZXF1ZXN0Pg
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Checks whether UAC is enabled
        System Location Discovery: System Language Discovery
        System Network Configuration Discovery: Internet Connection Discovery
        
        PID:7008
    - - C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /handoff "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1&experiments=vpro2%3don%7cSun%2c%201%20Sep%202024%2000%3a00%3a00%20%2b0300" /installsource otherinstallcmd /sessionid "{69ABE69A-30D0-4015-9D5F-1CAADD16CE21}"
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Checks whether UAC is enabled
        System Location Discovery: System Language Discovery
        
        PID:7456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10124 /prefetch:1
  2⤵
  PID:7236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7792 /prefetch:1
  2⤵
  PID:7764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9512 /prefetch:1
  2⤵
  PID:2696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8948 /prefetch:1
  2⤵
  PID:7096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10992 /prefetch:1
  2⤵
  PID:6472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10676 /prefetch:1
  2⤵
  PID:2000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8760 /prefetch:1
  2⤵
  PID:4348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8668 /prefetch:1
  2⤵
  PID:3312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9064 /prefetch:1
  2⤵
  PID:4844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9372 /prefetch:1
  2⤵
  PID:5388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10312 /prefetch:1
  2⤵
  PID:7448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1
  2⤵
  PID:5384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8116 /prefetch:1
  2⤵
  PID:7424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10420 /prefetch:1
  2⤵
  PID:5932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6524 /prefetch:1
  2⤵
  PID:6896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11048 /prefetch:1
  2⤵
  PID:6872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11748 /prefetch:8
  2⤵
  PID:6628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9916 /prefetch:1
  2⤵
  PID:4292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10824 /prefetch:1
  2⤵
  PID:7288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8676 /prefetch:1
  2⤵
  PID:9000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10328 /prefetch:1
  2⤵
  PID:9056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10968 /prefetch:1
  2⤵
  PID:6896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9796 /prefetch:1
  2⤵
  PID:9660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9920 /prefetch:1
  2⤵
  PID:7048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10112 /prefetch:1
  2⤵
  PID:8844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1052 /prefetch:1
  2⤵
  PID:6956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10856 /prefetch:1
  2⤵
  PID:6764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1052 /prefetch:1
  2⤵
  PID:5220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,12530172563220839941,18339419749858490915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11708 /prefetch:1
  2⤵
  PID:3108

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:388

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2344

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2424

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x380 0x3f8
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4164

C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
"C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" -Embedding
1⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
- System Location Discovery: System Language Discovery
PID:7576
- C:\Users\Admin\Wavesor Software\SWUpdater\Install\{7BF00B8B-8D12-42A6-A7E1-222A02D08C34}\WaveInstaller-v1.5.18.2.exe
  "C:\Users\Admin\Wavesor Software\SWUpdater\Install\{7BF00B8B-8D12-42A6-A7E1-222A02D08C34}\WaveInstaller-v1.5.18.2.exe" /installerdata="C:\Users\Admin\AppData\Local\Temp\guiFE5B.tmp"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:4412
- - C:\Users\Admin\AppData\Local\Temp\nsq1E7.tmp\setup.exe
    "C:\Users\Admin\AppData\Local\Temp\nsq1E7.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\nsq1E7.tmp\wavebrowser.packed.7z" --wid=kc3ug0e0 --installerdata="C:\Users\Admin\AppData\Local\Temp\guiFE5B.tmp"
    3⤵
    - Executes dropped EXE
    - Modifies registry class
    - Suspicious behavior: EnumeratesProcesses
    PID:7312
  - - C:\Users\Admin\AppData\Local\Temp\nsq1E7.tmp\setup.exe
      C:\Users\Admin\AppData\Local\Temp\nsq1E7.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.5.18.2 --initial-client-data=0x258,0x25c,0x260,0x234,0x264,0x7ff7375212d0,0x7ff7375212dc,0x7ff7375212e8
      4⤵
      Executes dropped EXE
      PID:7328
  - - C:\Users\Admin\AppData\Local\Temp\nsq1E7.tmp\setup.exe
      "C:\Users\Admin\AppData\Local\Temp\nsq1E7.tmp\setup.exe" --verbose-logging --installerdata="C:\Users\Admin\AppData\Local\Temp\guiFE5B.tmp" --create-shortcuts=0 --install-level=0
      4⤵
      Executes dropped EXE
      Suspicious use of FindShellTrayWindow
      PID:6096
    - - C:\Users\Admin\AppData\Local\Temp\nsq1E7.tmp\setup.exe
        
        C:\Users\Admin\AppData\Local\Temp\nsq1E7.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.5.18.2 --initial-client-data=0x258,0x25c,0x260,0x234,0x264,0x7ff7375212d0,0x7ff7375212dc,0x7ff7375212e8
        5⤵
        Executes dropped EXE
        
        PID:6124
  - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --install-type=1 --from-installer
      4⤵
      Checks computer location settings
      Executes dropped EXE
      Loads dropped DLL
      Checks system information in the registry
      Drops file in Program Files directory
      Enumerates system info in registry
      Modifies data under HKEY_USERS
      Suspicious use of AdjustPrivilegeToken
      Suspicious use of FindShellTrayWindow
      Suspicious use of SendNotifyMessage
      PID:6592
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.5.18.2 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffca978ccf0,0x7ffca978ccfc,0x7ffca978cd08
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6604
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=gpu-process --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2052,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=2044 /prefetch:2
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:5912
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --start-stack-profiler --field-trial-handle=1896,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=2092 /prefetch:3
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6388
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2324,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=2356 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7324
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=2940,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=3048 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2236
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=2948,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=3208 /prefetch:2
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2660
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3408,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=3448 /prefetch:8
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6812
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4496,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4520 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:4680
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4504,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4584 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:4332
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4624,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4688 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6412
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4604,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4636 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:5620
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4644,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4924 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6112
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4652,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5056 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:4964
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4660,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5172 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6416
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4668,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5296 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:5976
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4684,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5408 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6860
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4692,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5540 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:8144
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --instant-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4704,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5648 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6784
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6228,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6216 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7128
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6232,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6436 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:5268
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4508,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6208 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:3576
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6788,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6808 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:4172
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6796,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6836 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:4484
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6772,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7092 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:7384
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4436,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=2944 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:5488
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7232,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=3212 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:6816
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7516,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7536 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:460
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7676,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7540 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:3048
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7568,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=1628 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:2036
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7920,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7948 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:7452
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7940,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8080 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:5924
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8228,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=3460 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:6864
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7580,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8376 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:4928
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4696,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7968 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:6628
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7988,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8008 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:4560
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7552,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7852 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:7384
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8416,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8468 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:6424
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8444,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8288 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:7380
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8316,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7672 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:4928
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7632,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7600 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:5240
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7620,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7204 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:5672
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7608,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6792 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:5816
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7592,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7260 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:4172
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6468,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6948 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:5584
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6560,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6932 /prefetch:8
        5⤵
        
        PID:8252
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6500,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6804 /prefetch:8
        5⤵
        
        PID:8264
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6504,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6496 /prefetch:8
        5⤵
        
        PID:8320
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6512,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6364 /prefetch:8
        5⤵
        
        PID:8364
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4520,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6520 /prefetch:8
        5⤵
        
        PID:8520
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8556,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8720 /prefetch:8
        5⤵
        
        PID:8788
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8704,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8744 /prefetch:8
        5⤵
        
        PID:8800
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8708,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9008 /prefetch:8
        5⤵
        
        PID:8996
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=9160,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9172 /prefetch:8
        5⤵
        
        PID:9024
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=9308,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9016 /prefetch:8
        5⤵
        
        PID:9188
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=9324,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9332 /prefetch:8
        5⤵
        
        PID:8576
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5876,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9032 /prefetch:8
        5⤵
        
        PID:8624
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=9588,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9752 /prefetch:8
        5⤵
        
        PID:8936
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=9892,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9904 /prefetch:8
        5⤵
        
        PID:1976
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=9884,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10044 /prefetch:8
        5⤵
        
        PID:8432
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10028,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9596 /prefetch:8
        5⤵
        
        PID:8764
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10316,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10324 /prefetch:8
        5⤵
        
        PID:9136
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10320,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10480 /prefetch:8
        5⤵
        
        PID:1824
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10472,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10664 /prefetch:8
        5⤵
        
        PID:4484
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10616,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10812 /prefetch:8
        5⤵
        
        PID:8272
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10620,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10956 /prefetch:8
        5⤵
        
        PID:8224
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10628,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11100 /prefetch:8
        5⤵
        
        PID:8872
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10644,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11248 /prefetch:8
        5⤵
        
        PID:9196
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10652,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11380 /prefetch:8
        5⤵
        
        PID:6660
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10640,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11428 /prefetch:8
        5⤵
        
        PID:8508
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10680,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11556 /prefetch:8
        5⤵
        
        PID:8656
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11836,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11712 /prefetch:8
        5⤵
        
        PID:8820
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=11856,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12020 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:9456
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=12336,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12352 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:10852
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=12572,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12524 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:10952
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=12692,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12184 /prefetch:8
        5⤵
        
        PID:11224
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=12316,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12296 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:9356
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=12808,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12824 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:9548
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=12784,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12988 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:9900
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=13012,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12996 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:9940
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=13344,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13384 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:9984
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=13324,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13408 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:10012
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --field-trial-handle=13524,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13656 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:10060
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=13748,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13836 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:10092
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=13820,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13812 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:10104
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=13888,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14028 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:10140
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=14508,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14536 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:10172
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --start-stack-profiler --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=13868,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14460 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:10512
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=12968,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14796 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:6336
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=14804,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14872 /prefetch:8
        5⤵
        
        PID:5712
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=14768,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12960 /prefetch:8
        5⤵
        
        PID:11012
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=14780,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14736 /prefetch:8
        5⤵
        
        PID:11064
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=14368,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16172 /prefetch:8
        5⤵
        
        PID:11176
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --field-trial-handle=16404,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16332 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:10268
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --field-trial-handle=16140,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15700 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:9972
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --field-trial-handle=15640,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16600 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:8500
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --field-trial-handle=15940,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16112 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:8628
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=15976,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16092 /prefetch:8
        5⤵
        
        PID:9392
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=15948,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9468 /prefetch:8
        5⤵
        
        PID:10156
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=10164,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9616 /prefetch:8
        5⤵
        
        PID:10440
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6540,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10068 /prefetch:8
        5⤵
        
        PID:10636
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8176,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7376 /prefetch:8
        5⤵
        
        PID:11180
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --field-trial-handle=7936,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11416 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:8384
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --field-trial-handle=16072,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16824 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:8748
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6868,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8388 /prefetch:8
        5⤵
        
        PID:8464
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7152,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7108 /prefetch:8
        5⤵
        
        PID:10008
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=16776,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16644 /prefetch:8
        5⤵
        
        PID:8328
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7540,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16724 /prefetch:8
        5⤵
        
        PID:11100
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=14312,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7244 /prefetch:8
        5⤵
        
        PID:8420
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6348,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6280 /prefetch:8
        5⤵
        
        PID:10744
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11064,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6600 /prefetch:8
        5⤵
        
        PID:10336
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=752,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16580 /prefetch:8
        5⤵
        
        PID:9704
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --field-trial-handle=12144,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16460 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:4680
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=12464,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12456 /prefetch:8
        5⤵
        
        PID:7940
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=12756,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16472 /prefetch:8
        5⤵
        
        PID:8904
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=12724,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12284 /prefetch:8
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1064
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=16424,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11644 /prefetch:8
        5⤵
        
        PID:8728
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11644,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16360 /prefetch:8
        5⤵
        
        PID:9800
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3400,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12564 /prefetch:8
        5⤵
        
        PID:6284
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --field-trial-handle=1220,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=1572 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:10648
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=15672,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12224 /prefetch:8
        5⤵
        
        PID:8092
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=15580,i,4757080358306961155,179937804989926403,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12188 /prefetch:8
        5⤵
        
        PID:4024
- C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
  "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJTV1VwZGF0ZXIiIHVwZGF0ZXJ2ZXJzaW9uPSIxLjMuMTM1LjAiIHNoZWxsX3ZlcnNpb249IjEuMy4xMzUuMCIgaXNtYWNoaW5lPSIwIiBzZXNzaW9uaWQ9Ins2OUFCRTY5QS0zMEQwLTQwMTUtOUQ1Ri0xQ0FBREQxNkNFMjF9IiB1c2VyaWQ9IntiMDE5Yzg5Ni1kMjhlLTRjNzMtYTMxNS1kN2NiN2ZkZjA2NzF9IiBpbnN0YWxsc291cmNlPSJvdGhlcmluc3RhbGxjbWQiIHJlcXVlc3RpZD0iezY0QjQwQTJCLTdDMUUtNDg0Mi1CMzA4LTI5RkZCNDUzMTQyNH0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iOCIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiLz48YXBwIGFwcGlkPSJ7RUIxNDlBRDItQ0U0RS00RjUxLUI3RkMtQTE0OUZBQTRDQ0FGfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMS41LjE4LjIiIGxhbmc9ImVuIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9InZwcm8yPW9uIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cHM6Ly9jZG4uc3d1cGRhdGVyLmNvbS9idWlsZC9XYXZlQnJvd3Nlci9zdGFibGUvd2luLzExMjA5ODc2NDM5MDYvNjQvV2F2ZUluc3RhbGxlci12MS41LjE4LjIuZXhlIiBkb3dubG9hZGVkPSIxMDY4MTEwODAiIHRvdGFsPSIxMDY4MTEwODAiIGRvd25sb2FkX3RpbWVfbXM9IjgzOTgiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI2ODkiIGRvd25sb2FkX3RpbWVfbXM9Ijk0MzIiIGRvd25sb2FkZWQ9IjEwNjgxMTA4MCIgdG90YWw9IjEwNjgxMTA4MCIgaW5zdGFsbF90aW1lX21zPSIxNDQ5NSIvPjwvYXBwPjwvcmVxdWVzdD4
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Checks whether UAC is enabled
  - System Location Discovery: System Language Discovery
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:6368

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4396

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1620561281\manifest.json

Filesize
108B

MD5
b636113d6db02fa03e13e1a7a6fa379e

SHA1
99794589e829569ec12ec7276ae3831822b2e0c4

SHA256
ea09b409ccc891e18e778db71afd8d3fcbfbc5a3d100f605f5778c32a27c5be5

SHA512
662c1a5c319b62813cde6ac118d1c19a2ae67aa9ef80eeebcf999722a05090b7fc4caab5b34e678041b2e1cf0fbc823d43fd943646af59e4c4a5afff9a0a26b9

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1820887335\manifest.json

Filesize
76B

MD5
b5dabcb6b1744da449b7ee8f85258f7f

SHA1
6602da5eb5d1e64644f5427f210ce1e57544bfbd

SHA256
082775d5ea6bacc6bee71f31a68e966b4a7cf8d39adc681894b0e1f89bfbb47b

SHA512
f89296d1dd2f6acffc102c45e1d51516937f4c143eb642cdf6c79d35b121a1c712063f56fdb6636765882246fadacd67cae71131831346f7b5770952070d76a9

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping6592_1983067217\manifest.json

Filesize
73B

MD5
654203e9075ca9ee68fd2fde66592b6a

SHA1
591441f84ff47082c13752dc0a5730e0141aa753

SHA256
9f54517183e7b3d5c40f2349b7f998f90e6f7b31bcf705c73414a8759390b3cd

SHA512
8b7ece80637a4a3c418858831e6829d1c52a4198934d46d5c10c7561b030f63c4991bb572fa514c892f1358fe524abdff0eef67ce5f3ba3b8fc709d4f46b91c8

