Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
1050s -
max time network
1050s -
platform
windows10-2004_x64 -
resource
win10v2004-20250129-en -
resource tags
arch:x64arch:x86image:win10v2004-20250129-enlocale:en-usos:windows10-2004-x64system -
submitted
31/01/2025, 01:00
Static task
static1
Behavioral task
behavioral1
Sample
image.jpg
Resource
win10v2004-20250129-en
General
-
Target
image.jpg
-
Size
1.3MB
-
MD5
6e37f54b1cc27ad537038da38329d659
-
SHA1
7dabd9ae50b0cbabaaa81432f684ac0e55e1fa47
-
SHA256
9e54c4d0c83fa0ec3dc49adb3c7814935061cdaa319db6e53a85b738f881560d
-
SHA512
36e0be52b9c25de7a930178a7e1a0711cd8a1751438fbde9602b03ee72e062fdb7ec79e495b3635491f8d33804ebb31e85b89e71115f7c10ba2ee01fa8201898
-
SSDEEP
24576:lvA+JxVQaX9UF1tqvJ7+o0osergOuQ8QGdaMjqf/XrCBOLXilb:lN2aXKtqV+UZ8dFE/XrPyB
Malware Config
Signatures
-
flow pid Process 426 1876 AuthHost.exe 426 1876 AuthHost.exe 426 1876 AuthHost.exe 293 4704 msedge.exe -
Suspicious use of NtCreateUserProcessOtherParentProcess 1 IoCs
description pid Process procid_target PID 3280 created 920 3280 PickerHost.Exe 180 -
Downloads MZ/PE file 3 IoCs
flow pid Process 753 5048 msedge.exe 770 1424 Process not Found 567 5048 msedge.exe -
A potential corporate email address has been identified in the URL: [email protected]
-
Checks computer location settings 2 TTPs 64 IoCs
Looks up country code configured in the registry, likely geofence.
description ioc Process Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation SWUpdater.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe Key value queried \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Control Panel\International\Geo\Nation wavebrowser.exe -
Event Triggered Execution: Component Object Model Hijacking 1 TTPs
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE 64 IoCs
pid Process 4908 Wave Browser.exe 840 SWUpdaterSetup.exe 3340 SWUpdater.exe 1052 SWUpdater.exe 5092 SWUpdaterComRegisterShell64.exe 2096 SWUpdaterComRegisterShell64.exe 1124 SWUpdaterComRegisterShell64.exe 1088 SWUpdater.exe 1608 SWUpdater.exe 4952 SWUpdater.exe 3628 WaveInstaller-v1.5.20.2.exe 4488 setup.exe 2056 setup.exe 3180 setup.exe 1600 setup.exe 3376 wavebrowser.exe 3096 wavebrowser.exe 5140 wavebrowser.exe 5184 wavebrowser.exe 5352 wavebrowser.exe 5448 wavebrowser.exe 5460 wavebrowser.exe 5532 wavebrowser.exe 5148 SWUpdater.exe 2428 wavebrowser.exe 5968 wavebrowser.exe 5980 wavebrowser.exe 2964 wavebrowser.exe 6032 wavebrowser.exe 5916 wavebrowser.exe 5128 wavebrowser.exe 6100 wavebrowser.exe 6108 wavebrowser.exe 6120 wavebrowser.exe 6132 wavebrowser.exe 5172 wavebrowser.exe 5596 wavebrowser.exe 5576 wavebrowser.exe 3000 wavebrowser.exe 5612 wavebrowser.exe 2760 wavebrowser.exe 5152 wavebrowser.exe 4432 wavebrowser.exe 5148 wavebrowser.exe 1688 wavebrowser.exe 4884 wavebrowser.exe 5816 wavebrowser.exe 4800 wavebrowser.exe 6208 wavebrowser.exe 6228 wavebrowser.exe 6276 wavebrowser.exe 6676 wavebrowser.exe 6708 wavebrowser.exe 6868 wavebrowser.exe 6888 wavebrowser.exe 7076 wavebrowser.exe 7088 wavebrowser.exe 7024 wavebrowser.exe 6224 wavebrowser.exe 6240 wavebrowser.exe 6392 wavebrowser.exe 6232 wavebrowser.exe 6288 wavebrowser.exe 6256 wavebrowser.exe -
Loads dropped DLL 64 IoCs
pid Process 3340 SWUpdater.exe 1052 SWUpdater.exe 5092 SWUpdaterComRegisterShell64.exe 1052 SWUpdater.exe 2096 SWUpdaterComRegisterShell64.exe 1052 SWUpdater.exe 1124 SWUpdaterComRegisterShell64.exe 1052 SWUpdater.exe 1088 SWUpdater.exe 1608 SWUpdater.exe 4952 SWUpdater.exe 4952 SWUpdater.exe 1608 SWUpdater.exe 3376 wavebrowser.exe 3096 wavebrowser.exe 3376 wavebrowser.exe 5140 wavebrowser.exe 5184 wavebrowser.exe 5140 wavebrowser.exe 5184 wavebrowser.exe 5140 wavebrowser.exe 5140 wavebrowser.exe 5140 wavebrowser.exe 5140 wavebrowser.exe 5140 wavebrowser.exe 5140 wavebrowser.exe 5352 wavebrowser.exe 5352 wavebrowser.exe 5448 wavebrowser.exe 5532 wavebrowser.exe 5460 wavebrowser.exe 5460 wavebrowser.exe 5532 wavebrowser.exe 5148 SWUpdater.exe 2428 wavebrowser.exe 2428 wavebrowser.exe 5448 wavebrowser.exe 5968 wavebrowser.exe 5980 wavebrowser.exe 5980 wavebrowser.exe 5968 wavebrowser.exe 5172 wavebrowser.exe 5172 wavebrowser.exe 5576 wavebrowser.exe 5596 wavebrowser.exe 5596 wavebrowser.exe 5576 wavebrowser.exe 3000 wavebrowser.exe 3000 wavebrowser.exe 5612 wavebrowser.exe 2760 wavebrowser.exe 5612 wavebrowser.exe 5152 wavebrowser.exe 2760 wavebrowser.exe 4432 wavebrowser.exe 5152 wavebrowser.exe 4432 wavebrowser.exe 5148 wavebrowser.exe 6132 wavebrowser.exe 5148 wavebrowser.exe 6132 wavebrowser.exe 1688 wavebrowser.exe 4884 wavebrowser.exe 4884 wavebrowser.exe -
Reads user/profile data of web browsers 3 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Wavesor SWUpdater = "\"C:\\Users\\Admin\\Wavesor Software\\SWUpdater\\1.3.135.0\\SWUpdaterCore.exe\"" SWUpdater.exe -
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled 1 TTPs 6 IoCs
description ioc Process Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA SWUpdater.exe Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA SWUpdater.exe Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA SWUpdater.exe Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA SWUpdater.exe Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA SWUpdater.exe Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA SWUpdater.exe -
Drops desktop.ini file(s) 1 IoCs
description ioc Process File opened for modification C:\Users\Admin\Videos\Captures\desktop.ini svchost.exe -
Checks system information in the registry 2 TTPs 2 IoCs
System information is often read in order to detect sandboxing environments.
description ioc Process Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName wavebrowser.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer wavebrowser.exe -
flow pid Process 126 4704 msedge.exe 126 4704 msedge.exe 281 4704 msedge.exe 281 4704 msedge.exe -
Drops file in Program Files directory 31 IoCs
description ioc Process File created C:\Program Files (x86)\Wavesor\Temp\GUM8FC8.tmp\psuser.dll SWUpdaterSetup.exe File opened for modification C:\Program Files (x86)\Wavesor\Temp\GUM8FC8.tmp\SWUpdaterSetup.exe SWUpdaterSetup.exe File created C:\Program Files (x86)\Wavesor\Temp\GUM8FC8.tmp\swupdater.dll SWUpdaterSetup.exe File created C:\Program Files\chrome_Unpacker_BeginUnzipping3376_703148749\_metadata\verified_contents.json wavebrowser.exe File created C:\Program Files\chrome_Unpacker_BeginUnzipping3376_1151777906\manifest.json wavebrowser.exe File created C:\Program Files\chrome_Unpacker_BeginUnzipping3376_1151777906\_metadata\verified_contents.json wavebrowser.exe File created C:\Program Files (x86)\Wavesor\Temp\GUM8FC8.tmp\SWUpdaterOnDemand.exe SWUpdaterSetup.exe File created C:\Program Files (x86)\Wavesor\Temp\GUM8FC8.tmp\psmachine.dll SWUpdaterSetup.exe File created C:\Program Files\chrome_Unpacker_BeginUnzipping3376_130569210\privacy-sandbox-attestations.dat wavebrowser.exe File created C:\Program Files\chrome_Unpacker_BeginUnzipping3376_703148749\kp_pinslist.pb wavebrowser.exe File created C:\Program Files\chrome_Unpacker_BeginUnzipping3376_130569210\manifest.json wavebrowser.exe File created C:\Program Files\chrome_Unpacker_BeginUnzipping3376_130569210\_metadata\verified_contents.json wavebrowser.exe File created C:\Program Files\chrome_Unpacker_BeginUnzipping3376_1151777906\crl-set wavebrowser.exe File created C:\Program Files (x86)\Wavesor\Temp\GUM8FC8.tmp\SWUpdaterBroker.exe SWUpdaterSetup.exe File created C:\Program Files (x86)\Wavesor\Temp\GUM8FC8.tmp\SWUpdaterComRegisterShell64.exe SWUpdaterSetup.exe File created C:\Program Files (x86)\Wavesor\Temp\GUM8FC8.tmp\SWUpdaterCore.exe SWUpdaterSetup.exe File created C:\Program Files (x86)\Wavesor\Temp\GUM8FC8.tmp\swupdaterres_en.dll SWUpdaterSetup.exe File created C:\Program Files (x86)\Wavesor\Temp\GUM8FC8.tmp\SWUpdaterSetup.exe SWUpdaterSetup.exe File created C:\Program Files\chrome_Unpacker_BeginUnzipping3376_1151777906\manifest.fingerprint wavebrowser.exe File opened for modification C:\Program Files (x86)\Wavesor\Temp\GUT8FC9.tmp SWUpdaterSetup.exe File created C:\Program Files (x86)\Wavesor\Temp\GUM8FC8.tmp\psmachine_64.dll SWUpdaterSetup.exe File created C:\Program Files\chrome_Unpacker_BeginUnzipping3376_130569210\manifest.fingerprint wavebrowser.exe File created C:\Program Files\chrome_Unpacker_BeginUnzipping3376_703148749\manifest.json wavebrowser.exe File created C:\Program Files (x86)\Wavesor\Temp\GUM8FC8.tmp\SWUpdater.exe SWUpdaterSetup.exe File created C:\Program Files (x86)\Wavesor\Temp\GUM8FC8.tmp\psuser_64.dll SWUpdaterSetup.exe File opened for modification C:\Program Files\wavebrowser_installer.log setup.exe File opened for modification C:\Program Files\wavebrowser_installer.log setup.exe File created C:\Program Files\chrome_Unpacker_BeginUnzipping3376_1151777906\LICENSE wavebrowser.exe File created C:\Program Files\chrome_Unpacker_BeginUnzipping3376_703148749\ct_config.pb wavebrowser.exe File created C:\Program Files\chrome_Unpacker_BeginUnzipping3376_703148749\crs.pb wavebrowser.exe File created C:\Program Files\chrome_Unpacker_BeginUnzipping3376_703148749\manifest.fingerprint wavebrowser.exe -
Drops file in Windows directory 1 IoCs
description ioc Process File opened for modification C:\Windows\Debug\WIA\wiatrace.log mspaint.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 8 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language SWUpdater.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language SWUpdater.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language SWUpdater.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language SWUpdater.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language SWUpdater.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language WaveInstaller-v1.5.20.2.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language SWUpdater.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language SWUpdaterSetup.exe -
System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 2 IoCs
Adversaries may check for Internet connectivity on compromised systems.
