hxxps://half-life-2[.]en[.]softonic[.]com/

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
19-01-2025 17:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://half-life-2.en.softonic.com/

Score

8^/10

steam discovery evasion motw persistence phishing privilege_escalation spyware stealer trojan

Malware Config

Signatures

Downloads MZ/PE file

Checks computer location settings 2 TTPs 49 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	Wave Browser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	SWUpdater.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	SWUpdater.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation	wavebrowser.exe

Event Triggered Execution: Component Object Model Hijacking 1 TTPs
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
persistence privilege_escalation

Component Object Model Hijacking
T1546.015

Executes dropped EXE 64 IoCs

pid	Process
6392	OperaSetup.exe
4796	setup.exe
5204	setup.exe
6568	setup.exe
5544	OperaSetup.exe
6764	setup.exe
6808	setup.exe
1048	setup.exe
6540	Assistant_116.0.5366.21_Setup.exe_sfx.exe
2216	assistant_installer.exe
6524	assistant_installer.exe
6680	Wave Browser.exe
2632	Wave Browser.exe
6780	Wave Browser.exe
5888	SWUpdaterSetup.exe
5356	SWUpdater.exe
2252	SWUpdater.exe
4928	SWUpdaterComRegisterShell64.exe
1528	SWUpdaterComRegisterShell64.exe
1424	SWUpdaterComRegisterShell64.exe
5248	SWUpdater.exe
2044	SWUpdater.exe
2428	SWUpdater.exe
6124	WaveInstaller-v1.5.20.2.exe
208	setup.exe
2112	setup.exe
7000	setup.exe
5164	setup.exe
6556	wavebrowser.exe
1572	wavebrowser.exe
5564	wavebrowser.exe
5376	wavebrowser.exe
5660	SWUpdater.exe
2352	wavebrowser.exe
7040	wavebrowser.exe
5372	wavebrowser.exe
2708	wavebrowser.exe
5184	wavebrowser.exe
1484	wavebrowser.exe
4364	wavebrowser.exe
1468	wavebrowser.exe
1992	wavebrowser.exe
3420	wavebrowser.exe
6888	wavebrowser.exe
5888	wavebrowser.exe
5980	wavebrowser.exe
6876	wavebrowser.exe
5992	wavebrowser.exe
7420	wavebrowser.exe
7444	wavebrowser.exe
7464	wavebrowser.exe
7408	wavebrowser.exe
7432	wavebrowser.exe
7524	wavebrowser.exe
7476	wavebrowser.exe
7488	wavebrowser.exe
7500	wavebrowser.exe
7512	wavebrowser.exe
5356	wavebrowser.exe
7668	wavebrowser.exe
8104	wavebrowser.exe
8180	wavebrowser.exe
6740	wavebrowser.exe
4504	wavebrowser.exe

Loads dropped DLL 64 IoCs

pid	Process
4796	setup.exe
5204	setup.exe
6568	setup.exe
6764	setup.exe
6808	setup.exe
1048	setup.exe
2216	assistant_installer.exe
2216	assistant_installer.exe
6524	assistant_installer.exe
6524	assistant_installer.exe
5356	SWUpdater.exe
2252	SWUpdater.exe
4928	SWUpdaterComRegisterShell64.exe
2252	SWUpdater.exe
1528	SWUpdaterComRegisterShell64.exe
2252	SWUpdater.exe
1424	SWUpdaterComRegisterShell64.exe
2252	SWUpdater.exe
5248	SWUpdater.exe
2044	SWUpdater.exe
2428	SWUpdater.exe
2428	SWUpdater.exe
2044	SWUpdater.exe
6556	wavebrowser.exe
1572	wavebrowser.exe
6556	wavebrowser.exe
5564	wavebrowser.exe
5564	wavebrowser.exe
5376	wavebrowser.exe
5564	wavebrowser.exe
5564	wavebrowser.exe
5564	wavebrowser.exe
5376	wavebrowser.exe
5564	wavebrowser.exe
5564	wavebrowser.exe
5564	wavebrowser.exe
5660	SWUpdater.exe
2352	wavebrowser.exe
7040	wavebrowser.exe
5372	wavebrowser.exe
7040	wavebrowser.exe
5372	wavebrowser.exe
2352	wavebrowser.exe
2708	wavebrowser.exe
2708	wavebrowser.exe
5184	wavebrowser.exe
5184	wavebrowser.exe
1484	wavebrowser.exe
1484	wavebrowser.exe
6876	wavebrowser.exe
1468	wavebrowser.exe
1992	wavebrowser.exe
6876	wavebrowser.exe
3420	wavebrowser.exe
6888	wavebrowser.exe
7444	wavebrowser.exe
7444	wavebrowser.exe
7524	wavebrowser.exe
7524	wavebrowser.exe
7420	wavebrowser.exe
7488	wavebrowser.exe
7432	wavebrowser.exe
7488	wavebrowser.exe
7432	wavebrowser.exe

Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Credentials from Web Browsers
T1555.003

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Wavesor SWUpdater = "\"C:\\Users\\Admin\\Wavesor Software\\SWUpdater\\1.3.135.0\\SWUpdaterCore.exe\""	SWUpdater.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Checks whether UAC is enabled 1 TTPs 6 IoCs

evasion trojan

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	SWUpdater.exe

Enumerates connected drives 3 TTPs 4 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\D:	setup.exe
File opened (read-only)	\??\F:	setup.exe
File opened (read-only)	\??\D:	setup.exe
File opened (read-only)	\??\F:	setup.exe

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc
277	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Checks system information in the registry 2 TTPs 2 IoCs

System information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer	wavebrowser.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName	wavebrowser.exe

Detected potential entity reuse from brand STEAM.
phishing steam

Drops file in Program Files directory 16 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Wavesor\Temp\GUM8279.tmp\swupdater.dll	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM8279.tmp\psmachine.dll	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM8279.tmp\psuser.dll	SWUpdaterSetup.exe
File opened for modification	C:\Program Files\wavebrowser_installer.log	setup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM8279.tmp\SWUpdater.exe	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM8279.tmp\psuser_64.dll	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM8279.tmp\SWUpdaterCore.exe	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM8279.tmp\SWUpdaterSetup.exe	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM8279.tmp\SWUpdaterOnDemand.exe	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM8279.tmp\psmachine_64.dll	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM8279.tmp\swupdaterres_en.dll	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM8279.tmp\SWUpdaterComRegisterShell64.exe	SWUpdaterSetup.exe
File created	C:\Program Files (x86)\Wavesor\Temp\GUM8279.tmp\SWUpdaterBroker.exe	SWUpdaterSetup.exe
File opened for modification	C:\Program Files (x86)\Wavesor\Temp\GUM8279.tmp\SWUpdaterSetup.exe	SWUpdaterSetup.exe
File opened for modification	C:\Program Files\wavebrowser_installer.log	setup.exe
File opened for modification	C:\Program Files (x86)\Wavesor\Temp\GUT827A.tmp	SWUpdaterSetup.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 19 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Assistant_116.0.5366.21_Setup.exe_sfx.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	OperaSetup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	assistant_installer.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdaterSetup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	assistant_installer.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	OperaSetup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SWUpdater.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	WaveInstaller-v1.5.20.2.exe

System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 2 IoCs

Adversaries may check for Internet connectivity on compromised systems.

discovery

Internet Connection Discovery

T1016.001

pid	Process
5248	SWUpdater.exe
5660	SWUpdater.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	wavebrowser.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	wavebrowser.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	wavebrowser.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	wavebrowser.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133817826676104974"	wavebrowser.exe

Modifies registry class 64 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{6130C56B-9B2C-4D5D-8160-C7A583B5DC3B}\ProxyStubClsid32	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{64A19E70-BCFF-4808-A320-774FD11571E5}\NumMethods	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WavesorSWUpdater.CredentialDialogUser	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WaveBrwsPDF.IZMXPVPEBFH2EAJI2X2EGRSXEU\Application\ApplicationDescription = "Access the Internet"	setup.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{068FAC78-4F23-4F74-99A0-F7C4797D5ECA}\NumMethods	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{D3C865DD-E36B-432E-9E47-554925B86737}\ = "IJobObserver2"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{7DFF302B-EA41-49F8-97B1-9413CEF98C68}\ProxyStubClsid32	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{3BE77C6E-0029-4F24-B677-32C9E15CD8F1}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{DDF98EF0-2728-4A8D-8B0F-32627DC56437}\NumMethods\ = "24"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{C5E89508-3927-4EF5-A3B3-C479F0D4E36F}\NumMethods\ = "11"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WavesorSWUpdater.OnDemandCOMClassUser\ = "SWUpdater Legacy On Demand"	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WOW6432Node\CLSID\{1BE9D40C-2307-4213-830E-7E3CE9EDF0C2}\ProgID	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{617E37E1-AC79-4162-BACC-C797A1D31D3E}	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\CLSID\{F6994161-37C3-47C9-BE83-C84C33A1CF2A}\InprocServer32	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{E44DDEE0-3097-499E-9DD5-7D5D5DCC401D}\NumMethods\ = "8"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WavesorSWUpdater.Update3WebUser\CurVer	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{50363C3E-2FB2-4EC0-A827-CD3314F526C5}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{2C53B9D4-A718-4972-B28E-2E7AF1055602}\NumMethods	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{C5E89508-3927-4EF5-A3B3-C479F0D4E36F}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{8129608C-48BD-42A6-9EBC-7B0933A5CFA3}	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WOW6432Node\Interface\{E4E159E0-7B9C-4D75-AC11-A80628173DE3}\NumMethods\ = "8"	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{3BE77C6E-0029-4F24-B677-32C9E15CD8F1}\ = "IGoogleUpdate3WebSecurity"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{62A51DF2-CCB8-4DD9-9069-34B8461617FC}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{894ADE70-1E5F-4520-A281-CE3BF0309CE6}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{0D311A22-BD24-4C7A-8FC1-117F8D62A781}\ProxyStubClsid32	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WaveBrwsHTM.IZMXPVPEBFH2EAJI2X2EGRSXEU\DefaultIcon	setup.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\CLSID\{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}\InProcServer32\ThreadingModel = "Both"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WaveBrwsPDF.IZMXPVPEBFH2EAJI2X2EGRSXEU\AppUserModelId = "WaveBrowser.IZMXPVPEBFH2EAJI2X2EGRSXEU"	setup.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{C0151E6C-8D24-485D-BEC8-B6C6C82E26E8}\NumMethods\ = "23"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{894ADE70-1E5F-4520-A281-CE3BF0309CE6}\ProxyStubClsid32	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{50363C3E-2FB2-4EC0-A827-CD3314F526C5}\ = "IAppVersionWeb"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{62A51DF2-CCB8-4DD9-9069-34B8461617FC}\NumMethods	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{CEF9DF20-AE5B-4A54-B479-9C2AFC1C2683}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{50363C3E-2FB2-4EC0-A827-CD3314F526C5}\NumMethods\ = "10"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	wavebrowser.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\CLSID\{F6994161-37C3-47C9-BE83-C84C33A1CF2A}	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{C0151E6C-8D24-485D-BEC8-B6C6C82E26E8}	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{6130C56B-9B2C-4D5D-8160-C7A583B5DC3B}\NumMethods	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{E44B162B-4287-40B0-8E7A-6E251D80B3DF}	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.shtml\OpenWithProgids\WaveBrwsHTM.IZMXPVPEBFH2EAJI2X2EGRSXEU	setup.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WOW6432Node\Interface\{DA4EFC2D-B243-4BA8-8A14-8937D867B699}\ProxyStubClsid32	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{44367D77-92C0-45E8-840D-0C098E650CE8}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WOW6432Node\CLSID\{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}\InProcServer32	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WOW6432Node\CLSID\{1BE9D40C-2307-4213-830E-7E3CE9EDF0C2}\VersionIndependentProgID\ = "WavesorSWUpdater.OnDemandCOMClassUser"	SWUpdater.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WaveBrwsPDF.IZMXPVPEBFH2EAJI2X2EGRSXEU\shell\open	setup.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\CLSID\{F87D77DF-DEF2-4294-9F4B-A92E5A6725DE}\InprocServer32\ = "C:\\Users\\Admin\\Wavesor Software\\SWUpdater\\1.3.135.0\\psuser_64.dll"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{64A19E70-BCFF-4808-A320-774FD11571E5}\ = "IBrowserHttpRequest2"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	wavebrowser.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{DA4EFC2D-B243-4BA8-8A14-8937D867B699}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{92333BDA-3022-4A7F-8858-081260EA85DE}\ = "ICredentialDialog"	SWUpdaterComRegisterShell64.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{92333BDA-3022-4A7F-8858-081260EA85DE}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.xhtml	setup.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WOW6432Node\Interface\{6130C56B-9B2C-4D5D-8160-C7A583B5DC3B}	SWUpdater.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\NodeSlot = "1"	wavebrowser.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{617E37E1-AC79-4162-BACC-C797A1D31D3E}\ = "IGoogleUpdate"	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WavesorSWUpdater.CredentialDialogUser\CurVer	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WaveBrwsHTM.IZMXPVPEBFH2EAJI2X2EGRSXEU\Application\ApplicationCompany = "Wavesor Software"	setup.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\wavebrowser\shell\open\command	setup.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\.shtml\OpenWithProgids	setup.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Interface\{E44B162B-4287-40B0-8E7A-6E251D80B3DF}	SWUpdaterComRegisterShell64.exe
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WOW6432Node\Interface\{8129608C-48BD-42A6-9EBC-7B0933A5CFA3}\ProxyStubClsid32	SWUpdater.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\WOW6432Node\Interface\{2C53B9D4-A718-4972-B28E-2E7AF1055602}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}"	SWUpdater.exe
Key deleted	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\CLSID\{DB982438-E7B9-46E1-AF0F-CFD8947957E8}	SWUpdaterComRegisterShell64.exe

Modifies system certificate store 2 TTPs 5 IoCs

evasion spyware trojan

Install Root Certificate

T1553.004

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 190000000100000010000000ffac207997bb2cfe865570179ee037b90f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e404000000010000001000000078f2fcaa601f2fb4ebc937ba532e75492000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e	setup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 5c00000001000000040000000010000004000000010000001000000078f2fcaa601f2fb4ebc937ba532e7549030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996190000000100000010000000ffac207997bb2cfe865570179ee037b92000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e	setup.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4	setup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 0f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e42000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e	setup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 04000000010000001000000078f2fcaa601f2fb4ebc937ba532e7549030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e19962000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e	setup.exe

NTFS ADS 3 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 627319.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 959477.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 806476.crdownload:SmartScreen	msedge.exe

Suspicious behavior: EnumeratesProcesses 26 IoCs

pid	Process
5060	msedge.exe
5060	msedge.exe
2304	msedge.exe
2304	msedge.exe
6280	identity_helper.exe
6280	identity_helper.exe
6468	msedge.exe
6468	msedge.exe
5224	msedge.exe
5224	msedge.exe
5356	SWUpdater.exe
5356	SWUpdater.exe
208	setup.exe
208	setup.exe
208	setup.exe
208	setup.exe
208	setup.exe
208	setup.exe
5356	SWUpdater.exe
5356	SWUpdater.exe
5356	SWUpdater.exe
5356	SWUpdater.exe
10808	msedge.exe
10808	msedge.exe
10808	msedge.exe
10808	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: 33	6936	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	6936	AUDIODG.EXE
Token: SeDebugPrivilege	6680	Wave Browser.exe
Token: SeDebugPrivilege	2632	Wave Browser.exe
Token: SeDebugPrivilege	6780	Wave Browser.exe
Token: SeDebugPrivilege	5356	SWUpdater.exe
Token: SeDebugPrivilege	5356	SWUpdater.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe
Token: SeCreatePagefilePrivilege	6556	wavebrowser.exe
Token: SeShutdownPrivilege	6556	wavebrowser.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2632	Wave Browser.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe

Suspicious use of SendNotifyMessage 61 IoCs

pid	Process
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
2304	msedge.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
6556	wavebrowser.exe
2304	msedge.exe
2304	msedge.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4796	setup.exe
10184	wavebrowser.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2304 wrote to memory of 4372	2304	msedge.exe	83
PID 2304 wrote to memory of 4372	2304	msedge.exe	83
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 1828	2304	msedge.exe	84
PID 2304 wrote to memory of 5060	2304	msedge.exe	85
PID 2304 wrote to memory of 5060	2304	msedge.exe	85
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86
PID 2304 wrote to memory of 892	2304	msedge.exe	86

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://half-life-2.en.softonic.com/
1⤵
- Enumerates system info in registry
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff994ef46f8,0x7ff994ef4708,0x7ff994ef4718
  2⤵
  PID:4372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
  2⤵
  PID:1828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
  2⤵
  PID:892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:2972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:4668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1
  2⤵
  PID:836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
  2⤵
  PID:3168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
  2⤵
  PID:2620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
  2⤵
  PID:816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
  2⤵
  PID:4060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6080 /prefetch:1
  2⤵
  PID:2576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6252 /prefetch:1
  2⤵
  PID:2780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1
  2⤵
  PID:4264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:1
  2⤵
  PID:2352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1
  2⤵
  PID:2428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:1
  2⤵
  PID:4388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7192 /prefetch:1
  2⤵
  PID:2944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7244 /prefetch:1
  2⤵
  PID:4796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7560 /prefetch:1
  2⤵
  PID:2892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7844 /prefetch:1
  2⤵
  PID:5424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7868 /prefetch:1
  2⤵
  PID:5432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6904 /prefetch:1
  2⤵
  PID:5584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6836 /prefetch:1
  2⤵
  PID:5592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8156 /prefetch:1
  2⤵
  PID:5728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8708 /prefetch:1
  2⤵
  PID:5832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9084 /prefetch:1
  2⤵
  PID:5972
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9336 /prefetch:8
  2⤵
  PID:6048
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9336 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7708 /prefetch:1
  2⤵
  PID:6556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7716 /prefetch:1
  2⤵
  PID:6564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7736 /prefetch:1
  2⤵
  PID:6572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6400 /prefetch:8
  2⤵
  PID:6836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8656 /prefetch:1
  2⤵
  PID:6844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9668 /prefetch:8
  2⤵
  PID:6920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5136 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6468
- C:\Users\Admin\Downloads\OperaSetup.exe
  "C:\Users\Admin\Downloads\OperaSetup.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:6392
- - C:\Users\Admin\AppData\Local\Temp\7zS8F80FC58\setup.exe
    C:\Users\Admin\AppData\Local\Temp\7zS8F80FC58\setup.exe --server-tracking-blob=Mzc0NGRkODI4MWFiZTZhY2IyZDc5YjY2MzhhOGEyZTRmOTMzNTI3Njc4NDc4MzhjOTk0MDUwMDYxZTBmMWI4Yzp7ImNvdW50cnkiOiJHQiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL2hhbGYtbGlmZS0yLmVuLnNvZnRvbmljLmNvbS8iLCJpbnN0YWxsZXJfbmFtZSI6Ik9wZXJhU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhIiwicXVlcnkiOiIvb3BlcmEvc3RhYmxlL3dpbmRvd3M/dXRtX3NvdXJjZT1zb2Z0b25pYyZ1dG1fY29udGVudD1NREZfUEImdXRtX21lZGl1bT1hcGImdXRtX2NhbXBhaWduPUNQSV9XSU4iLCJ0aW1lc3RhbXAiOiIxNzM3MzA4OTg0LjczMTQiLCJ1c2VyYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTIuMC40NTE1LjEzMSBTYWZhcmkvNTM3LjM2IEVkZy85Mi4wLjkwMi42NyIsInV0bSI6eyJjYW1wYWlnbiI6IkNQSV9XSU4iLCJjb250ZW50IjoiTURGX1BCIiwibWVkaXVtIjoiYXBiIiwic291cmNlIjoic29mdG9uaWMifSwidXVpZCI6IjQzZDAxNzhmLWRmM2ItNDJmZS05MmJjLTc1ODM2Y2FkNGRmZiJ9
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Enumerates connected drives
    - System Location Discovery: System Language Discovery
    - Modifies system certificate store
    - Suspicious use of SetWindowsHookEx
    PID:4796
  - - C:\Users\Admin\AppData\Local\Temp\7zS8F80FC58\setup.exe
      C:\Users\Admin\AppData\Local\Temp\7zS8F80FC58\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=116.0.5366.35 --initial-client-data=0x330,0x334,0x338,0x308,0x33c,0x749acf0c,0x749acf18,0x749acf24
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      System Location Discovery: System Language Discovery
      PID:5204
  - - C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe
      "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe" --version
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      System Location Discovery: System Language Discovery
      PID:6568
  - - C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202501191749551\assistant\Assistant_116.0.5366.21_Setup.exe_sfx.exe
      "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202501191749551\assistant\Assistant_116.0.5366.21_Setup.exe_sfx.exe"
      4⤵
      Executes dropped EXE
      System Location Discovery: System Language Discovery
      PID:6540
  - - C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202501191749551\assistant\assistant_installer.exe
      "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202501191749551\assistant\assistant_installer.exe" --version
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      System Location Discovery: System Language Discovery
      PID:2216
    - - C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202501191749551\assistant\assistant_installer.exe
        
        "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202501191749551\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=116.0.5366.21 --initial-client-data=0x23c,0x240,0x244,0x218,0x248,0xdf0ac4,0xdf0ad0,0xdf0adc
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:6524
- C:\Users\Admin\Downloads\OperaSetup.exe
  "C:\Users\Admin\Downloads\OperaSetup.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:5544
- - C:\Users\Admin\AppData\Local\Temp\7zS8A5E0F58\setup.exe
    C:\Users\Admin\AppData\Local\Temp\7zS8A5E0F58\setup.exe --server-tracking-blob=Mzc0NGRkODI4MWFiZTZhY2IyZDc5YjY2MzhhOGEyZTRmOTMzNTI3Njc4NDc4MzhjOTk0MDUwMDYxZTBmMWI4Yzp7ImNvdW50cnkiOiJHQiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL2hhbGYtbGlmZS0yLmVuLnNvZnRvbmljLmNvbS8iLCJpbnN0YWxsZXJfbmFtZSI6Ik9wZXJhU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhIiwicXVlcnkiOiIvb3BlcmEvc3RhYmxlL3dpbmRvd3M/dXRtX3NvdXJjZT1zb2Z0b25pYyZ1dG1fY29udGVudD1NREZfUEImdXRtX21lZGl1bT1hcGImdXRtX2NhbXBhaWduPUNQSV9XSU4iLCJ0aW1lc3RhbXAiOiIxNzM3MzA4OTg0LjczMTQiLCJ1c2VyYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTIuMC40NTE1LjEzMSBTYWZhcmkvNTM3LjM2IEVkZy85Mi4wLjkwMi42NyIsInV0bSI6eyJjYW1wYWlnbiI6IkNQSV9XSU4iLCJjb250ZW50IjoiTURGX1BCIiwibWVkaXVtIjoiYXBiIiwic291cmNlIjoic29mdG9uaWMifSwidXVpZCI6IjQzZDAxNzhmLWRmM2ItNDJmZS05MmJjLTc1ODM2Y2FkNGRmZiJ9
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Enumerates connected drives
    - System Location Discovery: System Language Discovery
    PID:6764
  - - C:\Users\Admin\AppData\Local\Temp\7zS8A5E0F58\setup.exe
      C:\Users\Admin\AppData\Local\Temp\7zS8A5E0F58\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=116.0.5366.35 --initial-client-data=0x31c,0x320,0x324,0x2f8,0x328,0x7290cf0c,0x7290cf18,0x7290cf24
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      System Location Discovery: System Language Discovery
      PID:6808
  - - C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe
      "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe" --version
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      System Location Discovery: System Language Discovery
      PID:1048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9196 /prefetch:1
  2⤵
  PID:6796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9076 /prefetch:1
  2⤵
  PID:3132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7252 /prefetch:1
  2⤵
  PID:6004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7304 /prefetch:1
  2⤵
  PID:5836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7492 /prefetch:1
  2⤵
  PID:5984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7520 /prefetch:1
  2⤵
  PID:6032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8376 /prefetch:1
  2⤵
  PID:6944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1
  2⤵
  PID:6732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7556 /prefetch:1
  2⤵
  PID:6968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9056 /prefetch:1
  2⤵
  PID:4204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:1
  2⤵
  PID:2964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8240 /prefetch:1
  2⤵
  PID:3932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
  2⤵
  PID:4556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:1
  2⤵
  PID:4632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
  2⤵
  PID:5608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6828 /prefetch:8
  2⤵
  PID:5516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6700 /prefetch:1
  2⤵
  PID:1056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1
  2⤵
  PID:3784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6324 /prefetch:1
  2⤵
  PID:5352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7692 /prefetch:1
  2⤵
  PID:6608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5440 /prefetch:8
  2⤵
  PID:4348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5316 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5224
- C:\Users\Admin\Downloads\Wave Browser.exe
  "C:\Users\Admin\Downloads\Wave Browser.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of AdjustPrivilegeToken
  PID:6680
- C:\Users\Admin\Downloads\Wave Browser.exe
  "C:\Users\Admin\Downloads\Wave Browser.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  PID:2632
- C:\Users\Admin\Downloads\Wave Browser.exe
  "C:\Users\Admin\Downloads\Wave Browser.exe"
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - Suspicious use of AdjustPrivilegeToken
  PID:6780
- - C:\Users\Admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe" /install "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1"
    3⤵
    - Executes dropped EXE
    - Drops file in Program Files directory
    - System Location Discovery: System Language Discovery
    PID:5888
  - - C:\Program Files (x86)\Wavesor\Temp\GUM8279.tmp\SWUpdater.exe
      "C:\Program Files (x86)\Wavesor\Temp\GUM8279.tmp\SWUpdater.exe" /install "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1"
      4⤵
      Checks computer location settings
      Executes dropped EXE
      Loads dropped DLL
      Adds Run key to start application
      Checks whether UAC is enabled
      System Location Discovery: System Language Discovery
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of AdjustPrivilegeToken
      PID:5356
    - - C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /regserver
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Checks whether UAC is enabled
        System Location Discovery: System Language Discovery
        Modifies registry class
        