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping6592_530006488\manifest.json

Filesize
76B

MD5
4aaa0ed8099ecc1da778a9bc39393808

SHA1
0e4a733a5af337f101cfa6bea5ebc153380f7b05

SHA256
20b91160e2611d3159ad82857323febc906457756678ab73f305c3a1e399d18d

SHA512
dfa942c35e1e5f62dd8840c97693cdbfd6d71a1fd2f42e26cb75b98bb6a1818395ecdf552d46f07dff1e9c74f1493a39e05b14e3409963eff1ada88897152879

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping6592_803603397\manifest.json

Filesize
114B

MD5
4c30f6704085b87b66dce75a22809259

SHA1
8953ee0f49416c23caa82cdd0acdacc750d1d713

SHA256
0152e17e94788e5c3ff124f2906d1d95dc6f8b894cc27ec114b0e73bf6da54f9

SHA512
51e2101bcad1cb1820c98b93a0fb860e4c46172ca2f4e6627520eb066692b3957c0d979894e6e0190877b8ae3c97cb041782bf5d8d0bb0bf2814d8c9bb7c37f3

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping6592_906064669\manifest.json

Filesize
300B

MD5
01f3de10093b3b262105724e85817fa6

SHA1
97dee66ece41b53a27cbd4579f44c204e35d19d6

SHA256
be1b2d4b5880584961c46ec8ed276b6ee43ea595da56720268e05bd3d5c95340

SHA512
9646b13e23c4214bcc45715fbc60eb9afb29f934d5d33b3471ee89a6f399a68d83b5bdff14748f73ce6a7c2c9fdce782a4ce849f855a900514636b529e9b400f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecf7ca53c80b5245e35839009d12f866

SHA1
a7af77cf31d410708ebd35a232a80bddfb0615bb

SHA256
882a513b71b26210ff251769b82b2c5d59a932f96d9ce606ca2fab6530a13687

SHA512
706722bd22ce27d854036b1b16e6a3cdb36284b66edc76238a79c2e11cee7d1307b121c898ad832eb1af73e4f08d991d64dc0bff529896ffb4ebe9b3dc381696

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dd2754d1bea40445984d65abee82b21

SHA1
4b6a5658bae9a784a370a115fbb4a12e92bd3390

SHA256
183b8e82a0deaa83d04736553671cedb738adc909f483b3c5f822a0e6be7477d

SHA512
92d44ee372ad33f892b921efa6cabc78e91025e89f05a22830763217826fa98d51d55711f85c8970ac58abf9adc6c85cc40878032cd6d2589ab226cd099f99e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\578e4a79-32b1-4fff-906f-abeae70efe0a.tmp

Filesize
8KB

MD5
4a062421f1f8e63806e1a3f201ce6294

SHA1
f622efa1cc8728103795497f52dee7c38bfe8467

SHA256
c48ff894634062fb692eea032e1c8109fa6ca0c36b0ba55a2520ee1b96b092bd

SHA512
2fd094a7de48029d7412c9293590d0732d5a11e199a57cb1dbc37c853812d03a2e7289615a8d4440100a8489debc3b857d9603f80303ecaabfa3e3a946f33968

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
47KB

MD5
0d2283b0df70bc0217118f5c6d1fd836

SHA1
0aaa2e0daa0f0671fbf7817e222fcd777be523d0

SHA256
fb02c03e84b9a15ea357644f15643bc90eb9c6ef6532e1c82ecd052df34c2abb

SHA512
16071fce7468cc47fd7a57dc6913cbf41e142fd16b3f145dc30b13fb4a84a05fa3211d3b435ace7378c76682a1afc49e45d180eb88f6d32b0deaa2266196b2f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

Filesize
67KB

MD5
ed124bdf39bbd5902bd2529a0a4114ea

SHA1
b7dd9d364099ccd4e09fd45f4180d38df6590524

SHA256
48232550940208c572ebe487aa64ddee26e304ba3e310407e1fc31a5c9deed44

SHA512
c4d180292afa484ef9556d15db1d3850416a85ad581f6f4d5eb66654991fa90f414029b4ce13ed142271a585b46b3e53701735ee3e0f45a78b67baa9122ba532

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

Filesize
41KB

MD5
60f8cd04587a51e31b51d1570d6f889a

SHA1
88574c41d0ab81721b275252464da5c7927a4835

SHA256
27cb4390e32a97375dd4987ae000406933bceba5199f17893711e782333b81cb

SHA512
84c12448ac55dd819749fef9be9919111a3df4bc51e66d2fa9f7376c11c101ed1349cb36aa119aa873cdd6c0c91027e201fbe23c2c83b89bc900a4d9077bcc52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

Filesize
19KB

MD5
76a3f1e9a452564e0f8dce6c0ee111e8

SHA1
11c3d925cbc1a52d53584fd8606f8f713aa59114

SHA256
381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c

SHA512
a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

Filesize
63KB

MD5
710d7637cc7e21b62fd3efe6aba1fd27

SHA1
8645d6b137064c7b38e10c736724e17787db6cf3

SHA256
c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b

SHA512
19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

Filesize
84KB

MD5
74e33b4b54f4d1f3da06ab47c5936a13

SHA1
6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c

SHA256
535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287

SHA512
79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

Filesize
1.3MB

MD5
55491c4429bee4661da854c6c62e57e9

SHA1
6914f9064f82d49b75d7330691126fd7f57adee5

SHA256
486367da7b68dd7057e5c6c4e901418ba50a30a59aa97f6700bc055297204da5

SHA512
1c40bed691b99a555f58d0d7532cb6efac5868ee2027e63af4629b8b556541ef7b8b69abfea55bb1b8c8b9878d580b1980912d4645456bad0fd962da0ebc85f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

Filesize
43KB

MD5
d9b427d32109a7367b92e57dae471874

SHA1
ce04c8aeb6d89d0961f65b28a6f4a03381fc9c39

SHA256
9b02f8fe6810cacb76fbbcefdb708f590e22b1014dcae2732b43896a7ac060f3

SHA512
dcabc4223745b69039ea6a634b2c5922f0a603e5eeb339f42160adc41c33b74911bb5a3daa169cd01c197aeaca09c5e4a34e759b64f552d15f7a45816105fb07

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
74KB

MD5
b07f576446fc2d6b9923828d656cadff

SHA1
35b2a39b66c3de60e7ec273bdf5e71a7c1f4b103

SHA256
d261915939a3b9c6e9b877d3a71a3783ed5504d3492ef3f64e0cb508fee59496

SHA512
7358cbb9ddd472a97240bd43e9cc4f659ff0f24bf7c2b39c608f8d4832da001a95e21764160c8c66efd107c55ff1666a48ecc1ad4a0d72f995c0301325e1b1df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

Filesize
16KB

MD5
c2ffdd3c3514e7498edcb358ff24851b

SHA1
2e370fb3469bb2bcd710d422ea8309be760b3b35

SHA256
5c89e3d2923c8d8864fb0cd9b39a18000b3e8f28a064b6866d406cb5c758746d

SHA512
ffc734aa98a3a7f676d16e3a7cf5341103b85c806a3d7068c8865976b6543424337776e41e4cf42d1232a3523972bf605beadde419f965d7e54c3ab266a5c345

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

Filesize
27KB

MD5
f930621607e050dff86f94bbf4806b73

SHA1
d06bdf16d5794550b78713955629c465b6970676

SHA256
fe97ff9a43f7f196dcd9088da3818e6f80ecdc2ad8937a5bd4a52c8b3979a09e

SHA512
df4c634c95cbc63c44c0f884817333fdb3965d225fbcf008d134a12ea99d05965b043c4f74bbe57f8356fd7f698fde30fe34638387ffcb8ca1226fe7c8b00cb7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

Filesize
40KB

MD5
3051c1e179d84292d3f84a1a0a112c80

SHA1
c11a63236373abfe574f2935a0e7024688b71ccb

SHA256
992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3

SHA512
df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

Filesize
53KB

MD5
68f0a51fa86985999964ee43de12cdd5

SHA1
bbfc7666be00c560b7394fa0b82b864237a99d8c

SHA256
f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f

SHA512
3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

Filesize
34KB

MD5
bb8a4ff840424ffaceb092b76ab11572

SHA1
83904c56bfdeaf58816857f7a5f8c9ea286a8df5

SHA256
b1304a8f3d9930e6bc5c04c962bb2ee619667ae330d447d77f05d3789e9d97c7

SHA512
a4edcc08a23e2775f0b635265a9232cf68a8694516b9d3c8230bd467b27f19e8518ed0b52ee16638c142e2bf1d0dcfa43a028bd653300c3e20786f452cc29da5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

Filesize
100KB

MD5
50ff59a1158ddfb738561d161d2aa0c8

SHA1
4b775be221770a81ad0f223fdd0f3083126957f2

SHA256
28718d9bcb33be16273139132dddca984fe8004c20fd57b8d9e303dde472e128

SHA512
c190bfa96295b1c04823952ab2ae82a84e08df60c36a15b035623d00d8ffafb6237ea933686145d01c147415ef3b797e2fab9aa5359c2e3a27cd4462102eccb4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

Filesize
35KB

MD5
7b9800dbc1c1912836901bd4654c665b

SHA1
9eeeaa03e43b2f8e8849df45c1a552bbc7dee477

SHA256
eaccedb62c31aaf67b58554673659e748849d14f49a81789a36e1c9bfea218c8

SHA512
f990e9a969f9f54ce2b45c3efa167968c3f27a753435d67a48722f7e10795abffafcf955c4fb339cd6d6d86546e3579bdf7fa9f986d74ba8fcbf16ee8f071ee6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

Filesize
30KB

MD5
3ace84eb397046d9554ccb3aed3398ff

SHA1
110507371b62e62dbb87d1946d414e21146ce31e

SHA256
451c58013dfa157c001b687097358f97a7913fe693cd4667344d4bdb2b4f5bde

SHA512
88e6a41fa63c6a8d74b2c066a98fb935e3aff02d2cc55f8514fc2d31569cf7b525b0f2d33ff60bd7e45f7d8fdf09e9b2685432c05ed75c7bb6c3bc1251a2794d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

Filesize
30KB

MD5
f38d5b0a60558ef1261ca2ce90a0cdee

SHA1
1ef01cbc6c1f0f736901340bd9981674824c8266

SHA256
df23dc997b9057ec10d354ed02eecb74dc9b83a083c9ddb9b66d6761b408c8e0

SHA512
eeaedfe788b16b418b7e533162ea39e2acef2b54fcf61d4ad55dbcbec6d6fcf83ffce119909193f3877159bea743246328aa78c54eb21ac8f6fd5773c162cf12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040

Filesize
19KB

MD5
04bfd79a8fa73310aeac44e1709a76af

SHA1
7178db52c1634bab7e4132a5a83fe7d98fe4807a

SHA256
0807ce8cf4267790f0e4ea61c5e961d09829a0a451aa867e27d4d288a063015b

SHA512
cf2c6200b6d465d897fc093aa4ed79679a48b39a7b243e822628bf3e80f69fe24bd5690ab23a5e605ab695449cb81c5cd34f69b4b2a87372f289f58d6a86fa6c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041

Filesize
105KB

MD5
3df2baeb940e77ab6308ff873b666652

SHA1
98f0832a8d124bec964526e35e96bd16336b5e32

SHA256
457b88bafc1b066e33028928eea988ad26b95ba0d5d5ff6eaac0f7b1f1cf4aee

SHA512
ab5387f3aec18d25e8a67042242393f76daa0345b49e1a19924e56104cd64c22d924d3d60754ed73fcf92eba19776c402caa9d6ab72f106f23e75e823560d601

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042

Filesize
31KB

MD5
552d2c3d2ea130d302ae5f39fc2f1009

SHA1
62a28b9abc19a05d109ec1444bea0f39ff69fcda

SHA256
61226069943572fcea56cccab28392edc86b3807bfcdbbd08f2ae277cf676495

SHA512
4cee53f0eda39e1857cf48c4b3fa680fed5be34a36e96843edabfdb0df36ad82054f4e4db075759375f30f7c8bd5f912e0190f00af530993b611e2eee4f9ffac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043

Filesize
101KB

MD5
9dbfce06a727dba4fd52dee38f4f2754

SHA1
bce427c541ad55459577cf068be07abf541b97dd

SHA256
57385a4fe83d539a2fc0f4338c22110474cf11ff8815f603b0b362d1b8664874

SHA512
525547769051f263ba47760bf18762890d2f434077f2dfa4911cbbb0b2c5fb6960320d5dde39d00f78a2be66e71e27687ebefd8271f17e597e795607ecc13097

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

Filesize
78KB

MD5
131427faf783a8337d39211a26beb7a2

SHA1
7d3c256574351272f30734d9fa08cc1e63173c9d

SHA256
5c15d15abb46e6862d494ffe987623f874ab21a457b152d557cd11de41644b55

SHA512
d6c992fab918ccba2fd7212f5a55f530358f3221c51ddcf405c513040f09808f7f07d0ab89ce5690083fee56c4c38184096fa1a9691b4c628be6f2494820deb3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045

Filesize
81KB

MD5
1b2679b9fcc504b8fa4965f72d97962f

SHA1
1dd2e079778fdc759e97ead4dc7fe92b7f711b9f

SHA256
2bcaa88b9deebe688bf4c7568d634d3ce813131eba9c0130a878255bdd4b4de1

SHA512
2273e8e89452c568de1de8ba984958125891ae3d720b83d6d03361e06bd9acdf42b16146069f8b780cb9578ecd9a025a0f88972cbee47b2f217e705f2bee7e73

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000046

Filesize
104KB

MD5
5400d677d91739ce2d345ce99b7105c5

SHA1
ab80f0894b025419f425d8654bf399996887e3c8

SHA256
d6f737747ab925ccddd73e15f184a52b29100a094b9ceacde82c558a5b753547

SHA512
de5c660dc8b9f44a8c1da928f2ba2f87c7625dd16ef41446fd9edf04a4120a8093d26f6260471b5f4e295e598ea026820a42222abb6c19b5235e9c21ba8dd56f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048

Filesize
148KB

MD5
d92d00f1c7b41441862fbca0b14bd475

SHA1
179157c5e152a8d3493f825ee92b2a476ccb79fa

SHA256
c695767ac4317044b37bd3b983fd362571589986ed88bb5bf813b143c43708e1

SHA512
c8522f3607feaaed621fe5157fd3f060a98594fdf1739ed367745397c1d0173a72a2ec21b8907eaa24c9c11e1104de6f3cdc50e30586212ff6ba8bbef3c64ed9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049

Filesize
126KB

MD5
9efbe96ebc5ea87b883b881c27df2462

SHA1
3de23a9596a54052d44f47631c34dcbf6a3bc198

SHA256
39bee5da9d887dc151da93ac70c112072d7823359755257324471267705c7df4

SHA512
150c613bfa9f1f58aa475214e2374c9eb55f37b69ab730b876954a578405a97e3be135e161295dde5e28c028cc9e83cd62e9bfa511783e3ad5863d03361c5a8d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a

Filesize
48KB

MD5
f878f87a9419fbca4be7199a1466b99a

SHA1
76a2955d28fc24751091a30c81b061b59dea3302

SHA256
aacc1c1a6e997da9803c216cf487b201f7a98a3c0673446f25bf2136cd9f7a7f

SHA512
c33e7ba06c87ce0b0adc53eaefa22f8556e29e8eb606098d11da0141dac651ab27b9767bd5c981d8fdf8c5fef084607226d049b8a9d436c563c120361a19fad9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000059