pid Process 5148 SWUpdater.exe 1088 SWUpdater.exe -
Checks processor information in registry 2 TTPs 4 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString svchost.exe Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 svchost.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString svchost.exe Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 svchost.exe -
Enumerates system info in registry 2 TTPs 9 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS wavebrowser.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer wavebrowser.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName wavebrowser.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe -
description ioc Process Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\Software\Microsoft\Internet Explorer\GPU AuthHost.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000\SOFTWARE\Microsoft\Internet Explorer\GPU AuthHost.exe -
Modifies data under HKEY_USERS 7 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography AuthHost.exe Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry wavebrowser.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133827597967228386" wavebrowser.exe Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry AuthHost.exe Key created \REGISTRY\USER\S-1-5-19 AuthHost.exe Key created \REGISTRY\USER\S-1-5-19\Software AuthHost.exe Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft AuthHost.exe -
Modifies registry class 64 IoCs
description ioc Process Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WOW6432Node\Interface\{D669BD5D-A9B6-47FD-B558-81508AEF48C4}\NumMethods\ = "4" SWUpdater.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{E44DDEE0-3097-499E-9DD5-7D5D5DCC401D}\ = "IGoogleUpdate3Web" SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{7DFF302B-EA41-49F8-97B1-9413CEF98C68}\NumMethods SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.accountscontrol_cw5n1h2txyewy\Internet Settings\Cache AccountsControlHost.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\CLSID\{DB982438-E7B9-46E1-AF0F-CFD8947957E8}\InprocHandler32\ThreadingModel = "Both" SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{D669BD5D-A9B6-47FD-B558-81508AEF48C4}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}" SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{C0151E6C-8D24-485D-BEC8-B6C6C82E26E8} SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{E44DDEE0-3097-499E-9DD5-7D5D5DCC401D} SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WOW6432Node\Interface\{64A19E70-BCFF-4808-A320-774FD11571E5}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}" SWUpdater.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WOW6432Node\Interface\{92333BDA-3022-4A7F-8858-081260EA85DE}\ProxyStubClsid32 SWUpdater.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{E4E159E0-7B9C-4D75-AC11-A80628173DE3}\NumMethods SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WavesorSWUpdater.PolicyStatusUser.1.0 SWUpdater.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{CFDE680E-8700-4808-BAAF-8B1F50F2CC87}\NumMethods\ = "12" SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{DDF98EF0-2728-4A8D-8B0F-32627DC56437}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}" SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\.mhtml\OpenWithProgids\WaveBrwsHTM.JQCE2TKW2IH63BSUOQRCMS6V3Q setup.exe Set value (int) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.authhost.a_8wekyb3d8bbwe\Internet Settings\Cache\Content\CacheVersion = "1" AuthHost.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{92333BDA-3022-4A7F-8858-081260EA85DE}\ = "ICredentialDialog" SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WOW6432Node\Interface\{6130C56B-9B2C-4D5D-8160-C7A583B5DC3B}\NumMethods SWUpdater.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{D3C865DD-E36B-432E-9E47-554925B86737}\NumMethods SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{617E37E1-AC79-4162-BACC-C797A1D31D3E}\ = "IGoogleUpdate" SWUpdaterComRegisterShell64.exe Key deleted \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\CLSID\{DB982438-E7B9-46E1-AF0F-CFD8947957E8}\InprocHandler32 SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{0D311A22-BD24-4C7A-8FC1-117F8D62A781}\ = "IProgressWndEvents" SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WavesorSWUpdater.PolicyStatusUser.1.0\CLSID\ = "{3C41B0C4-B5B6-4293-BED4-C927CCFDB909}" SWUpdater.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\.webp\OpenWithProgids setup.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{E4E159E0-7B9C-4D75-AC11-A80628173DE3} SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WOW6432Node\Interface\{C5E89508-3927-4EF5-A3B3-C479F0D4E36F}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}" SWUpdater.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\.svg setup.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WavesorSWUpdater.Update3COMClassUser.1.0 SWUpdater.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{64A19E70-BCFF-4808-A320-774FD11571E5}\ProxyStubClsid32 SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WOW6432Node\Interface\{CFDE680E-8700-4808-BAAF-8B1F50F2CC87}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}" SWUpdater.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WOW6432Node\Interface\{8129608C-48BD-42A6-9EBC-7B0933A5CFA3}\NumMethods SWUpdater.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WavesorSWUpdater.Update3COMClassUser.1.0\ = "Update3COMClass" SWUpdater.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{DDF98EF0-2728-4A8D-8B0F-32627DC56437}\NumMethods\ = "24" SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\CLSID\{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}\ = "PSFactoryBuffer" SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{7DFF302B-EA41-49F8-97B1-9413CEF98C68}\ = "IGoogleUpdate3" SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{0D311A22-BD24-4C7A-8FC1-117F8D62A781}\ProxyStubClsid32 SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{64A19E70-BCFF-4808-A320-774FD11571E5}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}" SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WOW6432Node\Interface\{8129608C-48BD-42A6-9EBC-7B0933A5CFA3}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}" SWUpdater.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WOW6432Node\CLSID\{9E0CE9B5-C498-40A8-B7F2-B89AF1C56FFF}\ProgID\ = "WavesorSWUpdater.Update3COMClassUser.1.0" SWUpdater.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{6130C56B-9B2C-4D5D-8160-C7A583B5DC3B}\NumMethods\ = "43" SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{E4E159E0-7B9C-4D75-AC11-A80628173DE3} SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{62A51DF2-CCB8-4DD9-9069-34B8461617FC}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}" SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{730EBDF4-7AD2-4516-BF1A-6C6F28C60CF9}\NumMethods SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{0D311A22-BD24-4C7A-8FC1-117F8D62A781}\NumMethods SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{DA4EFC2D-B243-4BA8-8A14-8937D867B699}\NumMethods SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WOW6432Node\Interface\{C5E89508-3927-4EF5-A3B3-C479F0D4E36F}\ProxyStubClsid32 SWUpdater.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WOW6432Node\CLSID\{30FB944E-9455-49DD-81C6-7542E47AA3E7}\VersionIndependentProgID\ = "WavesorSWUpdater.Update3WebUser" SWUpdater.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WOW6432Node\CLSID\{3C41B0C4-B5B6-4293-BED4-C927CCFDB909}\ProgID\ = "WavesorSWUpdater.PolicyStatusUser.1.0" SWUpdater.exe Set value (int) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.accountscontrol_cw5n1h2txyewy\Internet Settings\Cache\Cookies\CacheLimit = "1" AccountsControlHost.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{8129608C-48BD-42A6-9EBC-7B0933A5CFA3}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}" SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{E4E159E0-7B9C-4D75-AC11-A80628173DE3}\NumMethods\ = "8" SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WavesorSWUpdater.Update3COMClassUser.1.0\CLSID\ = "{9E0CE9B5-C498-40A8-B7F2-B89AF1C56FFF}" SWUpdater.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{50363C3E-2FB2-4EC0-A827-CD3314F526C5}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}" SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\CLSID\{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}\InProcServer32\ThreadingModel = "Both" SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{D669BD5D-A9B6-47FD-B558-81508AEF48C4}\NumMethods SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{B2083DCC-1D29-45E6-8386-BEE1488D11AA}\NumMethods\ = "24" SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{CEF9DF20-AE5B-4A54-B479-9C2AFC1C2683}\NumMethods SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{E44DDEE0-3097-499E-9DD5-7D5D5DCC401D}\ProxyStubClsid32 SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\WOW6432Node\Interface\{92333BDA-3022-4A7F-8858-081260EA85DE} SWUpdater.exe Key deleted \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\CLSID\{DB982438-E7B9-46E1-AF0F-CFD8947957E8} SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{3BE77C6E-0029-4F24-B677-32C9E15CD8F1}\ProxyStubClsid32\ = "{D7EC6DDA-90E9-44BA-863B-6C3500BB5BDF}" SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{B2083DCC-1D29-45E6-8386-BEE1488D11AA}\NumMethods SWUpdaterComRegisterShell64.exe Set value (str) \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\Interface\{DDF98EF0-2728-4A8D-8B0F-32627DC56437}\ = "ICurrentState" SWUpdaterComRegisterShell64.exe Key created \REGISTRY\USER\S-1-5-21-1412605595-2147700071-3468511006-1000_Classes\.html setup.exe -
Modifies system certificate store 2 TTPs 3 IoCs
description ioc Process Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 wavebrowser.exe Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 04000000010000001000000078f2fcaa601f2fb4ebc937ba532e75490f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e4190000000100000010000000ffac207997bb2cfe865570179ee037b92000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e wavebrowser.exe Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 5c000000010000000400000000100000190000000100000010000000ffac207997bb2cfe865570179ee037b9030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e199604000000010000001000000078f2fcaa601f2fb4ebc937ba532e75492000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e wavebrowser.exe -
NTFS ADS 2 IoCs
description ioc Process File opened for modification C:\Users\Admin\Downloads\Unconfirmed 87335.crdownload:SmartScreen msedge.exe File opened for modification C:\Users\Admin\Downloads\Unconfirmed 285156.crdownload:SmartScreen msedge.exe -
Suspicious behavior: EnumeratesProcesses 40 IoCs
pid Process 3500 mspaint.exe 3500 mspaint.exe 5008 msedge.exe 5008 msedge.exe 4704 msedge.exe 4704 msedge.exe 4532 msedge.exe 4532 msedge.exe 2144 identity_helper.exe 2144 identity_helper.exe 1452 msedge.exe 1452 msedge.exe 1452 msedge.exe 1452 msedge.exe 5048 msedge.exe 5048 msedge.exe 2576 msedge.exe 2576 msedge.exe 3356 identity_helper.exe 3356 identity_helper.exe 3992 msedge.exe 3992 msedge.exe 3992 msedge.exe 3992 msedge.exe 4884 msedge.exe 4884 msedge.exe 3340 SWUpdater.exe 3340 SWUpdater.exe 4488 setup.exe 4488 setup.exe 4488 setup.exe 4488 setup.exe 4488 setup.exe 4488 setup.exe 3340 SWUpdater.exe 3340 SWUpdater.exe 3340 SWUpdater.exe 3340 SWUpdater.exe 5428 msedge.exe 5428 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs
pid Process 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: 33 5112 AUDIODG.EXE Token: SeIncBasePriorityPrivilege 5112 AUDIODG.EXE Token: SeManageVolumePrivilege 1416 svchost.exe Token: 33 1368 AUDIODG.EXE Token: SeIncBasePriorityPrivilege 1368 AUDIODG.EXE Token: SeDebugPrivilege 4908 Wave Browser.exe Token: SeDebugPrivilege 3340 SWUpdater.exe Token: SeDebugPrivilege 3340 SWUpdater.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe Token: SeShutdownPrivilege 3376 wavebrowser.exe Token: SeCreatePagefilePrivilege 3376 wavebrowser.exe -
Suspicious use of FindShellTrayWindow 64 IoCs
pid Process 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 3280 PickerHost.Exe 3280 PickerHost.Exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe -
Suspicious use of SendNotifyMessage 64 IoCs
pid Process 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 4532 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 2576 msedge.exe 3376 wavebrowser.exe 3376 wavebrowser.exe 3376 wavebrowser.exe 3376 wavebrowser.exe 3376 wavebrowser.exe 3376 wavebrowser.exe 3376 wavebrowser.exe 3376 wavebrowser.exe 3376 wavebrowser.exe 3376 wavebrowser.exe 3376 wavebrowser.exe 3376 wavebrowser.exe 3376 wavebrowser.exe 3376 wavebrowser.exe -
Suspicious use of SetWindowsHookEx 8 IoCs
pid Process 3500 mspaint.exe 3500 mspaint.exe 3500 mspaint.exe 3500 mspaint.exe 920 AccountsControlHost.exe 3280 PickerHost.Exe 1876 AuthHost.exe 920 AccountsControlHost.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 4984 wrote to memory of 448 4984 msedge.exe 111 PID 4984 wrote to memory of 448 4984 msedge.exe 111 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 4628 4984 msedge.exe 113 PID 4984 wrote to memory of 5008 4984 msedge.exe 114 PID 4984 wrote to memory of 5008 4984 msedge.exe 114 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 PID 4984 wrote to memory of 4128 4984 msedge.exe 115 -
Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
Processes
-
C:\Windows\system32\mspaint.exe"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\AppData\Local\Temp\image.jpg"1⤵
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:3500
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService1⤵PID:4676
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultafa9189fh6c09h45e6h8b6bh5541488eaff51⤵
- Suspicious use of WriteProcessMemory
PID:4984 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffc89c646f8,0x7ffc89c64708,0x7ffc89c647182⤵PID:448
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1980,7871078225148137867,16266438211232042187,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2068 /prefetch:22⤵PID:4628
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1980,7871078225148137867,16266438211232042187,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
PID:5008
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1980,7871078225148137867,16266438211232042187,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:82⤵PID:4128
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4388
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:1920
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService1⤵
- Drops desktop.ini file(s)
- Checks processor information in registry
PID:2292
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4532 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc89c646f8,0x7ffc89c64708,0x7ffc89c647182⤵PID:4452
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:22⤵PID:836
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:32⤵
- Detected google phishing page
- Detected potential entity reuse from brand MICROSOFT.