        PID:2252
      - C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe" /user
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Modifies registry class
        
        PID:4928
      - C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe" /user
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Modifies registry class
        
        PID:1528
      - C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe" /user
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Modifies registry class
        
        PID:1424
    - - C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJTV1VwZGF0ZXIiIHVwZGF0ZXJ2ZXJzaW9uPSIxLjMuMTM1LjAiIHNoZWxsX3ZlcnNpb249IjEuMy4xMzUuMCIgaXNtYWNoaW5lPSIwIiBzZXNzaW9uaWQ9IntFMDYyNjgxRS1DOUVBLTRFMkItQkEwMC1FMDk1QTE0M0EwNUF9IiB1c2VyaWQ9IntlZjNiYTBjNC1jZTQ0LTRiNzItYWIzMi0xMDA1NTAwNDhkMTV9IiBpbnN0YWxsc291cmNlPSJvdGhlcmluc3RhbGxjbWQiIHJlcXVlc3RpZD0iezdCQzg4RjY0LUYxM0QtNDlBOS1BNTQ4LTZDNUVFOTkzN0I4Q30iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iOCIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiLz48YXBwIGFwcGlkPSJ7RjZGNjBBQ0UtNzFBRC00NjEwLTgwRDQtOTI1MzcyOUZCNEI3fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMS4zLjEzNS4wIiBsYW5nPSJlbiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGluc3RhbGxfdGltZV9tcz0iMjYxIi8-PC9hcHA-PC9yZXF1ZXN0Pg
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Checks whether UAC is enabled
        System Location Discovery: System Language Discovery
        System Network Configuration Discovery: Internet Connection Discovery
        
        PID:5248
    - - C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
        
        "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /handoff "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1" /installsource otherinstallcmd /sessionid "{E062681E-C9EA-4E2B-BA00-E095A143A05A}"
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        Checks whether UAC is enabled
        System Location Discovery: System Language Discovery
        
        PID:2044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
  2⤵
  PID:4264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7040 /prefetch:1
  2⤵
  PID:5816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8628 /prefetch:1
  2⤵
  PID:5772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7788 /prefetch:1
  2⤵
  PID:6544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4948 /prefetch:1
  2⤵
  PID:6860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6524 /prefetch:1
  2⤵
  PID:676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8548 /prefetch:1
  2⤵
  PID:3992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3016 /prefetch:8
  2⤵
  PID:4936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9124 /prefetch:1
  2⤵
  PID:1424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9396 /prefetch:1
  2⤵
  PID:4440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1840 /prefetch:1
  2⤵
  PID:7128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6444 /prefetch:1
  2⤵
  PID:8080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8512 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:10808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:1
  2⤵
  PID:1664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9536 /prefetch:1
  2⤵
  PID:11324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1
  2⤵
  PID:14932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7448 /prefetch:1
  2⤵
  PID:11604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8512 /prefetch:1
  2⤵
  PID:10544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9080 /prefetch:1
  2⤵
  PID:8360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6584 /prefetch:1
  2⤵
  PID:6644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7608 /prefetch:1
  2⤵
  PID:8884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8440 /prefetch:1
  2⤵
  PID:7712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8672 /prefetch:1
  2⤵
  PID:10532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1
  2⤵
  PID:10536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1
  2⤵
  PID:10540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6636 /prefetch:1
  2⤵
  PID:10568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1
  2⤵
  PID:10576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7988 /prefetch:1
  2⤵
  PID:10760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9848 /prefetch:1
  2⤵
  PID:11152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9544 /prefetch:1
  2⤵
  PID:11248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9972 /prefetch:1
  2⤵
  PID:6044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10416 /prefetch:1
  2⤵
  PID:8292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10440 /prefetch:1
  2⤵
  PID:9160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10756 /prefetch:1
  2⤵
  PID:11424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10900 /prefetch:1
  2⤵
  PID:11444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10880 /prefetch:1
  2⤵
  PID:9052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11148 /prefetch:1
  2⤵
  PID:9064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13514909171388057157,12509880223332354986,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11168 /prefetch:1
  2⤵
  PID:13696

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3168

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4480

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x424 0x150
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:6936

C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
"C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" -Embedding
1⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
- System Location Discovery: System Language Discovery
PID:2428
- C:\Users\Admin\Wavesor Software\SWUpdater\Install\{663EF9A5-B43D-45D6-BB66-269B68043F96}\WaveInstaller-v1.5.20.2.exe
  "C:\Users\Admin\Wavesor Software\SWUpdater\Install\{663EF9A5-B43D-45D6-BB66-269B68043F96}\WaveInstaller-v1.5.20.2.exe" /installerdata="C:\Users\Admin\AppData\Local\Temp\guiD443.tmp"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:6124
- - C:\Users\Admin\AppData\Local\Temp\nsnD732.tmp\setup.exe
    "C:\Users\Admin\AppData\Local\Temp\nsnD732.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\nsnD732.tmp\wavebrowser.packed.7z" --wid=4kg1djje --installerdata="C:\Users\Admin\AppData\Local\Temp\guiD443.tmp"
    3⤵
    - Executes dropped EXE
    - Drops file in Program Files directory
    - Modifies registry class
    - Suspicious behavior: EnumeratesProcesses
    PID:208
  - - C:\Users\Admin\AppData\Local\Temp\nsnD732.tmp\setup.exe
      C:\Users\Admin\AppData\Local\Temp\nsnD732.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.5.20.2 --initial-client-data=0x260,0x264,0x268,0x23c,0x26c,0x7ff78dbf8980,0x7ff78dbf898c,0x7ff78dbf8998
      4⤵
      Executes dropped EXE
      PID:2112
  - - C:\Users\Admin\AppData\Local\Temp\nsnD732.tmp\setup.exe
      "C:\Users\Admin\AppData\Local\Temp\nsnD732.tmp\setup.exe" --verbose-logging --installerdata="C:\Users\Admin\AppData\Local\Temp\guiD443.tmp" --create-shortcuts=0 --install-level=0
      4⤵
      Executes dropped EXE
      Drops file in Program Files directory
      PID:7000
    - - C:\Users\Admin\AppData\Local\Temp\nsnD732.tmp\setup.exe
        
        C:\Users\Admin\AppData\Local\Temp\nsnD732.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.5.20.2 --initial-client-data=0x25c,0x260,0x264,0x238,0x268,0x7ff78dbf8980,0x7ff78dbf898c,0x7ff78dbf8998
        5⤵
        Executes dropped EXE
        
        PID:5164
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://install.convertwithwave.com/thank-you?tid=4kg1djje&src=d-d-cp21727671082-lp0-obem-wav-igRkKiPjTXnkysafArcfOzg-ab15-w64-wn104-brwsr&cid=21727671082&iid=wav-cvt&uid=ef3ba0c4-ce44-4b72-ab32-100550048d15
      4⤵
      PID:4388
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff994ef46f8,0x7ff994ef4708,0x7ff994ef4718
        5⤵
        
        PID:6972
  - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
      "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --install-type=1 --from-installer
      4⤵
      Checks computer location settings
      Executes dropped EXE
      Loads dropped DLL
      Checks system information in the registry
      Enumerates system info in registry
      Modifies data under HKEY_USERS
      Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      Suspicious use of AdjustPrivilegeToken
      Suspicious use of SendNotifyMessage
      PID:6556
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.5.20.2 --initial-client-data=0x138,0x13c,0x140,0x118,0x144,0x7ff97a726cf8,0x7ff97a726d04,0x7ff97a726d10
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:1572
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=gpu-process --string-annotations=is-enterprise-managed=no --start-stack-profiler --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2064,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=2060 /prefetch:2
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:5564
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --start-stack-profiler --field-trial-handle=1944,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=2204 /prefetch:3
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:5376
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations=is-enterprise-managed=no --field-trial-handle=2360,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=2564 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2352
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3008,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=2600 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:2708
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3016,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=3756 /prefetch:2
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7040
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=4056,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4072 /prefetch:8
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:5372
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=4276,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=2388 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:5184
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=4644,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4628 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:1484
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=4664,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4544 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6876
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4600,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4700 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:4364
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4724,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4564 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:5992
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4764,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5040 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:1468
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4776,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5144 /prefetch:1
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:1992
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=2388,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5372 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:3420
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4876,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5396 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6888
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4908,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5508 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:5888
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4940,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5624 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:5356
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --instant-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4948,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5740 /prefetch:1
        5⤵
        Checks computer location settings
        Executes dropped EXE
        
        PID:5980
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6352,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6340 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:7408
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6360,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6520 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7420
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6376,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6652 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7432
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6508,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6780 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7444
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6944,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6976 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:7464
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6956,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7096 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:7476
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6960,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7256 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7488
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=7412,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7436 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:7500
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=7288,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7556 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:7512
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=7416,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7724 /prefetch:8
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7524
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=4048,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8280 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:7668
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=8424,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8448 /prefetch:1
        5⤵
        
        PID:7436
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=8704,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7860 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:8104
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=8836,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8828 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:8180
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=8480,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8456 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:6740
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9132,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9120 /prefetch:8
        5⤵
        Executes dropped EXE
        
        PID:4504
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9112,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9136 /prefetch:8
        5⤵
        
        PID:7440
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9420,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9436 /prefetch:8
        5⤵
        
        PID:7496
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9576,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9588 /prefetch:8
        5⤵
        
        PID:7644
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9872,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9896 /prefetch:8
        5⤵
        
        PID:7864
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10200,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10216 /prefetch:8
        5⤵
        
        PID:7988
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10372,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10376 /prefetch:8
        5⤵
        
        PID:1132
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10500,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10400 /prefetch:8
        5⤵
        
        PID:6792
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10712,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10720 /prefetch:8
        5⤵
        
        PID:7552
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=8296,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8376 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:8092
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=8344,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10856 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:8112
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=10984,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11008 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:8060
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=11136,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11172 /prefetch:1
        5⤵
        
        PID:8064
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=11388,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11040 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:7492
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=8580,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11340 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:6124
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=11644,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11524 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:7532
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=11496,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11852 /prefetch:1
        5⤵
        
        PID:8328
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=6992,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7064 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:8440
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=11648,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11804 /prefetch:1
        5⤵
        
        PID:8464
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=12164,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12192 /prefetch:1
        5⤵
        
        PID:8612
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=6388,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10832 /prefetch:1
        5⤵
        
        PID:8652
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=11396,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8600 /prefetch:1
        5⤵
        
        PID:8692
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=10168,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6052 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:8816
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=10764,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7568 /prefetch:1
        5⤵
        
        PID:8896
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10096,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10180 /prefetch:8
        5⤵
        
        PID:8908
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10072,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9808 /prefetch:8
        5⤵
        
        PID:8976
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10104,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7540 /prefetch:8
        5⤵
        
        PID:9036
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10644,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7256 /prefetch:8
        5⤵
        
        PID:9108
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9736,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12040 /prefetch:8
        5⤵
        
        PID:9188
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10044,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10456 /prefetch:8
        5⤵
        
        PID:8228
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9824,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10420 /prefetch:8
        5⤵
        
        PID:8280
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=12480,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12476 /prefetch:8
        5⤵
        
        PID:8340
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6656,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12560 /prefetch:8
        5⤵
        
        PID:7464
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=12484,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12564 /prefetch:8
        5⤵
        
        PID:8480
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=12844,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12852 /prefetch:8
        5⤵
        
        PID:8552
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=12848,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13012 /prefetch:8
        5⤵
        
        PID:5324
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=13000,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13040 /prefetch:8
        5⤵
        
        PID:2416
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=13004,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13300 /prefetch:8
        5⤵
        
        PID:3896
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=12860,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13008 /prefetch:8
        5⤵
        
        PID:8632
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=13456,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13576 /prefetch:8
        5⤵
        
        PID:8636
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=12704,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13724 /prefetch:8
        5⤵
        
        PID:7304
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11152,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13884 /prefetch:8
        5⤵
        
        PID:9000
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=14024,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14036 /prefetch:8
        5⤵
        
        PID:5300
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=14020,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14180 /prefetch:8
        5⤵
        
        PID:8860
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11380,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14312 /prefetch:8
        5⤵
        
        PID:7948
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=13732,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14460 /prefetch:8
        5⤵
        
        PID:8624
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=14600,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14608 /prefetch:8
        5⤵
        
        PID:7664
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=14616,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14756 /prefetch:8
        5⤵
        
        PID:8812
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --field-trial-handle=14908,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14920 /prefetch:1
        5⤵
        
        PID:7244
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=14952,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15052 /prefetch:8
        5⤵
        
        PID:8796
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=15204,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15192 /prefetch:8
        5⤵
        
        PID:9040
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=15396,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15344 /prefetch:8
        5⤵
        
        PID:9344
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=15548,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15568 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:9368
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=15388,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15576 /prefetch:8
        5⤵
        
        PID:9476
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=15844,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15856 /prefetch:8
        5⤵
        
        PID:9488
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=16004,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16028 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:9524
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=16176,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16052 /prefetch:1
        5⤵
        
        PID:9632
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=16312,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15384 /prefetch:1
        5⤵
        
        PID:10020
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=16456,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16464 /prefetch:8
        5⤵
        
        PID:10208
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --field-trial-handle=16620,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16644 /prefetch:1
        5⤵
        
        PID:7100
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=16484,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16772 /prefetch:8
        5⤵
        
        PID:9268
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=16908,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16924 /prefetch:8
        5⤵
        
        PID:8240
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --field-trial-handle=17072,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=17088 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:9624
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=16912,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=17228 /prefetch:8
        5⤵
        
        PID:9720
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=17248,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=17376 /prefetch:8
        5⤵
        
        PID:9824
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6420,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=17528 /prefetch:8
        5⤵
        
        PID:7708
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=17544,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=17216 /prefetch:8
        5⤵
        
        PID:4448
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=17672,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=17696 /prefetch:8
        5⤵
        
        PID:6116
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --field-trial-handle=17972,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=17992 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:7692
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --field-trial-handle=18132,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=18156 /prefetch:1
        5⤵
        
        PID:8432
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --field-trial-handle=18292,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=18308 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:8460
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=17976,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=18028 /prefetch:8
        5⤵
        
        PID:9300
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --field-trial-handle=11636,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=18592 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:9348
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --field-trial-handle=11008,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=18744 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:9588
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --field-trial-handle=18904,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10980 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:9516
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --field-trial-handle=18920,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=18956 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:10048
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=19096,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=18900 /prefetch:8
        5⤵
        Modifies registry class
        Suspicious use of SetWindowsHookEx
        
        PID:10184
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --field-trial-handle=16324,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16184 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:8932
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --field-trial-handle=19276,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=19304 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:7968
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=3892,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5360 /prefetch:8
        5⤵
        
        PID:1724
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=5328,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9616 /prefetch:8
        5⤵
        
        PID:9244
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=7756,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7748 /prefetch:8
        5⤵
        
        PID:9316
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=19584,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9376 /prefetch:8
        5⤵
        
        PID:7404
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=18188,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7580 /prefetch:8
        5⤵
        
        PID:7132
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=16480,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16468 /prefetch:8
        5⤵
        
        PID:8644
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=16292,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16216 /prefetch:8
        5⤵
        
        PID:8220
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --field-trial-handle=11420,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6364 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:11312
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --field-trial-handle=15200,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12160 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:12040
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --field-trial-handle=5880,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5944 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:15028
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --field-trial-handle=7220,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12296 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:15228
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --field-trial-handle=11956,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11888 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:11728
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --field-trial-handle=6504,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16412 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:11756
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --field-trial-handle=10444,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=16424 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:11924
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --field-trial-handle=16364,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7124 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:12008
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --field-trial-handle=11716,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11752 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:12080
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --field-trial-handle=10152,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13572 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:12216
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --field-trial-handle=10092,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13008 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:12240
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --field-trial-handle=13192,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13504 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:12716
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=19432,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=19424 /prefetch:8
        5⤵
        
        PID:12804
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --field-trial-handle=19480,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12728 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:12848
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --field-trial-handle=18428,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7268 /prefetch:2
        5⤵
        Checks computer location settings
        
        PID:13004
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=15676,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14852 /prefetch:8
        5⤵
        
        PID:4024
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=5892,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15588 /prefetch:8
        5⤵
        
        PID:700
    - - C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe
        
        "C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --field-trial-handle=10992,i,5731086399308777401,1587291952476644326,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15568 /prefetch:1
        5⤵
        Checks computer location settings
        
        PID:12000
- C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe
  "C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJTV1VwZGF0ZXIiIHVwZGF0ZXJ2ZXJzaW9uPSIxLjMuMTM1LjAiIHNoZWxsX3ZlcnNpb249IjEuMy4xMzUuMCIgaXNtYWNoaW5lPSIwIiBzZXNzaW9uaWQ9IntFMDYyNjgxRS1DOUVBLTRFMkItQkEwMC1FMDk1QTE0M0EwNUF9IiB1c2VyaWQ9IntlZjNiYTBjNC1jZTQ0LTRiNzItYWIzMi0xMDA1NTAwNDhkMTV9IiBpbnN0YWxsc291cmNlPSJvdGhlcmluc3RhbGxjbWQiIHJlcXVlc3RpZD0ie0I4MEFDOUQxLUE2OTgtNDMwRC1CMUQzLURFODMzMjU2QTQyNn0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iOCIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiLz48YXBwIGFwcGlkPSJ7RUIxNDlBRDItQ0U0RS00RjUxLUI3RkMtQTE0OUZBQTRDQ0FGfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMS41LjIwLjIiIGxhbmc9ImVuIiBicmFuZD0iIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHBzOi8vY2RuLnN3dXBkYXRlci5jb20vYnVpbGQvV2F2ZUJyb3dzZXIvc3RhYmxlL3dpbi8xMTIwOTg3Nzc0OTc4LzY0L1dhdmVJbnN0YWxsZXItdjEuNS4yMC4yLmV4ZSIgZG93bmxvYWRlZD0iMTA0MDY1ODAwIiB0b3RhbD0iMTA0MDY1ODAwIiBkb3dubG9hZF90aW1lX21zPSIxMjgwOCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc291cmNlX3VybF9pbmRleD0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjU1MSIgZG93bmxvYWRfdGltZV9tcz0iMTM5NjciIGRvd25sb2FkZWQ9IjEwNDA2NTgwMCIgdG90YWw9IjEwNDA2NTgwMCIgaW5zdGFsbF90aW1lX21zPSIxMjU0NCIvPjwvYXBwPjwvcmVxdWVzdD4
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Checks whether UAC is enabled
  - System Location Discovery: System Language Discovery
  - System Network Configuration Discovery: Internet Connection Discovery
  PID:5660

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:7808

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:8940

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
328B

MD5
a13c426816cdb9ed670d4541e4044a03

SHA1
ab4ff3089455a96ae91e59fadf75b24487f4dd82

SHA256
1f0f1cf177163bc9858e9c9167888c61e3fffcf7de0d21b10fe6d2aef2533c99

SHA512
16c715138580bf00e790264265c87598a966537f6dda2e23f633ae10799176678ef1aedda01ab3c66278aea4bffd52c120ae8a9734f0afa4dff6bf8a46aef34d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dc058ebc0f8181946a312f0be99ed79c

SHA1
0c6f376ed8f2d4c275336048c7c9ef9edf18bff0

SHA256
378701e87dcff90aa092702bc299859d6ae8f7e313f773bf594f81df6f40bf6a

SHA512
36e0de64a554762b28045baebf9f71930c59d608f8d05c5faf8906d62eaf83f6d856ef1d1b38110e512fbb1a85d3e2310be11a7f679c6b5b3c62313cc7af52aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a0486d6f8406d852dd805b66ff467692

SHA1
77ba1f63142e86b21c951b808f4bc5d8ed89b571

SHA256
c0745fd195f3a51b27e4d35a626378a62935dccebefb94db404166befd68b2be

SHA512
065a62032eb799fade5fe75f390e7ab3c9442d74cb8b520d846662d144433f39b9186b3ef3db3480cd1d1d655d8f0630855ed5d6e85cf157a40c38a19375ed8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
17KB

MD5
29b8ae1d50ef8543dcebf4e9f53089ef

SHA1
90297279de99683b3903534459bc9962924d79fa

SHA256
2dcbd24e8f78b008251a1a0499c981a79be59fdf154ff9938a28ecb7e64cf12d

SHA512
6de295089b62bd50ff955c2e381be6bb0e59b1f0776946c5d3b5109fffb84ee2a673f49d2d5a56e5600d3b09fd8e9cecbcd0e677234a6f96c1194dd1e1c27c94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
20KB

MD5
4f45418761264b0518669abb3872d552

SHA1
cc09cfae03fde26e0b6d7d24e6427f278a421776

SHA256
8d72fd76d38dda8f184c1c35090ed5a4eb6a237df62bef32250af13805a6976f

SHA512
5874873cf1c6a7bdc5bf4663428900ff80b71da8a8d70ef3bd46c10ab57925a54201818086cb92aab1b4a44144cb7a419bfd8d037c9fbed6335e27d7dd3f23d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
33KB

MD5
8f68c11bed293fd03b8f6e2f7fa58f9b

SHA1
c82ea0f5890cf0e67c30cf9941de9e8bc1b9cc6e

SHA256
d080f9b8da351967bdd6ffa583552a3d984365bcec12d6a58cd111f8b085064a

SHA512
1cf1a538ce390ce31e0af7a3ae7c1f466159b74c294716eef24925e741d3ed2a38c6abcf6b70c8b5cc5d9efd90d3b509a49e2b443b6064c689e14f32b6fea5d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
103KB

MD5
c12602b8ebdfd5ea5113f42ee978d526

SHA1
1159db5c354e5c9a73b2e072b3c0c5d02f3ff07b

SHA256
412aad14e7b55e51c4c56a88949c8f5ac81e06bd1d9b23da4378b1d9711a0794

SHA512
00ba76a1f0f08c969a96f4418c158d482eba611fa5984cec234ded9c7a1aa2e9e4dc2a69816c2940783289767212ac729cb7b3ae4cd002f772a5dc5d45bce3db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
95KB

MD5
6c8bfe16dd4ae7b6e4ba9e3ec5a22775

SHA1
a73b1e05046876c41a1895515f56348ca64e3087

SHA256
f691b63a8fa0b8bb7c683e3a4afe993d59bb1276725f8763a6e28057aad03860

SHA512
340e09cf614e94db3f6e15f177eb15f0d2c95e9c3b5cc6eb05c79a316447b824339cfd4d4fa8c4a17547b82b9dfec866a325dbeeee8328ecdb0004a96c96ebcf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
151KB

MD5
44d521f9607150a18964eaf7a7d2a4df

SHA1
896a9500e6ebd9ee629c7b877bfc6cb6abbd2a63

SHA256
7948ac9bfd31e499df4ac16c2d1b338258b2237d23c54202f870db0924632571

SHA512
e32fe4137a3e2c3c8c28a9e4bc4a0edadf6fc64fef097b4b35deafdd61f0efe13d40f11b890a344e589cf8ec8bc2fe5287d58b379ddacf7ccec4db23b2281e45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
28KB

MD5
1752326ce45c039f4c5e81ea24c27c35

SHA1
4a22a9151c3c94d170cd3d23659e8e1a5a6f0070

SHA256
13dac981c708b9d1c6d7be7666ab5ff34718fe7d1362428217e88c75530774ad

SHA512
7ca5eb8b11184b97b7ecfed373420f7b9926839edcd36ea6bcc37a09190478175c49d7cfdb6dcbf1ecc8f2570feec9a0ac8aae08442fddef7986330043ff2d08