Filesize
47KB

MD5
6646660a402426d233a31df12057c97e

SHA1
3587ca32ecd9965dd3ba3bc52b3d7436f2d99c1d

SHA256
e76ada0aa2a19d88d5c47d89e81ac6b8b116f91a30bbb5c5fc334e8a90684dfb

SHA512
da8988bda6dbcc148caafeb8a801b4923b4daffe4d114dd462b5f29898956bbd2bb2f6249e569b94028edca70a79096eddad5385535bf9f5e1819fc2b821fe4d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005c

Filesize
20KB

MD5
fb6e6131c19c9bb8deeca1ffe5c5674b

SHA1
0daea417987257b8d807e92b9b61a567e5a2f4e3

SHA256
1a9381ed1c1663de3b13d144eb8f06b680836b376dba821550de688cf041c8ee

SHA512
3621d963eeb2f33952041e64f3679d779b8c05bac00238d104bc66f2d5a12033346c037a0af8962f050e9e00ac3460d171c883e8251d3598cbec973b448fdce7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005d

Filesize
20KB

MD5
fca1b5040b7fa7dc6868ea269dd12230

SHA1
9ac7bc09c9e924f74698763b10dfca9f06d704e1

SHA256
e9813bb809fbc23f96e163f2912160a7ff528ea9355dbebaaae31d3eb9800a1b

SHA512
02b0807d37147912d4215ac92a205b819de56ab8b25be1538ceec028c097ff41626b756033f6160830d2e83c4a8e26442a0c5adffe1082f5d2a2969dd9534602

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000063

Filesize
16KB

MD5
e572a9f5c3fd053dc9cf8bb6c1bb869f

SHA1
13aa5e921dc6b5b925ef61b123549ccf6aeb310a

SHA256
d052f0342a855dba62d4fc8817d4850268ee3715f38987311a45cbb026aa326e

SHA512
9d259c37e398dab5cf906f9251f6f9f31102580b37c45e8b07d9cfefad98cf7e9c03d903b656d1209528aef026545c1bb531f56c8b71cdf827756b6dbee5d816

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000067

Filesize
48KB

MD5
a348b6c00a8afab4c9742961c04cb331

SHA1
b21d974a6c06ac3dafb1d351996053f44d05cd0a

SHA256
f4c2b3e7953ee898cbbe95fbf5d4b3e20016a2ce70a11fa91b0c60819c773dee

SHA512
5ddd103e852fd1213f6d6755296f77998e73347612fdc0ffb809e77f9f3761f1d103fe02a4143fcb8836ef3c7ed008da2706ae280c13cbc3e48c2fd615cd3ac7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000084

Filesize
18KB

MD5
be09cc782fbab1c0d55dc6329fd0fdca

SHA1
640d9c639cbe1efc77ef91449dca92889396ff8c

SHA256
123d6df0d977487378daac3e336f31076e295d17473a573c3ae389a0bacbdf4e

SHA512
23348f79e3f83618f72186e5c5f98f7ab68bf5ed37daf6f87d44cc9e0685902bc439458e1e1a6faa49aa9962f625176e93da42ed138b91cd93a8b4fd872ac888

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000085

Filesize
50KB

MD5
d0cd79eff3bc3e9eff256c79f6cd7535

SHA1
0c5977035733688d80abe6257f33dec6be48dc81

SHA256
76c817f2b856a883fdf3b8f0e2c1ecb1ae77f65e0a37e2cdae5377d13a7c8f5f

SHA512
a67740a135cb86384bccafced03930d62f61b5d5d8c9d9becec1f483f18309a13f89a032d677c45646570ea418854c577b413650f456c096601e146e3eaee989

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000088

Filesize
218KB

MD5
51a2d1b5116e249abb74d876cdb68915

SHA1
6baf293834a0b222c3deb5d72500a66ff53a3e93

SHA256
1f4cfa0779a35dfc6a738e6ff5927d9d2e782ae7139a1da974a4d1ee61728d75

SHA512
20acd5b290bc99ea289eae6ff1ce87ff27075b24b648e71df71171c048ff602e84c799158c4d794efd14631d66d2b7b4d7704b65ed128dbd227fe604f5989863

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000089

Filesize
72KB

MD5
9cf4c9f85deb845514b62f458eb367fa

SHA1
f9d288a5809815bcc3e3695258c452db978ce8d2

SHA256
8d1a8f17f43139e4d0e96d2cd72859d6aa66db30623a6d4e5938bd66328771c8

SHA512
eb7aaa8f04378f8b73d8f16facf46955446de36357f4b408c05e0542ecee8cabb9b2315eca97c9f793aa670fe423b500dc0e7d58c54ac1fd7360a3563555af53

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008a

Filesize
43KB

MD5
b2d734116dcf0bba8d9e7563a5be6211

SHA1
f5b382ecdcc4e175361b3204e55758ea4b6b7824

SHA256
1f617168f2de503fb9dfef9879a6e8cf6c3342fb0f5f6a5c295ac7662888c9fd

SHA512
59a6b72d2ededa9783a084cb7b09fa8bcaae98180adaba8a03bfa8415d2a6660559012d2d353f666335e8c75d2730209f9e2dae9ac788e857caf8c18b8cafd49

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008d

Filesize
99KB

MD5
3d76c2a8cb0f08b97e180721340a1be0

SHA1
8189abf77ff5a45face701fd1d5eca7addc78160

SHA256
0f0e95235a47bc4d0bf19deb47649f3eac52c8f70d437313e99701d172f921a7

SHA512
b74331b70eb6eb2c63c266d055c4dbeeb125024b272bca3ab7cad330a4e55911b885c6cfb0d3748894010d9b1cea9068a0637aa8bccc892b39c83b8b2e0cf046

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000092

Filesize
31KB

MD5
817a48f36fcc9c008bf70f5a768a7a41

SHA1
2fbaafedba03551dd216e7bfcd520591a8fcc19a

SHA256
14b903e32dca3e5f4e3e2ff6c71eb0ba3559c63865a74cf9a7bbb5c023648e06

SHA512
ade143ed696daac015cb1522a219bcc03eb6e5775972667c927282b664471199d5dec911725e3f23a69e85cf7246b261b2c96fee9cdbac44f17a717ac4977e5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000094

Filesize
59KB

MD5
a9d67bd6b9b8e128b2d7b202077ba370

SHA1
70ea81035e7c58d71853416ccc0dfe00a57f5e56

SHA256
14b2d591d4312b7cb3d3999076361284b6a6459c7d2349d6ed96ac9a651548e0

SHA512
3056fff409e04bc0a48eff0d00b7c5fdf20d2d83abe27c3c77a45a46561006edbb8cba52f75f826820370fed66ecab9358913217ac934d7adc82ae8ccdc68abb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000096

Filesize
60KB

MD5
7c852e5000b4abff4d30b770f45ecd34

SHA1
613fa3b1376fcba83f2ac128f484c7c78e96940a

SHA256
4c156a9f78e1e166ced309da33fee770da06aadb575949e1ade4bb2610152d05

SHA512
02bc7e8792c289aeef7a69618bb423ec48fc5bfcd18809a0453cfb67058158ba3966eca0314ee4bfa84d31e4550054b6e5193660358cb37696517caf40c7acb4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000097

Filesize
27KB

MD5
53cfb4f9a110bd07b73ba9ff9cb33a08

SHA1
9f28075547797266f4b6bab550776375fdc3c512

SHA256
4a736267fda798c0971430cd10cc6b75a7547ba56697932ae0a3b7b3e4254a18

SHA512
2d4c9edfaf56610cce84743ca0b495ee28a92af097009e42fe77822ed86a6de8ff2b276fc3cbd746cffb0bf80fe18cc725909c547c8462a9e5e8748203e48ff5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000098

Filesize
51KB

MD5
a11f02549430ee773cea7223429f5b44

SHA1
7c3a9b4ba645dc63a80df790565d3426f2db7cbb

SHA256
94bddaf5165a3ce597a27b91f6b6ffb97870f424205af98f7c07f2a4f327b45d

SHA512
3c932c5c666e2e59da7b3b44ebd61d88352979aa412ad07b3678098e5e2e02fcdedfe5c8cdd7d715c1fa3f568739282210efd691014e9163730b1cb91a1fc5e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a0

Filesize
63KB

MD5
e4cc1ece2f2425b10ae2ccc212c1dafc

SHA1
92609e6d0093693110baa23758382889bcb30da6

SHA256
92e9415d8bc8529e2a3f335258ef7ff159cce2965ce3b2b7c15f73720efee809

SHA512
2848dee3a6da891b7044518bc97aeafd340705cebe846350b9a7f314b52450f1eb977b8b492638965ce4674ebaa341e4f832438199c3cad2fb0a0793ef83a619

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a1

Filesize
90KB

MD5
d8018e996c1418a8d01d2fd2d9d04ff0

SHA1
46692d2781c3fa42ae43f016e976ffb61814df1f

SHA256
6820d305503b35640d7f069bfd321d8dd4854a771152e6d4acf9fd8d06dd02de

SHA512
0f8b769a41b16a794171476324930c423d8b46964eaf175c749ed321beabc4def651152d5ee6df7a133c1b9908f8f43a5f2e715aa179eae1aa2d4c8184698045

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a3

Filesize
20KB

MD5
8266eb9d769b0040c61f9107b9233d0d

SHA1
7d84098b0f5a6b1fb73333838e071558086938da

SHA256
389603813af8808ae7ec8ca4f2bc326b15e4c2ad5d86eeabfb271ac4d170b923

SHA512
82854e09e38363bf682d1426cd72d2efe770a58531f8b006c80c32718229cd9699c6db6ae4afe0a5ba64504a08b16568e53ec8fdf2702b5abc41ef7711f011b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a6

Filesize
47KB

MD5
015c126a3520c9a8f6a27979d0266e96

SHA1
2acf956561d44434a6d84204670cf849d3215d5f

SHA256
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

SHA512
02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ab

Filesize
30KB

MD5
6fb26b39d8dcf2f09ef8aebb8a5ffe23

SHA1
578cac24c947a6d24bc05a6aa305756dd70e9ac3

SHA256
774379647c0a6db04a0c2662be757a730c20f13b4c03fe0b12d43c0f09e7a059

SHA512
c40f4771c10add1b20efb81ee3b61fc5ede4701587f29a1c2cdde8b6faabd1c76d769bf8b99aa19082012f95d99ba448a472463fb9056acd2e43542e14e605cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ae

Filesize
16KB

MD5
9c6b5ce6b3452e98573e6409c34dd73c

SHA1
de607fadef62e36945a409a838eb8fc36d819b42

SHA256
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc

SHA512
4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d8

Filesize
20KB

MD5
9708e5224c10eb91f435950128a72070

SHA1
cc66f87dad487f1db80dc78942a7016d26725ae9

SHA256
834c60d1648bb2b2c84ab278eb0690ffdbd6f9dfa393d561eb38aa026dbdef8d

SHA512
8a7a126e028f6def7f03d4fc69831c2bccabebc48b7d97b816eb263a817934b8db1beb9baf1763ec7421640ef594e0a7fb65ef21cbfdadd90c3c88332f4022c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000dd

Filesize
62KB

MD5
6b04ab52540bdc8a646d6e42255a6c4b

SHA1
4cdfc59b5b62dafa3b20d23a165716b5218aa646

SHA256
33353d2328ea91f6abf5fb5c5f3899853dcc724a993b9086cab92d880da99f4d

SHA512
4f3b417c77c65936486388b618a7c047c84fb2e2dd8a470f7fe4ffec1ad6699d02fa9c1bbd551414eef0f2e6747a9ee59ca87198b20f9f4a9a01394ae69fa730

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000de

Filesize
31KB

MD5
c03ff64e7985603de96e7f84ec7dd438

SHA1
dfc067c6cb07b81281561fdfe995aca09c18d0e9

SHA256
0db8e9f0a185bd5dd2ec4259db0a0e89363afa953069f5238a0537671de6f526

SHA512
bb0fd94c5a8944a99f792f336bb8a840f23f6f0f1cb9661b156511a9984f0bb6c96baf05b7c1cf0efb83f43a224ecea52740432e3cfc85e0799428765eefb692

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e6

Filesize
33KB

MD5
1aca735014a6bb648f468ee476680d5b

SHA1
6d28e3ae6e42784769199948211e3aa0806fa62c

SHA256
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

SHA512
808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0

Filesize
2KB

MD5
ef5f5a143e2cdb3c04795b842fced1a8

SHA1
393614f767fbf5e92c58ba1e61966923a18bc58f

SHA256
abbe4e87dc665a8e1d351722441709993bcae83f0a864b61c30ea2b3587ecd66

SHA512
085089a32ad7d56221f3c35b2b80af84735ec9590d10e9f686e3731c687bb829d972d7b375f74c651b82783198882729945b1a03e5c1e668711eeb4de9113132

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0

Filesize
1KB

MD5
492af4965cd5e183e49796ca5dc1d1a1

SHA1
7e254937b5bb24ddb3ce479c4d23c60bfa298de4

SHA256
e63d8405c563a67ca64187674056799fc71f61662f4867473bc754d0ae7ac93e

SHA512
8fa666a5990ecab5d03266c34073cb2c21d55bd7d9c7a5b34cddba8d3a50460cb3ad089338c22e7007cd70a0f9d16c92cd4017d738235faf8e60a2451ebb7421

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\34ff8aec9a6f18e8_0

Filesize
174KB

MD5
4b64305161eb84fb5c3f5018be05cf57

SHA1
0694068dd19eed85b15e8df122de75077bcc4e6b

SHA256
ac780cef1eb51172f376b67b1983ae3e4ec9bf480a771cc29cc86d2039a71473

SHA512
8b33b63e4e3c06f047d55e01d17247acad2be667db5aeb7331f21da219ef9060fa3d1a53849653a5ba04f008bd80862ae04938ee4f65bd9517543b9dab017662

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0

Filesize
2KB

MD5
640f4d9cd37da8c6a3403008418fe64c

SHA1
38c6f16d89cfd8169d12e7e7cafa16867cdeb71d

SHA256
0617933b83e7e2beeae5dbf32ea180b014530866441f9666849aceb0aced95e0

SHA512
ae7bb3ad63606bfe3f1f6708efbe39da244d768769470ccd89eb40edd93aa3176854dd555ecb2ec3377fce217079baffbd01af5c06eeba83c92cea881045fa70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5a994fe24b451732_0

Filesize
4KB

MD5
da75ff603ef5de1900304d22de3314d9

SHA1
c5f787e8ce4229c33377ef6c6bd74df78f78e269

SHA256
b80d10423e5e069a9f71643dc7f68fc12b46842b06a9dc9c402479daf5c284cf

SHA512
9666c23d94135f7af4015e5d4070dd124aedd2b4322eac8881953b5ff91f0f652cb2dc1ee047a006b7b11fff19294c3f151bef4726849cd864d69165abd3bf36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cb330e8a5e8ec85d_0

Filesize
295B

MD5
905218d13dff5a0973bd1b185b999f1e

SHA1
a4bafe0ed0bd158df6dfd8e45668a0d1535eb14c

SHA256
d9a22df05c73512066d85ad5322f0f0a79508358b1be46aa9afcee8da8f942ef

SHA512
e59d9fa1771f0767cf53d771719d59f21821b02ec1caeb01e93be0ea24b15b56e684e0eb512d6f6d78c0fa31f73a41fb3b12693e283eab6bb6a1941bf36c8fc6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0