- Suspicious behavior: EnumeratesProcesses
PID:4704
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2980 /prefetch:82⤵PID:4708
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:12⤵PID:1996
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:12⤵PID:1756
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:12⤵PID:4028
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:12⤵PID:1268
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3460 /prefetch:82⤵PID:1228
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3460 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:2144
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3640 /prefetch:12⤵PID:4036
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:12⤵PID:2220
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5032 /prefetch:12⤵PID:4228
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:12⤵PID:3484
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:12⤵PID:5068
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5568 /prefetch:12⤵PID:2220
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4512 /prefetch:12⤵PID:3128
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:12⤵PID:2168
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1740 /prefetch:12⤵PID:2324
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:12⤵PID:4400
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:12⤵PID:1492
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:12⤵PID:396
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4084 /prefetch:12⤵PID:1876
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6536 /prefetch:12⤵PID:3380
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3824 /prefetch:12⤵PID:3732
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2216 /prefetch:82⤵PID:3976
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6416 /prefetch:12⤵PID:1064
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6916 /prefetch:12⤵PID:652
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6524 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:1452
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1260 /prefetch:12⤵PID:3916
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6236 /prefetch:12⤵PID:1060
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6376 /prefetch:12⤵PID:5028
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:12⤵PID:4828
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6032 /prefetch:12⤵PID:888
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:12⤵PID:3684
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6480 /prefetch:12⤵PID:5048
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6032 /prefetch:12⤵PID:180
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6476 /prefetch:12⤵PID:4256
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:12⤵PID:2468
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:12⤵PID:3104
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:12⤵PID:2820
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,3682509057406316531,6453009034410315346,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1304 /prefetch:12⤵PID:3088
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4036
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:2980
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x240 0x3281⤵
- Suspicious use of AdjustPrivilegeToken
PID:5112
-
C:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exe -k UnistackSvcGroup1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1416
-
C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe"C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe" -ServerName:App.AppX20qnn98vxw5bhxrjtb1f6rggecb2k15a.mca1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:920 -
C:\Windows\system32\AuthHost.exe"C:\Windows\system32\AuthHost.exe" -AuthHostBrokerActivated 00000cd0_00000001_0e61ef322⤵
- Detected google phishing page
- Modifies Internet Explorer settings
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:1876
-
-
C:\Windows\System32\PickerHost.ExeC:\Windows\System32\PickerHost.Exe -Embedding1⤵
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
PID:3280
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService1⤵
- Checks processor information in registry
PID:780
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default1⤵
- Enumerates system info in registry
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2576 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xdc,0x100,0x104,0x9c,0x108,0x7ffc89c646f8,0x7ffc89c64708,0x7ffc89c647182⤵PID:2208
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2032 /prefetch:22⤵PID:4132
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2512 /prefetch:32⤵
- Downloads MZ/PE file
- Suspicious behavior: EnumeratesProcesses
PID:5048
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:82⤵PID:220
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3628 /prefetch:12⤵PID:3260
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3636 /prefetch:12⤵PID:4764
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:12⤵PID:5112
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:12⤵PID:1924
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5360 /prefetch:82⤵PID:3744
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5360 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:3356
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:12⤵PID:4432
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4016 /prefetch:12⤵PID:2236
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3676 /prefetch:12⤵PID:3120
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:12⤵PID:4892
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:12⤵PID:4636
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3956 /prefetch:12⤵PID:3992
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:12⤵PID:3928
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:12⤵PID:628
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:12⤵PID:2452
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:12⤵PID:920
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3964 /prefetch:12⤵PID:4488
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:12⤵PID:1740
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5828 /prefetch:82⤵PID:2872
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5968 /prefetch:12⤵PID:2708
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6448 /prefetch:82⤵PID:836
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6476 /prefetch:12⤵PID:2444
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1812 /prefetch:12⤵PID:1868
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:12⤵PID:3344
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3844 /prefetch:12⤵PID:3704
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:12⤵PID:3652
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6744 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:3992
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6852 /prefetch:12⤵PID:3848
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:12⤵PID:2500
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=184 /prefetch:12⤵PID:4248
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6728 /prefetch:12⤵PID:3420
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1404 /prefetch:12⤵PID:3512
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:12⤵PID:2372
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6580 /prefetch:12⤵PID:3220
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3832 /prefetch:12⤵PID:4756
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:12⤵PID:2936
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7612 /prefetch:12⤵PID:1264
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6544 /prefetch:12⤵PID:3024
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6852 /prefetch:12⤵PID:2760
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7664 /prefetch:82⤵PID:1292
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7676 /prefetch:12⤵PID:1008
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7184 /prefetch:82⤵PID:1412
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5556 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:4884
-
-
C:\Users\Admin\Downloads\Wave Browser.exe"C:\Users\Admin\Downloads\Wave Browser.exe"2⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:4908 -
C:\Users\Admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe"C:\Users\Admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe" /install "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1"3⤵
- Executes dropped EXE
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
PID:840 -
C:\Program Files (x86)\Wavesor\Temp\GUM8FC8.tmp\SWUpdater.exe"C:\Program Files (x86)\Wavesor\Temp\GUM8FC8.tmp\SWUpdater.exe" /install "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1"4⤵
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
- Checks whether UAC is enabled
- System Location Discovery: System Language Discovery
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:3340 -
C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe"C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /regserver5⤵
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
- System Location Discovery: System Language Discovery
- Modifies registry class
PID:1052 -
C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe"C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe" /user6⤵
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
PID:5092
-
-
C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe"C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe" /user6⤵
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
PID:2096
-
-
C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe"C:\Users\Admin\Wavesor Software\SWUpdater\1.3.135.0\SWUpdaterComRegisterShell64.exe" /user6⤵
- Executes dropped EXE
- Loads dropped DLL
- Modifies registry class
PID:1124
-
-
-
C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe"C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJTV1VwZGF0ZXIiIHVwZGF0ZXJ2ZXJzaW9uPSIxLjMuMTM1LjAiIHNoZWxsX3ZlcnNpb249IjEuMy4xMzUuMCIgaXNtYWNoaW5lPSIwIiBzZXNzaW9uaWQ9Ins3OUJEOTg1NS1DMURELTRCRjMtQjVFRC1FNjUwOEMyQ0M2QzN9IiB1c2VyaWQ9Ins2ODRjOTAwZC1kM2RhLTQ2MWEtODUyYi03MzYwM2Y1MjVmMjB9IiBpbnN0YWxsc291cmNlPSJvdGhlcmluc3RhbGxjbWQiIHJlcXVlc3RpZD0ie0EwOEY4MjA1LTI2N0YtNDJGNi1BMEFDLTJCNjY5RTQyMzFDRH0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iOCIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiLz48YXBwIGFwcGlkPSJ7RjZGNjBBQ0UtNzFBRC00NjEwLTgwRDQtOTI1MzcyOUZCNEI3fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMS4zLjEzNS4wIiBsYW5nPSJlbiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGluc3RhbGxfdGltZV9tcz0iMjM1Ii8-PC9hcHA-PC9yZXF1ZXN0Pg5⤵
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
PID:1088
-
-
C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe"C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /handoff "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1" /installsource otherinstallcmd /sessionid "{79BD9855-C1DD-4BF3-B5ED-E6508C2CC6C3}"5⤵
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
- System Location Discovery: System Language Discovery
PID:1608
-
-
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:12⤵PID:2372
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,12957855568530790758,4292713445089572790,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:12⤵PID:6772
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4800
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:1380
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x240 0x3281⤵
- Suspicious use of AdjustPrivilegeToken
PID:1368
-
C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe"C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" -Embedding1⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
- System Location Discovery: System Language Discovery
PID:4952 -
C:\Users\Admin\Wavesor Software\SWUpdater\Install\{2A17AC7B-52DD-4CA7-9A90-7CD36D47FAB5}\WaveInstaller-v1.5.20.2.exe"C:\Users\Admin\Wavesor Software\SWUpdater\Install\{2A17AC7B-52DD-4CA7-9A90-7CD36D47FAB5}\WaveInstaller-v1.5.20.2.exe" /installerdata="C:\Users\Admin\AppData\Local\Temp\guiD482.tmp"2⤵
- Executes dropped EXE
- System Location Discovery: System Language Discovery
PID:3628 -
C:\Users\Admin\AppData\Local\Temp\nsdD6F4.tmp\setup.exe"C:\Users\Admin\AppData\Local\Temp\nsdD6F4.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\nsdD6F4.tmp\wavebrowser.packed.7z" --wid=lj0ycln7 --installerdata="C:\Users\Admin\AppData\Local\Temp\guiD482.tmp"3⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
PID:4488 -
C:\Users\Admin\AppData\Local\Temp\nsdD6F4.tmp\setup.exeC:\Users\Admin\AppData\Local\Temp\nsdD6F4.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.5.20.2 --initial-client-data=0x25c,0x260,0x264,0x238,0x268,0x7ff7f53f8980,0x7ff7f53f898c,0x7ff7f53f89984⤵
- Executes dropped EXE
PID:2056
-
-
C:\Users\Admin\AppData\Local\Temp\nsdD6F4.tmp\setup.exe"C:\Users\Admin\AppData\Local\Temp\nsdD6F4.tmp\setup.exe" --verbose-logging --installerdata="C:\Users\Admin\AppData\Local\Temp\guiD482.tmp" --create-shortcuts=0 --install-level=04⤵
- Executes dropped EXE
- Drops file in Program Files directory
PID:3180 -
C:\Users\Admin\AppData\Local\Temp\nsdD6F4.tmp\setup.exeC:\Users\Admin\AppData\Local\Temp\nsdD6F4.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.5.20.2 --initial-client-data=0x25c,0x260,0x264,0x238,0x268,0x7ff7f53f8980,0x7ff7f53f898c,0x7ff7f53f89985⤵