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
155KB

MD5
b74f4cb813f220bd09b6b5135c6f0c51

SHA1
efa7a95f97b0c38f400d429ad0316592af9ec964

SHA256
c43ead694533f49b58beca878f3f63a66218d73d20e438b00181d777f8718824

SHA512
02ab093546c152085788f5e4e9424224d78e249dbe65f2161c91652bd6a97f355a4e7813528cd9b03ef129b12ccb37312504fbfe7c19d378d689c74f58719b40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
20KB

MD5
2c1aa13ff9e13a1b40f1aabb6ab281ed

SHA1
4c213b2400b6a5388ceb39299b2e26f0c4e94967

SHA256
477f7677187a2b1d3b8435bf4e724796443d83a5dadf29404c90f84b8b430a93

SHA512
e5733906c1c36b9fc45f457460ddbe15d1a9dbab41c319e28f500c3e319a85253013f7c28c2de867c8f393543e93259035a642f03d5e4f35c9e5aa8ac1433bfe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
91KB

MD5
0571674cc30a063cac144a1fc1b8bcc7

SHA1
de47ab801bb88ff49776f21f1273b562d9ebb85b

SHA256
854cb94fc4279f7de61148c226dc8bfd1d1485bdb47ecbe6ea66a63043813c2b

SHA512
b18f92aed83188c49c156cd6fe38eb70bf44db02abbd7efd01fe190fcf8eb4b22928ec647f2fccc91f49c9dc77cbb1513a74bbf70358e5687f13f7745e7e7e6c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
86KB

MD5
7f9915116ffe2fa7fc6480bb40f2f73b

SHA1
67d323a40321e5c3cb095bb973d1eaceaf7afe68

SHA256
57c9e840cd574fdaa988cf15b248a4c6c888244c04ab721145c5fb25536e1d10

SHA512
f9fdf5ed0cabe4f060cdfd39534d41adc8248edd0eb5c01dd92454b024678110d8bb066ca3bddbe574b97857ce4f7375a0552aff94e5476ae3784e3dfee5c89a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
20KB

MD5
e051fda9a4f2045f30b1bbb384714039

SHA1
fc9dc55b28e8ba83915343c734bed5937f3443b2

SHA256
3f569a7476e2187330dc593b7981f0291391181c609d6438973d690f463b6f4c

SHA512
a6388085504a848f6c4681acc91391e105a041c8522a95d0045c8137a9899eb87b9bed27ec53f6f8529415f422596ee66a3557e430437b6edd58289b25c2defd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
155KB

MD5
65fba424f2d834d1e4802d10ce556eb2

SHA1
056753194f60bb673516a255672654712e1490fd

SHA256
69d710bf31bd3cf26e128a5cca9838bb3818f57b07a9e950874594decef890aa

SHA512
829ec573589b3dcba0c8e6e3b992df7384aa989a432c33cce046039eee2a4c4ab74cfe3826b80f4650e5c715e2ff30b93ad7f6c42e4e6ade9e270b79c819b7a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
28KB

MD5
a762fb5a64dec4556d980f51ff3060c9

SHA1
6ac0b291cbbd8819e9a922c9c5228f76ad029983

SHA256
cfbdf62609fb4493b45b6b7a9a13c5357ab5e7447c606d9fd707dbca46359a54

SHA512
23169bb323a788ccdb915dac2a8d8c58b018c40941f2c7b10a3814a68b42ad3694d07d23e2eef31d77a7c16da355c98d796b94f82b8f352aa4825ec0c3e08b55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
91KB

MD5
e110f5c5575ee55c4176ba74b1e5bf69

SHA1
5162398beea6e69c7bbb1f6b7efc40e2727089e2

SHA256
bed0623ffde2f813d913a5f8e5162c08d4ad08e2f34e0c622cee18fba41d0c04

SHA512
95cddcc327d1e99d96d4a4391890fe7f292ccd41341c929248a2d566eda74d8c3ac2b004b9be49e47df5bd6caed0a31c9fe3b9f9cb4e4b6ffb46de2caf402e00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
48KB

MD5
73a453ea5d4a2fb2916473737ffa7224

SHA1
6401625619addf96a9a64c7c3a8c3608b15233d1

SHA256
88d6624cced4fc50d398d759513b1475da2c29dca62572afa65859bea2950dbd

SHA512
8ecdda35045b2ecd76d08c985c87a065a152f7a2119fb50e5102a48f7bd098377ab2f772b19c6049269612a2b4bb3279de94b26f787705b98ad0d9c723e2a29c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

Filesize
127KB

MD5
c945753aa39f84880abd73724533dd26

SHA1
12eee8da17fdae66316186badb00925616cb1980

SHA256
a9c83e96cf079c049fe7506083548313cda1eaa29adaddfb84935aa5f9c99ed1

SHA512
c5ef4c22254a0d54c557e5806e96b4e2b5b28b22d5a3991e791dc80c964fe346e955e0e04b7f38730a61ad793384e0e182b007dbd806c0754495dfafd592374e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
215KB

MD5
d474ec7f8d58a66420b6daa0893a4874

SHA1
4314642571493ba983748556d0e76ec6704da211

SHA256
553a19b6f44f125d9594c02231e4217e9d74d92b7065dc996d92f1e53f6bcb69

SHA512
344062d1be40db095abb7392b047b16f33ea3043158690cf66a2fa554aa2db79c4aa68de1308f1eddf6b9140b9ac5de70aad960b4e8e8b91f105213c4aace348

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

Filesize
66KB

MD5
06702fdff4205590c1caa29b580e9620

SHA1
966017a8f488ddc3707f7d2c22a6c7eb51f58f29

SHA256
7586590346cdb9520dc3cf7131e5662b3c4407d2624ec22dd0e1c1eb9725ce36

SHA512
7c39333eb130eba6c9f57c50b8b6fbebf90c3cd49bbd7a967c6d31f7b997ea085770b84caf4ae2d984898a445535a20777c671e382e2da01e21e1c40248d322d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

Filesize
20KB

MD5
6408c37d09ecb7370b4d61ea51a15ad0

SHA1
8fa447851c7db6c2a4e20a13d769ed926daee5d5

SHA256
38c4bb35d2dc312b0e82bf8c5098495fd12d73029dedb6014c8f3ead635e641e

SHA512
5436d6204625fcc424989776d5ceb7fbbe286bd37bf077967289ce336ecea0e1db85f064d51d4a18877cd96be0d20557c682bbf2ccc6e34d6e096557aa357311

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

Filesize
20KB

MD5
b07da7aa3e4f363c5cdbc11312239e8c

SHA1
47bf5b2f24ea4a4caafccc89b9d2a6677ef9e3b8

SHA256
e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa

SHA512
420729406b315d8af34b62b78f39e763f5cf33cbf94467457b393fde0573dd7ffc6a23f25680988f9b82a4a3b719876ff76f3e1db047ce82615f544fc3a82532

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

Filesize
41KB

MD5
3bc2b6052ff1b9feff010ae9d919c002

SHA1
dd7da7b896641e71dca655640357522f8112c078

SHA256
483a3494759a05772019e091d3d8e5dc429d098c30007d430639926c3ffa16e5

SHA512
0b1632b73fd87e8e634922b730f83b7950e9a39697a46a3429f0bebb3f1ebd14c815a4651ee8f663a437d00ecbeb6ddaa47b2fcad719777edf1b1de8a7cad0f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000052

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0e73f3423ea43f82_0

Filesize
3KB

MD5
637a3153b05791303af0ccac1c286a8a

SHA1
7d70edab463ffabbbe83d6e35842df3b723b833d

SHA256
6cdf6da4e9c2d3c91e94db8a82d641f9eb295f6df75345c2f86eb6aa19e1527f

SHA512
270365cb6c4bceb0eb06700376e548dfc90adf0974d0ab4672422381c5d45c579b73c8fe08bd9b7d6029e313c45018bd53eb30dc637f1a273876795b5494d4c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\362d357cec2176ef_0

Filesize
415KB

MD5
8cf388d09de422f9da043b85aa7d0320

SHA1
046b0f245118cc8cd6c80a38ecb4de13d0948d63

SHA256
9f2a0d8a5e90028c6ff90387a84fd5827c44d9b21f40780b168cffb4f8786796

SHA512
402b8a20418d72cdf1f8066b33a349d068e4065a1e0ea05834979dd9f84c3baf9a73a47d99bf7a799c26991a977d8429d78c215de61c9ee3b99a78c00d41d0e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4c307b02b4dcc58c_0

Filesize
23KB

MD5
7ba4d14ce71bb2bb0872ab7f8fdaed14

SHA1
27c681b8fe4e8256c1d918fc3ea0190af7ecca8f

SHA256
1eb4d0ce2f67ccf3286bf40a99d09b995cf972d2e23105459fab9cc4cdb0d1fe

SHA512
0a2b6494aa9c92c862a5a6c710418c86631303dabe4e4592be160851c49ec6060eeb78adabbd2b1f3c3805277a4cc167051ad536a7809b75b0f0afdc56ef7092

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\93196b40802b799d_0

Filesize
32KB

MD5
a736032ed4c1583d340694fba683ad34

SHA1
6d927a59113a7ac763eccfb9f9c14a41a216d753

SHA256
b926b6f1544b1aaf55e1b54f26b25918d9adb788a8d5d4219c735ad6dda1664a

SHA512
e88b04e28d7f11dd9e5f91509d2595f17b7cb26518cbfea17cfb20dca6b124ce1798e133081e0de3abad516d6ffa5d7d9c9cd68373a3b435ac27b91166a43ef3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c0afe0d14969413a_0

Filesize
289B

MD5
a1bdea3d30a59d322725de2797b5891c

SHA1
89d59732d7f7268d88f416b139428d71adb790dc

SHA256
6dd02b7cf7880ba64e50b0b459f655273064a459fc704e1ad6cccacb0fdb993b

SHA512
de3a2d0bae663827019a8b0d598087a3d35bac280c220e37723a253dc5220c5976d4a4082332cf94a13b35bea0a3b8dcaac6f2615674f8df0911310005542a5d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
8f8863e8a334a72810892227a50e5ea8

SHA1
1b87f1d4549d7099b66d1346554427496dd29ab0

SHA256
a518576592f527635415b6e229a2fb177a957b4a87aaba9a5a0b11d8ef0a342b

SHA512
48cf3fb8857da8bbfecb2405e5795ef4d93168c8452e67f55e1930f4b33860aff2d8df53b2d91ce1691be15da9f5549497c7d7a1ebe56c4bbefe4afc03c1e21a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
13KB

MD5
329be4986f1711a43fd076bf2aa80e41

SHA1
2226c97545a2bdec33c7ebbbb66202e2cc8524a1

SHA256
facab378d1bb244ef34276d94ff533149505675cf178f7a0c0df2aed010ce4da

SHA512
ebd28e39d8ff11ce7681d586d27c64749ced1d105fa0e24b5e8067b2d0ad281a732302b7614403b97170876f559422eee35db8657fa2427429c6b59c5fb3d61d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
16KB

MD5
6a4b3cb85e0e9dd7d971ec78f828bfdd

SHA1
6bdde4101523639b7dcbbaa3d9f9ce28de502692

SHA256
55b63470df5f7ae01d40ff40d94e2a1a5b25da50977eaa23b0894a25da6642a9

SHA512
e27c673224e9e71589bd64c1639b35c1269739aa4bc0fc0b2d65346f9d0660f16fd034dcf957ed68f5ec69a7d6c08980c52a561cd801e67e78f62bd632615927

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
13KB

MD5
c5373a4e88870c9cb750a67e8ae7da3c

SHA1
216b92ecb15c9bfca4033fdc46cd6ec69d327c51

SHA256
d03b1ca974a9f22217c54038e5f852aa56f3a83e103be7e7b83dfa9d691611aa

SHA512
4e4584b3a75256290d8db58293320b98f9172842d85ebdb96872baeb77bd7a6ab830ca15ae9142eb9140fa8a8f691aa1fd6f817dada8bcbcc6d587a827709263

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
14KB

MD5
c3799cd23f8757ec419aca1d530f8797

SHA1
070951d75da56b1ee593eb73afea5d05f8c2bbad

SHA256
f64c5c19e3fa720261aed6f8dd7247d0ba5430943717f29a3ddd7effaf69ce1b

SHA512
69068d8ea0b7793d12ee56007aea0d2006037540d866f8926912d6a691718a57d57ff04b0351ac731674e67dc46bb2bb207274be7161eb43dcb0859d9220cdd0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
e61318bc0767cbcaeac070cbcb69df29

SHA1
893c35b19942a107be2c9cff6b0a78d75e7bb282

SHA256
28eb40a3381fdef5fd3683424126dd5132d1c3957f6c1d2f1335157ff9f56932

SHA512
400473b5f82916202525b057dc4d73a62da4e7b50a2fd8ba6398a75cf63a294ac1611b17870dcecbe1eb101c76db635e46462ac858caee931336b6d70b81d1bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
d75463ff09b01df98aa46670fc262a75

SHA1
2c2fbdf32fc0871ab2a2d785e5f913a6ca2650c3

SHA256
96127b541d1462192fb2ffa6f3302784a352feb759efaf2f92efb8fd336c15fe

SHA512
203fb1ec67f3de952b48d38833e833cba73a933d1aff41354838d9b9386b2027b177962982e8bd49fce7f342fd3b2f644d38760c6f1bc36a73b7d82ddd54da4b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
1daf36be280b877590a04864768603a3

SHA1
9640bac1dc13be0c78761d5b3efc4877f31b3f5f

SHA256
3f58e713befa9ca76e56fb3e2533d345d6272abb8bb02a558e4b32ff2d5dc2a1

SHA512
2280ee1adedd8ecfdd7589c6ab0a9930f91896b0abc22ea71923c4155d503ba556a8c45c722983a847a12bc13ab9ea3c70e061a17f61f53cf7a649c7d8959efa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
f9f36f09280d64ee36271f9bd74fa17c

SHA1
570d56f92dbac7636b000bf8c40294e55be82616

SHA256
184dc29786084b284d5bd259c9b3b12bf7ff54497f19fc8958e4eef13376d101

SHA512
97d5f9dc5888adb552ad793ef906c31fa5ae12be0d8ff67ca289802b9b09bdf5aa617220155e0b654ba7f0971119b9e8caabbc71c41ebc11fb09b810b90bad05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
ea134c3b52e93be88d2b183b371ba7fe

SHA1
784313578890422f3209efd7639b4012632688dd

SHA256
b89aad7f602060d4e9e236002015ed71408e3f2b63dc5d85ee7a06425f053156

SHA512
b6084e8ed49d7af5e4c2e1e1fe02263d931af763f1cdf5b2ce632fbe0b3a2a324fbe6a74997a8fa7e4626ec373b0939d6ee08c966d718240d325442a08ba866a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
cdd6a2a268ad76add30b20429c952e72

SHA1
7651ddf3a8877685a0913d79f9566b0735cd1277

SHA256
d71b983c5eb3d82190994d4164b0f4d488b9858ee82a8e82bccc08258e16f13e

SHA512
0d0ab2ca1f798e72e323d1c4a432e5148255473d63f9d78f931bbdafad6b201268310c70fd4c54e78b077a339f02db86bf8261c57d4b07d1cb1d44a0747cf838

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
aee0ce77c45fb99fc229cf51b31c6859

SHA1
a91f863b8af21c875ef253d8c43d3ca2d9c0b7e8

SHA256
16b4641f3fcc3dc5fe28b07eb4673830c5cfa3d041a092dca89e8cb091c2c9c1

SHA512
9c8cc24361730c9ccdacb21e95ac8c939dcca24d6f5d61a02e5da0f3a372e1e5732639fecf0183584375115783224fa24a5216237afb275b28dd75c679c43a25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
38ec06d013dde5885359f5da0f493264

SHA1
cdb575cfdfa94b5e777cc8de3b1d19c49afa7330

SHA256
e88099f171e54b352c105a4c9be276c9fe89a3244a5394364b77335447baf816

SHA512
d46fd75762c7a131e6a5d42c03c81bab19d16a412813a7b713ef3254de61d345cdb889a188805480bf00692f99b687eb3bcb9324c4ca6acc61005d6a0a5954ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
84554fc292d6e5a120cf6ddf6c634830

SHA1
2a8f11d94eaf6f316bbf540c689a6279fa9539f4

SHA256
1b132961d7d01aaa3a4001c458922d698d7bbecd006836ac8f92df29c4f6af98

SHA512
03d92dba21b81baa83168a7c5d34bd935c0ff25526c83990ca331695f82681f01cb7860da57250285d4c1bd88b2196a2db42f2d1966cba1b5ae2c1a9a14d4005

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
144B

MD5
3fb89629ce200e43273ce0393035151a

SHA1
a41d745b21a4f34b7f867110fca3f221a33fec80

SHA256
ec1ef481e8e8c7d89d322435237ec9054c2dd2bdb5d3dc005fc8ac42f740a4b3

SHA512
b68664cd337116209887fbe09d174517b4ba5b0ec1589f3161d9c3d841e62b81bf5a856951b4f886f46a84515979a48c1b0bd44516be16507aa3b86d5bf9b135

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe580e63.TMP

Filesize
48B

MD5
17c08622e8ea0cf6a48ad733a3760824

SHA1
6dc4f510a47d544aed8a7b3bdeb586e031037dd2

SHA256
1f1613e030b8e7de257066bf4d9cd0a9e6cee6b0fc5307b33633be61c641598a

SHA512
ad0be7cb8824abd2b70b794cfd90b673bf0640b4b7dd6ef38197608531c047414673ecc1d05e20ea23f69a20d553b8bcb8ecb04b2ccfebde0cad96ff2a742b4c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
c7e60c3695921ddb5653405fce121b99

SHA1
7c1ef6709e0e84cc7f305718c9b4693a5c4e8a2f

SHA256
9b35481008735a5ae15950ed53b317fe35e328e3ff3b38a197dc6bafd13e744c

SHA512
a54884c9242dadf6a59d5721af4e2734529da87a0113dd2b18bafb47aaafc263a75491cf2f8c69ea22d58c398b8a1dd8295f20e30b207ba25d582ac544123c03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
25df97ebd0e9d90e9c9aea04b0c08f00

SHA1
f097487c01db5940078b38e79dd43e750b957e2c

SHA256
db23a07cb5b6244629d36b7eced25198ff440a812040f88ff01f30a39038cddb

SHA512
7df219ff75c3acb13fedb8ac35515dcf611c0f08d999db4522234e9d20cdadec4c3ece45d48fc0b1c09a7ae4a75c8b5ad61c6022950e268c64e698c17d7598be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
2c61de258f38007d36755f923dff104e

SHA1
23c73a5e3adedfd2ffa5ed8d6ed408c1fca741ee

SHA256
21c0151b5af5c6f68f05cc8bab96144f26cdef1fd18408dbba8d844410f44f35

SHA512
5e58bf37b7e87996211a73e0f941ad3a9dafca506379eabdb0be71c0c29c6b68b56bb511c5a96317dff2567fbbbf33769a0cac8d2f4e4340cd717cae8258ee3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
218052fb91c1b8a62b570148e5a8842f

SHA1
e258141d2d2f749ee27a37decb9f96ce9065b4df

SHA256
3cccec7d4029f34db5daf490f1247837f044327905189d7a63e544d76002f65c

SHA512
e1f208b25d0f2b8c4a0fd86e92f01f8c279b3bf1ecab13a48d341ff746e90ebe18581df1459685e685c4520925702db30168f59ad04ba2ac1aae92cc9585e068

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
bd00eea560b99145f030d0d6e7b95790

SHA1
24a9d73cc2b1b6a5666b88839f498a4b6086b206

SHA256
c6aab80e97a2fd3447e30d881c550c06bb1b7439b90bf7cde3a97a9dedeebe94

SHA512
d2b2550a8ed31369a14e1aeecce18d22dd6ddd647519f75eecb1250d8d5633b0dde8f86c925669e2ba854fc80689b1646c3384ad6a191eb407d05b41f87d92f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
f0d64c1d6c588fa9f556913656516ded

SHA1
a7a5775c9944eb9d6e0ef03d3ab03a5c6b931c18

SHA256
01f23539d1cae146935961d71489eb17a165cfa5f0c25c04f56a35d097513b3b

SHA512
405bb20c7e0f57aa52a9793fd93781a87f1b144abc38ff475044772ab1cc35c9596746588886aa3b4b9144e34a9da36b5910eb97a9cd280390c05572015a153d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
8e7878246b762e14ece72cdc5b13280c

SHA1
c51c4b86b221cd28a53aea7645ec840dd142ea99

SHA256
084929f27e860097407690142374353618f19477f6eabddc2fe70ab51f0cf21b

SHA512
76b73ce690f73cc71272605760a8dc48cd1ab39417cbb4c1260c983c32e9f2aa516420643e6a1b41bff89291f9cb94fb12d1cba3d9701565c21174ceec8a0dfa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
eb17a7edf8b13a14c915155de9bf6e49

SHA1
f0e665a8e3d217fc113d4f8c26b8e0e6278c65a4

SHA256
316a8a914abcf7976347cea606b9d11a9169c9909d2d2abd6a02b7024f5d0f03

SHA512
52a5d8acc9358dcc25205410f0f8a103014f1534da7e406ae8032c5f57f0685179d6e7010865ef87935fffffff8359ebf1d60eb7de8925c891a488212fc276b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
80430027dd57426d528bfb8486ee9f31

SHA1
2249f3788bd30a041b7cddf9b78d8c5e19222e72

SHA256
9c95bda14265ecaf03fcb8bd5ffe9a199c7f22112887f1aa69007168e7f13924

SHA512
6c579cc3afc80829960774e8acf241cd04446d61e6ada2a541b1a05c2d1128abf85dcd03f08659170a2803945c59046142923365fecd611288da151fc403e8f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580683.TMP

Filesize
2KB

MD5
6e53ec2c4a29139ff6e8e57cb874055a

SHA1
5b5f677fe4752d8d54239e9564e9b627e3475cdf

SHA256
cb082fc7c3fa4bd53c98cde38e0dd73f42251ad236fe5be73e2f5d3771016ee2

SHA512
d0dab390561d7d6ff55a06c3003dfa6560ca8e3c38ec7df19cc66b560e9b0462409a90d9df7ae8a59bb50f1ab78ceb95fe0fd9446891f997a254cb72b3f3e24c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
34126354016531c89ba84401b8e14ead

SHA1
e8239737dcc062b4dd60c9fcecff7c4bd3cd66d6

SHA256
d70af53e06d21f20a0f4aab8918c54edae3d6dfde608524befe000b80664452e

SHA512
fea20055864d5805c319fa8ee9a517ae5537cafa6925f6261ce96fc281e0c8be99168ce0ef73276cdd8b95fbe1efd0fb2c76064bfe0eec16bf6c0e586b599932

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
08a40c11f81bf48918a37fd207b64b50

SHA1
0512d2832048ab69e94fc9cd96015859d11caf94

SHA256
769d22545752393dc2b45a46003a8adebc0318c1b3fb5cb12ce1aad3bfa73ddf

SHA512
cf063d88dcf23b203153864bc68f9c1390566ffb10ec08cceb40bf06829fb5e825883cc6a0e1a3c774673aba222f29bdb5e9677371e0b519cf2bafc8c762977f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
195ea0eece4a5ac03cc49e7ead620429

SHA1
6ad71dda89de80cd5d1ab81848ee03b3175616b8

SHA256
32476bb52f3aa072ba6fcdd94640770dcaeee28644fc42359af81ec02d75d3cd

SHA512
ce5e15879f1063a27d0451da2225c370485d55c30b218632877871acb803993eb2e41f7e3edaf2dd480e448c096b8c5a40ad16b160fa6ea0b0874eeb2691fc9d

Download Submit
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202501191749551\assistant\Assistant_116.0.5366.21_Setup.exe_sfx.exe

Filesize
2.4MB

MD5
f197f4d2d50205236436fbbcf02e79b7

SHA1
e83fad0c2b93d023c78aed539709bebbeaf1c2f0

SHA256
caa17367382012f5bd23d519323470abdca96fc6e9ef2a89608bb92dd1c314c5

SHA512
fe332b56a021d029e443ef84b804f808fb469377e07527d875ce6ea018ade84ffe7de128f43094fcd8c6abcacfbae9ab886d3813afbc18edc637aaba49068e7e