Filesize
2KB

MD5
d36bf2272ee9ca76897ff93e4a4d904a

SHA1
32c71d983927c5d3db670d9c5f73853ef566bb53

SHA256
fcded03e5280c108d7a00814a081202772527e7cce6b320b85d40c7edbb59127

SHA512
3935b2f6a525278bf3a88c9ffbf9ade0b37ffac8532665e8fecc0cc8fddf8c514ad921c43093c064618ad87e306a2d9e2472d77621ac4734c102775c99550bbd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
8KB

MD5
f7deb10fe2816e951290667a98e35a58

SHA1
34cb60a2f06213a24215f3e2edbf9a1ebc76ba54

SHA256
0e8a2cf26af3257e2656c69c6bde9142b87f3fcb453d5009351dca00c20b0569

SHA512
511823d78adf76ade45744f8aba3c49551e50f8799affa0a64ac7811f3e7fd50cd7a8cc17938dae096a463d7b3b135bcda0ac7c71d780c9e91079d1108aed850

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
917134562c8c6ae58f6938f236b723f8

SHA1
5e2fffc47c911752619389bbc6b9491cb686d34b

SHA256
c4198fe7144ba6708eb310397ff112829156040083d4a1d512efd5fb694dd68c

SHA512
bb47dbbea0df9fccb30bbbd54ed7ef9e9e7ef0e97ad137d7fd79037f0529b225f09cd4827e9949c5300b2162db9542d1a53f8734eeed37d68103530879ce1d32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
fd36bf3d5246e4d326f025f34d654386

SHA1
4c4b54ffd06e65bfe0aac8cfe641fc2adf6992c9

SHA256
ab98bf504a84b6f6ea5ba17c5895d818b3b2495793ad21f512c87f79340dbeea

SHA512
7b73f555055d2eed4a96fa3e42a1a82c1cf685fdc735ee8bbd86410582e59d18bca9deec0552df967a0ab632d08d88325eba045da28e7a9542199f153e44f466

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
72d72c5988f6af65ac4f9c23c78285b4

SHA1
fbf2df5993c664dc4aeb1dd318dbeb4779576f13

SHA256
ce6dd49f02b3b5fc5aec090da18bcbcc934cafdffebd6b7dfad070198c9d3f78

SHA512
cabccda2e365adf000b37b63dbb856d8e9854d708c7ab1d6c0fcfd08629aebf1d745fee41d588a7be57398c0f1d850cb321bc6236dc830f15a45f189b8df00c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
5ac11e13affc8b57dfaa773f74551c87

SHA1
2b2ed8dbcbe1312d9d05095177414f9743637080

SHA256
95911ed20266112154df28845e7181e85ef0627fb88c6d650b87cd4266d5b9f0

SHA512
15be7f3891d47090dccd19cca39a99b1eaecdd7fefbdb9cb9da9543a9b736e4bf522b49f7c8d218947eda9deec20ac82b84e6e930702a78ed363be15860a0d3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
720B

MD5
b09ae04e7899766a9dd66a01ebbb096b

SHA1
cebf2445e002ef7c816db5fe48ba87afb8883f72

SHA256
ab5209b54c25260df11fefa0f647fe40136d5bf86f5ffdc1a6d7662bf61a0ad9

SHA512
e9de88bb9f471e8057f8419a46a5030b3d88405596f8b7dd8b6b9bec44d77243632a92e6ade76fe611d7ce84b14ea60f8d520d34f9b80c0cba95875969ca91e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index-dir\the-real-index

Filesize
72B

MD5
0c0e875bc78d1596040418d52727dc49

SHA1
eef85e36776642521e40a34e3fc2a9ccee9e7ece

SHA256
a0296445d72369e68f08e2b45b1fa7df203fd3292a777de9fd470e862352f558

SHA512
b01bfa964663ccd0f87253e5c51d018b528e9e5b815dee903f21661b819cced0157ad46e3004c90d6d28b2b2b5407cb88a6933b301f70946419665a680bd5202

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\Origins\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
14KB

MD5
dd44057a82b04c368b64eb7ed45901d2

SHA1
e8bdb6cc9d5158e92cb929103720178926b0cbd9

SHA256
18f96d188811c9b75ed84a4accd96ec369af6af98db9efb79e6d856ebd8eecec

SHA512
48c84841776ed84b0d39142ef5306a8b1b227c541a6dc3fae056f4550e957bb232a6ca1390f3666b622ad9970b9c024ba9df27bf6ad4d9e3ba114f6add566a38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
e62403de8155ff526958ebed7af7b02e

SHA1
435c2ac33cfee422e44d5e04edd4785f5d4dafbd

SHA256
c88bd8630198f8d5342bb474d1210855158ef76217a3e8aa84c58021f3d01f62

SHA512
bb2bbbc2dc0277bc13c53b21438c1148dd9dcd8d8f9f895b91cfd814bd3925ea27fb1f6282c0de46102a70a264841bd085f4b2a8e8cef3241d1e3916685b51af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
22KB

MD5
e37914a1981c1832512f200ae389e6c8

SHA1
714c6a6e1a287bc8e8fa4923c519f19765b8e628

SHA256
b77c3710524d93784f3acff211451769e3305984c9219d8618d353a37ac94d39

SHA512
95f359c61f1dde2dc1c26b16263b97b60cfce4f788f28025a840c6aafc65ea176eca5b372c67f3044004be2fe56830e6b74f5408f13e6e351fd5d01dfe2b95bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
23KB

MD5
e7f8999e4bc9e3e88f3e10e7b6f27068

SHA1
6322ebf37c893ffc0db89fc184c124d7fca10124

SHA256
2b1d54a472c9e148f9cee31c72f7dd32c0627e90ed4ec571fa2b74a4e3977383

SHA512
becb49e4bd10336f5e32aa083d5c72f4b83febdd0e12644fc9454df8232a0a06bf1dc821ccd3fa1916468182eaf22764e29c9734adbf2dd2b7bd3c3ac2679966

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
8df3fc2bb7882b8889499e8ec2342b2e

SHA1
7b41e448512be66431e020c99036eb08d9f48640

SHA256
da8431d1b39f6ba1748b830424195308b28f307c7809aed71a680d1f18d0a888

SHA512
c1ef46bee5dabb4afb895b9fd8dcb88a4e49aa368b7f4cd6ce741d9d4bac80a2f4f521c6e46414428d227e861f777b408cc76a119c15308e1d69bb44d6c39abb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
61bf57933804fa542af7627a498ad131

SHA1
c3a83d4f46ebc0607c40dbf569512c9eb73302e8

SHA256
19c54ec5709f592cbafc4f7947650ce68bfae8dc2478029c8ee6939a0a702915

SHA512
f24dbe4afc5d906929e2e5baaf701b1ea12822ab2a8a321389685052dd6cf9239979f802b19351d3ebfbfbad4f602ba24f91d583b6c8f478dafe804e5c4b6b48

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
22a8c1f9b878c176b49620cdb19bd34c

SHA1
23ef0faedb16ec6d3d68537fa124236c58874013

SHA256
7e36dcf64f9ae81b43f8165b73f820c054105abe517b94b89eb123143d3f086d

SHA512
e56ce426c6360837c81f2a8e31dfa7ddb1b6ccf7633691be5ed28300cb16b7b65a27933c4d00a66203155fd3ea9596c39e16cebe0c11a0e1a6c5b498babd0f8b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
13KB

MD5
64dc0ca2da726d1d17e2ff6b338d208f

SHA1
1e3bcf0928e79148dbb034f1914f1bfa57f58170

SHA256
2df5275816e0b99e7aeeb27b7125b75e6199efb8c3b640c9d702e03db451196b

SHA512
5f44a15aeea931dc79713815315a96b9afd372fa330ec49ac185b1d73a167975a310f0eb5f71865fb83f6651b7a6891c6b11738d8c0de6142e313a99579faca5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
732f087267ae0f911a4e1779f527e0f7

SHA1
e89a506f698aabde4deed338b1214b7403d3de28

SHA256
17cf4ace64daf6dcf54e11ff6917ed80b65dd8d83ac488267c5b0baede365691

SHA512
782a08f156a965fc0abf415c924fe5f39c2bb413f9ade281b1d6411bf6849de0c6d3bd24c0b2581d94164e339210a4ec34c54a607677cd9fac819e8bbd3ce6a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
21KB

MD5
7aa3abe313e134b3c58919ac27c8625e

SHA1
7423188662ef9f957f86df4ea071bc29cf8b5345

SHA256
5b465ea9a8bff7e265ace1b257f278ac3d60e5698d669c5dca626afe3a802b62

SHA512
259f4e87fa2ac7abcdc395abccc281287d99281027cb1b46eaa780d6fc366bdaa62df0f5afa81041ff6e968c1062e397a9d65b9ec8ab3378a3296820156ffebf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
22KB

MD5
a5222606dbbe7c5c84de9913525f2c54

SHA1
79038d1ac68c090105bdc502900b777e68a7a2ed

SHA256
8290779e7bd15abce1c69851d5cb4794d3c40d52ab1643739424e63abea1ac15

SHA512
9d16513b90d36c9f4085f315a5ada50581b72380629a4aed3d10cbcf0b298c3c82dfe4ac9690117a9b0ffc83e7f1863b417b8297914c433d39e55cfbd4bfb3ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d7fd92c723b42d71f86d45524910bcf5

SHA1
a81304fbcaa89a57b78cdc068da17d5130aaf3be

SHA256
82edd78f7bb818b3bb158f1c8c15a06be85a7fb4a30670a984b2f5e7640089db

SHA512
525415892ed67ba26a4385cb8e44d57750c88c1d8ac33582687754af00a07373598cf2048da8d8438d844d8952dd14ab28fa8d496e6ac82726969899c9fa0a47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
2ff1bb72c538c36fbe13d5bb7a664a54

SHA1
2aea71a47744676c168d66816fb535e4c57e598f

SHA256
a9b6951c454e9cc62cba8c7279e8c0fff4fe79a75e03ade726afb7c5c536c8ea

SHA512
9f91c997e3a6b662607645b538df6cee376701f3f488740e51b375657b6cdd266377bd9460b852d5f818fa5ff14f67f844feca55b827292a20f73a3caf4e0b43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
22KB

MD5
6b81cb84886f5316d24c80fed85f923b

SHA1
aae895cdf093198849fa8818cf3cdc8bd7c52a0c

SHA256
32a90fac015c7312ddfed334cf122f094e6015e858c749bdaa8c78cc083a44e9

SHA512
26ecf1b3d6071fcb8681c8b39e4d782679db501f5b476dc62f4145c9035c7af292a6ef9cf720713cefbd6d4415841c49adc1ab64e4f37b85ce2e0ff99ced5940

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
13KB

MD5
5696116bc6372f6e01d513db0167bea3

SHA1
02efef13fddde9f6c990f8882631bb042be6fbfd

SHA256
42af781c0acdb42d41fffa56024eb34f3e9048e9d80db17d238a6200dfe69170

SHA512
8bf4aaf82d9a4fe855ffc87e658101711a773bac5a3e46b4292f837b143c0448075a181255c7018ce9ef786aac00a702b919d22448dbc78ee0f1ca99c28d9368

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
24KB

MD5
d7592f2ee6e10449aeaf83ed9b14f84f

SHA1
7d7f294ddd361ade32cb90fb14c633d0b0360958

SHA256
9e270c5414d9afeb48d4999d8909d63d8d0c94f0db2c1a2d881602861f2110c6

SHA512
df19b56ca1c69839cee92cf8f7c3197f62bf8eb26a09f6d0ce6f76de6f74fd7579e53814e38129a968a3a25dc35ce70ea2a26620ba5055600177b301c858f80d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
bae49c3a2f5e76ad8ffcf24d38d09e44

SHA1
037ed5f5c85adae4faed9444b9d8fcbeb7299f97

SHA256
78ae3fc7d2626d26c2c997071e82e9ad6af2030cf4ffe7e5bcf71bff709fe3aa

SHA512
bca844c79cf10862284a3b68ac3ca570632d00b5ea410bbd94a6f21b8b0d943ad6e3181ba133a7f36abb045de6fd60f18fbf9340876e3b75f7cae762280350c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
24KB

MD5
4be09a6f01d16de000c35988d112ffa6

SHA1
ce1dde6241ca2e06c805f382e16aca52e635f06e

SHA256
30d599ed0d618996fc0a186b698b4735b591b918f4e665e1150d691ec6da09dc

SHA512
83600f641ff8fb75bf6421615ec283f6150e0e9611addafc942ee2a314f0db167191ba5db0767d5f756d7f4fa59acfdbfd5fb490d14c5c26bc8102dca6a8e15c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
48B

MD5
74ff3688b0f71cf005d6237d71830555

SHA1
14d60dade8361cce2c06145ed061dbe5a52ab913

SHA256
7ed18a7ddcbbba611d89482e666ab3d7059e8a3558e136679512842d03add310

SHA512
dece26f2a1fda6a6800b909f91ef944bd9feb80869ef471c04e0febaeece3cc7b081df48d911f429220363315450f1b71d87232cfe5bde3e4f05ad4ccab3edf9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
b16d474524cdbe02752f4dc044502005

SHA1
d7e0ba8c3ab2be0d0969edbce417eb41f9e96cc1

SHA256
2b2c47e5dc33456569677c09fae72976f389dab9ebef09e8a6dd844be829f036

SHA512
075f8ded0535325c7560c9130352b828b9279f6816abdd163d6ae14ce57d20d85dfe56a5f8849e989d4a3cc72e6603c92f536f50e8f5b9e99b6b7ece0f43f6dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
202c52aaae684dbf2549d7b9e17fb755

SHA1
5039b15ee20671828be02f8b04debba09985b008

SHA256
f16210b0aa95ab1d44b767338dc10bf4eb4bb0624b0eb2773d2e210d1fc67e32

SHA512
6ee3394e0345448ee2fec6e2b6270d95e44658805fbdf0b934be95c10cda8fc77da2448058cc1363c0229c956ea933644ff6cb47cabc7f56605056d984a90709

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
97e68decb168aa4acf894c4202cdd4a6

SHA1
acaa4a42dde80904d057be9d46fb6244c698eb81

SHA256
6c8f8ddaf98404f1718612e96baf666f6360c9ea0321ce7bf95d9827218d6168

SHA512
56c035afa2593de672118b363715e6cc8b69675b6058e64eee5d9fb3be86dc3b7b7c3c49679d4b69852d256804ad2333fc6de3a87abe57394b3af6f80090395b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
8KB

MD5
f90309d6e7bf0793f10cadf2c123cbdd

SHA1
52f5dc0d01cb6a8224c41af61a79a51b17d7038b

SHA256
f73e5e2a3f1f639a5386cb0e531c5754d634eeb76bbe494a5ee525445eaa3ab3

SHA512
97371276cb03a36d33eabe833f81dc05c4ffeceacff492d6e1593648c3ca020bfa76445b6018204e69eff6e313ce91664f2ac3f2ab6c3eed57860c1510977ab5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
54133a7a4143d3be6efb543f205e2fc1

SHA1
dcc16d68f1fa51073f34992728856da84b454c6a

SHA256
dcc002ad181c5af8005ab5979f5d72ae96afabd16c21023027b443bccb8d1695

SHA512
73df204368a0d0ba91cd77fc00ce25445748bc356f5afe838237bf9395d9271adc99705c70949149dfa2b72c5bcfc8739f29878dba04ff56e345fcd714424314

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
d577a9ce44262c148a4d270f108be8ca