- Executes dropped EXE
PID:1600
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://install.convertwithwave.com/thank-you?tid=lj0ycln7&src=d-d-cp21727671082-lp0-obem-wav-igfoLDXgHEqehYJHPBg-ab15-w64-brwsr&cid=21727671082&iid=wav-cvt&uid=684c900d-d3da-461a-852b-73603f525f204⤵PID:652
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc89c646f8,0x7ffc89c64708,0x7ffc89c647185⤵PID:5000
-
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --install-type=1 --from-installer4⤵
- Executes dropped EXE
- Loads dropped DLL
- Checks system information in the registry
- Drops file in Program Files directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies system certificate store
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SendNotifyMessage
PID:3376 -
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.5.20.2 --initial-client-data=0x12c,0x130,0x134,0x10c,0x138,0x7ffc81ab6cf8,0x7ffc81ab6d04,0x7ffc81ab6d105⤵
- Executes dropped EXE
- Loads dropped DLL
PID:3096
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=gpu-process --string-annotations=is-enterprise-managed=no --start-stack-profiler --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1980,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=2044 /prefetch:25⤵
- Executes dropped EXE
- Loads dropped DLL
PID:5140
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --start-stack-profiler --field-trial-handle=1916,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=2180 /prefetch:35⤵
- Executes dropped EXE
- Loads dropped DLL
PID:5184
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations=is-enterprise-managed=no --field-trial-handle=2372,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=2444 /prefetch:85⤵
- Executes dropped EXE
- Loads dropped DLL
PID:5352
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3112,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=3176 /prefetch:15⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
PID:5448
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3120,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=3200 /prefetch:25⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
PID:5460
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=3508,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=3888 /prefetch:85⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
PID:5532
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=4544,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4548 /prefetch:85⤵
- Executes dropped EXE
- Loads dropped DLL
PID:2428
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=4568,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4656 /prefetch:85⤵
- Executes dropped EXE
- Loads dropped DLL
PID:5968
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=4316,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4616 /prefetch:85⤵
- Executes dropped EXE
- Loads dropped DLL
PID:5980
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4684,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4896 /prefetch:15⤵
- Executes dropped EXE
PID:2964
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4708,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4680 /prefetch:15⤵
- Checks computer location settings
- Executes dropped EXE
PID:6032
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4744,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5060 /prefetch:15⤵
- Checks computer location settings
- Executes dropped EXE
PID:5916
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4712,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5176 /prefetch:15⤵
- Executes dropped EXE
PID:5128
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4756,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5292 /prefetch:15⤵
- Checks computer location settings
- Executes dropped EXE
PID:6100
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4784,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5408 /prefetch:15⤵
- Executes dropped EXE
PID:6108
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4800,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5524 /prefetch:15⤵
- Checks computer location settings
- Executes dropped EXE
PID:6120
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4816,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5640 /prefetch:15⤵
- Executes dropped EXE
- Loads dropped DLL
PID:6132
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --instant-process --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4540,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5756 /prefetch:15⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
PID:5172
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6484,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6472 /prefetch:85⤵
- Executes dropped EXE
- Loads dropped DLL
PID:5596
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6480,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6588 /prefetch:85⤵
- Executes dropped EXE
- Loads dropped DLL
PID:5576
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6464,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6624 /prefetch:85⤵
- Executes dropped EXE
- Loads dropped DLL
PID:3000
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6896,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6892 /prefetch:85⤵
- Executes dropped EXE
- Loads dropped DLL
PID:5612
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=7044,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7072 /prefetch:85⤵
- Executes dropped EXE
- Loads dropped DLL
PID:2760
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6904,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7228 /prefetch:85⤵
- Executes dropped EXE
- Loads dropped DLL
PID:5152
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6920,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7260 /prefetch:85⤵
- Executes dropped EXE
- Loads dropped DLL
PID:4432
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=7052,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7516 /prefetch:85⤵
- Executes dropped EXE
- Loads dropped DLL
PID:5148
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=7056,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7660 /prefetch:85⤵
- Executes dropped EXE
- Loads dropped DLL
PID:4884
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=7060,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7692 /prefetch:85⤵
- Executes dropped EXE
- Loads dropped DLL
PID:1688
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=7976,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7960 /prefetch:15⤵
- Checks computer location settings
- Executes dropped EXE
PID:5816
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=8600,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8584 /prefetch:25⤵
- Executes dropped EXE
PID:4800
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=7004,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6900 /prefetch:85⤵
- Executes dropped EXE
PID:6208
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6820,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6792 /prefetch:85⤵
- Executes dropped EXE
PID:6228
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=8780,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8804 /prefetch:15⤵
- Checks computer location settings
- Executes dropped EXE
PID:6276
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=8944,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8956 /prefetch:15⤵
- Checks computer location settings
- Executes dropped EXE
PID:6288
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9152,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8632 /prefetch:85⤵
- Executes dropped EXE
PID:6676
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9212,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9228 /prefetch:85⤵
- Executes dropped EXE
PID:6708
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=8836,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4796 /prefetch:85⤵
- Executes dropped EXE
PID:6868
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6240,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9516 /prefetch:85⤵
- Executes dropped EXE
PID:6888
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9648,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9524 /prefetch:85⤵
- Executes dropped EXE
PID:7024
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9700,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9824 /prefetch:85⤵
- Executes dropped EXE
PID:7076
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9708,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9960 /prefetch:85⤵
- Executes dropped EXE
PID:7088
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6724,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9692 /prefetch:85⤵
- Executes dropped EXE
PID:6224
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10536,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10548 /prefetch:85⤵
- Executes dropped EXE
PID:6240
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10340,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10348 /prefetch:85⤵
- Executes dropped EXE
PID:6392
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10840,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10848 /prefetch:85⤵
- Executes dropped EXE
PID:6232
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10872,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10844 /prefetch:85⤵
- Executes dropped EXE
PID:6256
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10892,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10356 /prefetch:85⤵PID:6400
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10880,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10420 /prefetch:85⤵PID:6588
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10852,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9744 /prefetch:85⤵PID:6428
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10868,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9784 /prefetch:85⤵PID:6496
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10140,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9428 /prefetch:85⤵PID:6612
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10180,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10000 /prefetch:85⤵PID:2356
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10144,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8980 /prefetch:85⤵PID:6028
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9640,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6852 /prefetch:85⤵PID:4968
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9636,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7528 /prefetch:85⤵PID:4836
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9628,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6180 /prefetch:85⤵PID:5504
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10364,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10948 /prefetch:85⤵PID:5508
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10560,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10580 /prefetch:85⤵PID:5996
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9624,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7540 /prefetch:85⤵PID:6460
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11188,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11204 /prefetch:85⤵PID:7116
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9932,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9896 /prefetch:85⤵PID:6604
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=8564,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9340 /prefetch:85⤵PID:5384
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9920,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6752 /prefetch:85⤵PID:6312
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=7032,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6964 /prefetch:85⤵PID:6324
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=4840,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6260 /prefetch:85⤵PID:6284
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6772,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6956 /prefetch:85⤵PID:6360
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6924,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7884 /prefetch:85⤵PID:6872
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=7444,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7432 /prefetch:85⤵PID:6260
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6944,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7084 /prefetch:85⤵PID:6708
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=4704,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6540 /prefetch:85⤵PID:6632
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=7280,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6668 /prefetch:85⤵PID:6908
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=7316,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11372 /prefetch:85⤵PID:6740
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11556,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11520 /prefetch:85⤵PID:7564
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11508,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11656 /prefetch:85⤵PID:7580