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS8F80FC58\setup.exe

Filesize
5.5MB

MD5
87f7ed90616d28b28a59f29b18a1f51c

SHA1
630db6efa8215bd982884edd6b24d623d4d23209

SHA256
55a20ef1ca035dd9be08c04ae88dde7b1ce4be664d3dcb63fb1b3b0d43b4fc6f

SHA512
0fdcee568ae27185f02cf2f70ce3f69ff25db238fe157e80004b8f8eeed8f0a7dcb19d35476f54619939b8bf29abad2acc7336f727006979d447c793808281cf

Download Submit
C:\Users\Admin\AppData\Local\Temp\9c11e4d2-00b2-427f-836e-006c0e31bde3.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Temp\Opera_installer_2501191749541404796.dll

Filesize
5.0MB

MD5
6f809bbbe1275e1e71427ff63165fcff

SHA1
c2a1726e038fbf7c583b0bb5faac91829dac7ba8

SHA256
51d12738523cabf3b96b9bed29ff882a36233a59c97a01e691552c547f0d733e

SHA512
dad32cfc4d04540c00d5f184c2c1d9b96b391acf563818490426f5e6051722a81a8f35e73142d79599c2c557fc78de5680481c1b47749bcda99148cbd273c2a0

Download Submit
C:\Users\Admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe

Filesize
797KB

MD5
d083a07a3dca2d0ea5ddb0e959fb8ff4

SHA1
86f3f43729db553d45b728b1409b73d3de5a5915

SHA256
05e1c6babb787f24d8a60f8ded2c216c9bc2956970d75073a71139fe168a122f

SHA512
d16259a1fcb29def140e9e1768b99d973b434c97bf7b09bd0d223143a622ee720d2531a84dd4edf082300fb5f4f00812e418c0131b196375821e612bf34f7aac

Download Submit
C:\Users\Admin\AppData\Local\Temp\ae0bcb55-abe1-4225-ba5e-e6f7f5c56580.tmp

Filesize
377KB

MD5
797684f924e5887fd19bf3e3db752b77

SHA1
e19a6086c2e87eac03c802737f40e7ff842fa44f

SHA256
1dc3edd13c8c702426d614addf5ef1b5380cb78b7bff7886943c21c354cada0a

SHA512
bddf7202395db21d5dceb3f91338dab3f85586abff64ce78ab7df369b8b17b5fc337f2318822701c652383f7cb009da2a1e931f15676cdf1f9b3011b815625eb

Download Submit
C:\Users\Admin\AppData\Local\Temp\opera_installer_ui.lck

Filesize
4B

MD5
591243023afa61ea8539146f9776dcb9

SHA1
647d744435bb284205f72b474230aeadcdc7b573

SHA256
db4fecc8be87bf4b5181c5a09a349a194a8249ccadbf3e239e9a8ee37841838b

SHA512
853742cfc39debd8e2bc8350f8ea58d4068cebad2f850e742ae11b93c87311bfbacc900b27e80b91f670ee31f27b8a556305bc1e21138d241a5791e4595592fb

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir5372_801019075\Sync Data\LevelDB\LOG.old

Filesize
323B

MD5
aaa1c2e15b4e1c8a6a00723dabea28e9

SHA1
24d5cff6fbafb579a91923f3ee39e85b26be23c8

SHA256
0a70cd12f41cce0169ba89bcc96b2d3b8a393536ddb6336d770ae1df414ffee5

SHA512
041d33e3ebc4094747061a63e3002de7435295b3d8e6c48011ecab17ee23d6b3c05a5bd6bb5d76127f500643517376b33ff9fb21059adb265dd37fd6eab39afb

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir6556_165034339\CRX_INSTALL\assets\index.ts-loader-13a0f470.js

Filesize
341B

MD5
37ba3a70722df270b2f69dd60db8f1dc

SHA1
8c61f83d7e13b5efed2335a14bdfce2463fbaa9f

SHA256
13a0f470c87bf4ac0613fe1c0fd3fbedd5ce1606cb2d491fb93b3cb5bb2e2d75

SHA512
75d1e0556a2ecc24cc3a06619b1894973d391fe089c59bd33033286de99799968cc2137b0c0099d3cc63545ef317ec82cf3534a2739c909644bb01137401d10e

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir6556_2140640214\CRX_INSTALL\dist\contentScripts\index.global.js

Filesize
460KB

MD5
e3cd8deb1ae8c8711ad7529bbd2aff18

SHA1
718ca2db4cee29a83a6a56c3557751d106580fe8

SHA256
b33536a2ddd32969d4cea8e52cfd57a083730d2decd782448cc620efc0329366

SHA512
eecf9c9d9a207baaf68eb6a87ccc9ebe7ef46febd5a88993257dc9732c75a8ebf31e4b0d41e451a1205459690e4f4267faacd3eeea37f7f6d55fd02affaa0e84

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir6556_441626049\CRX_INSTALL\js\twitch.js

Filesize
28KB

MD5
53bf91545a6a6f23937df88d9b19433e

SHA1
c8a9d1af2618e6fcf21e34bfa53425c7c266aa42

SHA256
c7d12c784ae3df27a112d5bcb7d9751577c7db0a056948e81284fb345ea33859

SHA512
b3871a5c6fa1998d53210eca58e66b68b988f2ad7ee10569a3653e2a8c5a5314c10d1e01201fce3d66d65f6c7deb9de6f385c3a722e1d435d13de53952d573df

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir6556_441626049\CRX_INSTALL\js\youtube.js

Filesize
27KB

MD5
94e02bdeeb2f8f963b705c214bf9710c

SHA1
a78f10cfc3c40cc700ccc3f0f45d7a096bad17e2

SHA256
8ebf1a952e911c311d0067a3d907805d203b56f28a59a977fb50ff3c04c3039e

SHA512
91ad6575185cf07d8b222ae952f2bb80a6b0af6cee611464b11b88892a807c4c4a36a87002728fd8f8604a21ccb82b59ad625413509a39d4b879d658096b2225

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad\settings.dat

Filesize
40B

MD5
b7f93581a0ff84ede1bec9cfad16a03c

SHA1
b094625985dcc7befe6e326ff69660d80de4d437

SHA256
fc993cf2c9988b1645205039a5faa2b6e448ec0336f93012557a723b9b4410db

SHA512
e8a282d8b6076f26653bce7339456fa6b01d852ae546a782043b20ebe057ae21e1ee98869483ba7371a430de7dddb1f16817f4a12e5be6a8cc2c9a2dc9d1ed36

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Bookmarks

Filesize
5KB

MD5
4915538293ca70a2c009910f09147724

SHA1
a2b2d5d82bb713bb39429ba0e09975e4eaf8d10f

SHA256
cf55f8a68f862828d2010b8a888f9ad8b6fb4a28d20dd5f82140b037a443f90c

SHA512
b2d3f462bcf8d6eb4250b00b0b88112a2380b0ef3cc1f3a689874361ea896d3148bd9dfc8788e9a2a0468ce89fc0dda1d3b87a220d79f1ffa77f1bed6e6552c8

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Bookmarks

Filesize
5KB

MD5
c3990317bbf68abb91facf6513dd8312

SHA1
500ac4098e2205b9ce82383b01478103f9eff0c8

SHA256
56cb553b2b7e88a10a9322191a48eee1ae6803f0f3e8a873edaa568e62289fdd

SHA512
31c93c5cde3055c6b589fb4c4911ada4125c3591dd7e5466ea513d445b3e7da9e8edcb61b958cfc7e8d23cb94570f2aba1bc5e22f0a6726dfa7686a6ad19515a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Bookmarks~RFe593791.TMP

Filesize
5KB

MD5
3f2a396c3ed32665f0f68f264f1d6252

SHA1
e76cfd001bc3fee55c3eb5cd976524968dbb6a2c

SHA256
4b4be6a73f973fc5752217c4c61463a666219cdbd18edb407d3539001459eb06

SHA512
5cda70b622ebf6e91090e5a1210486cde2977686674af5928776e880ff1b08fba2c978ac0db2b4fda7f6cb76a745072b8d4489a0aac213b793d94e8defd1c7b2

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000005

Filesize
47KB

MD5
8e433c0592f77beb6dc527d7b90be120

SHA1
d7402416753ae1bb4cbd4b10d33a0c10517838bd

SHA256
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

SHA512
5e90f48b923bb95aeb49691d03dade8825c119b2fa28977ea170c41548900f4e0165e2869f97c7a9380d7ff8ff331a1da855500e5f7b0dfd2b9abd77a386bbf3

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000031

Filesize
26KB

MD5
1d925f7d718e67bcb9543fa43351f878

SHA1
b7e2e705f085e8ecec6a9387bbbd3c314951b320

SHA256
2daaa3b9549076608f0e037af046d4ef9c26d764377caa674519578e18dcc401

SHA512
461a0698a56cc1df49acb1039c62bd732ab2d1f3fdcf95e08f33e300d683840f73f998951cf952bb043c31eefe1955a52bbd01ae117d658bcd9e15b4009e24da

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000032

Filesize
46KB

MD5
46745c3db7887cacf82a23ef326f3c95

SHA1
cdcb0dec6003ea2aa5c6735292cb9842d4f234bb

SHA256
e0359dafa4b924944b59f9b68bf1fe3e1451f467cea2b3a1d9f67af72b05660c

SHA512
28af9213a66e0b2f3ca5bf5875016e605f3016cce8cd5112f1ab285ac75209a3426f842a4335816a278639b6d10642320403e5346616df9b3eb0af6f20eadfd1

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000033

Filesize
59KB

MD5
d118d78a3d827a204cfa1a5adb080b62

SHA1
a0a271b1fe33080ef569a396e47c697dd1213074

SHA256
c32856ec9b8882d52f64090773b7e24a1cab36cfd15a89ac1eff4b6c70bb4f9b

SHA512
98f0df79cde5bb0eefcf80a32cc1b0c37b8525652734784228a66bb06abaa71251487412ce83b62bd97a98a2c5f11ddfd537c9bb4ee9bdb0e9d7907db05233ca

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000034

Filesize
20KB

MD5
18bc3e2da9b2a3b38531cbe1530aed6e

SHA1
62ce5499b3a1e5a438c6ed5059971fa1b8fa3461

SHA256
ec118df84cbc1e135e78bac6225792f8a01859af84bb3459917af0d5f774edc7

SHA512
3bd773572ce34195b4394bdfc4e365c1af36c1c5cba044f0497a3fca598048c413216eda3ebe2f8c9c2571a879c67b6dfffb59a4660c411ac544c5ff8b22ef1b

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000035

Filesize
30KB

MD5
f3766ddb4a613c4f3a9ce2d4efb1e7c5

SHA1
aabec7a1ed601041718dcd4b75f54c8614bda7fa

SHA256
5dd963ec8cd553c314a5bf7cb1dea0aaa7f4e3fa228deab05e703e03ebda2a46

SHA512
b0071157de8c0fd4c5da7de7daf361af48b2581b56b348fb0e58d6ccc899f4a98e68a2ec0dfac4050ac6a549c0a7a6d8266561aa4936ed3204049e682e270eba

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_00003b

Filesize
140KB

MD5
d4e4685928df6ad70369c33be5fac461

SHA1
9a6322bdb29da81185645987cc9ce987abb81574

SHA256
83bd10c7f03c22a024a1b1a09b8b84e958a37367509c1b84a28a5a2d6a36e618

SHA512
9feef295abc29a60449ec05b7d19562aa4b2d21da5a667031e239ad73dd2aa1773e3387eb98a93add7f37014b5b41687f7fdab77125e7dbe330673214286ccd8

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000044

Filesize
35KB

MD5
b35b946f59e3226da9880582e91fa836

SHA1
e1536a8e10566fd895c5d170478c6274497ee58e

SHA256
bee4589d8557a193b0f760aaf3aaea5a769c74db5c1c20281324b388776daff1

SHA512
d9fde38e89aa53fb3cb38a689a8a535b486c31b39d76b540cd9b23a85f97d955ac09da63fb10d409b68b789bd85eae2f5dceff424691cb4e2968976ebc14faff

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000046

Filesize
101KB

MD5
9e76748d372f43f3c70913db8fb4b4b6

SHA1
8576bee89b25b0cf56805bd6d2e82cc5b11d5eae

SHA256
4188b77ce80f546eebdb6c1d3dd95160b3d36b1e0fad8722c7e8c4591de87390

SHA512
3286f6e985d4aaf3db9ec019e57269474ef2a69a545e16b9c71d654f44d2511a59c0d2cc0d2e6910ded406a35dc0abf367c9102ac0ca5b77396539bf83a0466a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000047

Filesize
72KB

MD5
64abb62fb88190c31be5a2c4a17dd2ee

SHA1
f1774292073826f04d1899dc64bb1adc7e88c2b5

SHA256
fbdbbfc2fcc63df14659dd04eab8d30c53fb3f020c7f4baa9af1a0d26bd7a452

SHA512
6681e5b92d83cd2654e8e2f3cc2688a7cf6c7b5424f3b3eb0827f48d84dc54496827ede99b9827445a0f0d5a63f6c563c45680b71f9a3ef5c9c1bba5ca7070b9

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000048

Filesize
56KB

MD5
9ea7f7b40abfb9958d83479a82f09d2a

SHA1
b2a510bd63bde6ab5db8f256fed48766a5fab7e4

SHA256
6b0dfa77eb698456459f4f25d8f98ea8d17ae5a44ab0236f03bd8e3ff5a5c8f5

SHA512
a48c9e987aedc9f76dd8d23eee9f6b536a65cfd1dfa6912ea2dbf0161ae03f5ce1d73a481f64a52b93ae30c66679ee5ae02c56a431957a92d0eb85c725ec1b26

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_00004b

Filesize
54KB

MD5
7c2a1a5b4a7f0f82c44f527b094eac08

SHA1
8c7b6a64d6e82016116f342cadc6a9d652aba124

SHA256
f8b3d3bbfa0024beefa934d8f6f027929098bb5d100fb25d10bdb1f428b88833

SHA512
ac78a15ff98dc397daf5bd7c1403aee2e8c2c64299decaef7bc550b723ff257f5c60186d07bddd552f92a7a8e905ac53b214d1d0e46c28922f48423f2f35384b

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_00004d

Filesize
81KB

MD5
4e2440d5e62ce26b5c4c67bc7b777a6e

SHA1
ff3d122e8d8b0b7407e0bca0084e2dd95962abd7

SHA256
730689a544332a27b098e4346bc0a1bd7b3b54a37f68632df28c7b3e254cb163

SHA512
30ef655659d70aec333f7ece8870b47637c97810d52d4d0ee490d6468c4a92e6a7d9ae6bd9632f452fe15e899a401f7a0dab8e658f2e39b120c9c0c52429bcc8

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000050

Filesize
18KB

MD5
1b9ad561aa5d91ad4448afa122438ca7

SHA1
5163ea169b915ac55ed031f6898dd1cff53a7345

SHA256
6d4f3204952d251df7943f925ff3a27c7e1fe9ab501bd622c7b0b2d2131d05ee

SHA512
f883562cf80f2417f181f3c2369a10756454538dc2f6368bf955fdbf0cc719ba9a750d6206f185d62545894034dfec436aaf228a8e6dce9c625daecc0c02ca80

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000053

Filesize
39KB

MD5
f2953af89807609f49b87237180bb450

SHA1
bcef01e9e586a9a6c567602272c1a7955b77b0ca

SHA256
b02a3f6dfeb4ebf05d30eaecc8473664f1720190639cbfe43b2a7f9a00246e56

SHA512
270dd571d34269daf11a1ad5931c1202b57c205dd3375276af3de78f51da27601fc9ecdea94cbdbfeb1ed6c29e9a91c267cb916cea6be7ba1c537b99393f02ac

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000057

Filesize
40KB

MD5
b2ca1822b16a92e0a0111c994cfe4b8a

SHA1
ad3bf01829f003d1e837fdae30b97e4911528c0f

SHA256
12269c2adb9da8c73e2d8e5628566e4662720bdff4687c3bd6190571ff8c3b05

SHA512
2ddeca50f4e57226b3af8571dc04e977255ba0303c7ab1f1b01bc0240189a4b2ed50df296c42105f8f40dd9abc7eb3c9deb22619a513cbd7974e8fffcb0a9afd

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_000073

Filesize
85KB

MD5
86f5aaa15ab007d56940f6f281203b5d

SHA1
4141bc24f60a060310ba00317cc7e3075ca9f786

SHA256
78f632d3da0f66a9cf22f6abf1832a6f8ca3ca23d71b8e4b4948f317ef8cb1bf

SHA512
072201ea1ee4111d72b8db42fcd260a0e5ddc8537201727b5676b3b1717b4e4a95afb2641ac43b192060f7c4bbaedb19dc7385f222f2bd5d0a1bd142b9388574

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Cache\Cache_Data\f_0000b9

Filesize
60KB

MD5
d8c78bb4aa47ab6ae3df9d9e2fd9501e

SHA1
8c959e1da33c4eee451ef13e2cd0f8b2327b7f76

SHA256
34643ff9ca4b3ea1209f72b31dfcf85c0d23a9d389766bd908eff7a8dfd51f8a

SHA512
1fb28a2a22afaaf382a0ff74339fd641a09e2c58b6bab5b88c6ee7c447f1909502b952c3b86d7f9007f52400edc205a187d23e74485885e246926e96b162d1e7

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\ae-534fefed.svg

Filesize
259B

MD5
b62c8ca639b1bdb3bafc60d1d26d54da

SHA1
a66bb626929d9e59f657f42d7a3d8db9341d1ff8

SHA256
534fefed901b97bfdbcd0c1abc26266fef508ca5e66b84e30a29db5f85ba14f6

SHA512
f145ee24d86cd468ce4fc1900eb5c81b38e1d85246a88c73f694fa3b1e75b5341b566a14d0563c2b132771b828865c80714a302fe56e7dba9e98ab5d07326073

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\ae-e646ea13.svg

Filesize
251B

MD5
42d71570eaa84e61032f934cc8296e79

SHA1
6c96073bc6bc341836ad6cd74657a778640aca93

SHA256
e646ea138772243e7193d7d31f68001764c6222b0c69dded36e75f1cac66e725

SHA512
48977d05e1395a4efa6c311f4e0595c5ceca45c9c460b1ff1011ded8a98f14fc22e8d83550207ac43588f49a5326538a3a23a1b5b8f07a453a4fe1fb6c605437

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\apollo-client-5fd34d2f.js

Filesize
297KB

MD5
847cee273c1af3f0627f5088f756843e

SHA1
d8a275bdf281c49087155d3aa301543cdb10e19c

SHA256
8c2787707bf176dfeb147200bba8c3e2428784f18c765148b1161e1b31b276fe

SHA512
7e68e9d831bf014ce97f832e66173e95888c28a4fdb116a275f86670300aa90719277e1b76fd0bfa88960f89cdd4660a021bb5191ffe107e844441d892ee9576

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\au-01aa7963.svg

Filesize
1KB

MD5
f3c973867c6c71ea1429e1c7bcab6fd6

SHA1
a4d3b33de976506afc5a1336dbced3768cab2a37

SHA256
01aa796373ddd02b054d1cc2580a4cae7ca664abcbd698e10606f4fffabba245

SHA512
0ded90122136f9d6f4e9fa906c0730ce480778159cd1a3f543523dc1cc99ba8ee49b66ffede0dcbea967071bb0cac999d630b5ea07358e0d8aa58e64562c1e3a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\au-6cf0b0da.svg

Filesize
1KB

MD5
0af6624d4b0ca5e2348e094d3fe0a4bb

SHA1
4871ec58de94feb020594ca32debd84b7597ab1c

SHA256
6cf0b0da43c9da793b0e14ac2d374f11343fa259d5b351b28b8834119d5af651

SHA512
531ac68e45433cbce5a2780e459aca9ed5e86da7e109686e8ba8b6e81ea152a90bf1d3196bbf597537747a6a4afacdde1560219f4c0a3bc7d891276f0c81516b

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\background.ts-25f57590.js

Filesize
2KB

MD5
6181eb1a37563f513f33910b4df67a6d

SHA1
7c30f00a1502f609f9322c7f0f7ce0c4633955c8

SHA256
3e96242fea99e25e8d959c97534e2fe437875b8d89818ad2184ad6f57334e7ed

SHA512
9266f881bbe5d02bafc23bd7bfdfb3ae8e164fc48a9d4d9056b21158a02e8eda839886798fe0a59c85942d470994c4feb51153911b7b613d16285596b4d35311

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\bh-102fe27e.svg

Filesize
276B

MD5
ee0ac09528486a658d0d2ec5c6d90ba1

SHA1
991b1e1352f208b96811ebf1c70aa94a5c2f4a0b

SHA256
102fe27e6c59f5a1ef9a255fac1312af5828e9fbaa17c5b27d197c09eb88d05f

SHA512
458d07d38b225e7f8b11b889123773bcada8c6dd1e4a4f8481d288b8cf27acb68106e065eb00ca23db55a35d1775a719cadb75fb0e0d52ad6530914582585018

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\bh-7a519f58.svg

Filesize
252B

MD5
86725006a063c2db6d6b0ae08d2a2ae5

SHA1
43c16549510ab5de31e989a297e99536d33d81a4

SHA256
7a519f58c9007731d70a975a48cc81fcf516ab52ab972f9739eace370431e0c2

SHA512
8d989a7c77ccbc77bf94e4a912b761ae7d3605dbae6733fdf97b489cef96c51268c6a3b7adc25c317abb5e821a320cfafb11aaf629bef9b639ba10be207b9669

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\br-ce7e334e.svg

Filesize
7KB

MD5
8bcede6133e8c04278c5ba83caa509f6

SHA1
20dbe735901f5db3292f8835f44fed7f0e61a6b9

SHA256
ce7e334e197be6375e64306dd64dde4951bd7574e89389b3dd25547908c21aa1

SHA512
95ac58dc871b91bf897190ca933672363bd870f9dd191c90a42781958cc77f7394500dbb1bc0be2f5dbc6494ddfe38a9d3a72758d0c57c62492c7e3d26f931ab

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\br-fc872e71.svg

Filesize
8KB

MD5
155348d0d5ca941fc05473797fa203b8

SHA1
657d0dc2475c002ae3db03dccb0bc3bc9fb241c2

SHA256
fc872e714b4664158f200f0967861e260dbaf6ac32c9e3fa9a6628e9c4631342

SHA512
2df4bfb7ef6530c8a3e51f99728049518ccd2d7c70a04a42a046c3159326b01c325327d44a4b455097d89839485d52b5c0d4368f0c36f50631ef18dea4b1ecee

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\ca-5e8736c4.svg

Filesize
644B

MD5
4f67be07db374b31b5fea5902e540895

SHA1
64e4960f2c9cb2e96f948e913d447ce9b819569a

SHA256
5e8736c4d33cd845639103de02b9963cd71584cac337476fa8f74b98077c563a

SHA512
0d209821323d2720a4f88f217e959903adf2699fe3cce3a40d469d5f46b51261fd588de8ddd1d2bdfc4c1bf72ba8587878dccaf3e9cb8e691b6624e921ef8b06

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\ca-73bd9657.svg

Filesize
643B

MD5
f3277db42e8a0498c5f23b58c4d681fe

SHA1
a82eded5bde47d934fd7cf5695f42b011e4e36ff

SHA256
73bd965736cf543ccfcb737b4c6a0830920d481e4b88fbc2c6f79a7d14c83b66

SHA512
527a2cc3a6b22b09e68821b010f33bbe677d4e6a57e01ee0897243cfbb7fa11f84a2cbfe29110feb1cc4fe8b1dea694113d4488f93e3e61a15c637c9fc81218c

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\ch-ac676cd3.svg

Filesize
290B

MD5
269ddab4d19b9c60a6459c09ddfd48c9

SHA1
d012b2792dffc21807ead2e6678dd87a3992e428

SHA256
ac676cd39d7032988598ef2dd73f6bebcd767738e3e469705d6a437835ac485c

SHA512
522a43c7b2d6c1a0ddc021739f6dd9285decb924894f27f87d8de3ab026daa87733e0ecdc0f962181ac229d4f16fc324c428335e231c30a9ef3c37dd0ce01b47

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\ch-be4b8257.svg

Filesize
288B

MD5
9f295dfce66ba565655e91d247284005

SHA1
28ce5d1eef735c0b4c77aeeadb075c8b7c50220a

SHA256
be4b8257f7ce4ea46d7f97b3ad9b3a9222be4dd10f9d8aa83b9716e2fca9b5ce

SHA512
19c8fc99d0a321535a6460d311a06cf6176ae2cb11958fc085175658e0ebb9556ffa927af0cc4070c38e92c72a1edee02e14dcd749a1c05f922096d60e99bed9