SHA1
1fc318b234ba11455f621e33a14d544f22631c97

SHA256
82400d04929927104abe168e5d1061acc227f546fdbac6d0f1f28f04665d9acb

SHA512
6161c04a4290eb71daf3fd97f22b07ab8634c85ca81c0421819a478ca8e48ff6f9e8e06d3120e636e05383e2c7e7148a9e2bf41251fe1ba93006818334b4a7d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
361f4af9d6a1a04d64d4243325aee1bc

SHA1
c5b193cf724b4bc7ed04d5313a2c87e3b42e9e3f

SHA256
6f5f35566a639f55e225b97dc7654d74bc460685ed23111085ed58746e6a98f0

SHA512
4940296ec9a31aab0987c01f35680322a678e9797e1a161c440a75d53e56f31d3098020969170542d63064722d95824f71c191e7ebb16e1ced5e71c4ee959c5d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
9ede75d0e56d886e8056985c1c679b41

SHA1
f2f4063a9bcce7c98d8e809e8bcea5fcca5d26d8

SHA256
9f4af9f3de8da750799fea71ba0833b860e9b120ec0b16500eff404055bc3e65

SHA512
4857fa1259e9bd235ae2e0d51039a031e17ab7d7ff1e5a38032277d30a14f67afb2a9a63f02b0b93b7970cf81a235a2091a034cdb2ab279946aca09fa0fa62a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
8KB

MD5
d2dbab6533bf76dcc0ddfad2b47fbf16

SHA1
018e526f08b6c5fdf82bd81a36fa41c586e206a6

SHA256
f3a99941afc61c6720d3ede2a714b1f5f7ce72c32c446e5d19f58ce18c5064b4

SHA512
ec09f176387806f10c1cd79cd081ca450e158bffe7b5500bf75e7c96df4458efbf60e4fcc70aa1f93113457cd6ed7c1a3375076527e3f4e670ccf85b4fcbecdb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
764d9fc5f4aa2f9352f4021cfcefbca5

SHA1
95be04e769a8e55235b14fe4c8108f6cb8b4be9f

SHA256
a80b6e489bf594100ee54c58bd902503f70635ab16dd7c550686d31c4010add5

SHA512
87c7c84e148df5b82970b95a57315b4f0ce95a6b3d3c0b686d5ef81bf0a8b8c20819ff8027c137818967fb5571dced9af4e5fd9e14081c74500b332f3dd0ab84

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
c2bb4ea60ac1b6b157750cb495b3bf6f

SHA1
f34af6d1c84a5661c4cd8451814a7d526aa51f4d

SHA256
86e01dacb363332f1c07db3e2d5313c1309a17c11054c5c0e96abb3b949d34fe

SHA512
76175209a12614f42ad78730b217d55bf609a8d06f4b7fc541a704ffcf95cdbdc9dba2dc74338594393e035e8e386807c56b7030e3df137bd9ef41285b885324

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c582.TMP

Filesize
867B

MD5
48837c7703c690eadb449771b0d973c5

SHA1
20a0cf2c675cc9e96e1ca8ad1aed2e0529354d08

SHA256
933a44f74c5cfa761ee1eac712559a8926a0adefd4717ffe05e82e9ddcfb3fc7

SHA512
bd9966be85977ef96164d35d0ba9f96602fcd472b4422475be31bb26f08b764fb25e71501d0a0cbd135a368e444fe8a7994dfa43764f1c93fed105ac59f5cdcb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
a7c73de880254b2e33336eb9cbdedd65

SHA1
6eba4c2ccca2b488fd93cfc991e7042949b28bbc

SHA256
032b6c903e1a94e4121288c1bc7471a685d3f51d7332c560d0d18f5a82a50cce

SHA512
18a26797d74af7a8e1d9687e2a1b7516c0ed199b570569f40d36b106acbf411cd20b01e1ebd7bee6decc306d6def88152c5c65d81a13713bacebef5cde8f35b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
3a1e8a93bea11ea4058da163d87695f6

SHA1
2abc032922b429a3f9bb009a24f6e3e1fbb1866d

SHA256
9ef19611a3bb50bad9b9097c8ad3ed4508100d571099fe0a6f120fb11e736dac

SHA512
ab66601ded43b887729463933df5cee9170c54b74adf16ad117645f01b630025113f68ee714dc08682d0704e3559fa84ac86b7a35fcaaf96d40f57c9192af92a

Download Submit
C:\Users\Admin\AppData\Local\Temp\1e909f96-8df4-4899-8389-0aa70230d746.tmp

Filesize
1.2MB

MD5
7a3bc6142be9b7c9664464759974c08b

SHA1
7055fe5cf3e31a24687c3fcbc06394eaf097c6ae

SHA256
446839b455f486943d42e46c8230b6b00d59943de94449fc418ee626aba4dbef

SHA512
c881916068cfbd73425e1a6662d1049f02b8f1ed34b8546a9555d43b2b05ac3507e94f996435123a7694a2f2ddc4ef9f97d839b9a9584ae3ebca37f1b45d63cc

Download Submit
C:\Users\Admin\AppData\Local\Temp\9218e1a7-f4d3-4648-b69d-2fc064bc6f40.tmp

Filesize
856KB

MD5
04398d23bf4733785de3a5ca05ad80c5

SHA1
72b193836a47aa3f0b7182de92a6a3f6f862131e

SHA256
a89ea036242d4e3345ad54ea9bcdb5c73ee5b78fa320996398bab4ae46cb578e

SHA512
1e7ba8e738c16af9267e7f9da427c23f2159214839d6e59bff66228375e9c7aea0f86c1ebd352cae248fd8508f762c1e81dd680e27cf7c1b5bd8084ab383148a

Download Submit
C:\Users\Admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe

Filesize
797KB

MD5
d083a07a3dca2d0ea5ddb0e959fb8ff4

SHA1
86f3f43729db553d45b728b1409b73d3de5a5915

SHA256
05e1c6babb787f24d8a60f8ded2c216c9bc2956970d75073a71139fe168a122f

SHA512
d16259a1fcb29def140e9e1768b99d973b434c97bf7b09bd0d223143a622ee720d2531a84dd4edf082300fb5f4f00812e418c0131b196375821e612bf34f7aac

Download Submit
C:\Users\Admin\AppData\Local\Temp\cea543dc-8832-4880-b993-9f18377ef938.tmp

Filesize
59KB

MD5
7361d437f5f0152896832358e4941350

SHA1
918b3e9825ceb47f873267918877de97de71be8c

SHA256
11c5652a64869d8146a56f83f7b431d72c40a8dee538b78291408347a8f504d3

SHA512
45435876b782ef718a10edb14263d16a56e60d8da8843c164baa59713717ab1ef96bf10cffbb206da24b0ebf186f0228dde3804c6b9c586848dccdcd9ba6cfc0

Download Submit
C:\Users\Admin\AppData\Local\Temp\e2cccd58-6a7c-4e0a-b8ca-609e33c4ee52.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir6592_150750143\CRX_INSTALL\_locales\en\messages.json

Filesize
162B

MD5
bf28ef9468e4e1cbc5f3e055adfa69e5

SHA1
d5cff2ec3851f3fff649d688919f9f4f8511420e

SHA256
0e86dc475bac19122a3134a18cf8af26b83831df3346bcf5093739ca2891b4b3

SHA512
7b37e27f56b8ef1aeec6f25bbe7336ad0bec837af4390e47932adc67c9ed873c6b7cb5d643b39d0b6f383d79c7ee0ab8aa39e70f894ce8f2b90a884d1325c3f5

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir6592_1511470423\CRX_INSTALL\lib\content.js

Filesize
846B

MD5
d34d8af3d1e617ae23ae8182548892d2

SHA1
aae7cc51d9d8e6a3e43e128cc09dd866f45479da

SHA256
ad9d9885d4906a93459a53c11c47c070f80a4041abad4a1d28302a69014ad86f

SHA512
725e3d11b846709882cc969f1402382b49aadce36d65348c628cf427d31db80a2a98d74b49fa85c8f879a29f1f5b235b196687f6911eec0a7f121000e282c6c7

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir6592_1511470423\CRX_INSTALL\lib\store\index.js

Filesize
476KB

MD5
d4f732b50b33413845c3db8f5e888ae7

SHA1
15a3b4dd40665d5eb1356dbfe980a1155e5206c0

SHA256
2aad1328766d0b6abaf520a55d4517fb94673e90b004f27a7f6c93b8ce7c20d6

SHA512
6012049cf6253048c9fe1e7c094665407cc772fb7d3a20dc3e9a84a1d3b4b4e20285d42496c1cd79235c68cc3e7b4fa84e67e7393a8885f10f23e68397b2540d

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir6592_609487484\CRX_INSTALL\css\fb.css

Filesize
40B

MD5
c862cbbc1b82064465f98482ef73948b

SHA1
0e49a12b9d1fd903e0c44cfe9c9db0ae7a5b50fc

SHA256
988dfba4289e28ef42d0ce93bae58926ae7a9528de7bdf97898d1c2cd2f2016c

SHA512
12befd2966f25464dd21377d89b5d3c9b8fd9abaa8f257fe88bd1d80759fc5375439e6160f99dff7ec7a61135d9616992b611b63d1a6e094fe2eb29e23420559

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir6592_609487484\CRX_INSTALL\js\cs\fb.js

Filesize
3KB

MD5
35a10dd7924dc7a4205fb3807812896b

SHA1
53583f9a14b35a9529614f7cb8c2f26a3a2a31a4

SHA256
43cdb582f3881db7584ba1cab29ca88c74bf51819033ea88a02b0614e398ee8d

SHA512
a7220a4c8cf583c334d78c108b7da9402a79eb2c57c428c5f740f8b2c6c19ac1c761da8d57074f2b9cfb063da84410f6558a8b61f978d536d9ac48428448a681

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir6592_609487484\CRX_INSTALL\js\cs\lp.js

Filesize
3KB

MD5
b6ddadfa381c9d9297812d2dca3d92bc

SHA1
9f83febb785d4c87730164f7cf020d036e0e11f2

SHA256
6b2d97ac7dff812bbb826852feb506a4a300b7876fd6985e6b8a16ad710efe89

SHA512
d89a308fc1b9b6ba055e88ac91a830169547c8aea734a773762767fe4c6a76033a8d3f20b8e82c094239d25c8e2f17e4c9b1bcd083d294db368aa28f2cfe85f4

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir6592_609487484\CRX_INSTALL\js\cs\native.js

Filesize
1KB

MD5
8307716154566dd5d4b7f87f7e536824

SHA1
5b746f1c97a036b190d4cf1db76760902ae1ed87

SHA256
a7e44db42aa52a276edb6a2dea7dae1a8d1f683ae67d0179b5930271e3138d12

SHA512
8dcd2e9dea6c147a4c9578b42fd1613a55e790d3a6ddf98809f123cb06270784b0c0e3ae27bf2957e6066fd8bd831cc09777270e2bb8f6f7c144721f95e3c5fe

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir6592_609487484\CRX_INSTALL\js\cs\yt.js

Filesize
1KB

MD5
8e84151e901f61a135d941979efd8ff9

SHA1
52841c4272dc039438ce59943489367d1f2e4482

SHA256
738e199707a5027486e17e9bfbd50a1dd295d2d6d5c48ccac17fecaec91b70a1

SHA512
c2e2c027d3655bd549ec59d75cbe307c8e6b66838c72949b965ce2c7ac3c730ffb873a948cc055f6727964cf048d403262e8262c6c6559410ae682e2963c013e

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir6592_929279406\CRX_INSTALL\assets\upgrade_to_pro_btn_icon.svg

Filesize
2KB

MD5
29d6555e0739ea5ec736e579af460e67

SHA1
0f081c506cd7f0dfa04122de174bf266109f69b5

SHA256
ad69930ac583f1da0eaef050d2bfcb09aa4c3fa415c0daad44dd9e0626140350

SHA512
f0a3dfd5f083daf86d68d2551068d16e93a79a3b1ce8b2a501539df398677d59f29de369df48a6268bde8b9c2d3242da8bcd4195d1f059ed799f998d56aaeb01

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir6592_929279406\CRX_INSTALL\dist\contentScripts\index.global.js

Filesize
460KB

MD5
e3cd8deb1ae8c8711ad7529bbd2aff18

SHA1
718ca2db4cee29a83a6a56c3557751d106580fe8

SHA256
b33536a2ddd32969d4cea8e52cfd57a083730d2decd782448cc620efc0329366

SHA512
eecf9c9d9a207baaf68eb6a87ccc9ebe7ef46febd5a88993257dc9732c75a8ebf31e4b0d41e451a1205459690e4f4267faacd3eeea37f7f6d55fd02affaa0e84

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir6812_1771330883\Sync Data\LevelDB\LOG.old

Filesize
323B

MD5
e8e91cb98c9db30051dd62d4a99a961a

SHA1
6f923f49a7368a1eb1e9e5c0c1b44267d4e5505d

SHA256
a9b4ecfae42caa703edf7b78a4e6b9d052a767aec896d0f4d5c58bd22c5c9fcf

SHA512
8cd51d4543ff7fbd3a6151001f98327ed332c6050d8e7754829d071bacf07b1e425f8b6505cba83630c19c3b5bdedb4b8a3c2cb90dd3fbedf71525d4da2b824d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad\settings.dat

Filesize
40B

MD5
089d32637ae5bc29fddce3803bec6144

SHA1
1ce222ad6ca5538858881f5274d530b8843a72a9

SHA256
72b193369001d08b3af986701b14c938aeafcf9105f0bedfda2e04e0929b652d

SHA512
bf3ae33af38dea7b6b11c5e5913505dda6c6a253e86e6fe75e58b47c18a14684197b7224e3fc4d73c5cc8e0a394edba366ba1d0ac1ae13041c9c005f74fdc64f

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\7987c9e7-c9f6-4013-98a9-ef0d58809a8a.tmp

Filesize
173KB

MD5
f3d32d9918947cd0ee98a95e6782ea0c

SHA1
7d352e9a4799b5a180e11eaae4a7ef1a6ae51d2a

SHA256
33845d8a8dfe591b8eed4b27f2c47dc856b11d86c6bfec08074662c559ed4d01

SHA512
e4818c7e56b2a7f28610f14f738fe92018528517182e5cfa2e17750796bbdecdc2bca3af71afaad2e27a19a17e487fc321e8e20c286268dfb7a126135817804d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
9fe9bbc0fa092ff25e4215185d4ce6ca

SHA1
9b3cba4bbf2bf2b1671d7bbef394035554a1dfe8

SHA256
1d8e35ffaaa31a62de3f00f8d2662eea7e5b2a26d4cb05159c6d33d80080edb1

SHA512
ab7bc615bf1f39f8d9d4479b4297dc2d14780fc86846e75595451e1ec2cf6555bc65e17b8efe60ad9955f4a9bcfd393aea86aa7ec0fe130a4f9a3bd1cb9f4418

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe5acff4.TMP

Filesize
48B

MD5
42b70268b6967b6f8813375a37836198

SHA1
8c80316525b5ad67a37efc1ce13c9c11dd84951b

SHA256
0f5ed4bdf46b0566931c4eb6ddc54d54743863c2fe5cd0354e08562db3869636

SHA512
91c39a2b4a927525c8caf0039ea86b694a2c1d3e81a0bcc38f815452a9cad907aa9c295e260b8df79503adfa15571cdad8e81f2e10877bf4399d0ac13feea631

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\assets\background_pattern.png

Filesize
99KB

MD5
9f4b16ab45eb25a785e4c8307a021840

SHA1
13dff927855dbbe551277c17aaf5ecc4064c5e6f

SHA256
60031f2ea255927a17515c9554c764c14129eb9e1b8d6b2c0b425164e027a212

SHA512
1f55d8cb7dba6e15c503832da29c86b0e719ad9ab1c541e85fd9819a3366ce2db4a0b6f91bc61de970c4079b152d2b588bf6b512805c899f3e81d40add0156d6