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11512,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11932 /prefetch:85⤵PID:7596
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11576,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12076 /prefetch:85⤵PID:7608
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11584,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12108 /prefetch:85⤵PID:7620
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11592,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12376 /prefetch:85⤵PID:7632
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11600,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12400 /prefetch:85⤵PID:7644
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11608,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12544 /prefetch:85⤵PID:7656
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11616,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12788 /prefetch:85⤵PID:7668
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11624,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12928 /prefetch:85⤵PID:7680
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11636,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12976 /prefetch:85⤵PID:7692
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=11680,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13120 /prefetch:25⤵
- Checks computer location settings
PID:7704
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11552,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11524 /prefetch:85⤵PID:7236
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11628,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13500 /prefetch:85⤵PID:7588
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=9600,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9552 /prefetch:15⤵
- Checks computer location settings
PID:7748
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=9584,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9572 /prefetch:25⤵
- Checks computer location settings
PID:7664
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=7712,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7736 /prefetch:25⤵PID:5592
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=7452,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7920 /prefetch:25⤵PID:8088
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=6316,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10016 /prefetch:15⤵
- Checks computer location settings
PID:7136
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --field-trial-handle=7216,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9292 /prefetch:25⤵
- Checks computer location settings
PID:7348
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --field-trial-handle=9316,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7404 /prefetch:15⤵
- Checks computer location settings
PID:7384
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --field-trial-handle=6540,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5340 /prefetch:15⤵PID:6752
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --field-trial-handle=10152,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7236 /prefetch:25⤵
- Checks computer location settings
PID:7416
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --field-trial-handle=7472,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10292 /prefetch:15⤵
- Checks computer location settings
PID:7308
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=6744,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10660 /prefetch:85⤵PID:7544
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --field-trial-handle=7228,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7184 /prefetch:25⤵PID:7368
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=10272,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6856 /prefetch:85⤵PID:7744
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --field-trial-handle=13616,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6528 /prefetch:25⤵PID:2364
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --field-trial-handle=13732,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13752 /prefetch:25⤵
- Checks computer location settings
PID:8048
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --field-trial-handle=13960,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13980 /prefetch:25⤵
- Checks computer location settings
PID:7220
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --field-trial-handle=7580,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14132 /prefetch:15⤵
- Checks computer location settings
PID:5576
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --field-trial-handle=14316,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14144 /prefetch:15⤵
- Checks computer location settings
PID:6464
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --field-trial-handle=13924,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14328 /prefetch:25⤵PID:6736
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --field-trial-handle=5176,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14668 /prefetch:25⤵PID:3664
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=13096,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13708 /prefetch:85⤵PID:7428
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=13040,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7380 /prefetch:85⤵PID:5968
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=7892,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5376 /prefetch:85⤵PID:7752
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --field-trial-handle=13800,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6504 /prefetch:15⤵PID:5488
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --field-trial-handle=13876,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13808 /prefetch:15⤵
- Checks computer location settings
PID:2440
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --field-trial-handle=13824,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5892 /prefetch:15⤵
- Checks computer location settings
PID:3020
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --field-trial-handle=8628,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8024 /prefetch:15⤵PID:3504
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --field-trial-handle=8644,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6212 /prefetch:15⤵
- Checks computer location settings
PID:1944
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --field-trial-handle=5308,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5052 /prefetch:15⤵
- Checks computer location settings
PID:8148
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --field-trial-handle=6704,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5400 /prefetch:15⤵
- Checks computer location settings
PID:7620
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --field-trial-handle=13816,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4668 /prefetch:15⤵
- Checks computer location settings
PID:4668
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --field-trial-handle=13676,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6864 /prefetch:15⤵
- Checks computer location settings
PID:7224
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --field-trial-handle=5932,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4844 /prefetch:15⤵
- Checks computer location settings
PID:7524
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --field-trial-handle=13704,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9096 /prefetch:15⤵
- Checks computer location settings
PID:7668
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --field-trial-handle=13668,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=3244 /prefetch:15⤵
- Checks computer location settings
PID:5972
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --field-trial-handle=13632,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5692 /prefetch:15⤵PID:1628
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --instant-process --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --field-trial-handle=4616,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15080 /prefetch:15⤵
- Checks computer location settings
PID:3008
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --field-trial-handle=3268,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6648 /prefetch:25⤵
- Checks computer location settings
PID:436
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=14948,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14924 /prefetch:85⤵PID:1276
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=15012,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9352 /prefetch:85⤵PID:4036
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --field-trial-handle=13756,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8636 /prefetch:15⤵
- Checks computer location settings
PID:2680
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --field-trial-handle=10512,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9036 /prefetch:15⤵PID:2136
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --field-trial-handle=3176,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9964 /prefetch:15⤵PID:6716
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --field-trial-handle=6648,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10108 /prefetch:15⤵PID:7540
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --field-trial-handle=9800,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9400 /prefetch:25⤵PID:6708
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --field-trial-handle=5044,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9532 /prefetch:25⤵
- Checks computer location settings
PID:6208
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=14064,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14688 /prefetch:85⤵PID:6912
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=7900,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15076 /prefetch:85⤵PID:5620
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --field-trial-handle=15276,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=8016 /prefetch:15⤵
- Checks computer location settings
PID:3848
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --field-trial-handle=4972,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7844 /prefetch:15⤵PID:7172
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=3160,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10632 /prefetch:85⤵PID:3716
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --field-trial-handle=5260,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6468 /prefetch:15⤵
- Checks computer location settings
PID:1500
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --field-trial-handle=5652,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13636 /prefetch:15⤵
- Checks computer location settings
PID:2416
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --field-trial-handle=5188,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5164 /prefetch:15⤵
- Checks computer location settings
PID:4836
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --field-trial-handle=5780,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9840 /prefetch:15⤵PID:4772
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --field-trial-handle=5836,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14996 /prefetch:25⤵PID:5800
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --field-trial-handle=11324,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5608 /prefetch:15⤵PID:6704
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --field-trial-handle=12080,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11320 /prefetch:15⤵
- Checks computer location settings
PID:3964
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --field-trial-handle=11980,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11984 /prefetch:15⤵
- Checks computer location settings
PID:6732
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --field-trial-handle=12000,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12632 /prefetch:15⤵PID:2800
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --field-trial-handle=12924,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7624 /prefetch:15⤵PID:7492
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --field-trial-handle=12820,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5848 /prefetch:15⤵
- Checks computer location settings
PID:3716
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --field-trial-handle=12576,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14732 /prefetch:15⤵
- Checks computer location settings
PID:4956
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --field-trial-handle=7356,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14284 /prefetch:15⤵PID:5900
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --field-trial-handle=14672,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13956 /prefetch:15⤵
- Checks computer location settings
PID:3000
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --field-trial-handle=10156,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12160 /prefetch:15⤵PID:4824
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --field-trial-handle=13448,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6548 /prefetch:15⤵
- Checks computer location settings