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\cn-9f7f1ab6.svg

Filesize
736B

MD5
e2750956d173aa7761be9dba91ff5fa7

SHA1
0d444a91d1ad1e13efdc9e00ac43a245e79d1577

SHA256
9f7f1ab62b443fc2a90c67f2a2675e532a44b6c636cbba314b0e95475a531376

SHA512
2032927b9c951f5ba70fd1c64afa619cf4d2226a8b9bf4b86687fccd7fbac4e49b22a2b5f9f1b4cef46f0ef450a9c6a644de9b5aef9cfa62fe681f3e78110764

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\cn-c1f22841.svg

Filesize
795B

MD5
01b1e16506941b544ede62b2d65fdbad

SHA1
503625f72ecacba80521c55deb4bdc76ebb3494a

SHA256
c1f228412a5062bbd02fbc3e54727820e0dbbdbc1bdc4aa7563ddceb36b4c43c

SHA512
594362210c65f69407022d105eb9c3aa9363409a717d2b28a5ed8d88cf78943ccab72d4abde84a826a05cfdc8d78ed7df0b5f299cb8a5ddf2f2bf719b2a439e4

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\de-7318c9aa.svg

Filesize
210B

MD5
78feb91bfda2ddce6bcfdcbab050995b

SHA1
a1433065fc0e8a3d14458ab872bdf44f8a1040fa

SHA256
7318c9aab1fa93d98e06f996f797e8a8d02f31fade30d0dd9b1ee80efbc76cb5

SHA512
07092762d3c8c7ff023b8abcad1854674c224ada18d7fc6e3dae6b89865907beb388c19359a6e5cd428caad4920a05c8803d7d3056fadfe9047aa1f3e7aab10d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\de-d5f40046.svg

Filesize
218B

MD5
4e64ea42c3d10fdaba69ac91b1dcc8ff

SHA1
604c368499a58499e21ab5337a325600cb35b421

SHA256
d5f400466b074bd5d0cb5dc33b831b767503242027a3f5f4438b7128692ea378

SHA512
a30dab23eb4234417fdbbc2b7d4e0998d1f438bd69511846c9ad35706836201e9089cc142f0b5e036e93bc63d94f33c3886fc52bb049f69196746dc92f74ba57

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\es-6fe80291.svg

Filesize
89KB

MD5
91221aeba452aeb57c55826c70920835

SHA1
a9556ab0e13a9fb6f2bed11251c35044864a0b52

SHA256
6fe80291cd9be7f06d9f205081c3a5264da531b49e40ddbe63bda08a83c1afd9

SHA512
c3888a7c6e7c9f985f4801738da1b1b405a7d9a9a95906c9b17926c627f7c100c191d684ece752906e72406574d92e3e42d0affd2efabdaaafc18bf1ab6b8e42

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\es-ct-11229703.svg

Filesize
255B

MD5
3eb3a35a978070fd4a68db545c527b54

SHA1
b15eacabc4aeb6f087eda85077a4b3aab72c1d89

SHA256
11229703126cc831021cf10b69552e3e5ed4534efadc44fa9aec151d2d4cca00

SHA512
6e3efd71282a4f7b672fbdf61a3ca8eb3a9e5cbaf350178aff3e07deb82f676050e109b9ebd98240cd920441c8ea70794c229e307813104498a1bc8da7eec0a1

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\es-ct-95f4033c.svg

Filesize
254B

MD5
e5d7fd1b2ee438320338f0866cfef135

SHA1
b51b7594cc3b10df4ce963a5a59fd33dd89fc646

SHA256
95f4033ca7cc4c32d32efb39cb85fbf994c5a76c6e5307dbe6b246ef976cf640

SHA512
0a76b053a119898c163ec6519ba0e56bcaeec872d159d927280d5233956a2968f4be0515499be2a1ebfda0783458b1928b8604f3a255231113555b6eef28a3ea

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\es-edd3ba17.svg

Filesize
91KB

MD5
ebd9bcf21fb645e3f1ad336fdc4b9f88

SHA1
9aad97581344ac32a4e98b84c21a09fcb8249957

SHA256
edd3ba17f54cbae719cde807dc4d96d7ea84ba0b7ac7e7d7f34594d16e39b3de

SHA512
b6f9c79611e1bf18dd92704c81f148b2ef6389576937b557961c8a5deffd1221a7e5930691db0cf9f44e0a0b0c6a208cbe54d00902c01a5c3a80aa7eb1bb57f9

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\es-ga-0f1c2551.svg

Filesize
28KB

MD5
186685299735a4fd2ac07d20479336a6

SHA1
0ec05b01dd795faf378e0e37cbf3219fc4a50800

SHA256
0f1c25511e5a6ea230f3ba4061875429c66c9069eb757169e3bf9507a481653d

SHA512
548f8c90cb7901e959e82bf228f99a5cb7c9c459f144d7ca3b0987cfebd6055d11afd1645dd9092febfac77354155de7e118f8bf9026a32fb60fe85ce6e454b1

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\es-ga-1955fb3b.svg

Filesize
28KB

MD5
e80a14487ff008bf15cbc5636fb31ad5

SHA1
c838e22b14a8ae03f9c7b00eb3fbb0771884534c

SHA256
1955fb3bb513b3561a3cfd4fb6dab24ce61b38abcceb2b2d03b74bb573f3df13

SHA512
2e05af579b4d9a11e8aa4af5ff67c327eb2b2809066ea0fb128dc59599fc91e2a674c2aac68b8231a97cbe78af1e89f16441c2e8b65577520f1d74c25d82bb2b

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\fr-0d02622a.svg

Filesize
289B

MD5
deccc962ba42a22c7674ff96905c852e

SHA1
4d40edcf3b63ff9be2e2ebfbf17145caaafb3253

SHA256
0d02622a69c27215ff6a6961b97f18d69e0b3745dea47b71bbf3a488f6d5863c

SHA512
653adcbdeebc76b204b957eedbc0220de4030aac176ba3714a89d440cf426fbf053adc56cbedb4313fa7319e025942dda2c49400f2a145f44079f8ee6cc5d0c1

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\fr-c19557a7.svg

Filesize
289B

MD5
cc4d943dbac895a562d174fc60d3a8df

SHA1
43787164ac316df0a0131e02c83b7970ce5f8c92

SHA256
c19557a7703c7239bb32690d9166e34f97d9191e567031292b3c1a5e50176b9c

SHA512
bcf9a5d7ff770551ed37294e7c6246249c8ce4de2f51e542744751f0fe52e29d9a7bb143c3374764b8e2581e9d9017fd8f245af5a67462c746221cff36859d71

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\gb-4b739ae8.svg

Filesize
538B

MD5
521ff9175692d87884eb69d15280dba1

SHA1
083e86a1aeb14a6dbdfa69231d75685dffe1c045

SHA256
4b739ae884c7322d7edf3d2a9c2643193eee11f15ffb485399dbff096c96e8d0

SHA512
f8baeb6a78888e665f73bc467319f1530a3650416842809c76f22a49c76b59cb96c10579185f6d89d659a8887bb823090ce1ddebafac34950cdf891eb6a8f366

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\gb-51a8613a.svg

Filesize
535B

MD5
fcfef6780b36bef537381474df9d0be9

SHA1
68b2ead4370e7ab7b70eb6d35a09c31e73c44fd3

SHA256
51a8613ac1b05eafb9486e6420336bd8b95dae7a9d11def6318776a61c701a08

SHA512
ec21f7b6951f00f0da0acfdb21bbbe037dcaa2a14f2a1de02c991f91af689b1039720801ebb90ca900379766d5726752ed7fd85a349db508d3f94edecc4ec0a0

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\gb-eng-2dd36838.svg

Filesize
229B

MD5
a877951862ba77ad974775646c0b22be

SHA1
10d259ed54e434c88de190e7160f8c68894f9a96

SHA256
2dd36838e27dfdd3a70160a69b2f7272b4776286598276b8870bddb527dda287

SHA512
938b54305e5b36d5821b395e472bc2ddfe261c1d743807b37b8582e5ab2c295e74e1d0453928f87bcac1045a98d4f729da79bd2021a02bcc59d11c3a7073147f

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\gb-eng-53797ba9.svg

Filesize
239B

MD5
7caecb785400d1cca7b319887a9d81bf

SHA1
c859dccfd9e13e47a27a025c3d5dac3afff178e8

SHA256
53797ba9e2dd9b18cd5344255f4e9ae9fad743ecb628fc9feb98abea4f48f90e

SHA512
0b25d101dca4b64f9f8741d64598a295943174fcf6add9b98a0a291869f33197aabfa5560558f6046168f2feaaedef8167f60b3afc3a8ffea219e7fd25b26e03

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\gb-nir-14593385.svg

Filesize
24KB

MD5
ef8d6ec9a4ea5a559f20bd4b4f5ff0e5

SHA1
269f3baea0c6dfbb78534ad3768716c021ce6c6b

SHA256
145933859a8300d2091d849b10c814e7f22eb36e36d20b6a1c2a66794f099d03

SHA512
996d28ef46effe9628a779d2f08d2fe56a11c45a0e48e380848b6fddab8cc7773acc9056593c9f967882af94e90a3fa475bac5682788f5dd51c0d75bb0db8bde

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\gb-nir-ae91c319.svg

Filesize
23KB

MD5
4bcdeacbaadb89951a2cf091276e6bd9

SHA1
f93538b796f2445cedd1a163a5c1eeba8fc204e9

SHA256
ae91c319cf1db5f11c1072661f1c96f3db2f4ded2f49c945ce489f182933a209

SHA512
ce2310ab408c3b3d2ed9eca597ac789623eac7d961f662eb41459ad9ee4fffc552e6740638b8c9c0cc2fd670c1fc3d8dbee02ec458dc782b6feab0250ee2b8b3

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\gb-sct-19ed371e.svg

Filesize
236B

MD5
9506ab939d483c630b7db236ce744665

SHA1
283b8c77e3a6b15ff6d993f3c38cdca37682ca33

SHA256
19ed371e15a7cd92772081ce2ca9f24983273a12c99f6f7db48d4c7b424b3433

SHA512
36a188673a0de21b95d9fd337e0bf17eff7807f78e5e161c27639acdec11b7a05c3b96144ebb5dc81c5fd8da0e3d206c3e3dc61f45c486cc83a772bcf7e8e104

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\gb-sct-7b55bce7.svg

Filesize
228B

MD5
ade55ed456211d6577b2f80c06e40c51

SHA1
2983601a486ae876c3c2d503290a78f3985ae40c

SHA256
7b55bce70824742222ccd804a4bc3d0e0f0f9416d103d05a46dd60825ce559f7

SHA512
e758a57b2a5753cccaac8d5ccd0cdc42fa8ce92ee9566bf96070b483467bb457226b7dbb3b028a2710f207cb042a095bbaa4a37ae5ee8fdc1023e6527a450793

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\gb-wls-3a95845d.svg

Filesize
8KB

MD5
9490411928d3db5cad64a17d7c2c9f8b

SHA1
fbdcd2caa92c126540060caa3acc053456b1bf09

SHA256
3a95845d4ebbfaeae77d3cb9ca2d9c7a33067293104c1d382475b6df096c9d67

SHA512
4c22687b367247155cd88e334d88abfdde0489deca17db4cda8d8689f8ea2bd8545697c37de827a80108ad7eaccb0d93cd077f99fdd0fc27c5ab95393cf543f7

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\gb-wls-d3c5b996.svg

Filesize
8KB

MD5
c488ecae68ddf5574c36b7e5782f6954

SHA1
c413b06f2119ac110bf0d402dfb9ea6c928c0bd0

SHA256
d3c5b996d89954eb16a37a98ea7f523468b240b6a78d940d03623aedc00a4a7f

SHA512
13d331224125a45e4e1a821137cf3ec5a54af7002834c80fd36d6ddf91fa2fece6fd3d09377bb3f4260980f3ba1b9d791cb2227e9c2ac69e3ed55c752a16e861

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\id-5cd3acc4.svg

Filesize
178B

MD5
f5aa812145ee85fa05e5f2b62bdf030e

SHA1
3ce40942dbc41556fd6f97f7f5b3524579d47392

SHA256
5cd3acc4939dd7eae6318c8d75df8c0d1733f650e2504a2635b0dbf3dfabb040

SHA512
2b1302f34f070a50e26a700950cc653aef24c4bab565f6fdd085e50ffdff9aae7ce2f9f0ac9532b57260a51edd112fa3795792cd7791ce744910bcb77de177ca

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\id-b8cd30f2.svg

Filesize
178B

MD5
b966e5565c7ca5538622eafdcc091c45

SHA1
67c088a27aedb3c6a9ad3592a10bcd689678207f

SHA256
b8cd30f235dd704eb6b82db622e8152a927d075c1d32e8cac885c2eb20bdd989

SHA512
0a0bbf7627e70a3ef81abdedc7fa6ba34ef98ce05e9501044a3fedd8640194d747a27d6f3c07ddaedb37bb1231efdf2441756ba6e4b0178052325f92267ef531

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\ie-860168f5.svg

Filesize
289B

MD5
110efbf8a9a95ec3384b8b45dc5bc607

SHA1
6e3dc631e56bdc9538b239e928537fefdaf734c8

SHA256
860168f557f3a0d0a878d7a7b2019b2e854a3246c54c7e87dc3c0c13007ff97c

SHA512
bbe44b94d59a22489417033fb15bc5ac0a7768acbda0f46d8572725074c3d96f9b794133d2d0f9dd8ca2e7ed6eee15277484d361ece7a6fe532cfc59d69ac862

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\ie-f82568d7.svg

Filesize
289B

MD5
1c12635a2932de4b8036779933a84d97

SHA1
713af507e8eb25f1ab4d1a98527e30a30772aa8d

SHA256
f82568d70bd1624ff7ce3ced8712a718a224ff2424fd2ade2da4339be3bba463

SHA512
327fc271bd21f7869dfc167445717bb80b303a9fa6aad2fe5d60b10e9def362e6cca80291dda858f16accb5413389e1e305506053e22dbf314d796392a65a82c

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\il-0004f90f.svg

Filesize
850B

MD5
34a06b2d0f74c070d921ffc022296f42

SHA1
c24609e5b6372a4be8831df97b24e9ffa04993af

SHA256
0004f90fbdcba9314e4d53ec936960d27e5194d7d4cbe36b9f8466f2296c9855

SHA512
3030de1660f6e1c7b786a98bea92993b12a756ce3e1d35413a26c90b511b27e1ac94539e5db5fc2b817c7a441dda5a66c752f9557474718435b019438e096c82

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\il-a9c90b0c.svg

Filesize
897B

MD5
b3e45cd77dbad1845e29574b8f882f8b

SHA1
72f101d45db6760bb4d6c50143d18cfb58ecb71b

SHA256
a9c90b0c391c4bd789808672fc44a63cb79016677b7b00e91af6642c4ca9d22c

SHA512
509e45702ec46a224f9d2dd916cc8a186c4ef3ed8d802ec9a4941d1ce37c2186d506621d87c48b5822024d37f7e7b253b1369f3f06d2338bfb4df3f309916ab3

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\in-24cd1522.svg

Filesize
1KB

MD5
fd8e911182680a39719929a06ae8658b

SHA1
6fccfd7735304364c368e98bf4b9ae9e37d3c3f1

SHA256
24cd1522e9310bf166ea426ea8a8a82d57cd149ae358b050befc7ee2965c4266

SHA512
e4c67951f43d4cca77e3e78097f3306e5248ab8c36649ceae0584dc12690a949a2f598fbb23ed9dfe6652a6dc8c5d9821a6de7e35ad5997e22c2ee0a1a3a2238

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\in-9a372951.svg

Filesize
1KB

MD5
7ff299bf914c980b81cf2bdac954f00c

SHA1
d0cc051ff28462e2da7cf86e829954c0a96a39e8

SHA256
9a372951be6607b6e1a2a9738713247897a86266a8e751352973af0279aa9a80

SHA512
113de431650191e9884eabfe555e91a924f630c178c7001de47fd5c9f2dd72ee7b93a29670a13ac26cf7473d3cdae4c7424d98303adf72ceda9f62a7d7bf17c5

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\index-2b0afb5e.css

Filesize
41KB

MD5
d288477577baa90c29abd8c437ba44e4

SHA1
6738be5009ca76ed2edb7051dc2b4e06b689a73d

SHA256
2b0afb5effb2a29b6445ea37f2aad898de03c33589245cadf3003243bb2ba493

SHA512
88ec72da37d9d78f74eb27f54fb85d18a0ce394830b148690b40d404044fb0329a3912239cfaaee30ff088c977235cdc34a15e55e735760d7087b74dfc183255

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\index.html-f4aa8f13.js

Filesize
47KB

MD5
154376a1038aaadec53acb1dcd47c1e7

SHA1
e7918bf6442e3d35b346378b520d8b48ec8de44b

SHA256
545008cd2ed6aafe09cc1c816c744606b0f7f3054b3c0c0344e1c272d732397b

SHA512
a2f99fae27faaedd8f7ac593c36c8bdd529858ab91140072a6257b10213349debd8c009b089c60799b0141b9f87eb76269a428bab8cda3720c848564d379cbbb

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\it-03086f2e.svg

Filesize
289B

MD5
5dd499d625a2415aef316563427b867a

SHA1
2c6191549470affc84ca0d73cba70c83bc93a3de

SHA256
03086f2e38f798754fee6c078bce35b807b600acb15a7ed1155fdf3a20d55abe

SHA512
9f0fa8c6533320d02c9671d69631b01a015129bb4a4a0336f0050fdcc30ba076b10c67beeae9eaf51e4aa72f0a1c8751c6c9efac0300148975b0460431a33520

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\it-9fa88118.svg

Filesize
289B

MD5
1d72a5dec3acd073763570e3e5fdf784

SHA1
25ecff80eb26ef79709ab7278eb3991ac8cc2734

SHA256
9fa88118818d9b64838f578e2babcca3d0630aed21b5c33b34aff7ac5ce506bc

SHA512
dee0b0cae09b07705091cd7371f40650d09fb1fbd736e60fa2716679a660b515a0c74bdfcdb5a9d32a178870a14697010b018c417ce30402f5ffa42c8b8384a2

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\jp-48cbe3d7.svg

Filesize
465B

MD5
1dbf51e247c6c40000c51a1070515fe9

SHA1
f59a604a16e58e660fd7eda9c20bc1c6151b21ca

SHA256
48cbe3d7d7355aae043db0e046cdc6f20ee2f9010d5bb78fb67d75f6174a68bf

SHA512
fe6d1b3545a4ba7f4f3012ac0fbab46560aed48be22b5e0431cc4a34b3706798662f85dd6f55355e25377041468ef10e2ccf778dc16396d853b90f739593b816

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\jp-d1182a34.svg

Filesize
481B

MD5
c76ceb8ae536f3f2a130862acb951070

SHA1
44c16bdbe88ca2b4029a5f897761ad4f156b8433

SHA256
d1182a34f29a69c34992cf29d2918cb706610d8fc24b14539878e1808693651a

SHA512
e6234d33dcd28953ad681467c8359608c4d89d6396fe872891ec13371d3f8d8616ba27fca72e406a2cccd75301498a24e670b9b65f2141bae526605876dff1e3

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\kr-268e0a2d.svg

Filesize
1KB

MD5
9cdfad72c8e727ef9a0567798866d0e2

SHA1
a8427907486796ad44f36a7ed0dfa116d2decd11

SHA256
268e0a2d6ce180930393935951f59da54f55d8ddf573222278e9c61c0635da3f

SHA512
e16095bd740b4a57b5e8d1e5401c2323d8ca84fa73025394a7883b4b1e7a20108c1b7306f2d708ee8fd2dd4844177c578731d8f7da33d0186c742338416b5182

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\kr-f4369bf4.svg

Filesize
829B

MD5
1ae5f49ec0f10e8ba4a268767e9f414d

SHA1
a2c834f5d272bc22bb2a86f70a2dd7d65a2a4670

SHA256
f4369bf43f5b3c3f533603be56d1831561f14c30f5663f966b35cad3d66eefdc

SHA512
88e666f897a41eff3bc537711f2fb49cee5615666a433d306ec49dd8f2a7306009642b940a46a5f9445e00354ba7a4399f9d03be7c4013afc41eb4545e141633

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\se-b4cc09f1.svg

Filesize
227B

MD5
c385ba828f344e6856e6bcd4441582c8

SHA1
eac581fe82df95f11916a9b382588cd2c9426897

SHA256
b4cc09f1bc0768d7903ed9ed3d5c4045fc833d3851642edbccb377b427eadd69

SHA512
e648a9d07bd73400530f7adf2440fbdc749b56ed94ded199f57d5279545637461350e0692042a7501baeebd707d2b5008d2b0e6dc55d029f862386b87c7fb29e

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\se-bc8a97e1.svg

Filesize
213B

MD5
e9e24cfb2d85c7e39aafe267fffb0810

SHA1
5f252512649b05a15be68adc7075b629bc429297

SHA256
bc8a97e12df2b2f6eb0a74e6f8b56a5871b9b8fe4ff5a203b420489971ecce05

SHA512
722e763f0ce156ee9975bd97f4da3fabe11ab191a10b2d85d3115acef22247c93b4ed7f156e7b30695990bfc3d82646c422f6760e010b577445e08b178f62e89

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\sg-010b1e94.svg

Filesize
883B

MD5
966947b511d06da100d23e5b29e5ec75

SHA1
b2a37f30e3745d167d483b7f1976c7bede0e475d

SHA256
010b1e945ec110a6cd25648433b2dc390c4e4127d5f7e7d479a2d9fee8d08012

SHA512
571fbedd9e0d9540f4c0657c6290b621a9cec904c025e0df895a4326b444f70a213d5e6d213d0a8c2bb309a9e63ffd5d3c5b92efaa95b9737fece527ce24141d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\sg-b0a8dfe9.svg

Filesize
944B

MD5
34ca8973daff498636ce08304b93e064

SHA1
87e73f2febb0b5f999499cdbe887236aa7b0826c

SHA256
b0a8dfe915aa6649004453262661b088a41380a6a42fef40eaf72bf8235e19e7

SHA512
2d50dde8f353b1779e039f8d66bf04c35dc6201b680b75792c73141ca731e45c8759239b27c78c613ff70cf500b3377fb402f1f81f114a8cd014a8b7099dea83

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\us-553867d3.svg

Filesize
4KB

MD5
bfaaeb1ca82bf9541f20aa098f3e7cf2

SHA1
60eaf90ffd92537efab96ca3630af5f5aa885444

SHA256
553867d379deaaf0d8379531cc1f8ef3002cd13e5e006523ddc49a0204932d6c

SHA512
210acf8514dd16bd2687ba0f5111cd5945da9b5cb73162eba7570f4830726db51d612cbcb634790dde910071abe7212b4b9890b69a44a449d91c128838b97bbc

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\us-740efcc1.svg

Filesize
4KB

MD5
9cc8e5bf166cac22526c32957dce3f73

SHA1
4b067cda49379045689c01be83e481ab5546268d

SHA256
740efcc18998742a7db0e2ba610bddf20475b2aac4b6509da488e04593a2d748

SHA512
339ee247429a5ffd584fc22e735f65b88ce0043b69adcf5a188f5a559d7ea13158bf65c631cd7a1e5d16a8cec845ac780f8a97c408d64c5f893e793b0b1f02b9

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\utils-9912b0f0.js

Filesize
217KB

MD5
39c1fbde6678611742d2c9eb4bb85635

SHA1
eef541e137845ec3bcfdda78b18aecf1e85e9ca8

SHA256
1ec526f4b2052b3de91cda6053220a12d4e718440286d08385652ce8127ec759

SHA512
920d0924f37e54336b736f16af430dc0bcc813f9a7eab544c2f3f34547458c0d46f5d026527e77ab3b82410a66c7e8ea5e9a3a5608fe4de59f1e2480c5bd001a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\za-4ed696bd.svg

Filesize
882B

MD5
99f64c0ae175bf0bb1add566a0ae5fe2

SHA1
8d364e8c1f3daaa07ebf1ae7ab8dc26279725c0a

SHA256
4ed696bd7ca669d850e5c7b819ae6cdef1be6d53cab3584df0567f7c64ceab88

SHA512
62000107734a5332c9a737a54ae5894c859b2d1faa6ad673af379fb0366414d2e38ae2a01da74a30c13e196baa7b4b1eb774a0b2c71e4de7c002b0ea1beea3a9

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\assets\za-91238fb5.svg

Filesize
863B

MD5
0f05edd20e9989a57e9c3a57ab51673c

SHA1
b21809966bd5382f8a31495aeedd8defbbe3a245

SHA256
91238fb5f731634f8cbf6193a4703b239329cb7730fedaaa8429d1257632dcbb

SHA512
6729d8e6b7dbecd9831f3ae40bfdea1b61daf25735e9682b1928f51393643d59aea85a4a3c44a167600df3186601766408e94730d0261c470854f554eb425dcc