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\assets\bullet.svg

Filesize
262B

MD5
dcdead4a514f361537ac35c3c4d3aa90

SHA1
be69f0415f2cc04914a211ad1fdaa8d4b512cb66

SHA256
381effef058c266d991dc5d62a3c88885d4549e5f791b57352327a0adcd286c2

SHA512
e30e548674a097025f23bbba5ef8219db2aaf80eed8a6a3e5317581edfe5de5f9ba9904ac5e38e2da0b4f5550a525745816d908048acd5bb2f15eab69a849fc9

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\assets\bullet_first.svg

Filesize
261B

MD5
83e6138f646aba1f20e56c96ec4dd960

SHA1
95d56f7ad12fd08411c32272f3c4a744a47ce1a5

SHA256
40abdfa68158b57407f0aa9497bb42008445b3b948da05311d140df98504a71e

SHA512
8c984a43f052912520dab0a63e6c6761fafaae604995c3d829d899279bc65761c71c5b02a1be1161e0c7208ae8059554bbf66b3975359f4d7ee2573cba21a1bc

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\assets\bullet_last.svg

Filesize
263B

MD5
a1064d330ca8e7c62ac7296053bf6508

SHA1
714aa79e2f59f401447f25272d2a6c09614966db

SHA256
d48e1da9205f68e6568981597db865dfa0bb8f0085bfa543857b323ccc94435d

SHA512
dd8d49b0c6f0b04c6a08b9be08caf8cb3277985933c4db36614513d440ccd3627788b81f7e7839f06005723e1548281a7f7123386840d594342a5642feacab4a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\assets\icon-512.png

Filesize
72KB

MD5
45be0c56a04eff1836ba484bf3b3dea8

SHA1
edd521046a4a80bd02cc4da8c39ad0f52633e43a

SHA256
c5354015f2e4b8b639fb45142476d2a0dcdab5590ff923bbd305416a2ccd2b10

SHA512
ebf63e1b9f88960238120875e1a4e5b5655bf1280bd04ebea6ef99019e9041712e692da0b53b67457554429b96f40a9bc83efa7a78a07d1b5d75dfd57bb4fd8d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\assets\icon.icon

Filesize
3KB

MD5
5fe1ce24abce7713429afbad8555a78f

SHA1
f4ae1d7d36b2b7162eb57d17b5d518f9f4d999e8

SHA256
1967844e9995e53ca421aef0c38545e906e8943e6d350bba8e0ecd091b6fc98a

SHA512
a97d7156e9f2372c4f7fc68e3fa47b040cd8a04be9fb3512bcf98e430fc7e5b3adcd7aa789ff5626f61f476b84698ed2eb3d6c75791529738571c88a45d76205

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\assets\icon.svg

Filesize
3KB

MD5
e6060d73fad7d7b129e6fe5dba1dcd41

SHA1
d012e00813f707dff14aaa422313fe2a81df5f74

SHA256
402bf406fb5b2707bc64db6a0ca8a4962ec62f89c34348aa04fb314783b92742

SHA512
b31c9a5df7cfb97be2f5030be07db7f9bb3efce9036388af445a1eb01be87c5ca02c2d29d53043e9d802b03aa7d0bab476bc7d47776a2e17c48a1fb7ca79bbab

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\assets\icon128.png

Filesize
6KB

MD5
43190d0efc9abb4255e990ac7b066eb6

SHA1
14bf6a02511d273c46551bae2839c2a572f0b6b6

SHA256
1522af5f0aa6385cf1fc34d0c818ed899beda218d43141704e449bd86947fd79

SHA512
e7c85bc4084a226ec03b817c0eae929401522b84fcc4e45c58b56c32228b8cf2294bc4782b8858bd8832a0ae482ea426965b8755a70d5aa774ccb1ad2e48406a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\assets\icon16.png

Filesize
607B

MD5
9875ae2fa7bdc8bb317799269ddfdb78

SHA1
b1dda8548a8585f1d51ffd00c73e7d7006f718fd

SHA256
626cf5040f8ffec33288a2db1f8ccb7a48b130a38f4e1acc28598b274507ca9b

SHA512
37589ad1440f5800a1f0f4c5716a06a1f0005a4761466929ad898e5b8117f73b8e303e35e38b164279e8768f099246662ae6b6065cbc68b1cd2bc49aa6bd100a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\assets\icon32.png

Filesize
1KB

MD5
a67717ccf79e9b8e709dca737a2cbfe7

SHA1
0bc7942b8a7199ab49227b3330785e6bda3b9d56

SHA256
96d45147eef3aeabbf637d7300035c3ba0a41e9c8bc03917a00f1576aead57e2

SHA512
283cfc1669f34b343586afb24771b40963d876de3ac5e6e8a6d8e007f228d0f560b8d71cca0d58401b77ab7cc0a827cf75e3ec6bced40cad631b88a526a31464

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\assets\icon48.png

Filesize
2KB

MD5
f25f85a0ed15e8504b18330c59e9d564

SHA1
787d381e4373175e4d5285fc4a906daf1c6528a9

SHA256
fde5d52c90bd9c84d73932f0442fea2867b6ba5848faf20f0f7d66c6bcb4decc

SHA512
75654556d06d9b08286b8df55984e88e66443cffb041c3dbd2f17b58287cc3455abab1c535376c872c43aec932fb3a0dfa321496972e96a3fb471dee80abc1a9

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\assets\icon64.png

Filesize
2KB

MD5
bb658c43b09d3b129b838168d30c6df0

SHA1
bc9412319cbf2014e663b868638da7e8124bee32

SHA256
f6b573e0e1461fa3951393cc9af2cb2a7860656a955e48ff4acfe38b8d60e651

SHA512
1f094377dbf1a1bbcde0cd95c73f4d2d4385cce42df77be718b140417da70794c1873e8a3f89286b0f567f4ae8fb83c6dd046529a40f0bb8d75b6e988d4ae207

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\assets\Logo-62cc63d9.js

Filesize
774B

MD5
5bcb4b16a81c31e129530e2f511138c4

SHA1
dff773d4d594a29b3878c3442ae4851288716ec9

SHA256
01dee36e68f5c04ebbff01d067ea329b6c8eef3e44039932ef97b61a10b14923

SHA512
ac5b338468e489b740f944216859c9f06694136f6c2744eee78863d791683b2ecf1affbd8c7dffa30cbbca1d0da5649406f51668ba0798585842808d31e58c1b

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\assets\__uno-33fc7658.css

Filesize
24KB

MD5
3d1bb2760e9972113a8c96fdfb8f74f1

SHA1
a6524827576da7b83c78a3e9efed324db20a56e6

SHA256
0c62c72d42844f644214c2008d9343f4ddc88ef472f6cbbb2ffb69ce818da0c6

SHA512
e9455185f34907c8b6080a7c83986a5cf1d0c49f88f350be58465e524395f136793bb8f868d2b0b29b1f6847502a8a8417436e3200a7cf12ce8f989969d4f833

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\assets\__uno-e2de340c.js

Filesize
245KB

MD5
69f06da01887ee36d9f3849eb2fd2d96

SHA1
24685a57e15299e18d1e7b37f2ccd62357b771eb

SHA256
98d4c3af6a9e0b702997f2f230f3b97d3f8dc39799357278aa1d519e59108fe0

SHA512
191e0a8366204b8c4c208771816c2adb62a785d7a8e2ed8941d5d9f219d5a2e9c0af96e99abedf9632c028a97bd78b70c97df822145ef472d8ed5d9da296d5ed

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\assets\chat-1a99eceb.png

Filesize
64KB

MD5
c470fd10049c5a990633ae2f966744d7

SHA1
bf81736c5594940db5226f979de52726049ac881

SHA256
1a99eceb971741f8b8ee5f68fa4881a4f6aa308f7fd4ebb192eb9c51ccd535a3

SHA512
4d96d699bdcc7f287183891bb1dd7fb670d539a7821e33a1662a92a1a3e4a7ca5f59d5d94a766875be0474b2b0c97a79ce01a0065bb9f88c0385593d8a022c09

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\assets\chat_button-151199f7.png

Filesize
7KB

MD5
06afe46c6af3934611326ca03e4d5019

SHA1
c9ff8c29722699f2e667fa83358df8bf8510263b

SHA256
151199f7457f671457d933c16cc5efb642d8d9063d32fd8134592c8e6289285a

SHA512
7e993a5d77fa19371833bc96f01a433c7d2e4cb8b5d8ca39de83fc5cbe91e2c481c72ec1d36e5c7247995b902ebb7ea50446043dc903ec34115700a988c001c8

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\assets\code_block-5a7f325a.png

Filesize
20KB

MD5
761a934aa1810625041ff64a1637cd0b

SHA1
5de9398b0788f60b04727c8c03ffbcd9598060c6

SHA256
5a7f325aa9c65c91a3e95aceea22c6c41bd60c1e1d99a51a774b996dd9aea600

SHA512
7849ea6e382c84a262aca09eb1fa92c7011322b69354d80de3a8c14a4ca4de00ee287edc97aada44632451adba51494643207732c468b1dfb49f907396184d59

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\assets\code_menu-a8be2aaf.png

Filesize
20KB

MD5
86b6fc046825556e244a5becaf13808a

SHA1
8dc1515d1c28f69589117531e050aa5075f196db

SHA256
a8be2aaf596b5b7b1278bd6c885185bb4b8d8643ab53f0ea6a8aff43b985c29f

SHA512
e97a205dcee6fbba3d2e42033aaa38dc2f3ed6484f1770b10bc3263c0100e5e9a47865052a924808601b695718792b7ce87bb24503448bfca7c8c62cec3331d2

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\assets\index-3ef63e9f.css

Filesize
4KB

MD5
41d57444e7d13ff1dc04638a5fa8a98f

SHA1
71ea54705eabb7fe120d48f0d38f4f509c5cc1f8

SHA256
3ef63e9f56bb46a850d23696f0051e4d5693ecac0589a8cb6f7ed5f4f844bbe0

SHA512
716e73bb1667e32283debc17b3b82252ae34fbf588ae4446d536aadf1ffd078fa6e481b6a1f745297085a597b0899e7c69b751364d1a8d076571e571f3c22ba0

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\assets\options-33ddb4d9.js

Filesize
3KB

MD5
59991ad25ba10d885a5f3cda2fd75fb9

SHA1
7d08dea37be2355560953f4dd1f5763ef0394ac9

SHA256
d244543e3d3794824fb8425c62713277610f5fa8c0e15bb2ba7721f47f1a8799

SHA512
803ef1087b5698d0c45db47c48643a552e5f22c169f8b782a04b4ebfc1d19b02e0045729d74d08e41a04c4653aca712b31f5dafe3e4dedca375bd58f6fee3ec7

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\assets\popup-264c9e18.js

Filesize
488B

MD5
6c5b877df13e42552b069c70ac059f87

SHA1
5000af82e71c8cfdd87c0e26c0825a33aabd7000

SHA256
90d87bd1c2a00e190deefba1afb8c6f688adcb0be667c5038707e1f9994f9282

SHA512
27c914ea04b6de76c3dfe0d3e88a8325a2e3d9d5cd6d8c46ce6736ad4019b27a35115599a9990a55c183548f6de512983dc9be9fa242757683a3ffa76891c1e1

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\assets\selected_text_button-7edc9403.png

Filesize
6KB

MD5
adbf987176e8bd12ea1d6610b16f005e

SHA1
95eb881aa5426b4f3e835ac3db5a6a0deeed8e09

SHA256
7edc940367db12fa5c53bb63b7fb2d60092024b5b0481746b713aaa4107d8baa

SHA512
6c26bf5688cdb2b52f5e74d38e638ee061ee41157147372924d56af4f7c428f1a074c18d4e1491cb02245ae1389605a3cbf686c53c91e1809c4558a0d78c3d63

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\assets\selected_text_menu-715343cb.png

Filesize
33KB

MD5
3da5d1a8c8f33943b30cb88cbe5ad949

SHA1
f378cac3adf1e2c534f3588e68ae50239f26260c

SHA256
715343cbf66cce609a7d8ef3650189f87eae891c137bbf237f075f86794ad45e

SHA512
67c9d6cb33dc937a515c09c013b9b8df911ef3711217496f78dcf80dafa9dd5770578130bec65b7727af5c70f1bcde5888febb36fdc009bc7302e188222f0a87

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\assets\sidebar-f6521a0d.js

Filesize
7KB

MD5
bba7a87fa558d4146e2f4b8388833641

SHA1
413bd9458a4b81a124e62aef54137792b5009a88

SHA256
2945a840751125c4fe3b4c8a54c92a540b0aefb98014e2d7e6f16de80179a796

SHA512
30fcf6e38e7e31e1f6756ac3536aa37be36e9fe341fb4f751d696a1197b206af06a33a449c4dcea5be4cf7e458f371b119c478895db42b58213a939e93e2d0d6

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\assets\text_paragraph-9560fadb.png

Filesize
27KB

MD5
ace8c44e942f47852926fcc44f84e1eb

SHA1
64389cd281d5a31cd98df8373b949f623a623914

SHA256
9560fadbc8511b24fc6236a49f04915bf3d0fd5987885a3affb15b018f7d2411

SHA512
ca29e9a1a33bc9ba6ab95a414eead913c2132c6dd491614aebc42e21b1c0e7efbd274f2ae62d0730f5140c75c711bcb76d89c8f3684ff457c3ab3208545f2f51

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\background\index.mjs

Filesize
48KB

MD5
6a2917b9df2de3d54c60339d1206f311

SHA1
ab2242f853f8093295b9c47196127986bdec7d99

SHA256
685654e3da9e0b5b6c36d8ce42bcee21681102b74f9a5d8915133af2abab635e

SHA512
f456344e25665eba4ab4bf7a653596cfe3548948988ac531dea6641192903c951531965b9cffbe86ade815c4bb0b5648b6eaf000cb3046ab026e0a17b332e1f7

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\contentScripts\style.css

Filesize
38KB

MD5
a2de90a2190cef036f2c6df8ab8f00e4

SHA1
d2c76852071c134e386b54d0163640233e8b854a

SHA256
8bb83055b42d5b706abb9b10afa55c189f2e451acc976c78430c3d91f555c817

SHA512
761d49c55530694df775138dd078c5b7ac91ad2ff561d00df824bb70ec7d63b6e886ff75e195eac6277c535511618bc2c034e2db7693329886b4b87696f7dce3

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\options\index.html

Filesize
726B

MD5
825098ffb1c701fa3d4c55700b80543c

SHA1
b06cb78044c5009f24e8dc197cabff792f41099a

SHA256
67503223782dd7a38f81cc8712110913d07c184958c24a63be7a0554d87816a5

SHA512
aaea548da521304d96fe254630bb0c25f0c1bd39430302d551725cf1116281e02d2dd6aa10f72ac42a3b027281358ecf4ad6c784d842796979b0fbb7ec98d10f

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\popup\index.html

Filesize
500B

MD5
b9f2c3c3464461be908e00dd0a07ad63

SHA1
d444b802b3a77ee1a240882d6c9133f7b541578a

SHA256
99140505f181f09bbb427a1b07e252988d3a897a4d60d80a7ce4687775a11019

SHA512
7f12b3ea8d5aa3e2364f497178ab8ac4aa202363ccd4ca5ae57965ca59bd397653bc634013e0dac7ebc83576c35c995690bce9935bd9b93f054c1bf3fa5a764d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\dist\sidebar\index.html