PID:7128
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --field-trial-handle=13004,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7320 /prefetch:15⤵PID:2888
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --field-trial-handle=11820,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12256 /prefetch:15⤵PID:3960
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=158 --field-trial-handle=13772,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10036 /prefetch:15⤵PID:2156
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --field-trial-handle=9204,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14124 /prefetch:15⤵
- Checks computer location settings
PID:7784
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --field-trial-handle=11520,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11696 /prefetch:15⤵
- Checks computer location settings
PID:4584
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --field-trial-handle=4720,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7756 /prefetch:15⤵PID:2328
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --field-trial-handle=11244,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5404 /prefetch:15⤵PID:5492
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=11356,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9508 /prefetch:85⤵PID:7080
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=15136,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9328 /prefetch:85⤵PID:6364
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9244,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=14136 /prefetch:85⤵PID:5448
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=166 --field-trial-handle=12476,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4836 /prefetch:15⤵PID:6196
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=167 --field-trial-handle=12388,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11880 /prefetch:15⤵
- Checks computer location settings
PID:6100
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=168 --field-trial-handle=12804,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11420 /prefetch:15⤵
- Checks computer location settings
PID:2328
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=169 --field-trial-handle=11864,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5464 /prefetch:15⤵
- Checks computer location settings
PID:3100
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=170 --field-trial-handle=12544,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5496 /prefetch:15⤵PID:2708
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=171 --field-trial-handle=7596,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11000 /prefetch:15⤵PID:1292
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=172 --field-trial-handle=5104,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13240 /prefetch:15⤵PID:3024
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=173 --field-trial-handle=15704,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5060 /prefetch:15⤵PID:7252
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=174 --field-trial-handle=5080,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5624 /prefetch:15⤵PID:5860
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=175 --field-trial-handle=15888,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15860 /prefetch:15⤵PID:7112
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=15764,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=4928 /prefetch:85⤵PID:8600
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=177 --field-trial-handle=12144,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7428 /prefetch:15⤵
- Checks computer location settings
PID:8996
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=178 --field-trial-handle=14992,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11184 /prefetch:15⤵
- Checks computer location settings
PID:9008
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=179 --field-trial-handle=12792,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15264 /prefetch:15⤵PID:8312
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=9028,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10540 /prefetch:85⤵PID:8324
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=181 --field-trial-handle=7384,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13564 /prefetch:25⤵
- Checks computer location settings
PID:1592
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=182 --field-trial-handle=8668,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15920 /prefetch:15⤵PID:2552
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=183 --field-trial-handle=13036,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6532 /prefetch:15⤵
- Checks computer location settings
PID:6020
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=184 --field-trial-handle=7300,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13084 /prefetch:15⤵PID:8988
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=185 --field-trial-handle=13604,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5256 /prefetch:15⤵PID:7712
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=186 --field-trial-handle=7868,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11428 /prefetch:15⤵
- Checks computer location settings
PID:7572
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=187 --field-trial-handle=15732,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=9260 /prefetch:15⤵
- Checks computer location settings
PID:9024
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=188 --field-trial-handle=12140,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=11968 /prefetch:15⤵PID:9064
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=189 --field-trial-handle=12500,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6628 /prefetch:15⤵
- Checks computer location settings
PID:7016
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=190 --field-trial-handle=5620,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=15584 /prefetch:15⤵
- Checks computer location settings
PID:3916
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=191 --field-trial-handle=6432,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=7540 /prefetch:15⤵PID:8332
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=192 --field-trial-handle=11516,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10100 /prefetch:15⤵
- Checks computer location settings
PID:3052
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=193 --field-trial-handle=7576,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10092 /prefetch:15⤵PID:5176
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=194 --field-trial-handle=9248,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=6832 /prefetch:15⤵PID:8200
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=195 --field-trial-handle=12488,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=13700 /prefetch:15⤵PID:6440
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --field-trial-handle=12664,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=5380 /prefetch:85⤵PID:860
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --start-stack-profiler --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=197 --field-trial-handle=10904,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12008 /prefetch:15⤵
- Checks computer location settings
PID:8504
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=198 --field-trial-handle=4844,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=12848 /prefetch:15⤵PID:8516
-
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=renderer --string-annotations=is-enterprise-managed=no --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=199 --field-trial-handle=12972,i,4301387459664544573,581603780367071365,262144 --variations-seed-version=15 --mojo-platform-channel-handle=10412 /prefetch:15⤵
- Checks computer location settings
PID:8820
-
-
-
-
-
C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe"C:\Users\Admin\Wavesor Software\SWUpdater\SWUpdater.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJTV1VwZGF0ZXIiIHVwZGF0ZXJ2ZXJzaW9uPSIxLjMuMTM1LjAiIHNoZWxsX3ZlcnNpb249IjEuMy4xMzUuMCIgaXNtYWNoaW5lPSIwIiBzZXNzaW9uaWQ9Ins3OUJEOTg1NS1DMURELTRCRjMtQjVFRC1FNjUwOEMyQ0M2QzN9IiB1c2VyaWQ9Ins2ODRjOTAwZC1kM2RhLTQ2MWEtODUyYi03MzYwM2Y1MjVmMjB9IiBpbnN0YWxsc291cmNlPSJvdGhlcmluc3RhbGxjbWQiIHJlcXVlc3RpZD0iezVERENBQjk2LUI3MkUtNDM5Ri05REU1LUFDNTMxQzE2QTkyQX0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iOCIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiLz48YXBwIGFwcGlkPSJ7RUIxNDlBRDItQ0U0RS00RjUxLUI3RkMtQTE0OUZBQTRDQ0FGfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMS41LjIwLjIiIGxhbmc9ImVuIiBicmFuZD0iIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHBzOi8vY2RuLnN3dXBkYXRlci5jb20vYnVpbGQvV2F2ZUJyb3dzZXIvc3RhYmxlL3dpbi8xMTIwOTg3Nzc0OTc4LzY0L1dhdmVJbnN0YWxsZXItdjEuNS4yMC4yLmV4ZSIgZG93bmxvYWRlZD0iMTA0MDY1ODAwIiB0b3RhbD0iMTA0MDY1ODAwIiBkb3dubG9hZF90aW1lX21zPSIxMDI4NCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc291cmNlX3VybF9pbmRleD0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjUzNCIgZG93bmxvYWRfdGltZV9tcz0iMTA5MzEiIGRvd25sb2FkZWQ9IjEwNDA2NTgwMCIgdG90YWw9IjEwNDA2NTgwMCIgaW5zdGFsbF90aW1lX21zPSIxMDA3NyIvPjwvYXBwPjwvcmVxdWVzdD42⤵
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
PID:5148
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc1⤵PID:6948
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc1⤵PID:7044
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault7a90e35bh2baah474eh8872h2111e623f58e1⤵PID:6824
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc89c646f8,0x7ffc89c64708,0x7ffc89c647182⤵PID:4788
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,12032289110380763859,3319262631554172652,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:22⤵PID:5388
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,12032289110380763859,3319262631554172652,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
PID:5428
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2040,12032289110380763859,3319262631554172652,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2624 /prefetch:82⤵PID:4824
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:6100
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4008
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --strtl=ti1⤵PID:7484
-
C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe"C:\Users\Admin\Wavesor Software\WaveBrowser\wavebrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\WaveBrowser\User Data" --annotation=channel= --annotation=plat=Win64 --annotation=prod=WaveBrowser --annotation=ver=1.5.20.2 --initial-client-data=0xa0,0x9c,0x114,0x134,0x110,0x7ffc81ab6cf8,0x7ffc81ab6d04,0x7ffc81ab6d102⤵PID:6880
-
Network
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Component Object Model Hijacking
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Component Object Model Hijacking
1Defense Evasion
Modify Registry
3Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
94B
MD561469840de4cc86ff0386bd3a2e07f3d
SHA1c5e01c3074a059e181e8910e00d89734160f1394
SHA2560d9bfe309e80df04c08db46b0f3792eb4c0127b395a318fda0936c1c2e041ac8
SHA512ae46393413ea9926ae63ebf5ccf2767cdb4cbeab9c20982a37fef7378f4953baca0c36778f8b2eafb9d0a6e5b536bbe59bc47a2cce96c41a542972cef8f77455
-
Filesize
97B
MD5fcb946adb61b0ca191aa8765bd4c03f0
SHA15a553bd90a0d34532509969f77009605814ea8f0
SHA2561e7986f214d152db2f22c0b8d1388ab1029648a2fa9e365db47e0b299ebaa209
SHA512c3856b0e7eb96ec9e1d00c0c5608b269d1bd9bd32fb209c495f4ab8ac0f0f0309ff5ba6b2b89f2a150adc10d3a0eff32ad5a9084e2cbed3586ef2504ad099cea
-
Filesize
73B
MD5b48ac5004b80ec5a6f047437f7343c6c
SHA1e38859313510b6350b24348c9aeadc739c3b6c77
SHA256b13b5e9d0d599a9bfed3162a580f477cecc1a15d9c3326ca5807ce50d98ff2ee
SHA5123b80a8fe3fc6c597f22bb1ecdce07e58c3a5654527b80a7ade4542f4dc063e9618c0c1e9fe6cb858b548b443d72d325a500683cbd50be6312f98acd503b7996a
-
Filesize
152B
MD53ada0c4e0f4cb65d0e29c70243e135c8
SHA1d695c347d537b09a7e9b14ffdcf798c3ff13c0d3
SHA256b038f2565d993216a6acfcd360ebd6acc3cb0c4b7278092425b1bb91a16a6943
SHA512fb81e4835109446643b46a5dbaa6c6193c494783ae07b6191377633367199a81e70ef564b8af9213f7ef4350f6a67ceda6df3e5ee855f27ea98d0b6882e49e91
-
Filesize
152B
MD5251c9cb9b2de4ba36fbf5ae35a2e584f
SHA1c491be8852bf55d373af0454c2a0b6191e5931da
SHA25696f133d95ff98eaba94e19f3b7f58a844c522723400078090fda271cbcbba637
SHA5124fa6f562a496870fe553bf867bbdd668e8f60d7009e6d90759954efbc64c5f65bf6b8af1053f1f18db4e1c15d43a27c5671651f29b34b17a8f0e7a8120408d43
-
Filesize
152B
MD58ea156392347ae1e43bf6f4c7b7bc6ec
SHA17e1230dd6103043d1c5d9984384f93dab02500a6
SHA25640b28bf59b3e2026ad3ebe2fecf464a03d7094fd9b26292477ad264d4efc1c75
SHA5122479b86a9a31aa2f260ff6a1c963691994242ced728a27ffa2ee4e224945446a191bdb49ce399ec5a7d5d362499716133072e97d4253b5b4f09582d58b25144f
-
Filesize
152B
MD5a7b5a5433fe76697fec05973806a648c
SHA1786027abe836d4d8ff674c463e5bb02c4a957b70
SHA256c8d623536ebdf5ffbefb84013d1c8ff5f853b59f1b09c80364c32b8ed5e4a735
SHA51227be4c82e26468bbb9ce698ef305320f6cac46c953f88c714a0372fa524d098b9af2a87a88b14a134ff0f5f4b3d671902908622d2c7ec48e2c7bc458d7f5cc16
-
Filesize
152B
MD50db669dc165ea276e229b63b3d7ce442
SHA1640b30b46b6f5cf2d38b9c12aa004fdad9a1f1d7
SHA2565f8adb47e64cb08fa75f1d66e66076cc371b97e8f60cfd2384cd925fdf48e927
SHA512cc8fa19ab29c3a8804168f38bc5715504130c77f0cb7fdc8eb559835e123ee88ab72bf92b5920b28b7f6d00cf1fad06938e30d05d3895dcfcaf2675b50f268ca