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\background1.png

Filesize
16KB

MD5
d97efd1d76b446552f6b4a00c7674bdc

SHA1
9bd7be0f91cd766ab506f81985d22ea9073fd15a

SHA256
5047076be339718e30422eb8eb58b945b867c322b9738ad19a3381065ea18ff9

SHA512
6fdd31bec9cd44b3b5921b5ed4301f96b86a22952f1e616cfe39ccff666c41d17e7db55bc0d77e31f4b1af080eed24dd351f799d069012d1d69493deb1d6e5de

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\background1.svg

Filesize
1KB

MD5
12d5b57a2b5a82263b1dec4f8afb634e

SHA1
ef09f3c1e597e72677079fb1d01edb0dec431b6e

SHA256
151439f1ae28ecc0bfef755a1bc4a50a5e7095c2e3ab8c432e3b0fe29f4127c6

SHA512
6969a69de6fc8c1bfffbc2cf56079ea1fdc0d677e672924b1959983e069fea1e5b1107c879e2792ff5b132cef2be5030227888ccb84dc371538ae4bc4cd52864

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\background2.png

Filesize
760B

MD5
0177174db581fd7d8907ab4288d127b3

SHA1
ae7fdc1b0124329bd80dfcd5bb524be63c223bac

SHA256
2b2f3e19d9a0546985fb44b8a30acbbad61187dc749ecf0dcf53b9b966db9782

SHA512
8dd57879870ec588318aae04466b801a8cf4b27f46fe20dfff89a9f1efdc1f252b3a8a5e257d883c9a915684ee56f7d78bde10a20da8e7c184febc8843d5a877

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\background3.png

Filesize
19KB

MD5
025b20fd5a389b549a4c4944642e422d

SHA1
5d4f574184ccbf96ef7c08ec25f0a5929799390b

SHA256
83ab4ea75d989898245ea1e96c574c49eca1f7da771a41de908aa4e875a4f7ec

SHA512
282f7b9f982fe26ec1bf1b7c3019dbab1ff5b4cb5c3c93862e3c175fd80f6b22a448be2f8439c7c5d894ff820efdf20fc4bea1bee0c7010176f2f209af515634

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\browser_action16.png

Filesize
642B

MD5
9d2beca74df9f9f4002daee467c13ba9

SHA1
82b81385946c2a69a4970f9d09f23d4e781d9036

SHA256
78c1d68f2359b059ae3538d7e0f7426753ca113209da48bcaeafa7a12a4c760a

SHA512
489d758cbd58266a90e316fbeb557a4cacbac6b8fd043ff2cb29451990260eeb7f3743ea71e0a9e78341af431c45184a9e4bcd2744a166e1c9c29691ae9af8b1

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\browser_action24.png

Filesize
1KB

MD5
dab0c6d52c46b6173c5d2ff92235127f

SHA1
98372787311c7ca8e90923036d7ffada118f6e92

SHA256
9c96348098db03f762c373c2b4caff83d4e6adbf00437fcf0b9c4e6dd2fe9b50

SHA512
3324a2e73cfea7c685aca6cf095b0528c01bd39f671b0f44f2b15f30197774a64ab19a1d8c57101d18a51c5231d4164ab95c48cde68d9c9dbebfd1b7940dd6a2

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\browser_action32.png

Filesize
1KB

MD5
1a5ca180e3a5cc3e70dc338bc1569a79

SHA1
727d44ddfa3310407e24830d9c91bfb33b035119

SHA256
313b07a65f130f9779e05657b04e6c37cf17277b9432c5f675d2486c4413838a

SHA512
3e551de6fa14be3efd1b1fafd7f68ed96fb97f9b0d02fd939b7be2aaac77d2e7ffce4046ad35392aee6967d467bc168ff04a36e9b4afcb45b949ff3ed74f4aa7

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\browser_action64.png

Filesize
3KB

MD5
a2c7b92d11755d79897710d37f36caa4

SHA1
e8139b8ea6817ef0f8df65b278a7d7b8c5b327c7

SHA256
6a2194a96bb18427991d7f74f1f138fafc88974ac5ecc2dc4196ea5abb6eddb7

SHA512
c26b39e6c4bc6b06983c6a3a512625a612080ff079d721b5815457b123b14b18cd4691787705149e270aa8751d8d97a3cc3be832c184b5256cf351fa7705c92f

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\browser_action_a16.png

Filesize
1KB

MD5
a0c07a4dba793f2c92a9ddddc9c49f7c

SHA1
b26a9155eea70d9c22169d0623edb2ff8a8bd828

SHA256
96fbd5851121562f65c13d716d495e46175c5b3f86023035035cbc11929666f9

SHA512
bb551fa1cc9a767801fd41799eca820e71971a5b24abf6e78bc349e7bacd899ef7b60911c207751945047067dc571492d60e4748715914a4d6e1db99c4fd5554

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\browser_action_a24.png

Filesize
1KB

MD5
0897b7c7420dc5e2cd71f378855efd44

SHA1
093b57af2ed57a2c324b6ffe5e3ea58b9a354d02

SHA256
9acb14c7fd4f56360e33b0fc13863f46422e3e5083652ad8ce70798a751b8325

SHA512
884e418f4ebb291c1c8f6799138203f2cc9779b13590109073b8780dfd7e683766fb841d9b4a27222b344314569da7fe5c94364f5d5b92c6a03e4075f75ef7a4

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\browser_action_a32.png

Filesize
1KB

MD5
567fb23c6ade6ca7d2872df7abad042e

SHA1
1e05e09d74ebc423ade4356f33f16a1a9618a575

SHA256
c7a89556a3fc3a9daa3315eea5b5b5f9271fc2c3274e6903c92a3eaba3b3ffff

SHA512
db1a33d44056fb3bdc71c521e0daf0ff659c500508f3e42db408665a132ea10d37372524811c9859ff4d07b0e8d94ab8a2de729e91b1687aeda77a4ae086b644

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\browser_action_a64.png

Filesize
3KB

MD5
09896b1120b440647d47b90634edb71f

SHA1
5e8a80dd9ecd8c611cd4ccf80f7570accdcab317

SHA256
190d5e9b9168dfe8880dc836818b91db6de3035c9911dc25421b5039116aacb4

SHA512
a7e1a7f4b03da5068daeae7b66f32b7b15ecdf90cb120f0ea55fa23c3551f64c4c306270f5cdec901bbec4de8a1faf794560166d7de64752f87a3eb07fb7c9a7

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\connected.svg

Filesize
1KB

MD5
378b2c86638c95d382607362c04f5615

SHA1
b490bbc55e2ec25f1ad4d840ab5864146a74c90c

SHA256
95aad276e58c4a56ed10f361e575ebf0200dca92480e1e42d15f5dc4fb38da80

SHA512
bd05dc8cd4131fe8166ad9b3309a7a99e23ed61df7f9118e7a17a2943621f6d5be6cb5406aae17af48967155eaa6195faac3fe8ca3a676f8b88f7699e747ea76

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\disconnected-bg.svg

Filesize
152B

MD5
afbb5fd2ce99b7a7b5dd9db4cf27eed7

SHA1
0921d21c718c98c1781dbc0684a270f85eb24966

SHA256
b591a3c6465d860cce545e4675aeb991a902b542acba8656e701de6c8097e39b

SHA512
8d6008380750359c30e860699dbfca1c7496edf378f188a49008d22d1d98c54aca6dabf0966a72897b729982e7beb1818c3bc802305afde4441fd0d2301bfcbd

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\disconnected.svg

Filesize
1KB

MD5
eb12c94222274b7cd9e4a1e1e311a03e

SHA1
98cd3b073a9a6d0ed63fb881dd1b5283e24bba46

SHA256
98c17164661a73eba9b9b8ac7b8e4d01c8f2563728d756ea32780cadea744dd8

SHA512
42e8bf6a808f9f20a7cb3a71eb26b358d52fdc12b084e41ddb35c92a133ced5e99496dc32dfd2c61389c9cd5a4451621ea1c1145e8142a057672141333a22aa2

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\icon-off.png

Filesize
2KB

MD5
fd094749b4465d7aee040fc646201292

SHA1
60cd2271c7496ece310de171f4fb6f46998917d8

SHA256
efe519ddcf0b6b532f1a69eeb8ff626fd88387ab5c8c2800a3a9d317c138711c

SHA512
f404836e273bd8b836d71c062dc5749af9856e6c2b49b8eeec854bce0a35c81a4c9b476e0ccc5029212be99ed99bea8440204044347340b11a00e5e2b1ee6313

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\icon-off.svg

Filesize
2KB

MD5
2089bb2a5b0d587031fbe21cd36f1f30

SHA1
3654397420e6a074df22c1925adae51d964971da

SHA256
1bcaf48f27a03b01ed09b307d0b62d2becba488d830eed3c5f72348808315717

SHA512
00ab6e3de4bf6769929d7193aef0365f6593c32932d8a2817aa59381e3ae0ca7c902530ecbbd6ad17d73eeeaed3b30e08b9f2a84e6b5c322372b681113f80a44

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\icon-on.png

Filesize
3KB

MD5
a40aadc8bf14ae577bddd5ea376f71e6

SHA1
180ffa228ad955bff14470f9c29b33b5a9a49003

SHA256
ef241574ab8755bbec77702dd37b6bd92cafc2941291ef49151fa76194e9aef1

SHA512
416d91aca82324e81e5d92e4c720c3bf9f003068e57fb4b6db12653fa14fd186dd08e9d7965e65040842c36561cd31f0d941ab4a2bd76793256b7a5aaaa85aee

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\icon-on.svg

Filesize
2KB

MD5
b18cc77f7b8c4386125e6c19273fd04a

SHA1
bf7f623820347ec4f665056acd0f8a8807341c68

SHA256
039f22182a53e9092ccf14a713be83f4291a181c9d0a8b829f85caaf80c581d5

SHA512
dad09d50b6d85426970e626dca328a60eb9da0dd1f45d8632beb7fa56684f3695a0ea4378db6b84ba1a2379be2218fbe50ac127fd9e5b4f74525a488d7138a2c

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\icon128.png

Filesize
3KB

MD5
a167cf2d3c83a3d4dd48b353208016ff

SHA1
029dce8a3dd285aa5dc78917a0c4c7d791219064

SHA256
eb1881295d27250eb985aa7ac37083b5071fb2c2572bd87d06322657d6f6dbb3

SHA512
0ea40d6e08392f89e97e28c948e58a6245cae749d18c0fed1ccfbcb410d3695af042200700154626a5f8b89cd435f1cb9d6cb08392b061829934211c4eebc8d0

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\icon16.png

Filesize
544B

MD5
924c3d0c3db8408c7a06667eb2e84634

SHA1
bed764bc83a89a4f57f3496bb5c0a727d2f395a1

SHA256
5f2ef4d952f33d625cf5151f77effc5c675a78562fcc728f701ab83290f0f6c3

SHA512
fcb554e9d3958ce2165fbfe3a1790fcbfc10d1bc6020f8295e847017066645c819efe299bb7463947a14f4d76e278833d08aac69788cfc48c62f5df4dddaff5e

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\icon32.png

Filesize
1KB

MD5
6e61086a4205b1dd45a1fb26b4609b6d

SHA1
bc65165b140b2553149ea765eb4a0c59dd2fd8ab

SHA256
4a9a093a6f87c2c0260b8971565c39f845b440225ae1a9b014a23614bb74f9b3

SHA512
e01743149b3e49fb2d5bb3a0d7421b8177328e82695e8a8476be58719349ef23943b5772837fd2d56f419632868d8529b483bf36f049a4767137eabb9734a820

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\icon48.png

Filesize
2KB

MD5
0befb6f6fd2a8e52154d585ba39c1a1e

SHA1
98348743457aad82293323523e9c27b2c14885da

SHA256
e12405f3e15aae5fcca6b64bd2be52107f63a926cdd59fe3e40af33d8fa4f592

SHA512
f69c7ec7a03577441f7b7f7d5dc6d3d75058ceb6b6436eb62d3532b58d4aef1a07dd4664c4c61b934c452047e1449b4f2661ddb21f870398493cf59935df099d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\icon64.png

Filesize
3KB

MD5
6927f1ce419c0efa16b1f0b8fd8b2aad

SHA1
b64db61dfb1f5590c0dd7e57482158a04a91cc9e

SHA256
7bd63a32f87493c61808d7f03572bab6312e464cd4a803d38f853aab5387ddd7

SHA512
138f9479dd68341efeaf49c10d7115f4b71b751db84f0caa3e458d7d83a8703414de2132b7864cb55af3f76a669ade84f924bd38f5d6e1f7adbb7964dd3e15d9

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\logo-blue-small.svg

Filesize
2KB

MD5
060032d111c26c9a32b3c5a2cd5d6ff4

SHA1
f65a5167b914d0f1119ca78a132f94aa1c321b24

SHA256
a86015e1c04936de3ce6b0957d0be0d91721704343f9334eaad02c287500d813

SHA512
49ed4f2101af92574c26971a30c7d3b12b8ca3827cf729e413f74b85277135d04d7a5ec580fcd9e1e9a04b0391d01d9297bbcb4baa3e39dc1acfc166983d3447

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\logo-gray-small.svg

Filesize
2KB

MD5
282ba757f243efbb2f718efc1dfcae0b

SHA1
85e0ca9d8b16033d25c8a121a05c3b6488b96f70

SHA256
66add5e328d089d85896627e4a300ccc29dfda6d4c07ab7536813b1ddf80228d

SHA512
1b5be03a4091b808d279db1edf585d08119f472e0e5aaf5c348494374cb441464b78af5f7fbac9ea4a1192e2c62c8d082deb70884e29134b701834d53b6e5297

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\logo-white-big.svg

Filesize
8KB

MD5
0aa3bf65d8afdaa0d373f80eb387e2e8

SHA1
daabe1a6ae0f7a89aacfefd61eda220494389369

SHA256
9ae48f910c161527eb877d669f9f4053b0f83ae2b626a4a48561209e2abe2efc

SHA512
121d02a5a84c96bb476d195f27df6488db8a9cca9a594a5fb84558b3dc9b4d3deb2ebc9062851b7212c125f8183830c9190dd495da0ccbeca094ad4a73d4d7ed

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\selected.svg

Filesize
4KB

MD5
4f115239404bb8eb940c158d01d8e21b

SHA1
f70f8b77f0ed284b8a2208a6146d59a43ed90946

SHA256
e2119d5e7a5688d90b291110cd28543eea241a91c52b83dccecd0c2ba4a26e85

SHA512
1627a9bb081ca093720a2339e28cb660461f4ff9e7dc2b285b76ea257e4aa7e61a1945faba00e8e3b910843b57af79425d8fcdce3a3465bb5f6263f78aec6438

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\images\unselected.svg

Filesize
430B

MD5
94c0bbf65690a8100d76f21e9b5997b7

SHA1
731a40f796f159208b0775390fde4582adf04f4d

SHA256
48504a8b8ed024cba34e54ba4650ab52773eef8212873abfa475bcf14c01ac34

SHA512
bc77c8097c05d49c829cd20adcdbbdce2a6fccab33296eaa704a6dacd3be4ee8eb29edfa082c85ef7ec280c3fefe441e5adb066cc59cd48218824c17c2e23cc0

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\manifest.json

Filesize
1KB

MD5
26f59c1501adef9350ce470e103b9172

SHA1
103c7066e3b6febca3d894681a25c4e8eb43e4a4

SHA256
ec9892b026af7d39636afddbd814ef51c3ac1fadb5bf5e5c1a9d2ea29e2b7c8f

SHA512
096e59c26a39d57da25152e62975f11e1d4b281cd43f7bdb89f5df79803ea47723d6cec43f1bb50ccc7e879d3f44d1141a7df1d4c1a7f75d6c23335a263672db

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\service-worker-loader.js

Filesize
45B

MD5
ce93c0021d3911fd9b4c0e43633b4b3b

SHA1
b37e79e7cb01ff7d5bac43689b3f96607d4d13f1

SHA256
e60bde79ec1ef2ac45a39ddc5e911d41ce7205b08e89ab521d00ec6cf868f9b0

SHA512
475bc72a94d3a9da3071a1cd40d492c574212151a161532c471867c7a696b566c7b68f586496bb376dd6181f9e5233707c80f917a3b7304976feead94efa69a6

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_1777364986\CRX_INSTALL\src\popup\index.html

Filesize
528B

MD5
28415bb4f00a4a45ed2ac476808a7731

SHA1
157a00ddcceaa7e98b9b44e9498ebc6ca6ce1a19

SHA256
6b7b60604774a8980a18eb33351cf741e9153c39955719c5fcf7bf9dbe0b0b6a

SHA512
718e6ba24f2d3a65c1a3480e357c9078f4d2e1dc5faa2a44c4f59e4d94e80cd9fa4c1786013be0cb16a22eb665fdf2fe89a4a983502f7c518889349bb4883d41

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\background.html

Filesize
344B

MD5
91f8fb1ddab6a04e5432037a83ca1db9

SHA1
ed695f0786ed197b9c2f6d66b5da9d4f26e6dfcd

SHA256
4507014191a2a868fadf2127587f819ae35f5bcc04c13e760d2349e079ca5d30

SHA512
b7d30ef0cfbde624ca6dcbf2d0c3bd68dcb63d45d4474c43235529f193f71f18307823c3eeb72264ba5f6c5bf29091580b468bbc39e2f9a9529f64a3bd3c2865

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\css\popup.css

Filesize
19KB

MD5
f015421f8feb8222427efaa1c2b584c4

SHA1
c817f62b147cc54c4123e787b38e5837d5f76680

SHA256
db21ca2520fc77c87df891026e827e7c7b4f1d8fbe2af1906d7594f814f4118a

SHA512
8bd92ec146fc24abe80e752cb3e58defa7bf8a0dd85d32ee427b5cc33a8b641abc242beb2fb32a60b3120b5e8d5f702bd74240fd0a5c4679b9d4a88eddd66f3f

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\icons\content-notifier.icon

Filesize
4KB

MD5
079dfd9752cdb947ddcb700ef53495c4

SHA1
1d0f42357e116e6ee665b908d18819530f6eb71d

SHA256
234f58afcbb4286b6f8b80119ee0d9fc1d28135d2be763343ff0c60ae883c08e

SHA512
97d175824a89595d50397528c0b435360d830197886c502f23ea21d874b20e287df9b6acb2f9a2e0a5e2e25029d7cb839b8724564eed242d1be0c6df6fe9ef49

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\icons\content-notifier.svg

Filesize
4KB

MD5
d3a43133fcadee2c1c18af605efc6a19

SHA1
1d67df11eae156d3031ffd4664fec559fa07a6a9

SHA256
3bebb841fe209b078bb9a74a34c0b7f2c0bf9672d11f7fc799ca14e1d0c0b1ee

SHA512
ca9217a8065820e63afb744f7ebbf83367d6d558e536c1b658518c0b4c87023e11bdb8907233734e29d30ac7e2bb618ff8bffd9b92570cb961fc32c669bce109

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\icons\icon128.png

Filesize
3KB

MD5
aca12c03c5cacc61c5e6ea307c0e2953

SHA1
1c0495466c038b932372023ce480a032beb55f49

SHA256
936eba8353985e43a2c1a9f9dba7798b05dc9baf867792723abba2f1b133179d

SHA512
2cc895c04331d640370fc950a38975cb58250a6a692be2d8a2ca02e96c529ded42c3ea93fede173b86ece579bd5470237a9d5cc2d38b1c82f4217963ae9507ca

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\icons\icon16.png

Filesize
525B

MD5
0120c306443a6cf06ce39afaef7c2142

SHA1
62c3669cf445d0c946bf00ba6d4bc3c6faaf058a

SHA256
af07a70af881bc0e31b45ec643675641547e3b240ef50d017ae73e15088c464f

SHA512
2604a4be94ad95bc65c73303144b52ac949a8799d098b69b7e9d768403197564c5c41ded915189ae50ee224a988593cb695916c0596cac39cd6e6efa30ab655c

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\icons\icon32.png

Filesize
1KB

MD5
1b413b537cedb3d93d2d8d8c9629c762

SHA1
c2413ca634a2106fa244aa71fb96f5e8a0726555

SHA256
1ea9ea893521d2fd6bf11945674d80a46aed14e7a9a69876724eec5df6cdbb79

SHA512
9cd9103daae1b801ed8b7885a45581a0a574780a8ecffe03f1b0350444cd3df44848bec525809eb73ccfe59ff91117038e3ac5a0f7dc4cbd27d6698f1240128d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\icons\icon48.png

Filesize
1KB

MD5
25e008f44b984ac2955ea432e29d3a56

SHA1
78c04f9e7a326c1918f0b6490e223db001e9b724

SHA256
61b005db9e431800ba3c80385b80255dd3619c314b90a9e5b25118871d2c1a9a

SHA512
b25cecc23330f67a507c54a4f8a11be6d4620af94425e7f0b2e524d3dc780856221dc01100a542a45155a865efa5d98cdd63ae21bfe960ab6e6a71d05cb60850

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\icons\icon64.png

Filesize
1KB

MD5
a98063ea082337175b2e60627d24e7b9

SHA1
e0d8fa96aac2f60ec45b0a2a40e9a4efb157a616

SHA256
9f24d39203505c34b5958bd9fcdb1595782826e221bf65ad6318db973506ab43

SHA512
239f0371cbc5c7d23d3071cd8762dbaf0b919000d43a05344d55766827fbf304a897388408469f1f2f00dfb782ee37fcb7ce890aa7bf50df8e778aaad353408b

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\images\avatar.jpg

Filesize
39KB

MD5
9d6eeea9d74eeacd67a2e5c91a892ab6

SHA1
c1a5ea10024ad9649c12f5a53ec8249d102dfaa2

SHA256
f8d2aee396ec5548dee826ad8f3b8b4b4be4a376bc641385a19d390683c958f3

SHA512
6ce126d425588e9dbb2391a95442334152bdea791f20be8ecc9468f2e40bf33591e09f67315a5ac4fb3e74cc760293eccbf3f47d111e4321b5ccd33f592a62fd

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\images\close.svg

Filesize
323B

MD5
c20914f7db3a74031b0850aa68ebbfbe

SHA1
e52bd5a7611d069b51d76b8cc2d6a4d63fd1d09b

SHA256
e26c567221022d6eb7c70240a0ab646ac67cf474ac6bb2b4c73380bebfdc92de

SHA512
f108d47937a8907acc094ee2d4d5526819d0f74ef2045c6bf3fb12d2d8e383c91108b3ba58b178a8200cc5a96ca13dbd2e74a387eb6bc5b9bdc06d0cb56d25d0

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\images\youtube-icon.png

Filesize
5KB

MD5
ba6552e3a5e7d296347d83ce86561506

SHA1
212efab9e8d7b5db087e5c0e40b8385a0179605f

SHA256
919bf41410741cdfc64e69b721e3ea88b26a877a1d1868bfc45786e8cf353509

SHA512
53eebc1c55c67ad2a38304abc8ed64f743958e0326275b7ed9c033f4fc0aa825ad25e341357c34a242f552980cec7b4aeed52cf701965e20d1dc64e55f67cd4d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\js\background.js

Filesize
223KB

MD5
30d29d1c90f7771dc8f84fb7211f9d63

SHA1
595aa975faf307739143fafbc9cd0337c2bdf3b0

SHA256
bfa46ef41b40e8714cdaa9c4fef43196de9a3a9619109ee07b52cb05ce66cb50

SHA512
bbe462154e70b017292ecb8a94407e4490a177d71013ae52b029c6db78ef91f14c115fed1ae809a7a41009c127d1a8c9bd8843a35a1477469c462ca96ff1ce3a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\js\pause.js

Filesize
1KB

MD5
3df252d5c8ea4140558787e5b65114e4

SHA1
b6bd7ca7bfd5736252f4d7c1c145c7bfed985430

SHA256
fa6ac52fd90088b27c4880840cce4e3ced62e9044eb882e00b5f2cc57b6216d6

SHA512
7ad18732625d4f1e4dc45f8b53e9875f02185cbdfb8dc28fc8c3b70232c399524fefdf4372bb39c7134a10a4e449ea24d277b7e112321c2ec46720238cde7175

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\js\play.js

Filesize
1KB

MD5
a7517b5dc01dbe81816b8ab00ee8de4d

SHA1
359bae0e9e09bd82da2bf408fa8f055c15b2f2b6

SHA256
24f7303f052d6da166b9b8d85d4c6da53fece5578f821058c99c67bd85cce40b

SHA512
d6dc45a5ab9909b813517b6706ec0867a0188e7151bcee5c0a619b43e46a13df51a009671ed82231b065e9202569a0502e68088c438ce34756269a57b7a79489