Filesize
745B

MD5
faae766c66f159ed15dd70bd8453eb66

SHA1
1cf9bb3ea8a629bc3175c7cc4bc947d39f1ca98a

SHA256
74136d4873b9626bef202c5ca822f2a18013407daecbe0e7e8edf1d6c28a8c34

SHA512
6d685d771ad7bf2ef98c64d1e493598a9d42ad3aaa3a8634e972d9d3b70592e3b3954221df72f9b34f8d4cd9a55f56708583e510ce067773b47972e038172ebc

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1708137949\CRX_INSTALL\manifest.json

Filesize
1KB

MD5
58faf08525b8c5eaa815cb2b2dd0463f

SHA1
7f14cc65e26cbedb1d25077d80fdd58376d2500e

SHA256
fa783f682625206ce6acb2b96c6c53e8c9aa93071ba28feb3b6d8c46478ab50b

SHA512
7c1086f7be32e9518c6e173e20c46a19374a97f32d79aa625ff7c49c4e407d1948a07fbadd468848c9f5699b6b97ab7a679d97b428bae28552f8a886bbe7f8f4

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1756038949\CRX_INSTALL\background.html

Filesize
166B

MD5
34104d719035cec91aa3cf92d6aada98

SHA1
70f4a4aa92cc68537f209bdff80488ebfbed8906

SHA256
3f9745f512ba2f2724f18396b16c9485d753350882a1ec697fc0eec3ed0b1660

SHA512
1f5b04e3c9e39266c7c8cf0dac64d9b592cec118c2efceeff2da07475f4ab72b5d2c6a9ca416e80ef1356228085f6e59071c3337e66add013601fcb4ff17c3e4

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1756038949\CRX_INSTALL\img\wav\icon128.png

Filesize
2KB

MD5
e90758d19d11032ca68d1c277a675c07

SHA1
45f07e1a29c48a7e3a684f630fd8b044499ced1a

SHA256
4140980fddd63f9ec570045e490fe17035cc4ea13f04eeaa5d9054e9ddf15218

SHA512
3e317bd619ebea3fd3f883e696571eaa610db73b5a3bfcefb8cf505dfc7f57aa6416d8440d4744baea9ca57f024ad7af6dcc59390a633f41c7b7ccedd0a870fa

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1756038949\CRX_INSTALL\img\wav\icon16.png

Filesize
508B

MD5
02c1bc6aa4b67b1ba1f64efe091709e9

SHA1
f5b282bc995f9f4bd9ce9d6d0f27bd5b28c50236

SHA256
245395ca85f1eb95f2b7c8bc53a8cb81f517e869ba11e900187a4224dc6e8618

SHA512
fae8adaef105b1192f6fc185937b647f332192246a5ac17a32162096c9a4b1071f3e82fce38dabfce77633cdf8b0eee4e5d091bb30319142e3575c5ea1366bb9

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1756038949\CRX_INSTALL\img\wav\icon16_disabled.png

Filesize
479B

MD5
bc74911c7788a70b10efe4d2713acc37

SHA1
a8ac2fa5fdb01a4b722e84d116eec2dffe83eb81

SHA256
19f29161973cf017d6a1ebd78b052f82dccf1ab0c2c7809f40b228dcebdff171

SHA512
abf845b68684a6655322679d790ac27263f7eaac00ca327d699c6b5e3563c56facd5ab09fbf30c7df9e1fbd100195a8b41c63899bcd5e12ae3ee3eb58563a724

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1756038949\CRX_INSTALL\img\wav\icon48.png

Filesize
1KB

MD5
f3329c8783d871495ab1225a8c5419e4

SHA1
e018ea05bfd4d81133cd9c986d284587857be808

SHA256
d9a73b74e330795ad02e3f93231ca5d553a291123dbc576cebac111986ae73ac

SHA512
e4f7db41b61a28e5dbc71effbaf38ee616ce1824c3b5e046aecaf9be844d26f62c31997189efc23fa73dececfe476614b562eeeb3cbcc29c577d0f5e4176a07b

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1756038949\CRX_INSTALL\img\wav\input-checked.png

Filesize
318B

MD5
61f5683c6a4823b5eb8aad1d0ac61e9d

SHA1
9f4ed602be964bc86d5b64bf91216b6928cc8ef4

SHA256
f0a2acc7ad20df6ca4ad2a387399fd0631a13cba75dbf8e31113cec5acdfbd31

SHA512
c9018e2200d1cba3b4fb9bd02d90d0ed54717d053f8213d520afc3a4f6f101e2da16f8b0ea147de3b9366da78f0c9be65c0b079c134dc8edd474202b5c64a513

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1756038949\CRX_INSTALL\img\wav\input-unchecked.png

Filesize
154B

MD5
b96b35f79cf720e6e62fc6686cb1e12a

SHA1
d65a5bc7076ab1d7fdd14714f4bdb5c8161fc8e3

SHA256
1b6d466a9a6fc9e0e4ff29f15e5af95db67647a40f22a1a29c52709a600414ce

SHA512
c496f6c1857360a169fd3c55fe2a30e8e8d0feb564ef96a3ccd63e441533b10bd5c0ec3533e3a17e671ef2c64cee6194431bc12a1c204e72e1a92b18bd0ede58

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1756038949\CRX_INSTALL\lib\bg.js

Filesize
46KB

MD5
6bf27be2d4380c7a318b3cdb75eb8c57

SHA1
889d39b3b86eb05550aed6dd45122f5a5473e7cd

SHA256
469599304968595796a9a3ce21ff20c17b1831b48e3c9a30aeef61468dce3a0a

SHA512
d561d36577709dedf9ffbea4cae8148dfb0896b2fd2e7d9ea1df0ad1ddf704f7cef6cb4465bae11fd51309bd3acd5b80bb81440c4e3a27ad9269a311cdde983a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1756038949\CRX_INSTALL\lib\components\panel.vue

Filesize
2KB

MD5
b4c87bf3be0d52f5cb3e1d3355225dce

SHA1
bbee0ced19039e58fad74fa9c4319edb2a2299ec

SHA256
84acdb6dfec93ef4c5db326e1685bc618f63d515b6dc9203d9cd6acb467eec28

SHA512
78ef255d4f24972f4bd86923853b9999537b08426353d9759b51741abeff104bcd211b19e5009b40c39c0b8f20d5bf27eb8cd9749ebc942a21f151d1bc3cea4a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1756038949\CRX_INSTALL\lib\components\toggle.vue

Filesize
2KB

MD5
96419cddfab2658ba06491554eb9ee4f

SHA1
892a1b6fe0e1906ec4b273c07114584836526bbe

SHA256
5cfaf070ed3bf6c38bc89fc187c0bea20ef4dd5537fb9b968d69d067dceb93ef

SHA512
dc23dd4499211fb59b290427ead5b043519053c2d82aacf2d65f081d5c7adc31d161b501d03358620a119620ceb3174558721bccaf343d318a3cc1155d4e2df1

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1756038949\CRX_INSTALL\lib\panel.js

Filesize
524KB

MD5
fe2411f25990621b6148d13d66075504

SHA1
dbc38d2494d77623d338544bd3cb226d55b24fa1

SHA256
e44194b6b95db9ecaf564f1366aaeb5782e114dce94f3d32371a73fe2ab24439

SHA512
f9b096fdf08ea7f32d048a59c7f138b51f6c2b62095af5ec2360fa50442fb8eef5ba2683ae31593457480f8f0c403b6e56dff348b07d97d9125c3756c8c91aa9

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1756038949\CRX_INSTALL\manifest.json

Filesize
1KB

MD5
a44f02ac0d982d6ce172812c53f4dab2

SHA1
ec343da5bdb3d69d8ba0339d873c945e9ab77d3c

SHA256
50e42d8aa1e357e3b2d155b61df564d630cc6e6ed859a964558e4a818b23d6a7

SHA512
0838189606264fec435d74b29265ed37766e03e3bb7000719b573c43b34d48b27da47581aa35be8dc54c8e25c819e702b5d337d92933be208ec87f36b6658e9e

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6592_1756038949\CRX_INSTALL\panel.html

Filesize
683B

MD5
5b20a0e44ea48a2857e2c1f251c2cf92

SHA1
e6fb1bcc6f1483da9f09c1073a5faa59a4d9209b

SHA256
a0c0c35d5d7b106dda2227d218a76be9035c5ca4bc97395df0c5eeae86b6dad5

SHA512
ce71c048efaa8a7d81f1bd290306e31757a94fc71fbc031b1d63068f7f2662824882fdfefc75b9071ae61f3b41318904f4b8a773407061ef593d8e2f997dc52f

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\hbgjioklmpbdmemlmbkfckopochbgjpl\1.0.0_0\preferences_schema.json

Filesize
7KB

MD5
a192304f63ef26c80086f835cc4b7ada

SHA1
6963e90e752209132b728a938844c4c64dc94d43

SHA256
4f72309f9378f04b3f1cb8f46b031ff513ac63e5056d96272f2bdc6d39dcddf9

SHA512
be619909cd0c3465966a4018847310c1493bfdecad6f07bb28293f3dcea73dc377f5d52cca040d626368e17828eae28384fe51d20c4a71925c5f31eea8e18561

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\mccchmdkmjpgjlhckmbinjaioihkcnkc\1.0.8_0\images\x48\icon.png

Filesize
2KB

MD5
fd727c2aaa8b364faab1828aae2250fc

SHA1
bca5b2548b009ccd0b2f79c09fd628fb3119231e

SHA256
1a32dcbadab7c91a690879b5425f6815c07dda1aadb6f6a7942b9e895cdecd0f

SHA512
7d21b3133beea16a8713ab8a87ac7b84d8b2a312e4f017a9988e970f7281b9c41dec3f909d5483bba387e5ede366e80c210da93a78ed72b108f65934eef07c15

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\mccchmdkmjpgjlhckmbinjaioihkcnkc\1.0.8_0\images\x48\icon_a.png

Filesize
2KB

MD5
c05285aad074c0872dd78908176b1052

SHA1
b8a5926d153dfbc503a38a749baf9099903c289f

SHA256
9a4a7e0c2969562d5d1299f80317d4560265b4a843cf17491c7d36fa74a91cc1

SHA512
6006b22ff83d0afdc346179a4c2dbbf927efcc62fcf9105fb45efd768bdba62af5839c3efb21e2555e0090639ab2dca76397d294b51db0dca768def53ce00a1a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\IndexedDB\chrome-extension_dnpmpbbfdefapbnfffohgcejpogkbjbp_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\IndexedDB\chrome-extension_gbohaofhodnpniflcnancekmknlomeck_0.indexeddb.leveldb\000003.log

Filesize
26KB

MD5
35cfe555d833f3b7d1c50104a9b8f0ed

SHA1
b2c8b70e4e5a158b83a83c0db71bd85d01459845

SHA256
2af35a6cdca32923e215afeb3b95f28e206daa3f03586746110f4a31e576bd97

SHA512
1d63fe3e1f443daabbe56eb2e71c4738e7959fe43bf9d50ea8b1efab5df1929afbe974114ee11d5580f02280eb097a78119bc5329bb836841e5387dff112fe26

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\IndexedDB\chrome-extension_gbohaofhodnpniflcnancekmknlomeck_0.indexeddb.leveldb\LOG

Filesize
444B

MD5
b27d1f39afbd45ad25193596cd00eed7

SHA1
184bc8869ebd2678665f00bc404b4ed60ed54e14

SHA256
cc63d127a158bd791437d90139f54cac9f6fe34a21e6cca33dfded36b19c39bb

SHA512
6d96722b9bd47662e2501c39c8ee6ca17259dc602524f3ad28142d1ba8294f165d83a0d2e64fb764c5aa248ba2912b867fc6ebcd3e2ce949994604a7dd26471c

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\IndexedDB\chrome-extension_gbohaofhodnpniflcnancekmknlomeck_0.indexeddb.leveldb\LOG.old~RFe5cbea4.TMP

Filesize
403B

MD5
4e48d9c769fde02fae3cef8623c28e88

SHA1
c28d15e724be714684eefcb2c53a81bc5ca25d3e

SHA256
e743bef603927b917b821192521a524dcea2797ba1accb73847942af7532c928

SHA512
7d38b5992e1151291c1600d5206b3633d1db44408049acad437c096fa3cb3faea4484547c8ae7b19744a02e7d1fcc98b59e68862ef1be862985f8846435629ef

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
e9c91beb128482213d6aacddbc64b664

SHA1
caa1666469ca497422a7e1c4036e996534043f73

SHA256
e62440bcbec5f801d07682591305b24e1a94e0961239144a0ff1312e8be81986

SHA512
bb37f2470cc4d87bfc99db18fff0dfa3140a60b4e57cf7d315fdb3843925c073f5ce8f9ea0e703a1159203405cb2d48073381c0b46ec1c432b9af3005fbc1aaf

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\Network Persistent State~RFe5b559e.TMP

Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
378f4413c26d9779237cacb2d8df15d8

SHA1
446bd36a5901fb7e2465ff7480dc1106571d4adf

SHA256
3b59e5b9ba92b3ba8454c2c0b5b4aab2b24a8deb8694882e580d9991a20dfd04

SHA512
621011f3b43942e8df9cf00169023fe5b0e6111589354219d0593c01cc98a46e6e3a7996eecc739118d1622274f3043a12ea57286695aa6f868f9630d8981ac1

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7de65f35dbb7e1c9c351f5f42aa59e12

SHA1
9088566eef4641c138ff52ffa34c54daf7be72bc

SHA256
75e1609951df39ab8494be3bd6151c323c039e86d491c80cfe7e180a3f4599a2

SHA512
abd959f33cae377bca475330bbc6a5906a860b1f9032abafa5036144405047075407da66b94c83f88293309550e23892fd3899e1ba345f1197dede0c90cca31c

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
9b013fb7689a3c022195f46f69e28438

SHA1
9d572a998aeb036c80d2943d447811c7552c843f

SHA256
4893ce0e3e990e4945fd0a9059c4a40de50f34ae8973e3522a8f380935d2cd11

SHA512
1b94bbdf4d5de6724e7f443f81d45e00e718bfde06c7077b9edff13cf608da5795fad39a0f3d780d0f8a761f485a9d7b889e7b000ef73bc7934e5b068427ef59

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity~RFe5a889a.TMP

Filesize
690B

MD5
a23f6fc056fc047d4911fa1226d3c9f0

SHA1
b532813c20253ae6751c1dac6b984575962f7d3d

SHA256
3c408ad3eae4816bb697290e7025aff4131e807e23d24a0f18cae5f85e12e048

SHA512
b6aaa8e2f1593226273ec6d5c6ffd700aaf588a816b682609c4cf86b422652b1f7ce27a306a7b6cd625c55ea98462c08c0e2f66c86ae56b2766adcc08a372e79

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences

Filesize
16KB

MD5
427f3682862ced702ce030f80c9c8def

SHA1
6bbf72a860d39a5bbdd4f275f6fbb1b9d74079bd

SHA256
dd18f854c1ff958df747b9c01677953208e3f6110ec40a5d04fe9b8b4e10c741

SHA512
7ff001b88d975afcff031b379057565fd7f975612a79f519630e50c06c6f586cf9422b6102b594e3546d7fa9f9df7edf3754590d600dfb6cd2c135c23286023d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences

Filesize
15KB

MD5
471aa4c315a7c03474e1bee0bd7d5f7c

SHA1
5cfc730920f3cd9c4e98fe8560a36e7c91eddbb5

SHA256
b3b4cf33e81afd1bf3e95dc10e6d2f9266536b0d856672dcdca370640da640d5

SHA512
c497418a1b4dec04f573cb700645c21b2018e571b2d928896c3f75ff79077550f0cd76bda2184907b0dda15c0c757cc5ec8490480554a204dca8e43f53c669e6