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\77734d15-461f-4237-9e09-4ca7307db3cf.tmp
Filesize1B
MD55058f1af8388633f609cadb75a75dc9d
SHA13a52ce780950d4d969792a2559cd519d7ee8c727
SHA256cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA5120b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21
-
Filesize
48KB
MD5df1d27ed34798e62c1b48fb4d5aa4904
SHA12e1052b9d649a404cbf8152c47b85c6bc5edc0c9
SHA256c344508bd16c376f827cf568ef936ad2517174d72bf7154f8b781a621250cc86
SHA512411311be9bfdf7a890adc15fe89e6f363bc083a186bb9bcb02be13afb60df7ebb545d484c597b5eecdbfb2f86cd246c21678209aa61be3631f983c60e5d5ca94
-
Filesize
62KB
MD5c813a1b87f1651d642cdcad5fca7a7d8
SHA10e6628997674a7dfbeb321b59a6e829d0c2f4478
SHA256df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3
SHA512af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b
-
Filesize
70KB
MD53b06aa689e8bf1aed00d923a55cfdd49
SHA1ca186701396ba24d747438e6de95397ed5014361
SHA256cd1569510154d7fa83732ccf69e41e833421f4e5ec7f70a5353ad07940ec445c
SHA5120422b94ec68439a172281605264dede7b987804b3acfdeeb86ca7b12249e0bd90e8e625f9549a9635165034b089d59861260bedf7676f9fa68c5b332123035ed
-
Filesize
19KB
MD51bd4ae71ef8e69ad4b5ffd8dc7d2dcb5
SHA16dd8803e59949c985d6a9df2f26c833041a5178c
SHA256af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725
SHA512b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863
-
Filesize
63KB
MD5226541550a51911c375216f718493f65
SHA1f6e608468401f9384cabdef45ca19e2afacc84bd
SHA256caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5
SHA5122947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516
-
Filesize
26KB
MD5c9a44eb6dc1c77a9a2d988768c9fd5c9
SHA1f352d7ed33ff0d8361be168a6b5300288d91ef78
SHA256675b4a74249edb71579147676a8115b662a915db9fd24fdfcaebbb0d7618c62c
SHA51281534ba808f32ade00a81349612c9b905914004c3a8d7e53e9993170ab5957600dd49d9881284541240181987ffc76208acedfac24bc1e8d33c99f003c65fbff
-
Filesize
40KB
MD53051c1e179d84292d3f84a1a0a112c80
SHA1c11a63236373abfe574f2935a0e7024688b71ccb
SHA256992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff
-
Filesize
53KB
MD568f0a51fa86985999964ee43de12cdd5
SHA1bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA5123049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7
-
Filesize
22KB
MD542cf4c0f9a431b51bc16b0cf96bc696f
SHA191e15c22f95bcbe1fb5a52ba6e23b51279e22b51
SHA2561d34fb51648bd3ac9bfbdf076c2b5abb1b86339c4cec482dbeb1120faebef886
SHA512ae84d5a70812ed5f4afa76c799ef63283b57b36f4910369cdd5d9275e49a3042ee1efde42c44d1da3a4add5b37d7e3a4ea15d7f10d63ed475fae27dcf993e9aa
-
Filesize
21KB
MD55d964fe68ed4517136bca15463506bba
SHA11ee0a2ff0a5a4f4fd23ce26f9b145b64bcd624e8
SHA256b7bfcca2ef86126b060e9db8d7dfdb6f975ab3f485d879306c3f2911208bd5d5
SHA5129d43793ef33c07aae4eed7291a14c4a6c078b358bbf677b018b2b8578544147e10f8b98508c48f4807b280c58e744188fd1f1982df790768f4500bf3417dfadb
-
Filesize
68KB
MD54faf1255ff9a2a1a670db039246c3577
SHA19ff47f901800efe5946f19abed99ce7d4b549ead
SHA25638ff254caeda0806858d81a460d730f1c140f6be9b7889a757ddbeeb132b5d03
SHA5129eeeaebdde4240a1d7f69cdac028da975833899dca41ce665ee504f1752207bcd5c56ea0c1d4a972d12915dea075025a964ea0aed38135ae19131ce079a91d12
-
Filesize
35KB
MD50eb09aa03b554f620dfacfb43c487f86
SHA1b2c9bea035f05fe56dfbed06eb999bb97ea62305
SHA256bc5b9bdd45b3f3c6b255cb7132c3bf3bedc084a8bb6d027f891276b9726711d0
SHA5123bd677f535aca5c157d82e810b7513a3db893149001f6764bf6dc5b2eda27fb61cdb5eb3008255ab28e99a2dcc0edb791c599784f0a973640cdc2196dc9169a1
-
Filesize
97KB
MD5567909461c17192ce1009f281d17914e
SHA1b275fe15d308556d600577e1b6dec64ab09485df
SHA256112e26f652508788d0c6ec5390fb8da159861ea7d3faa5eee70982d15c4ba546
SHA512d985a1837f9a590f2ab503a4815f248d984e695a6ee4fb07a4504819bb928b06d9841fea85e5ebc67555e20b7c76c9938dfc9f16954b77e8b64e13c4118406d4
-
Filesize
428KB
MD51f6a681d4902f77ee16a2c2cbaca7eb7
SHA16486f5da509d79cbebf3edc803657d3eee007ce5
SHA256b9191ddfff506e25f0cda3729e9ba02ccdf1122d4a4bd43fa000e7798df88d57
SHA512e22dc17a0d80f72aac288b6990a8367307340e5deb00113a8943627c3877f4dbf84d3cc3a62cb671cc46a5bb174c39f286813c1fa70da89c1b4fb29eac39445d
-
Filesize
98KB
MD5c0fc67fbc5c5eceb437b516b4365aa86
SHA16b5a02dc604f8b87eb9d456969b12b45dda79baa
SHA2560b8baebdd76118229f6b486ab07c66d05b104fcc8a80df53261769f80ea093ea
SHA512e73b48bd36052a2f31aabf40b32ada01fb8c92345a20e22126bed271bcab08ba0a677fd9fd29cca23e98379b6c1e0601bdae9f90c38d9369ba32f292450886d5
-
Filesize
115KB
MD5a80fcd36c972c4654325bb4dc0e78613
SHA10dfc0202cddc3f7b9be912d502f322e88adc453a
SHA2565538e8f6e8ad2ee4de43e198fc5df064e25e0c9426ee30489c939ff666493588
SHA512eae73f858236a41950253659dd599055f5ec7cc2144eb09d20c5e22c4aa75738a3f2d694bddd6b244c3a2b00f00bec5c7aee19918e848cd292ed9734d616ea9a
-
Filesize
393KB
MD561dc356e5c705e9f2d935db0d6434e05
SHA1b931d421fdb6bc827d64446e77caddac3ff12634
SHA256560335c18e31d43172d71164ca6e8b2eeb49fc7da3152b05c6133a15c3fee367
SHA51264a215375d4bacf461a8be825504631e306d943ddf34f371e6a6d736b9319710903eead8ec752147e308ed706e3bfce39e53a6ce7c2b4dcfefc4a52081002a57
-
Filesize
214KB
MD5ba958dfa97ba4abe328dce19c50cd19c
SHA1122405a9536dd824adcc446c3f0f3a971c94f1b1
SHA2563124365e9e20791892ee21f47763d3df116763da0270796ca42fd63ecc23c607
SHA512aad22e93babe3255a7e78d9a9e24c1cda167d449e5383bb740125445e7c7ddd8df53a0e53705f4262a49a307dc54ceb40c66bab61bec206fbe59918110af70bf
-
Filesize
32KB
MD53f7778cf80b26967a3b3635ad7ab549a
SHA14f16b724d83c78c3e4ad1c1fb598a6059a74c2f5
SHA2567987bbdae2843116b1a46e8c051cfb35e365684aca9f1dcc8a728bd8ebd68449
SHA512174c20b3a2eea2ebd4d8ad226eb44c02c0b346480f43bf3a861e87a7c40112d2500ff9e39f0202793628fe2d5342ed88365b9e7f707b2554c7a24e6c09fbb269
-
Filesize
20KB
MD54c0e50267e16196f98c0817785a8c125
SHA123064de7af9d53d06a82fcfb4cb107731127c437
SHA2565e5dd8d3d067b5a50d9284de24e90b9538b96938d56b024074ef602ae7d83584
SHA51286ca6e9de22af6d21ac57a3775cdb4a287ee39c1cf656d9dffca64ed09f13dd54c30f324e2ee322014272d504e5a4c09297ba8b75a742f4ee67e314c80021e54
-
Filesize
41KB
MD57978a9e6312aeef2fb75a5184b971312
SHA1312d46ef07ed60cb3c48cd586a5189d4a7cb030d
SHA256bbb5da7e7ba55a3059a77cdbad6147129d94d7ad45fd15f10ebea2bc4537f649
SHA512e738bbf00a4218607c1d13aa06792bb3245fa7999a844cfdb251caeefe0c2df0be42b9bc2aa8497927161fcee6593d9e9f9d69cd02ca9b213350223c78ae5e85
-
Filesize
66KB
MD5f53b6d474350dce73f4fdc90c7b04899
SHA1b06ca246301a6aea038956d48b48e842d893c05a
SHA25628442a56b016bfade0e368929138aaaadfc36156734e8ec7a6325b3e58fddc25
SHA5127f275614052ebae8876ad28fc5d48e4f63ed9ebc610ed981f81377ea3ba4c49a2031ff771deb12adabcf33d4789ba35354c1e52524c067a9e7ce078703683f1e
-
Filesize
20KB
MD5c3e0cedf8660a357f420f6be9ab53b45
SHA1e20778b66588fcb5d05c96c46146bc6a26376ca0
SHA25685c554677ff5436dcc7be8efcdbf77a7db7bd9031eaafa13ba8aa13efcc34311
SHA512440e074fa21add7cc68db8810ff48599cbe892ae989b3304766b6a43c664719e4c7093f51f114e9783b4c871f499d06dc02cb3ba840f34f7ee5db3c6fb0aee84
-
Filesize
9KB
MD53511dadeeed4366e9cbddf0aa173f347
SHA1fc98527298a10bab26a0c7db4ea1a91e730e03c1
SHA2560a8bfb415d50d798b95ce8c699953ec24fa558eff875b84d5323af9a2e903608
SHA5125d53a0e0d25a3215569ed33d9e748301b23aa8b0591ffddf73999c7119cb6279da75fd8c81a4c97e9403232c115aaf3963786890a468db697cd6613c047e6844
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize2KB
MD505eeeeeb133000bd84bd270c4e7506ad
SHA15bce359bcb4d3c2e4ebb81ae308fc820b4b753c1
SHA25649065d0ff80a0cb7427d25aa9f208ca0bbdb53a488d17519aa45334f2527c5ca
SHA51226f1e8f6209e13245b4c567e0824825386e5ce83f31e63a00140fc3ae0186cfe76efe2d4956bad4c2a2c9c6a4fb529ecaa0845618d23c854f9d575fa364c3d96
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize4KB
MD5c661aa874ef0cf87ad028a7c08a8297b
SHA1438227bcc518a6837232cdee206cfbdb8a389993
SHA256d135b074eb8eb10a616b118e6d227f3aadd6bdbe09d4a44aad587ea4167e1426
SHA5122ad0b3bed58476a66f90ca9a7b0870cf22a88aa848302d8e3d24622e66ce02bce2b64046369727e9fe1974e2f11228cd7b0ec8465dbd8fbef11248b05f58dd4e
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize6KB
MD54f56b4d58975120da341efa2d28077c8
SHA1629ba4d4fb24eac8a1cf5ba01442b8fa3fddad6a
SHA256616127ffa93b12117c772e51e763eb2c5daa0fd142ae7890dc89c503f05e20dd
SHA512b19dbc58b7f7d668524fe6e81239e573313a341a0f16f4cc514230c592a8c982c9db217b817123a2b05fd01249dc418af03903d40f016c67bb0c4d43640ccb82
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize11KB
MD5b861b26938805850178001e973f3072e
SHA106d27d108aeb7979e720cd607418123d246a27ea
SHA2563354be2616dc8b8f23562e37c62f46044e19f36fcdf5a41231bd847bfe26657f
SHA512d97b86628dfe0200c8c4c2d14bed2128f71e5df789db1de96cac13812ed57e0547da131932fc0f1805fed2de4cdf8b54627a4509fee1781d79c832c9be434931
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize1KB
MD5e5672048c2436a0565bef5e4edbc8eb8
SHA165c522f70b51bbf999ebff7c93b0fdaa9cf99da0
SHA2569ea1496869009e58423ad8b24f7e9bab98a6ba4f9d6f3c8978c0c010a5bc0259
SHA512d94718889b82bb84fe59b5cd64ce966817ef47fbdf257c5c4ad6db8a112487eea8ae88b97961cbc0d03c8bcdd86a15647c0e6fb867e804dbd8eccdae53197eac
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize4KB
MD585f0706224c595da8f182a7196623334
SHA1d059469991238c772896acf52cfc521862a82182
SHA256979d2594dcadc7d06de93a3355c0b326f7ea8865bced9f705112f7e8c40b43ea
SHA5121bdf3d2246c80cabbc98886c6251cfd7d75b91cd08544f7a83076fbabde0776ad44b1c7cae637d4de5dd5b11e09716644a064f80b1e86ea983cbfe9dde1997c1
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize7KB
MD529740bbfe583831b3d0762b27cf20b60
SHA1b51becc31eb7da8f44e784a106307a977877ba3f
SHA256d92eee54aa63c3a06a3474bfb9103a35aa4ad12e4daccca5e2df8620fa1bdd6e
SHA512066bfc33f23963777c3ce62afdae90abf659b0c644d5b5f06256f6ac18d74b23358dc6ca3aee06cfb30dcf74362cc91fb29f158b93578d0d9261b35f1927d270
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize11KB
MD59085cf384360a9dd831c22b59e503ae7
SHA147341a37d211a0f294ed21a846722e035806768c
SHA2562374bee365d6c5ed5e32891b45f6385be3271d3871ecab26af52719a29782d77
SHA512685c953c7436d8bb9a2e16091f4b5a3d69ecdf373440c9150a7727f94694fc4f1d0475b18bf5b13662177ec245a1830b61b0037ee5205dab833469d16a6d1164
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize9KB
MD5965e9acd39d5a1f9497f15e2579b47b9
SHA1c42a03be2cca3bfd4bcef07d5454875b47e065da
SHA256aeb26b05d92af9094ec43c7641ec815fd526ee2731e4dfa765bd57cd7fbeba98
SHA512743eb528708e1b3d5eb0935ac3f52a743da6d186caa15ebfd6caee6d696d7b022b4ae40afef2ade9c65084bafd9e5e423fa9836e084a6c5bff59f4c7bd893a45
-
Filesize
68KB
MD568ce29c56ad93642f98777c3c60e259e
SHA115454f49829782eaa7f449a0074cbb6a283abc30
SHA25607ec1324a4ccf27f4d743f33f6829e1701d9242ef5d1206960c2e00d3d779695
SHA512bb853cc2290434adc058c9b683a72a228ad54dbec8a878214fb5ba7466d155509d2a380e54b82323cd3e4acae24165a16ff501cec949b313fcf044bb1eca8e50
-
Filesize
152KB
MD57f683026e0b58058db683010b9bc4e2e
SHA1de97af1db20d4906aff309424ad8d89d88e24f2c
SHA2563535bbdde532ff49896dfdb97046a2aa4e88405bd21ff367180ea8eabbdf6f47
SHA5126b0f1671ca520e658a0342eb1918b79fc521d9f170ada9427a26193bbd16b39633ca51e4f0267d4578b4363ed47e03e6dccd46ac8eb2bb841423164ca2f3533b
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_mail.google.com_0.indexeddb.leveldb\MANIFEST-000001
Filesize23B
MD53fd11ff447c1ee23538dc4d9724427a3
SHA11335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA51210a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.xbox.com_0.indexeddb.leveldb\CURRENT
Filesize16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
Filesize
331B
MD59f568f20481f467209406c3db94d912b
SHA150b0457fd90914aa7aafcebdc77a25a7455647ef
SHA2566bcb5dfe17ea7cf5c933cc714f06e3ee0bf029ba490ae98d7d008071944a8bac
SHA5121a6204ee15cb76984bd661aa022cb61d0ac0ff1751685b98fdc3b66313836dd95d799fb62d0458bd9a4a87ffb68d8757b82d250ca1411f1ad554f642a78db217
-
Filesize
8KB
MD518dd61641ec0494e072cfb58f143513d
SHA14f65ac9a2c448540625c11b0d9d430884e13538c
SHA256bdc1ff17c6c3f9870d2bd904b054d9396c821d86e15b9430bccda6793675bc08
SHA512c4251aa7b05c5c27f4ad96d9973d44816500c50ca003f0dd5723e58b5ed4e0abbb2e56d934b80d695a991ecb9a9fa00e79d76a127b94938e52a6d6167306d4ba
-
Filesize
13KB
MD50bdb3271ec89b70c751bb19ec7fc07e5
SHA14a59739cb4cc6f3f750ce9db936e89f430802fb7
SHA25630d861995831f84bc78e5f3b762acacbd94e63899ce49289d27d02e8ab45506c
SHA5125c9a43ad84cb40a542256cd6c853f7933a4bd27da1d75f63409128374b63a19778eb02fc454462e649f8c8b31a9f8701955368f83e49b2b3bb7fdd0dccf988b3
-
Filesize
9KB
MD5fa3ba69e82727322e63d2da7fde3bd3f
SHA16f0db86108fa7d3b0b4c2400bc40598b382daa37
SHA256d7060e4d2ca8019689bebf1040e4d8e1374d77942ddf2763d452a88771a306cd
SHA5123d63eb415c8c7206a2a73149f262bbb5bd8f6116dd367e92d25f37f4bbae17c46ce5b7c68bb191a03b1fcf9b850b019bb85c93172d71d9301b5d7fb44aff9cbe
-
Filesize
3KB
MD58f671ba5dece5f88703a2678b769548a
SHA1c0c10b43ce1def20df42f3a54bda83bd50bbaae2
SHA256040f32f0313ef6fd430235f3c4ba397b25f092e41c02c74d247b6658ca5c8951
SHA5124583e42ae401d52b18a3b31ac5cbe67263ab29ffeee1558e08b7ad8163038da3ad259e59def49c2fe5a25b66c9aa980c2aebeb2863cc5d85fc299c42f127fdfa
-
Filesize
3KB
MD5d53378d4dedccbc992552b74a4483316
SHA1c91ea255b1795ec70d25307059351e205343af1b
SHA256809a77bba4f5144fe1e2d90a43f74b02b2aa234d199a6a7e1e045c7cd8338fe3
SHA512619a6a4ecad0833a950533a241c6bee1964f73dd100026c313818c9cb36ae2d009831138a8a41f0b97ed16ef6acb75770527bba478863e9b50d568bca29a0569
-
Filesize
12KB
MD58e49c6d2ab03b8ab73b96f37a33698cc
SHA145da28439da20b35d470c50b4540ac4c6a00e074
SHA2561ed0fdd78f9d56111546108a6247216d267345508f6c1464e2f4c95679b21eb6
SHA512f7972c7e97d0b9d04928806d0fd8460c123fc2c5cb8615bd29d21b60eba979a757af74db81c9d79135030b0e350936477d9b0ecd88218a7d15064bc821bc2e46
-
Filesize
61B
MD54df4574bfbb7e0b0bc56c2c9b12b6c47
SHA181efcbd3e3da8221444a21f45305af6fa4b71907