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\js\popup.js

Filesize
135KB

MD5
66972df848d951243b7424d7445fec45

SHA1
e067563bae12b30c65c1662b754fc612352b064c

SHA256
7a54738fc77a0c128679a5fccc7e17c3977763cd18a24bbefb89419cafc24e6b

SHA512
3bb97669c5423d10fb02c701462153033256bc813bd17441fef2f53d0bfd42fd7401973073d303eda7a0c99760865d00e7892e3bf0f2603a7bb0faeacb5a3812

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\manifest.json

Filesize
2KB

MD5
819cc32614d15d3f940373f5de132e6a

SHA1
1742d7ef853bb80c656017d82446ac12bff8156d

SHA256
f9c98c4250dec14c345d521e59534e3aedc2dae8cae0a7e9415d8e5a706edcd9

SHA512
7cf5a050b77f2df1bc923a3afb6eb2933a132e06f0d7efdb954463d05e71262134b27902e9893197907cb7918e209cb9a5fe3121a1b7f022cfd58d4139eeb470

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\pause.html

Filesize
334B

MD5
3b294933353910621f0ee6195d3e01ce

SHA1
aca3ad89901e3edb8367c61d515f66491e2f9364

SHA256
2046d382389d406971b7441f7d920399b88d8d76d0e033715e900a46a7b38889

SHA512
2b00a6026f17cdb514d74f3691a4783dd528888ead2ee34c84f2de1008d0aefaadead4d18169011faee6713e68cef56abd37b8970aad8b83171c54380c770cab

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\play.html

Filesize
332B

MD5
77b650ee6e79bb7ff84e51732df6f653

SHA1
59479af5b2309df57cb9a029b32e611956fc8b94

SHA256
a34af91ea8db0f60e90e69ae5a68428baecd0ca57746f63e1dcc8c05b770d451

SHA512
2503afb116d728a78bcecde0fc5448b77d5b407f395ea752f1e6831607ae1dcb6af855c9ded3ba9cf37b622196f87e98f1a0fb97fe4786c49015c64384985df3

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\popup.html

Filesize
432B

MD5
86999fb565d03e609abce0598219e96a

SHA1
00dc01c5662b02d0e0794574b1a6b82879a8021c

SHA256
6ea72d6a7b61cf7dd7710b41564d073a1ac7c26b0ac0c3f6c2bd129028dd26e5

SHA512
7f79f260b7f8eafe2256d3db262df78196cec003e6c4cf57fd5c9456a90a77c2793850221c27819830ac7c20b050aced94515a35333d3f27e2d8a104ef03d232

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\twitch.html

Filesize
336B

MD5
86ee438ab193b2b9bbdb9677d5475d5a

SHA1
3d8636151b586d4df8eff452a1f0462e87ff713a

SHA256
d4060b05a035d33ce1a037f842623422c6280ba515cef7ebf11ac298bbfa90b8

SHA512
4ff082406ae850202ce7ea21ea872f51c6c4ac664b7b2eb9ab855f6de8e404ce4b8bad5fbf129b67a2784f9173e23b11535e018c00a10027081b8170d582fed4

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_640000933\CRX_INSTALL\youtube.html

Filesize
338B

MD5
60bdfdec130bd185ce74ecba41f13154

SHA1
e4bc449553043d751c3e65efa6362f34087b5f80

SHA256
941f28af8c5048de8c3959bc82963aad2e74a07adef59aafdee97be9ecb00811

SHA512
cd9bc46cc6035f78fee5bc1200833236879e43e8aaecd1b56ac87994e8e3342f111723bc89454092cae909c4e1101ec1430f6b6b26df69186842c05746b4bcef

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\assets\background_pattern.png

Filesize
99KB

MD5
9f4b16ab45eb25a785e4c8307a021840

SHA1
13dff927855dbbe551277c17aaf5ecc4064c5e6f

SHA256
60031f2ea255927a17515c9554c764c14129eb9e1b8d6b2c0b425164e027a212

SHA512
1f55d8cb7dba6e15c503832da29c86b0e719ad9ab1c541e85fd9819a3366ce2db4a0b6f91bc61de970c4079b152d2b588bf6b512805c899f3e81d40add0156d6

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\assets\bullet.svg

Filesize
262B

MD5
dcdead4a514f361537ac35c3c4d3aa90

SHA1
be69f0415f2cc04914a211ad1fdaa8d4b512cb66

SHA256
381effef058c266d991dc5d62a3c88885d4549e5f791b57352327a0adcd286c2

SHA512
e30e548674a097025f23bbba5ef8219db2aaf80eed8a6a3e5317581edfe5de5f9ba9904ac5e38e2da0b4f5550a525745816d908048acd5bb2f15eab69a849fc9

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\assets\bullet_first.svg

Filesize
261B

MD5
83e6138f646aba1f20e56c96ec4dd960

SHA1
95d56f7ad12fd08411c32272f3c4a744a47ce1a5

SHA256
40abdfa68158b57407f0aa9497bb42008445b3b948da05311d140df98504a71e

SHA512
8c984a43f052912520dab0a63e6c6761fafaae604995c3d829d899279bc65761c71c5b02a1be1161e0c7208ae8059554bbf66b3975359f4d7ee2573cba21a1bc

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\assets\bullet_last.svg

Filesize
263B

MD5
a1064d330ca8e7c62ac7296053bf6508

SHA1
714aa79e2f59f401447f25272d2a6c09614966db

SHA256
d48e1da9205f68e6568981597db865dfa0bb8f0085bfa543857b323ccc94435d

SHA512
dd8d49b0c6f0b04c6a08b9be08caf8cb3277985933c4db36614513d440ccd3627788b81f7e7839f06005723e1548281a7f7123386840d594342a5642feacab4a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\assets\icon-512.png

Filesize
72KB

MD5
45be0c56a04eff1836ba484bf3b3dea8

SHA1
edd521046a4a80bd02cc4da8c39ad0f52633e43a

SHA256
c5354015f2e4b8b639fb45142476d2a0dcdab5590ff923bbd305416a2ccd2b10

SHA512
ebf63e1b9f88960238120875e1a4e5b5655bf1280bd04ebea6ef99019e9041712e692da0b53b67457554429b96f40a9bc83efa7a78a07d1b5d75dfd57bb4fd8d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\assets\icon.icon

Filesize
3KB

MD5
5fe1ce24abce7713429afbad8555a78f

SHA1
f4ae1d7d36b2b7162eb57d17b5d518f9f4d999e8

SHA256
1967844e9995e53ca421aef0c38545e906e8943e6d350bba8e0ecd091b6fc98a

SHA512
a97d7156e9f2372c4f7fc68e3fa47b040cd8a04be9fb3512bcf98e430fc7e5b3adcd7aa789ff5626f61f476b84698ed2eb3d6c75791529738571c88a45d76205

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\assets\icon.svg

Filesize
3KB

MD5
e6060d73fad7d7b129e6fe5dba1dcd41

SHA1
d012e00813f707dff14aaa422313fe2a81df5f74

SHA256
402bf406fb5b2707bc64db6a0ca8a4962ec62f89c34348aa04fb314783b92742

SHA512
b31c9a5df7cfb97be2f5030be07db7f9bb3efce9036388af445a1eb01be87c5ca02c2d29d53043e9d802b03aa7d0bab476bc7d47776a2e17c48a1fb7ca79bbab

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\assets\icon128.png

Filesize
6KB

MD5
43190d0efc9abb4255e990ac7b066eb6

SHA1
14bf6a02511d273c46551bae2839c2a572f0b6b6

SHA256
1522af5f0aa6385cf1fc34d0c818ed899beda218d43141704e449bd86947fd79

SHA512
e7c85bc4084a226ec03b817c0eae929401522b84fcc4e45c58b56c32228b8cf2294bc4782b8858bd8832a0ae482ea426965b8755a70d5aa774ccb1ad2e48406a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\assets\icon16.png

Filesize
607B

MD5
9875ae2fa7bdc8bb317799269ddfdb78

SHA1
b1dda8548a8585f1d51ffd00c73e7d7006f718fd

SHA256
626cf5040f8ffec33288a2db1f8ccb7a48b130a38f4e1acc28598b274507ca9b

SHA512
37589ad1440f5800a1f0f4c5716a06a1f0005a4761466929ad898e5b8117f73b8e303e35e38b164279e8768f099246662ae6b6065cbc68b1cd2bc49aa6bd100a

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\assets\icon32.png

Filesize
1KB

MD5
a67717ccf79e9b8e709dca737a2cbfe7

SHA1
0bc7942b8a7199ab49227b3330785e6bda3b9d56

SHA256
96d45147eef3aeabbf637d7300035c3ba0a41e9c8bc03917a00f1576aead57e2

SHA512
283cfc1669f34b343586afb24771b40963d876de3ac5e6e8a6d8e007f228d0f560b8d71cca0d58401b77ab7cc0a827cf75e3ec6bced40cad631b88a526a31464

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\assets\icon48.png

Filesize
2KB

MD5
f25f85a0ed15e8504b18330c59e9d564

SHA1
787d381e4373175e4d5285fc4a906daf1c6528a9

SHA256
fde5d52c90bd9c84d73932f0442fea2867b6ba5848faf20f0f7d66c6bcb4decc

SHA512
75654556d06d9b08286b8df55984e88e66443cffb041c3dbd2f17b58287cc3455abab1c535376c872c43aec932fb3a0dfa321496972e96a3fb471dee80abc1a9

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\assets\icon64.png

Filesize
2KB

MD5
bb658c43b09d3b129b838168d30c6df0

SHA1
bc9412319cbf2014e663b868638da7e8124bee32

SHA256
f6b573e0e1461fa3951393cc9af2cb2a7860656a955e48ff4acfe38b8d60e651

SHA512
1f094377dbf1a1bbcde0cd95c73f4d2d4385cce42df77be718b140417da70794c1873e8a3f89286b0f567f4ae8fb83c6dd046529a40f0bb8d75b6e988d4ae207

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\assets\upgrade_to_pro_btn_icon.svg

Filesize
2KB

MD5
29d6555e0739ea5ec736e579af460e67

SHA1
0f081c506cd7f0dfa04122de174bf266109f69b5

SHA256
ad69930ac583f1da0eaef050d2bfcb09aa4c3fa415c0daad44dd9e0626140350

SHA512
f0a3dfd5f083daf86d68d2551068d16e93a79a3b1ce8b2a501539df398677d59f29de369df48a6268bde8b9c2d3242da8bcd4195d1f059ed799f998d56aaeb01

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\assets\Logo-62cc63d9.js

Filesize
774B

MD5
5bcb4b16a81c31e129530e2f511138c4

SHA1
dff773d4d594a29b3878c3442ae4851288716ec9

SHA256
01dee36e68f5c04ebbff01d067ea329b6c8eef3e44039932ef97b61a10b14923

SHA512
ac5b338468e489b740f944216859c9f06694136f6c2744eee78863d791683b2ecf1affbd8c7dffa30cbbca1d0da5649406f51668ba0798585842808d31e58c1b

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\assets\__uno-33fc7658.css

Filesize
24KB

MD5
3d1bb2760e9972113a8c96fdfb8f74f1

SHA1
a6524827576da7b83c78a3e9efed324db20a56e6

SHA256
0c62c72d42844f644214c2008d9343f4ddc88ef472f6cbbb2ffb69ce818da0c6

SHA512
e9455185f34907c8b6080a7c83986a5cf1d0c49f88f350be58465e524395f136793bb8f868d2b0b29b1f6847502a8a8417436e3200a7cf12ce8f989969d4f833

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\assets\__uno-e2de340c.js

Filesize
245KB

MD5
69f06da01887ee36d9f3849eb2fd2d96

SHA1
24685a57e15299e18d1e7b37f2ccd62357b771eb

SHA256
98d4c3af6a9e0b702997f2f230f3b97d3f8dc39799357278aa1d519e59108fe0

SHA512
191e0a8366204b8c4c208771816c2adb62a785d7a8e2ed8941d5d9f219d5a2e9c0af96e99abedf9632c028a97bd78b70c97df822145ef472d8ed5d9da296d5ed

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\assets\chat-1a99eceb.png

Filesize
64KB

MD5
c470fd10049c5a990633ae2f966744d7

SHA1
bf81736c5594940db5226f979de52726049ac881

SHA256
1a99eceb971741f8b8ee5f68fa4881a4f6aa308f7fd4ebb192eb9c51ccd535a3

SHA512
4d96d699bdcc7f287183891bb1dd7fb670d539a7821e33a1662a92a1a3e4a7ca5f59d5d94a766875be0474b2b0c97a79ce01a0065bb9f88c0385593d8a022c09

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\assets\chat_button-151199f7.png

Filesize
7KB

MD5
06afe46c6af3934611326ca03e4d5019

SHA1
c9ff8c29722699f2e667fa83358df8bf8510263b

SHA256
151199f7457f671457d933c16cc5efb642d8d9063d32fd8134592c8e6289285a

SHA512
7e993a5d77fa19371833bc96f01a433c7d2e4cb8b5d8ca39de83fc5cbe91e2c481c72ec1d36e5c7247995b902ebb7ea50446043dc903ec34115700a988c001c8

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\assets\code_block-5a7f325a.png

Filesize
20KB

MD5
761a934aa1810625041ff64a1637cd0b

SHA1
5de9398b0788f60b04727c8c03ffbcd9598060c6

SHA256
5a7f325aa9c65c91a3e95aceea22c6c41bd60c1e1d99a51a774b996dd9aea600

SHA512
7849ea6e382c84a262aca09eb1fa92c7011322b69354d80de3a8c14a4ca4de00ee287edc97aada44632451adba51494643207732c468b1dfb49f907396184d59

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\assets\code_menu-a8be2aaf.png

Filesize
20KB

MD5
86b6fc046825556e244a5becaf13808a

SHA1
8dc1515d1c28f69589117531e050aa5075f196db

SHA256
a8be2aaf596b5b7b1278bd6c885185bb4b8d8643ab53f0ea6a8aff43b985c29f

SHA512
e97a205dcee6fbba3d2e42033aaa38dc2f3ed6484f1770b10bc3263c0100e5e9a47865052a924808601b695718792b7ce87bb24503448bfca7c8c62cec3331d2

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\assets\index-3ef63e9f.css

Filesize
4KB

MD5
41d57444e7d13ff1dc04638a5fa8a98f

SHA1
71ea54705eabb7fe120d48f0d38f4f509c5cc1f8

SHA256
3ef63e9f56bb46a850d23696f0051e4d5693ecac0589a8cb6f7ed5f4f844bbe0

SHA512
716e73bb1667e32283debc17b3b82252ae34fbf588ae4446d536aadf1ffd078fa6e481b6a1f745297085a597b0899e7c69b751364d1a8d076571e571f3c22ba0

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\assets\options-33ddb4d9.js

Filesize
3KB

MD5
59991ad25ba10d885a5f3cda2fd75fb9

SHA1
7d08dea37be2355560953f4dd1f5763ef0394ac9

SHA256
d244543e3d3794824fb8425c62713277610f5fa8c0e15bb2ba7721f47f1a8799

SHA512
803ef1087b5698d0c45db47c48643a552e5f22c169f8b782a04b4ebfc1d19b02e0045729d74d08e41a04c4653aca712b31f5dafe3e4dedca375bd58f6fee3ec7

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\assets\popup-264c9e18.js

Filesize
488B

MD5
6c5b877df13e42552b069c70ac059f87

SHA1
5000af82e71c8cfdd87c0e26c0825a33aabd7000

SHA256
90d87bd1c2a00e190deefba1afb8c6f688adcb0be667c5038707e1f9994f9282

SHA512
27c914ea04b6de76c3dfe0d3e88a8325a2e3d9d5cd6d8c46ce6736ad4019b27a35115599a9990a55c183548f6de512983dc9be9fa242757683a3ffa76891c1e1

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\assets\selected_text_button-7edc9403.png

Filesize
6KB

MD5
adbf987176e8bd12ea1d6610b16f005e

SHA1
95eb881aa5426b4f3e835ac3db5a6a0deeed8e09

SHA256
7edc940367db12fa5c53bb63b7fb2d60092024b5b0481746b713aaa4107d8baa

SHA512
6c26bf5688cdb2b52f5e74d38e638ee061ee41157147372924d56af4f7c428f1a074c18d4e1491cb02245ae1389605a3cbf686c53c91e1809c4558a0d78c3d63

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\assets\selected_text_menu-715343cb.png

Filesize
33KB

MD5
3da5d1a8c8f33943b30cb88cbe5ad949

SHA1
f378cac3adf1e2c534f3588e68ae50239f26260c

SHA256
715343cbf66cce609a7d8ef3650189f87eae891c137bbf237f075f86794ad45e

SHA512
67c9d6cb33dc937a515c09c013b9b8df911ef3711217496f78dcf80dafa9dd5770578130bec65b7727af5c70f1bcde5888febb36fdc009bc7302e188222f0a87

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\assets\sidebar-f6521a0d.js

Filesize
7KB

MD5
bba7a87fa558d4146e2f4b8388833641

SHA1
413bd9458a4b81a124e62aef54137792b5009a88

SHA256
2945a840751125c4fe3b4c8a54c92a540b0aefb98014e2d7e6f16de80179a796

SHA512
30fcf6e38e7e31e1f6756ac3536aa37be36e9fe341fb4f751d696a1197b206af06a33a449c4dcea5be4cf7e458f371b119c478895db42b58213a939e93e2d0d6

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\assets\text_paragraph-9560fadb.png

Filesize
27KB

MD5
ace8c44e942f47852926fcc44f84e1eb

SHA1
64389cd281d5a31cd98df8373b949f623a623914

SHA256
9560fadbc8511b24fc6236a49f04915bf3d0fd5987885a3affb15b018f7d2411

SHA512
ca29e9a1a33bc9ba6ab95a414eead913c2132c6dd491614aebc42e21b1c0e7efbd274f2ae62d0730f5140c75c711bcb76d89c8f3684ff457c3ab3208545f2f51

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\background\index.mjs

Filesize
48KB

MD5
6a2917b9df2de3d54c60339d1206f311

SHA1
ab2242f853f8093295b9c47196127986bdec7d99

SHA256
685654e3da9e0b5b6c36d8ce42bcee21681102b74f9a5d8915133af2abab635e

SHA512
f456344e25665eba4ab4bf7a653596cfe3548948988ac531dea6641192903c951531965b9cffbe86ade815c4bb0b5648b6eaf000cb3046ab026e0a17b332e1f7

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\contentScripts\style.css

Filesize
38KB

MD5
a2de90a2190cef036f2c6df8ab8f00e4

SHA1
d2c76852071c134e386b54d0163640233e8b854a

SHA256
8bb83055b42d5b706abb9b10afa55c189f2e451acc976c78430c3d91f555c817

SHA512
761d49c55530694df775138dd078c5b7ac91ad2ff561d00df824bb70ec7d63b6e886ff75e195eac6277c535511618bc2c034e2db7693329886b4b87696f7dce3

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\options\index.html

Filesize
726B

MD5
825098ffb1c701fa3d4c55700b80543c

SHA1
b06cb78044c5009f24e8dc197cabff792f41099a

SHA256
67503223782dd7a38f81cc8712110913d07c184958c24a63be7a0554d87816a5

SHA512
aaea548da521304d96fe254630bb0c25f0c1bd39430302d551725cf1116281e02d2dd6aa10f72ac42a3b027281358ecf4ad6c784d842796979b0fbb7ec98d10f

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\dist\sidebar\index.html

Filesize
745B

MD5
faae766c66f159ed15dd70bd8453eb66

SHA1
1cf9bb3ea8a629bc3175c7cc4bc947d39f1ca98a

SHA256
74136d4873b9626bef202c5ca822f2a18013407daecbe0e7e8edf1d6c28a8c34

SHA512
6d685d771ad7bf2ef98c64d1e493598a9d42ad3aaa3a8634e972d9d3b70592e3b3954221df72f9b34f8d4cd9a55f56708583e510ce067773b47972e038172ebc

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_670920750\CRX_INSTALL\manifest.json

Filesize
1KB

MD5
58faf08525b8c5eaa815cb2b2dd0463f

SHA1
7f14cc65e26cbedb1d25077d80fdd58376d2500e

SHA256
fa783f682625206ce6acb2b96c6c53e8c9aa93071ba28feb3b6d8c46478ab50b

SHA512
7c1086f7be32e9518c6e173e20c46a19374a97f32d79aa625ff7c49c4e407d1948a07fbadd468848c9f5699b6b97ab7a679d97b428bae28552f8a886bbe7f8f4

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_757633181\CRX_INSTALL\assets\index.ts-5c6f3b83.js

Filesize
56KB

MD5
52ebda260d370e60901faff13e8c9828

SHA1
4681cb8093a4159560a8103dc32787ffd55bfa29

SHA256
8146421645c3f1f6af4e87a3fb22107220ae417717d7613bb291a0fd330f8437

SHA512
283e4308b2e9a93d3871853a0cd17519b39fcb29fd3e1457af8897d9bf12ff5e3430164c63f4164768ecf936e4cd2c48b8b86037d872a9e3c9bec29a9f91a5a0

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_757633181\CRX_INSTALL\assets\index.ts-7d59b331.js

Filesize
16KB

MD5
64fa826b6b9bfa910fed4a18c6a12c9f

SHA1
265f312f8187d56522441f869714b9d76229bbeb

SHA256
676f44312864a5e6e41bb8b70412ac265b6a293b791679be10049c17fc62d4f8

SHA512
32b7d2a64ace406caec91994f6eef6551fe982876e5ff3a5d694929e0fbed4bcd2c7c53b879ff5a32ada0ebd35672e50db30a0a17f39abcac34a1cd13a61abfb

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_757633181\CRX_INSTALL\assets\messages-86fb7e29.js

Filesize
21KB

MD5
6d62c5de88a2381b5627e0d2df7b9a30

SHA1
08c76dfb73e09780b0b3f98e5da414494904417e

SHA256
068f97ff81dc092e4d201f575a2d330a0f5830e847edc6e0e80f8a97684ba75f

SHA512
a193d284bc5c017353e8ce1a51f2449e2e58f0f35fbfbe8173f812bfaa91840f2cdede70897c64d271601f8836ef4f694dc099c2271c18b448b9892e5043e291

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_757633181\CRX_INSTALL\manifest.json

Filesize
1KB

MD5
d1b209dd9c422ea50135dc2bb716d238

SHA1
fc13c64e6b1ccb9561e8ee0378dd1418b39e401e

SHA256
14abbebee800bc6e73c8302fb892faf2c9ab6df5ac2a8eae66caf583915b7d0b

SHA512
f9641b3f7bf52d4dd9f3e223e220a97924ab8fef6d472924f30b15c91414df9d72ec4de00ffbfe9b17c06d8398cfdbe80095b1da06c3b0683ed6a751cc0f8c8b

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_757633181\CRX_INSTALL\service-worker-loader.js

Filesize
40B

MD5
b48149d66d4bde2196c003629e79ae5a

SHA1
276944b5796793effe150b05d0e9a8c9af89bfde

SHA256
22002a97ade52f1ede27d832dceab496337b59a6b6e51699d4fa231502fc9f5a

SHA512
89edbd1c24a13c6516cef4d23421bfbaa61a7ab37662e393fc27c4a21c94b02a71d348b55f6f2aba66b6cac7cc2f0894487241664672bdd92f113a07984c7555

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_757633181\CRX_INSTALL\src\assets\icons\icon-128.png

Filesize
3KB

MD5
af719a0c95789b088fe4b9f82dd5ee98

SHA1
cca49d2a728cd456b450cfcc20f91acf781c3105

SHA256
5b861963c613fca1dc4aac9a416e43b2165b05a4277478f74b7f6562a378ff5f

SHA512
4a6f77684b3bc459897ab2709754849868bac64f4e099c1e74970339c944738278454d6c043ee8a2a0337e9891e7e7126bfc41e6fb0f5fac544b978ae36f5082

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_757633181\CRX_INSTALL\src\assets\icons\icon-16.png

Filesize
425B

MD5
46c4711e8452178b9c2471f9c59c2667

SHA1
e020f7ba4a787f840d204525e8eeb21d0c21e2be

SHA256
4e1aed06fc4105c64aabe9580069d0cdeec3464a693241e7c02771e1beda860f

SHA512
42f2161205f28003aff9ea4a8bb33a0a0ebbdbb9bb5e9446efbca4f000a4315b2bf7184d79254c148da40597cc15bf8f22a02a3da78cf5c9026ae35e4bd695bd

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_757633181\CRX_INSTALL\src\assets\icons\icon-32.png