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences

Filesize
16KB

MD5
552ee689f5c3bc0023a8273d1fbac293

SHA1
5a1d4aa14512d472f824763f322bb10039f91870

SHA256
ff7b8e71fe5abdabc8855cf527e544b30d57b21fd0c33ae5a2e5c57607376360

SHA512
1199adac1050b46f3eb17ce7977875370a90a571fc4ec338a6054ac9d65df11998c06cd88d1667e60dae1c226bcffc0cb5f3c7d278cf8faeefee5ffd2145afcf

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences

Filesize
16KB

MD5
e6d94f0ef6a811224f6f354cd5d49161

SHA1
9244fea691f48b9c997d4536ea0bbe606231fa66

SHA256
902ee75a9dd604e8b08963f944e3b0819b36f626d5c35818c89bd8a3b9cfaa5c

SHA512
0314495b4e900242830e56dc850702f11c63b52fc11f68214c99de30ed3e17fc709e148f8272953d8631c719c636c544d3903738f7f2b8e670a5eebcb3c21a44

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences~RFe5a5d35.TMP

Filesize
5KB

MD5
130f05a8f76ccb6ca4c023dc38d497be

SHA1
393ab93bf80490b4d684c2e57c81c307052bafb7

SHA256
851cbb9a57eab4c92ecc091c8e159f6917c42015bd738fc07ea06f9a52134021

SHA512
bcdc1097dfeac2c2352c25e31817f13f4fe1258e31823757de1b91cfd34e05a0a202879056fb97d7054b1740baf2d52d3a135522a1901e2dd486e334103b5892

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Secure Preferences

Filesize
45KB

MD5
381842511926521810f6e00915b90cee

SHA1
fa274648069e877e07f04305a64e6fce7d3daf8f

SHA256
ae14ffc3f67f57ef0875db4f6a1185e0c616a4d468802b14fb3b284bb0d12cd5

SHA512
83a563de8b5c86696303c82a71503c20ff65289e9adeb5385b5ea30271423cfd02b203270de478b559ae6c6a22fe1959e13d8077142bcb3a4f27ef9a45619320

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Secure Preferences~RFe5a8687.TMP

Filesize
20KB

MD5
86d9fe6114d3103ce4638dfa92b96c6b

SHA1
949acf790f98831319255b2b2772cea79deb57c4

SHA256
04cdabeb259cc9a52c5981f8c0ac34e098442bdd6b12188003e573c5e7818001

SHA512
335b3ce4a9651f8005fd5871e673d79696c1382ce80b1c3d80c501215a177bb317b7832ddaa5fecd17b963d5e69ef3bae7158706766516e1548acdebc64b5d73

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Service Worker\ScriptCache\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
312B

MD5
b852fe1ed75f7857df4dee58841245be

SHA1
efeb390d5f38b90a4335115a25ac03caed6bc401

SHA256
bd5af890dfbd1286edd906a82840d810214e7422fa54b6e3fb4dbbf1e020f5a6

SHA512
318c74ff0dce15440b7a6a57304ccc0e13f46e17a409b43647aac8fcf7385e0bc9bc6655cf105818154f1038e05714d32c1a23f5c4f488e13a1d5435e1f684d7

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5acfd4.TMP

Filesize
72B

MD5
c882b9668fc5597c3dd623bcd13837d0

SHA1
dbf052c8cea17a1016f30dbf0705cda1d5fef0b4

SHA256
cadfa71194adb055b886c66b299caf071567005c34ef8c17bcf9d5be94ecf290

SHA512
4556a5048e2e63f6ce2c94401129961aa586d91b17b32480930386d5682eb9c29a458f4685abf77221c8168ea309a9d2bdd090c5c22c16b4986e02b8f163b8f3

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\FileTypePolicies\66\download_file_types.pb

Filesize
7KB

MD5
b486a2d22e22545b4d7ce820c38245ca

SHA1
3be7e3d4e07c581b9638a73a062809fb1f535ca8

SHA256
2f490c4adc51b58604c99546925f091dbda66ce6e54a0ea5b75e675d1fbe019c

SHA512
5c47112085670e0726401d436984accf4ab21c23fd785f0031997b786238618a163cd194749b8f625c3ab18d211f31711cc904c3164671bbc9347550c3b72ace

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\GrShaderCache\data_0

Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
d0d388f3865d0523e451d6ba0be34cc4

SHA1
8571c6a52aacc2747c048e3419e5657b74612995

SHA256
902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b

SHA512
376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\GrShaderCache\data_2

Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\GrShaderCache\data_3

Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Local State

Filesize
7KB

MD5
706b651acd49cb2f7086dd41336c4fe9

SHA1
b6d907f22e3fc15b235446827176ed7baa1fd65e

SHA256
f69a83c9ca1461711c2241135ddb4837417bb1eb4bf527f60fa611f15ee6e668

SHA512
7d86f52ca4d8a7ff0af68d40d59d2d261335b4efd7b45331aa80c8a24bca330088fea4608dcc3e3646d59ffe5b872c02e7e44f09729218952e1c4005bb702424

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Local State

Filesize
7KB

MD5
da91d7d122904079a5c5fa030c9f37c7

SHA1
72d44f29835b5549664edf10a15be19933253dca

SHA256
abb1c5d7aab7f58461831384936e0f941d5908003035b173ecaa523e9704306b

SHA512
97d924e81c8c4f7353197325a46e8159c0cb46d49e23ebc77cad6e71d8527afd9df8c5c6817bf401c6f9748f1faba964b890a5a4bc85434716a0206988ca7874

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Local State~RFe5a5c4a.TMP

Filesize
4KB

MD5
0c327b0e294ee67de4e6dbfa08a61f95

SHA1
52e0eb0abb71e3effb862568a9295af6d639b69f

SHA256
9312959e7f0312cbf02aa37019446cc5264d37f3cd905270737ba12513611223

SHA512
857ae60f3286491c8b6aac962855687f51eee23f07a949e513a953136529cd56ba1de92d3251549dccc28d28095409eb9fe7dcd1eaa0a84f9f8354fcd44c15cb

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\PKIMetadata\1054\crs.pb

Filesize
143KB

MD5
a5ce6498c85fd6192c0cf8163dd1d78e

SHA1
0aff2338c879a878cd04c13c760133d9d00d3725

SHA256
de20add60a38918cb64a20f26a13d59826f85c2ce3991dc4256f4c93c6e0e729

SHA512
199e5db476382bac2fae6f3daba68a5d4013848c2ba82989dafaa1cb55922d39b3ec4fb428c1f7767321a1960d83e2bf642bd51e11f141ba96bc4bd006d29342

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\PKIMetadata\1054\kp_pinslist.pb

Filesize
11KB

MD5
b2f5d1103104fc71aeefed0e490d7646

SHA1
09a9741e1d61b480d644c68f20d34a6dc158c86f

SHA256
611c85beee8342a1ebe375ea3b0a2dc9dfe87144c2a835982cf2f40aa93cf710

SHA512
3ad3b72b50c97df35c064d8a8a3be22506f79362f897f307d0416cba2122e44b86d20ce3b9dbfd9744cbd9596639dde508175546b075cd4f52dbaf2808cd49a5

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\SSLErrorAssistant\7\ssl_error_assistant.pb

Filesize
2KB

MD5
e2f792c9e2dd86f39e8286b2ead2fc70

SHA1
8a32867614d2a23e473ed642056ded8e566687f9

SHA256
ac354a4723aaa4f06bec385ddde4a4d0983ad51456f52b31a8068ec97d5b5ea7

SHA512
6a7af0ca1efa65a89a9ca3b8df0d2e24f21d91673c60cdfeeb02d33647442b01d535497249542f40e66e0d2dd3e9f8ed1f4a201fd97138d07a2b71366737e580

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Subresource Filter\Unindexed Rules\9.49.1\Filtering Rules

Filesize
68KB

MD5
6274a7426421914c19502cbe0fe28ca0

SHA1
e4d1c702ca1b5497a3abcdd9495a5d0758f19ffc

SHA256
ae2fd01d2908591e0f39343a5b4a78baa8e7d6cac9d78ba79c502fe0a15ce3ee

SHA512
bf1287f502013308cdd906f6e42998c422ef1e272b348e66122dc4a4e471d01333b418f48d1bb2198c72845bdc950612597e179e612aaa1ba6cf8d48fb8f0cf5

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
c257a12cb70ee2fd65ac323ceadce1ec

SHA1
bbf4e7e6d4ab2f6ab94b7a08e96929c8dc73709e

SHA256
7bcb05c1f9b1794abf9b12d10db8868dee3e995ceecce65b23d10316d73a56e1

SHA512
f8b0ae267216469e04111d719d78a0e9dfb49fe618f193fadfa9d6e3f37340b39a3b84e6347d5028a42c6943e817da55c378848cdd4d4a6818362ddfd54e24b3

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
98dce710e0b373c26729c92976b09a35

SHA1
0f8573cf8d53df2be6bb8e51cd6874524eb4f746

SHA256
c211e72839f5f9fbed0f0ca2635f63047ac762f88855be03f8f516471e71493b

SHA512
04cb591ac27ea38fc2666cc9d0dcdbe26d162a32f8596dec62432d78d59c08f73f824d7eb1ce2828f859cb4dfcc97ba1233052680d29507e933e73293143ce88

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
11KB

MD5
3eb2e56e8d374ab082a267180d98d80f

SHA1
951387e756cc2841f689cf5cb4eb945aad22bdb6

SHA256
2e71ef2e0ac26244faf02ce518bd1a93b035cfab863073b3049c6ff1dd11cda3

SHA512
07073cb134620fa73930f83ee16a52837efd7a88a03ed28a965a9f9c630cb6e5ef8763e9444383a326268a2c2b7748ac2bef010fc2bcc7f2a4eb2fe11777a823

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
d2e86ffa4e67ed309eb8fd7cdffddec8

SHA1
223c8aa996e753dc7d2252e250d2e302519ee718

SHA256
b6b5f583c0baec87db0fa89e8e25bf3e0f61a1012906ae99f4707198ebc92f04

SHA512
360fe5913089db7dfaf774574ed9181429a5828eaf1a9b27675adfc028ab0b479bab70ed9b73fb78a59d46a59f93828b58bf1f18f38618b6af2bc1447e64aa24

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
770bcab7868654a7557ef98a16d3cb62

SHA1
13cdf878efc0686c1b9c10b689875b7b7aace2ee

SHA256
bb2ccf35a1830c900fa71e8df18a1f0418845a8f1dea176ce8a03a9f6865b4e9

SHA512
966dba99a6d17a774f10f52631d1bf62025ac42cb2d61e00670352b780adf14e8fea7e5cda015516f14ea071efdf489ee1f9e6f3d4e34dcc183c90c186d39afb

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
daa3288442655296f1efda0aeea9e202

SHA1
2f1a9b1d861436acf368b7e8daf8cdc654e3979e

SHA256
c03d40cf2b48704157384b953b1f70a2576e76cb970ef105fb1063bd9d35fe15

SHA512
2606d34814290cdb0b897e32dfcf66e92a7ba834eff17b8d8a79d82379f45df00b4b6e456d400b0089013f7e8f7ef41f849dab315278179bb7ba3d16bd477eaf

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WaveBrowser.lnk

Filesize
2KB

MD5
868f80884d79a8d618227077f23dfd5b

SHA1
6a4b9ef1374bc646a407180050d55e14d3f178f3

SHA256
894a7a18baba1db818fe99278bf7c7c33ead6895261f3cc0a858143a8f6a47d9

SHA512
0b72f0798ced4f99daa3d275d7724bd99af148e804b0cc95522cb3d9372592370fc5abd1e33d3efa3266c4df342a25ec57066ecbf05f63a09fc3e65b7dc02c53

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 363852.crdownload

Filesize
4.9MB

MD5
d5403a98d5a13115202ab063139e3d3e

SHA1
a4fa97d88ba18432f2ec6a0b033c91aea58fca9c

SHA256
1823a33bc7da26693d970335ec1caba970e5307136f34f626f75e9b59103b6dd

SHA512
217590802b578e760f4bb1f0edc3dbbbc4b33947f9ff189a571db025671da2d47afbc1dec37471f48154bc806d0fec1e486741e9dcb993ab885edf363b6e68f0

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 949022.crdownload

Filesize
1.2MB

MD5
c9db6b5c84be13a43ad23cc204e4bc52

SHA1
94bd6634303205715fd04f8aa10d75158390e4d9

SHA256
77200156d4773175d341aad11ab23bd52445065cd95060348da17d083dc27688

SHA512
9273493c5e5ea24b2f5ee219fdf849546e85b3f5cc24c970f1ab6fdcfe961d96ca6fd41c96f9d915892ab24ce7ff409f0f5a6569b0225e95d36afba51615f8d6

Download Submit
C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe

Filesize
190KB

MD5
b483bb4c375468cfdae4a2ed4e40d056

SHA1
27311ef3b6a323335f46c4e81889a77ffb1b3002

SHA256
df80d9477a45eb1ff233f3d361a1d82729c368987de14c09747df0f959184902

SHA512
0116e83611626c27099a0171654a4f24d64c0c901bc597bf168f889a300a1f3aa62ef48759a78081fa1add6d82a8dd63d94eeba1d828d1aefa8ef17d2b0fb141

Download Submit
C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe

Filesize
108KB

MD5
b282ce9b81f606d1c6cbda554dcd4efa

SHA1
7554ca07096a2e410f2cd3c98beb7b7e6be27f3a

SHA256
1893941e9dd1ca1296e7f575a9442fa1cc53dfeaf2d1bc94d01608ba9e7e31bb

SHA512
9e71f3cb4ea67831dbee5bb4cbb2dbd9f8ff8ffd1158fe2fcac41c89169a9aa3236c8d163f7d4e9df5e2b70ba2be20fe3af97bef70be40f45dd11acb5b4bc184

Download Submit
C:\Users\Admin\Wavesor Software\WaveBrowser\1.5.18.2\Installer\setup.exe

Filesize
3.7MB

MD5
2b117301b1e7ebfe62bef6b9fa9288e2

SHA1
d5e3fcab4526731ba3f5bf0ad914d616d4bd474f

SHA256
c21b934852b65af249b78f95a45df6ee7afed09c35630ac37ab3c646df3a9c80

SHA512
8fbe5c2e33b9429da123e9025cef8f13d93a51035f5fa232fe1187783ddb0d57d95fee7eb780ad840de8938ca6fc140a3b335469ef0ac13283381a6e3b4f945a

Download Submit
memory/7324-2673-0x00007FFCCE950000-0x00007FFCCE951000-memory.dmp

Filesize
4KB

Download
memory/7324-2674-0x00007FFCCE210000-0x00007FFCCE211000-memory.dmp

Filesize
4KB

Download
memory/7768-2119-0x000000001E520000-0x000000001E52E000-memory.dmp

Filesize
56KB

Download
memory/7768-2117-0x000000001E530000-0x000000001E538000-memory.dmp

Filesize
32KB

Download
memory/7768-2118-0x000000001E9B0000-0x000000001E9E8000-memory.dmp

Filesize
224KB

Download
memory/7768-2116-0x00000000004C0000-0x00000000005FE000-memory.dmp

Filesize
1.2MB

Download
memory/8044-2129-0x0000000020670000-0x0000000020B98000-memory.dmp

Filesize
5.2MB

Download