Filesize
764B

MD5
9caefef512720012470700a11b0bd456

SHA1
bfc11bafa996fbbce1566a569a79d5d72b08f1e5

SHA256
82c0a843e1df5cc10a8c6beabee8416281aa89c73798d7bb6a2cf4a237a24ae0

SHA512
3bb42b23babd54cb902e595b84a398ad5b2c9bd2e4bd4951a8b0cdfdbf91f6d0e04bb1fa944c54d673babdbcf0400c1947d0e12fba8057c3f69ab1e61b89aea1

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_757633181\CRX_INSTALL\src\assets\icons\icon-48.png

Filesize
1KB

MD5
2184400582c25500a74577359a1f7e7b

SHA1
e69eecf84f7d2d98bf236edbcfc143fa42d01bc3

SHA256
c6c3593c7d0af5c9a7f2e26b98ef2629e392c5da87df80653d94ebe412d5c9c0

SHA512
24858ebec11fc0bb586eb2d6f555f5e798ec9708ad89b0a94957a1537dc150a584b70865d7fed53d3f122789812d390eb6af6b68ff4cd93296b2b0e5a21b103f

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_757633181\CRX_INSTALL\src\assets\images\adblocker-bg-1.png

Filesize
16KB

MD5
404ead15b3040c2a16cada6a18088aab

SHA1
57d6d1b3d601532d1825c738ee51d0971f137af8

SHA256
bd474396ecae2864798b9b33062afe3b599dc834db30b6a2f4cff0d0cbb9f9b8

SHA512
12173b41f487987aceac82c13f63b1318107c48d6803dc1f89053245c1c08d092761399ab397da44f0ccca5d9ee3c79ab98081cbdb25a78ab5b97f0b52a4f784

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_757633181\CRX_INSTALL\src\assets\images\weather-bg-1.png

Filesize
68KB

MD5
8f158754f161c02baf061d230c993455

SHA1
41b21d1c3e2aa029ecc77dd6aa5b174d0eab34bf

SHA256
0055b3b2ca2078823b01d4cf064d4ebfac5cbce03fa38c8b5e920b92b3b47f6e

SHA512
8e417897690aa540ffde4ecc541a7a0a7071f355b6b663601647e6099f67310f540a40b12f6c0a2984965123d9ff3ac9e78f0be7b4abe2d6bc9ae941fd869106

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_757633181\CRX_INSTALL\src\assets\images\[email protected]

Filesize
234KB

MD5
d336d499edc3d7205948e09647ab5826

SHA1
797b756310da1f67d3df61c821377992a305cb6f

SHA256
63f3d2622f4927d830412c8b089dfbdc77dbb880f9c49f072c6c8dc0b3cdbd00

SHA512
fc0d6b3c8ae83f3db7c5f9ed4a999b090b2a1e8fd80f4b91ce1a42f804cf8c8c49d03dc0f362617c0df130a7b607b5ffe36fdc0edfa5f4a18b308a4a66ca8472

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_757633181\CRX_INSTALL\src\assets\images\weather-qr-1.png

Filesize
5KB

MD5
5cdc09bfeb0cc136c4b8e45114c8b910

SHA1
9d15f710e94409fc854c30630d70c66959871410

SHA256
70697bb3558c12efe9b34ca34b05ff39dadae04df9e4928e0de6811b3efb3a99

SHA512
29b8d495506291d46554e0a3951cdcd6fcd5f3c43fb52ac15c4bc13180d88fe91495c616c3e12a2c7edb7a2d64f90c391faa539199ba7532c45fcb827270e131

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir6556_757633181\CRX_INSTALL\src\assets\images\[email protected]

Filesize
6KB

MD5
e86f7685206ae12b271a4c50620f1f81

SHA1
b5a96bdd23787dc994406c408c8db08cccffa646

SHA256
28cb433c90e6ca9cfa6aaeb6ec60ee2c98d02a255d671c7c47689f9799cdd14f

SHA512
fa2fb8ca2050b13193898a48da639673e706b156b666e8159b6a71d417aca7490c4faa8953776fded46226c7ac0b6465c44729cb452fd93fc961ca2bcbaedbba

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\dkfaejedefgggmibkkddljhbafdcdgjn\1.0.6_0\dist\popup\index.html

Filesize
500B

MD5
b9f2c3c3464461be908e00dd0a07ad63

SHA1
d444b802b3a77ee1a240882d6c9133f7b541578a

SHA256
99140505f181f09bbb427a1b07e252988d3a897a4d60d80a7ce4687775a11019

SHA512
7f12b3ea8d5aa3e2364f497178ab8ac4aa202363ccd4ca5ae57965ca59bd397653bc634013e0dac7ebc83576c35c995690bce9935bd9b93f054c1bf3fa5a764d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\hbgjioklmpbdmemlmbkfckopochbgjpl\1.0.0_0\preferences_schema.json

Filesize
7KB

MD5
a192304f63ef26c80086f835cc4b7ada

SHA1
6963e90e752209132b728a938844c4c64dc94d43

SHA256
4f72309f9378f04b3f1cb8f46b031ff513ac63e5056d96272f2bdc6d39dcddf9

SHA512
be619909cd0c3465966a4018847310c1493bfdecad6f07bb28293f3dcea73dc377f5d52cca040d626368e17828eae28384fe51d20c4a71925c5f31eea8e18561

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\GPUCache\data_0

Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\GPUCache\data_2

Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\GPUCache\data_3

Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Google Profile.ico

Filesize
173KB

MD5
c30a3e8f3e6a8a236cdc1d58adea97c4

SHA1
088c616ddd1e0ac605a0cde72f91b484db404853

SHA256
3f6c91bbb2b842af6d53144f0767f6db735a7b7706e1c40e6bed7c4ce2a0a9fb

SHA512
d83e01aea95d890a1dd6ab1fb006f6b58e975af87078edbce844b5dcaf972735064a36c5098cebdf14efbbfc5c7dd5d3840af760eca7564f96137c6f2fac5cc4

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\IndexedDB\https_ntp2.mywavehome.net_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
160f94b9ae2663006e9aacc4179bcaf4

SHA1
ff94e33f06740672930a19feb112205ae1f9456d

SHA256
c416e13b2d0b044f6d9d767379308654a6d528e634b3c54677ef7f748292d2ef

SHA512
de75087d989e91ea8433cd9e136800e7ed890b4633c90628334c65dabbf3b980062808b3627540e70d282194a6b0853ce9017109c351cfaf4ac79069c3304255

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
2ec67cce1b6dbd4c4fa7fb97fcef4aa7

SHA1
097eee0c7762225e36e661ba174d585728129212

SHA256
b23fbe5bb62f7dc43c34d25d8cdf718cbbe479cfb1408584671aa031ff685e51

SHA512
8fa1d56018a0c854ac80980a2d73c7bc1e2f982a498656aaf1aa1e1ccda8886e394019d5c560d061b6df2d32f8c77ae97505ddd0db1234c5257e883789105628

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
a36a8cdaf0a5fa52d9c2decdd2de3693

SHA1
988a40c0654dd662a10a9db5f242c721eb2f28ac

SHA256
ad78c4b72a2b474982c8d011f72e61756ea92ae75426cd3644ce0a638c9c3ff7

SHA512
dbdfc8f68644ad92dae58edc91d803264d0e94539847e40f9871859939f2dbee77dc9d613607fe34188df274fc497782c14fa7f50d7b572f747bbbee331e46bf

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
0ae9be507ec87f9d7b2dd935961fbf4e

SHA1
8db1ee33b1b3bb29511e0e8839b6e660049c9772

SHA256
aaf57a2b2d61af0a8f5bdb84546ec0b618cbd6f754ce7b72c5028d2134478052

SHA512
b71349c2b5f7b67655778ef0ec41101c049e2dd760b71e1985a968697b35af56aa170828c6ba07d0c14e5990139df8455e475f4810b1b71daa7c4100a8de52dc

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
11986090347c049bbf3d6636950eb8e5

SHA1
ecd876fee2cd4a91f89ea47cf64158e856fb55a8

SHA256
0ba4df1be2bf725ab94d50da7c064c2859e0148823ad11269bcdcbfec244fd27

SHA512
a49b934693e4a5dcac0a06468eb3048dd9036f74261539a72e0ddf9facfd4183100d9612177a1a35684774057489d83c1a5d5a367314de228927f8b71098a337

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\TransportSecurity~RFe595fba.TMP

Filesize
1KB

MD5
cbc421cd871c7779db0d341a821adab3

SHA1
d54535d936bd0b6a9a515796b0828ec706562219

SHA256
32a671be40348d12f751aa5e5e722e5c26f1959c605d2e332774c470c7f9a559

SHA512
0a8111cba6e4196b3f6c2d20cd51edc3daa3c8bee03d3a10391de8c88eb1664a3151846a5e1e6bbeb7f20f0ed02fb56ce80eafb755a17bf1d6636fb9e9111652

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences

Filesize
15KB

MD5
01e44063d9c7bb78263346e3a1a2cdb2

SHA1
82cce629abb470a30cfb08d14642c6344aa9a227

SHA256
310372f0d8fa56d92741b4cc939158aade3632050edac0db905d6e6893b44c03

SHA512
3a59f0f11f2aa5515c034a418263e2da4d33a89619e9dc2013553d43fdbfd1bbd04de5e303a29f7170a2973894d6d2646d4720f1ab2b593e4fcb4d4475c05ed0

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences

Filesize
15KB

MD5
cb98029102df0ed8734327488a8288f1

SHA1
781e7c64f2f70a9157ca010cd1db5f289b0e1b49

SHA256
9d3c3c99a2789e80fa1528ac7d592183ac81877a807646851fd84f13d7f0478e

SHA512
c0e7a0c9479f5a2656a29eb83e1e737828ba919dcdaecf3764b1849242f866cc368a09c5a58a0fc93fa2eea4296ace568861dea156693f176249d5c6c555e927

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences

Filesize
18KB

MD5
3b58f9590031af42bbba9ba927997c71

SHA1
3d1b6b55adace69c962d433e884abb753e3ddcc0

SHA256
12bc8a323ba1cf5623b1de1de04adad42a2c3b19949a2f13ffa31bf88439264f

SHA512
59136c3dbff32ebe3b42ec3f2616d7e67e2806bb85420e84c75a348b7767cbc6e62907af84f4552599d7c35a4095daa2750b01f43e14d4d4d510c71ce79a2bca

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences

Filesize
19KB

MD5
8b787691f50d16afbdb3e338c8dcc746

SHA1
846ec2e6bd81e53933e4b8088709d1e56c3649cf

SHA256
8626e04e15a4e25c2ee7f4ac9d1f5a7e37946764b2084c510b53f32b63b09951

SHA512
2d896c0ca83fb57e96192b8e0c5a2981e75e54960051a5c5f30dd616fbf5eb9cb17a96e4327741c1660169d8849f97f7f6bc0db374906a8e439e9405954cdf9d

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Preferences~RFe592dad.TMP

Filesize
6KB

MD5
d00b39715ec7a016a5de525278ef06c4

SHA1
22cb3dee2642c35ba2772b6447fbc1dd807f8811

SHA256
eda8a4d427c5bb2227726e434ed11600d8c40e2185b8f807183aa0d565edb9a6

SHA512
19e55220f6471ed87e010667db032549efcd58c492eb12061b6c006406746d1fe9c9b0d429e22b7ad5bdfb8369d71e31fa510c33694831c8ced0b7b10ede2908

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Secure Preferences

Filesize
15KB

MD5
1570af5fe4c4205109711135809cadd9

SHA1
d9ed2d95c748db38a0a59c59e7755300a6552506

SHA256
0460e24af612fdd6546adcfd8508ff2780dfb63c4a8093c1d21af97eeeea3c40

SHA512
997d93e132e7aad399a24386dc141c2785636418fba9062bc2de7beaf1c271fdaeaa5396a67bcadc095d3498801bf3926609479adc21a2f38d8e92191f4a863b

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Secure Preferences~RFe5958e4.TMP

Filesize
13KB

MD5
eeb946685645fdcaaf19dbc5c2154d4b

SHA1
314a406acc48cddd0a642f78c9f81724843356ea

SHA256
346cff4bd2c7953824c804f85202cb0f0026bc7b51fe9965c38e24446191bb1b

SHA512
fdb60411a0bb85fb19413ae9cdc9ff9402d856ffd8eb9fafa04c140ebc4476a6530c728129eb47b1bad66d020023e00f2fefb5cdb7eec7dc9fc6540df3715db5

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

Filesize
26KB

MD5
d3317f5faac58a2bcda3c660c7ccc6ae

SHA1
5cdc89e8d15271a8fd805fe8071c0af392c46df5

SHA256
842614dd06ffc95d88e5444c611e7fec2ab090ced526b2ba94b5e08852702fee

SHA512
35093132489b48a958ead0d886a2ba4be7d3e9b38914686ff2e928c63d60f83e8f8f6d5a4a5a4fbb902df6f0c9387f4c2973599bbea688b8f2814477d7900bed

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Service Worker\ScriptCache\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Site Characteristics Database\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Local State

Filesize
9KB

MD5
ced6a686bd44653f9198df799c631390

SHA1
f4465071982d41d1e2c554922fcbbe3aff22d326

SHA256
4eb3bb45a5ab830a84e22016d1f255ef1ae635c2bd4f29ba7a0f3e2951c5d3c1

SHA512
1816a2563de012ba364c8e1bcedd7cd059022a4cf939bca6e53a9aec17093e911de5f56e0ad50898d171289b929bb2d057e1cd90265e0fdc5baeb01302de4952

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Local State

Filesize
5KB

MD5
c1f025d3a29ca1f06f8011643018cdc3

SHA1
7eae821058c8abd50bd7317fd077e914cdc3f39d

SHA256
e0b5ac82715df79f2bbbaaaa4ef4069f4be00bafa8932d1156c7f89f70109028

SHA512
6b2aaba506be91ab0961abae7c9c8a31b7931d5bfd3a6076c9e6f1359e84b361ccd54d7f4dae661d12d730538e4dccffce7bb101c693627244783a65eb64b134

Download Submit
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Local State~RFe59067e.TMP

Filesize
5KB

MD5
5aa75882c95b17402e687fa4e3b6182e

SHA1
7329f028b1f89fefcf5a9e951ae775aeabc93eb6

SHA256
25337ecb464ca82812e9ec4d848c1d9381fa1b558762603367d4f85c5f510332

SHA512
bd3e4ccd6521bcd8a58016739e352e6bc7cbae8614a5037ef47c974a70b45ca23ad187c2eb74a7e2bf7c2981391b37b0766d1688e00d4eb5351f4d4f34539650

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WaveBrowser.lnk

Filesize
2KB

MD5
1474edfdff088a9d6b0b5bf0a2027d15

SHA1
e7252dcf367a21db906c7d5119cff5b2391ea224

SHA256
b1844f9e0084dae9ee50f07f3f15bc13fec01f84a44a247cbe615ab120557420

SHA512
535bc58b87a0674cad61fac1db3e4660bd718936903a60a6c09fcaea4422a31037c2cf518408ca23ff9f515d08583dfe9717bb5eb1a1b873b4e96c3ab7b6a6b5

Download Submit
C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports\settings.dat

Filesize
40B

MD5
c8d2fdb2f77325bbf6f4aafc761a294f

SHA1
c262925151c9f7dd2a3cb2165d53c4e08da6bc8b

SHA256
e60c4ddd468e7a56e486e7e01b9de709f48aceb6ef437f16ebdc672174662531

SHA512
d10608db869bdd405fb77f3ad95de9e95b1a28334d07fc573cc8f605459001e9d1d6aebf8273883f404678d188d209f58b0776d1bbb02dafdd1152128c22ba4d

Download Submit
C:\Users\Admin\Downloads\OperaSetup.exe

Filesize
2.1MB

MD5
cf4edc82a95ad1bbffa68b62f25799ae

SHA1
a31d962d607441c088ddc4c4254ada7e6a92650d

SHA256
1941d48ecf63443f87116cd3779a09800c4037bbca36dda1ed3255a9c2696d55

SHA512
17c80a6fb944235c6ef15580f5771983bc55ce3d7bc1b84dbb8baaea509436ffac180aeab3cc47042f1f58bea50ddd607a2531db3565e2c465f17238823bd4a6

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 959477.crdownload

Filesize
1.2MB

MD5
c9db6b5c84be13a43ad23cc204e4bc52

SHA1
94bd6634303205715fd04f8aa10d75158390e4d9

SHA256
77200156d4773175d341aad11ab23bd52445065cd95060348da17d083dc27688

SHA512
9273493c5e5ea24b2f5ee219fdf849546e85b3f5cc24c970f1ab6fdcfe961d96ca6fd41c96f9d915892ab24ce7ff409f0f5a6569b0225e95d36afba51615f8d6

Download Submit
C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe

Filesize
190KB

MD5
b483bb4c375468cfdae4a2ed4e40d056

SHA1
27311ef3b6a323335f46c4e81889a77ffb1b3002

SHA256
df80d9477a45eb1ff233f3d361a1d82729c368987de14c09747df0f959184902

SHA512
0116e83611626c27099a0171654a4f24d64c0c901bc597bf168f889a300a1f3aa62ef48759a78081fa1add6d82a8dd63d94eeba1d828d1aefa8ef17d2b0fb141

Download Submit
C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe

Filesize
108KB

MD5
b282ce9b81f606d1c6cbda554dcd4efa

SHA1
7554ca07096a2e410f2cd3c98beb7b7e6be27f3a

SHA256
1893941e9dd1ca1296e7f575a9442fa1cc53dfeaf2d1bc94d01608ba9e7e31bb

SHA512
9e71f3cb4ea67831dbee5bb4cbb2dbd9f8ff8ffd1158fe2fcac41c89169a9aa3236c8d163f7d4e9df5e2b70ba2be20fe3af97bef70be40f45dd11acb5b4bc184

Download Submit
C:\Users\Admin\Wavesor Software\WaveBrowser\1.5.20.2\Installer\setup.exe

Filesize
4.8MB

MD5
e50f33a6b1a15184a9790b61c41e2ed3

SHA1
98af62c1002e5fd4542251ce1c6f3c199bc339d3

SHA256
c228a12ff1460bb8dd5e03d22cd897bed46a220141bb1010f36fbb1c27c8da7e

SHA512
240ab25538e46a855ddcb9773267ab6ace09a1784ce95ea61f6f3dd1a6ad0c7102277c2133a6e75e7d18aabd168fc10320148748b9f1881eea4046922e2c2839

Download Submit
C:\Users\Admin\Wavesor Software\WaveBrowser\initial_preferences

Filesize
5KB

MD5
d45e852477b28b3453e78f984750521c

SHA1
ffaf43f0bd6b6d9ab35f4da8aceb6d3ddbd39408

SHA256
39a02b689bb1f4040430204b0613e3efb3fa88b6df025bf9ee5448c97e8efbfa

SHA512
9b810b536b727489308fc9dbb748f6ebe0f2a0de9c01346c7eb05b5425b44bae29072da70972f1e8fee0ddc7ab83c3bc4f7063c9da500cf674722fd37c7d4f5c

Download Submit
memory/1132-1778-0x000001C9D9350000-0x000001C9D9351000-memory.dmp

Filesize
4KB

Download
memory/2352-1301-0x00007FF9A40D0000-0x00007FF9A40D1000-memory.dmp

Filesize
4KB

Download
memory/2352-1302-0x0000027AE4AD0000-0x0000027AE4AD1000-memory.dmp

Filesize
4KB

Download
memory/4504-1835-0x000001B09AA90000-0x000001B09AABB000-memory.dmp

Filesize
172KB

Download
memory/4504-1711-0x000001B09AAC0000-0x000001B09AAC1000-memory.dmp

Filesize
4KB

Download
memory/5184-1412-0x000001CDB1140000-0x000001CDB1141000-memory.dmp

Filesize
4KB

Download
memory/5184-1413-0x000001CDB1110000-0x000001CDB113B000-memory.dmp

Filesize
172KB

Download
memory/6680-804-0x000000001E600000-0x000000001E60E000-memory.dmp

Filesize
56KB

Download
memory/6680-792-0x0000000000260000-0x000000000039E000-memory.dmp

Filesize
1.2MB

Download
memory/6680-802-0x000000001E5B0000-0x000000001E5B8000-memory.dmp

Filesize
32KB

Download
memory/6680-803-0x000000001E630000-0x000000001E668000-memory.dmp

Filesize
224KB

Download
memory/6740-1709-0x000002534B950000-0x000002534B951000-memory.dmp

Filesize
4KB

Download
memory/6780-816-0x000000001FD50000-0x0000000020278000-memory.dmp

Filesize
5.2MB

Download
memory/6792-1788-0x00000286485F0000-0x00000286485F1000-memory.dmp

Filesize
4KB

Download
memory/7408-1515-0x00000260017F0000-0x00000260017F1000-memory.dmp

Filesize
4KB

Download
memory/7408-1643-0x00000260017C0000-0x00000260017EB000-memory.dmp

Filesize
172KB

Download
memory/7420-1519-0x000001CDBA240000-0x000001CDBA241000-memory.dmp

Filesize
4KB

Download
memory/7420-1616-0x000001CDBA110000-0x000001CDBA13B000-memory.dmp

Filesize
172KB

Download
memory/7432-1504-0x000001CCBFC50000-0x000001CCBFC51000-memory.dmp

Filesize
4KB

Download
memory/7432-1794-0x000001CCBFC20000-0x000001CCBFC4B000-memory.dmp

Filesize
172KB

Download
memory/7440-1836-0x000002163EBC0000-0x000002163EBEB000-memory.dmp

Filesize
172KB

Download
memory/7440-1729-0x000002163EBF0000-0x000002163EBF1000-memory.dmp

Filesize
4KB

Download
memory/7444-1490-0x0000020E13640000-0x0000020E13641000-memory.dmp

Filesize
4KB

Download
memory/7444-1612-0x0000020E13610000-0x0000020E1363B000-memory.dmp

Filesize
172KB

Download
memory/7464-1512-0x000002AFF29F0000-0x000002AFF29F1000-memory.dmp

Filesize
4KB

Download
memory/7464-1798-0x000002AFF29C0000-0x000002AFF29EB000-memory.dmp

Filesize
172KB

Download
memory/7476-1799-0x00000258CE0B0000-0x00000258CE0DB000-memory.dmp

Filesize
172KB

Download
memory/7476-1510-0x00000258CFAF0000-0x00000258CFAF1000-memory.dmp

Filesize
4KB

Download
memory/7488-1800-0x0000025854650000-0x000002585467B000-memory.dmp

Filesize
172KB

Download
memory/7488-1502-0x0000025854890000-0x0000025854891000-memory.dmp

Filesize
4KB

Download
memory/7496-1837-0x000001E147C90000-0x000001E147CBB000-memory.dmp

Filesize
172KB

Download
memory/7496-1736-0x000001E147CC0000-0x000001E147CC1000-memory.dmp

Filesize
4KB

Download
memory/7500-1506-0x0000022B99EB0000-0x0000022B99EB1000-memory.dmp

Filesize
4KB

Download
memory/7500-1796-0x0000022B98540000-0x0000022B9856B000-memory.dmp

Filesize
172KB

Download
memory/7512-1508-0x000001AFEA1E0000-0x000001AFEA1E1000-memory.dmp

Filesize
4KB

Download
memory/7512-1797-0x000001AFE86A0000-0x000001AFE86CB000-memory.dmp

Filesize
172KB

Download
memory/7524-1498-0x0000022EA4720000-0x0000022EA4721000-memory.dmp

Filesize
4KB

Download
memory/7524-1792-0x0000022EA46F0000-0x0000022EA471B000-memory.dmp

Filesize
172KB

Download
memory/7644-1746-0x000001EF1C9A0000-0x000001EF1C9A1000-memory.dmp

Filesize
4KB

Download
memory/7668-1615-0x000001ECD0630000-0x000001ECD0631000-memory.dmp

Filesize
4KB

Download
memory/7668-1819-0x000001ECD0600000-0x000001ECD062B000-memory.dmp

Filesize
172KB

Download
memory/7864-1760-0x0000015A9FD10000-0x0000015A9FD11000-memory.dmp

Filesize
4KB

Download
memory/7988-1769-0x00000190E8090000-0x00000190E8091000-memory.dmp

Filesize
4KB

Download
memory/8104-1689-0x0000022C0E1B0000-0x0000022C0E1B1000-memory.dmp

Filesize
4KB

Download
memory/8180-1693-0x00000170DF3D0000-0x00000170DF3D1000-memory.dmp

Filesize
4KB

Download
memory/8180-1834-0x00000170DF3A0000-0x00000170DF3CB000-memory.dmp

Filesize
172KB

Download