SHA256e1b77550222c2451772c958e44026abe518a2c8766862f331765788ddd196377
SHA51278b14f60f2d80400fe50360cf303a961685396b7697775d078825a29b717081442d357c2039ad0984d4b622976b0314ede8f478cde320daec118da546cb0682a
-
Filesize
6KB
MD530ba95388640926ed01113b0ec02f1f9
SHA16b5642fd1018cf724899598413a4e71c95e1b5ba
SHA2564cf32ef1e314e5f39a786e8ac998703e64e1cf56593b52add9181f8bbd7517fb
SHA512acb3cdf1e70bf24eb3398a747e3df22dcbf788470d6c0997d0e15faa1d2a279aef65e3800a87f98fb6fb8ed7c5ab24c6a08b551f8748c3dda5a0d1e521c64c60
-
Filesize
6KB
MD50383dbb133f11ee4a22589e68a53f8cd
SHA142c5c7b4eda434c66c1192971179adcf547e29a5
SHA256ad5bfcd8762a75021b6d5514620081510d18f87d2de917c1d6d6bb29aa327be5
SHA512529f07f45300561c50eccb06ce1db67b11c366b93c1d5d60432e60a81ee13b538731be792fd620b0718f8b43d72d382af64bae746ccbd4b2e205bb7290633249
-
Filesize
12KB
MD5dd46172d5e2c902a4ed4c034b9641375
SHA1a9bb8310cf4c156eca27f7b20ee1576e9f16414c
SHA2563000964362b1e7e5275ca744e33b5846362c5061505caf29ff28cebf1ef960fc
SHA51204c928bb1530da5813fac731b1fa7e83b066280db320fcda745a5afa6dc767377baa52627427ff45aa514abcead41e7b57cea2df329c779f8f716241006341db
-
Filesize
12KB
MD581bd4faaf1a74e60fc27e9f3aba3154e
SHA18dceecff218b53346e51a6c8489ae4a216e7f137
SHA25604578011a945bf70c76f0ebb1d1a1e837a824b76f1d6f079328d1e70a4f5a197
SHA512218476a4c3c163e85ee6678421ba74d4b1539edc52c4a693c2bf5efda7f70c41621e5b065f9de7adde9e9d27021abc58e7a9532caabfcabb9b1c3bb628c137a9
-
Filesize
12KB
MD5fd33200f2a84c1be180dd69157a2018c
SHA179a102d6cadd36ca0ad180226a3cc09a815119d3
SHA256a02fdaf35b30bdbc05c3c6797dee70ed9562665adc87d57ec13aceca95ba8a15
SHA512e95cbb3999ce73659cd75f39459e6edb4cdafb510b832dbb39c743656c36995bb5b7b6ed7d31792bb1e388dccaadf4509e92b47a75c1346c8d78e8fedb45acfe
-
Filesize
16KB
MD57bd44e64028bcfca03fe5c47410da2e2
SHA107e5d160da3e646b3c675860949134da5fbf073a
SHA25658df44bb2a7581ddd154025d007f0a2175d505f6568e59ba5f22a5b4942ceadf
SHA51223715b642aa470bc01476c773520a4d63e432ffba6df76206a17b3b8bdeb82791027627e681c5fecfc28b857b76a1704b533bf3a562d9a18e197c049ae30d993
-
Filesize
10KB
MD56181c9ab824ad638561beeefa71612b5
SHA151be248341c15d8f24fd7a0836e49ec7411acaba
SHA256acd410442ea23453ade52e1fa40dbe61fb718bfd5aefde854214a5e0a897fca4
SHA5128bbdb6c13566ecab3bb94502be40d4e2961829da51205124a466e4da048b091452348c9460dd58732f97baec7711f62ca27acdb5d8a2e225d3267004b2e46999
-
Filesize
9KB
MD500ca431f15ee134382e5bfe9fa62a261
SHA1cf84d720acb812813deb50406e9f0944f386ac56
SHA256686e201ed1ecb55a527b8e80df83459e01677b0b8cb229455ebfb5578779e32a
SHA512cc7329fb32d92dcb7ca14007bf12a5c21457b67dcabbd7e43b60f221b79d5dd4f4a53a5db1145148cd545e01974df1935f98f2c174ba58b9b189ee43a1352829
-
Filesize
10KB
MD508376c55edd1c679bcee8210d508f515
SHA1942f4fb81099a8e7f871a729ee48383cb5075fb7
SHA2561241beb5ed44af2ec17bfc2dd9635df50b10b26d6cca21bdfd532dd28cd86a05
SHA51210ba7c007c8bc34ba3dddad198430b3ac12b285f1a29bb7a6c8ad2a70674e278dd737437c1fe02bcd164a20f87983cca526e833c2de65d64124aaaa08af66ffa
-
Filesize
11KB
MD5b32232fbf06feb6c23e5b522e5d8ea9f
SHA1e8e8ece1e956f87142c41702baab487e9068b182
SHA256517b651dee978bd6c1a1f60045d30a530db01d936c4ed7781df1b7205ce05a66
SHA512345fe2be3cd885e3915bbbb4fa72ca95f0e54ec34ebc71dd9befbd5500ecd3a351f10570319eeb11c5a7ee131a461969161d44a87017df55f3ceef65f24c9d48
-
Filesize
12KB
MD5a1149c2373dbbdfb9f2c142954c5e7f3
SHA11a98a586dcc3c2c313eb95a5ab09274d4283fcb0
SHA256672077104fc2092ed81741600db76ee7ab60e858a45df0200dd9f185f817a547
SHA512c9b4314ee16b1ad73aaecc60a93a6045a535c1928301a5ee2da470899d1172d4fb7f70beb58cb6e17f149d8ffcd1f6759b67338aa03a4902371c1dd1ab8f8b17
-
Filesize
12KB
MD52410a3433b29eabd309b2cb8962ce667
SHA1a67b4bb1deea6c60f3f413963233de9e0ce36e2b
SHA25655b95aaac37f7f0d0898ec4c693b7cb4cd85423d8c1e4f22dc4451d6ec8816e4
SHA512871fae211e41224d2ac1fb5be385a5d2b14c16f88ec4b175697474359dd007a1987964024c102ba5d0594252512b377a8cc42554fb7fb4f25550910eae497c3c
-
Filesize
17KB
MD5e6988866e4efb02c36908cea5f8c8c99
SHA1b4c54db54b366687d19860d2afab664dda23271c
SHA25659324ed537722d32c5384b36d6fd1cb6e91303ec93b1e446c4bf7bb16334c26e
SHA512fe26b869fdb2dfd044c7ad8a45aea2ec9de4f7c21531f1539eeb9e6190501742e4be00458c7a4fadbb59ee00555cce7203451873a2a8532172e45ed99d079430
-
Filesize
17KB
MD5fb657715f236dca5866933e8c7400a76
SHA103b9a8d6cc84c1a4c0af12cb90b94ebdd11eac7e
SHA256c6cd501fcc749fd2abad3d5299d6f484ad669eadd41a19f79ab73e4bf7996c0d
SHA512cab93b1961893e727b7fa5e64a5de2475aa814f3ff74703e742134d7656c8bc59b75c838f8615fdf9ead89024b3c4e7d63e16eb7fd8c4813193ed6f953b8e380
-
Filesize
6KB
MD5a201c64f4a32a225365333b52e4c9b2a
SHA1b345a00eeaf855d1bc303dca304079c0586a52a9
SHA256c5b4f4bfeba35c9a1879bee62a497905d06c9997bfb01ced91ceb76e374f32ca
SHA512b03b4d7efe0a4d4f6c1bb7b63ff4d229fd2e3aa7651da52ae9ef25579d64631d2259d10c8220d290a3505c886289580de4deafd4dd21c61b2d6ab61179135c1c
-
Filesize
7KB
MD570b65ac6c38f1e7051b7a7892827fcae
SHA1199fc61b5f63573c805130a7d7eb1a239f79c2da
SHA2562d43bf1065adc04809012daf6fb30264f1eaa69423b47b8fc3836fade2507f67
SHA5124ebaf173acaac22e4a2bca10d4145777da63b21a1379db7bb304679573ea74220623f9c4140be3822e443b7d3d02af2e814832ebb7e4b8581b3b33e7a0caa859
-
Filesize
11KB
MD51efe788248d8caefc82e03f9ad2d2119
SHA18d11ada90ffde517ac2d77ea406189e036c42cb5
SHA25681fa46fa0cef3a89ef3332510ac1bf970c34785c4e0489ffd12056626ad7a39a
SHA51290d2947d7236222bbdcc3763bc1eba0806e9aa684be3132d5e994346029027a475af38c82f51c850a7b1d89fa10f85970f37d75e0458ab929060c38cbf3c4dc8
-
Filesize
11KB
MD5b17c41212a1893dbc4dc412beee7c85e
SHA13d32414a36264d7d2564caa7ccf2ff76a87e7052
SHA256915e6dab4adfdacdb26613ce5eb8815527e04f868ea0f71a4e80ce500df5cb6b
SHA5125ed6094fd38730fc47cfb9892d638b18aeb7db0bcb4e84e4961dd6dcaa578c6567626c45d02cc467ff5ac90f67aecedf1dfb643cae78b582f5210ea620e0c8f0
-
Filesize
14KB
MD571d56d2a4b26a8a58d5722afefc169bf
SHA1a267a749554e5755635fbdcee45c6f436a134c15
SHA256abe460a05e6c55093a87b44838bc9e8b9bf157ecc6e7debadb1df35e7ce5e79e
SHA51258a3e554dab7dac2abed65d78f4332501dd206cdfce5eb5184768bd84dc29ab685cc36eb1fb7cfb9b9e5f6f87b866921bd2d4a3ee66be893830c575f4b16e050
-
Filesize
13KB
MD5622a6b585c3364f77bc91df4541b237b
SHA1c44310a758f557ce78ce0bad2b26bb32fc39f7c9
SHA256a4fd58d13f1282540ef3eead9ad82509841fb2fb4675f8ef6a68d3bfa99d9d7e
SHA5121678b83fa7cf4cf12e7180ce30cdf9b9d5e5bf28e262eb9142b035103d41d1fc5be7a902c3f63e973ee73ce32adffeb1c2136bd74a6c53ba55e8052075e62e8e
-
Filesize
13KB
MD532392feb000fe2d7f54a7bd30a484e94
SHA169b8609548801484dbdc0d11f34797c3e8ae9da5
SHA256e6e79739cd1a9bcf8d2ca7a033d344ab992dfb125612155ed82fb5db6781cb5f
SHA512619b6a1c5a6b8ae38744b9f27ab330dde95197a2b9aec409977f8d57570a1c4628771ad4158a8ababf771e31dd0458803a134bc2e71f69cab1f2870c6a787e43
-
Filesize
9KB
MD5440fd85d623a00147cd8260c9ccf9b9f
SHA1d45ea5e1d728f3913e54644eb7aeb3ae313552fd
SHA25653bd344480529e0235d50f06a3c4c07704fe0c1b51db7859c123223cfe3fbf13
SHA512458e9f5ce7f55698f7e42afa56882163da7c1067326d77655f820e0b6a88778fa02fbaf18601c1386ce8cf428163ac02dce8fdfc349f07ada9e1223f1a0a0b9f
-
Filesize
10KB
MD5cee8291bbd8ae52fdf3cc963ec6d0c27
SHA1344b74a92686d825e4d21fdb27284e8367bf2a35
SHA256b2fde3b284d531535dac32d8b514f0e85d48eea7f3a3fd141014afe81e1fda75
SHA51256258bd0c572be0b53599e7348e716b51d3ac0f2547232e774fd91952c5aebfca9a02e8355e875d20be2ddda4e110301f1632227329b932835265c189e3f8bf3
-
Filesize
9KB
MD576bfbc212c9c656101ea0fb953db26c8
SHA12cad1228a38b1f47e6cd4dfe11aade753dbc66ae
SHA256fac67e4c157f3fae34ef31031ab279491f129ef599331e3882c131c7d1431e6b
SHA512bdacbbd54dd25c0ed44468f30d1294dfc294e09433d315ce8cf8bc76a2fa75352e60c6a1cafd489e32998a892d2585d58d6cda337721801fce7dd5d6283a7844
-
Filesize
12KB
MD5f63bc968282fa83fd0091dcd4df66ea1
SHA11c9c42287005f9235912ac99ccfd0db6a67bd7b2
SHA256c1c69d6be5560c4529ddaf891fbb2e258009ec80c53747e74c93516a0925139f
SHA5124ac896f7d7d1ff9c2b96a574a9c0c0fac4d21b44a2c2dec2ee96d7957d030f5a40c61b69db76772d09e0ac41254cc0cce8a246202c259d74eff28a26140caf8a
-
Filesize
13KB
MD572015f7e9f3d0c410d265e88585240fb
SHA1cf47a81b935c3f5bb356a64dcc5dca01fa8b3962
SHA25651a6ffd3634d7a63f67c370e4524c0f135f38ebb62a199fdbe0ac5b79ec53435
SHA51265fe953039e2a4a638e1d1a9e8cd7850b9ce212ec4e95e0f8fadbbfd21350d1b5936adbb537708afb4711c10f2047bdac8b9cf7773f0e49b49b821541eaf292f
-
Filesize
10KB
MD5885b8a59751b10b1608aeac84989337b
SHA10e1ddf6dd9b5969f1629cc69c8c0fc9fa020dc60
SHA2568bde712cfb53a732aa8755f1f0dea9f81f76acaccc0a37f3c06229e34f9f86d2
SHA512c7f55a330fc3aad97d720a718ef9df9e5f39f7c8f20d5ecf79ceb4bcd515a620cec3b31ac58fe3ff78565586ac303ef6824e85fa5c94422acb32642945b86a68
-
Filesize
10KB
MD59121d646cbdbc4454f3042a37f7ddb18
SHA1df7e06f5f2d06cb993014e1fc18ba04ccfc717e2
SHA256d197583d183031fa9f86def4588e99c719818e61f48c01e794f76dbd8cb78084
SHA512f273afd3b807ad59ded3c74476198959dfa1d157a08d0b0163316b8cac84bb7bcb2c0716f2790fffff7f689fe25131dc26d9afc0664f4f5927ebbab038eb6f2e
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\75c9cda1-a084-488b-8bf7-33f5f3233d7b\index-dir\the-real-index
Filesize144B
MD5a62435f4d392449e8c8f837a63fdeff3
SHA18ec8bf2091de0ecb6a6b6cb4ba3bdaa11173d5ec
SHA2560a5c6ea23ff81df4e757b7f039a7c235031a9301d14f30beb15afee259f0a31e
SHA5124501decefcd66c04cf7c91140f9df534e342b0d6efc4ca67e36339038d63f0fe998b01d0d36275924e21bbef9d668493f0f24f0a006b4b44db4ba6b5e7f2e871
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\75c9cda1-a084-488b-8bf7-33f5f3233d7b\index-dir\the-real-index~RFe60e227.TMP
Filesize48B
MD5e7861b4b897cffae349a75961765833c
SHA11324d200ff11c55e04bcbf9d4c88051750de6b6d
SHA25606a65eedd9784893b030cbb8968b13a68186b282cf55b34e72279f4103ae0a5b
SHA512c5d438b32f87107b960e4bf7a31c0df4e2aa5ee64f978b475a7ea7c87636ed8f508ceb76a6b9352f009ec906060f40f29c4e0cf5c48f49d85b7467e5f46f394d
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\94769e52-1c47-453b-a8dc-e5467f4acd90\index-dir\the-real-index
Filesize120B
MD553dca2fa64a621919275a98cbc7ea352
SHA19f5bd83d0e0a496fef40c944c88992aeea10bd8c
SHA25614f00c7b74c6d57cf9e75a1a54fa9b71d84cb9f11c44e9d31105934f06d72c3b
SHA5120aa7405c761e8204852fac065150e9ce5b95cc360842c3d3e9795dd8eec17a472194fa08495da8e8240d91e8548d888ec201e68c25faef49bae6af2193e46c8f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\94769e52-1c47-453b-a8dc-e5467f4acd90\index-dir\the-real-index~RFe60e43a.TMP
Filesize48B
MD51a857db3348282ce43ccb9c13a457062
SHA17ec6b5608612bdcf4a61117572aff7b3c4e0fc01
SHA25648759da4ec027d0dfc4e9c7f6ca725c53b1a1d1487337ffb6afb3ff53c1eaff5
SHA51219a7bbe8b24c50d45c479b49798a547e510b431056ed1dc73d306945b44540227b6f30e9188098f54df00d08b36989d0ff0ce81fe8b04840c218d1a24e82dd1b
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\e48656a6-f759-4de6-bfc6-c96a3db1e089\index-dir\the-real-index
Filesize72B
MD51e5c8a4b1a6d909c9539af24f7550425
SHA16c1ae39f15d9cd9a74baca81eeb17e38b8812332
SHA256589cc40ceb83a08c1ae7a7a49c8d8da702a55db9b91605b6b4ad1392e3091d05
SHA512c62d8bc7c30ab3260d2286ed6ca9051e4dd6fcb01d879a030b9be870343fdb472eac840a7b05cdd153af9740b72e9c49874fcb97fa25a41cd6856a585c1acdca
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\e48656a6-f759-4de6-bfc6-c96a3db1e089\index-dir\the-real-index~RFe60e449.TMP
Filesize48B
MD5d258aa84852a6d453379b20461816967
SHA1414119e5a89286b4a09541718680378f7a4c0243
SHA2568d95577b56a6c304bc02ccad122ae2cbb50a3ce1c38e67d33ec1a0eeec77ea93
SHA51200e1d673b9bef5cc10633c883a3730ca2d5f500736182ef58ed5e704d71348bda5071d15de72371979a5e3a958b218e1c65fd81230870cde645a3feacd117aef
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\f61cf2c8-da1e-4f6d-b7c5-b5456a61f16f\index-dir\the-real-index
Filesize11KB
MD5e10d9d4aa7ab3ea9629a79d12fa70504
SHA1deacda1673592519b68e71e8c47c556d66ab575f
SHA256abad5979359f9b39eeb0737729f9a5c93abc6ff804abd192ba3f54640aa17402
SHA5120fdc90e6ae22085725313aa4ee7c2f9de279bb1bfd34f9ccb7331dc4989aeca2c46e6b06b38ebbe6c2884bf0099ffd5dff8fbddbeb47ed331bcdd990b0bc9e0e
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\f61cf2c8-da1e-4f6d-b7c5-b5456a61f16f\index-dir\the-real-index~RFe61184a.TMP
Filesize48B
MD5fa80d85740e30cc2d0d0a07fdc86148f
SHA1734612e374ffba6a2f94824043bac2be7c8a9f0d
SHA256e7d0683cf0bddf5d60d2ed332df0cae0df79de5cecc69c79d79ace76aa4bbfe6
SHA512973200d11e2b708d84d7f788a59a0b77960fd777746d6f4c1940219fbd1a5636b4c1c584ce6b222c89881a509b7d803b3cea6e79c3569a75bdb547aed53d24eb
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt
Filesize129B
MD578cbab435ff12238fde0c204f1b0e177
SHA13f6e1f4ab544e82a8fcc71975d627b080209c6fe
SHA2562619a69e58803888d4a4a96689dcd8a2c195197e35ddf23e5b0ccad9031f8ce3
SHA5125317bb0fe2a55e6d10ee124e35f9eaa1861a7f60a853ac256592941b52597ce5aadd2ec21779007f3ad764a2846d58bd64b76006fcc7f491eeaf34d842107d6a
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt
Filesize225B
MD508afa483c5022bf00194d7aadbed6064
SHA1c928553e3e09854a458f8e38d733b63dbbb5b60b
SHA256ae807ea473fcb16b9432038526436d6518d63b7b8ff5797a3fa1524771dcbca0
SHA5123078c627449a11f7fa26886fafe3592678868fd2251e971d9266100463ad1c4137ee4ed227caa47a9d00af2799ca52a4da609990ea4a50ed43e12e64aeb72871
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt
Filesize289B
MD5c6b2305fd79bb3b701e380fa492a5796
SHA110ef4117c81e79107e062a56c30fccf2fa48cd9d
SHA256a853abf728f02783d4430d1e22abe8a45441799a410a7c7bc1561887738b50cd
SHA512cbb2cc056e3093dc5e9fbfb2c116126ceea4debb73da21bc4231f0fadffdbbee4f1b48302b11634d224862f807ab411712eba4481a158f1444e6c74a3a5ecd5b
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt
Filesize358B
MD5521165d885aa94862bbb7df33adb678a
SHA10b023fe5af05ce7c925e8226ebde5b97d1dfbce8
SHA256b30f22eef3daa999445d2106a6bca8c8df558b2fd324c9870d3520e4abe3dfbf
SHA512ab43f566d968bf5f81ed4f22b51f27b388f5ebe679270fd63da1fd29fc1ac8c700bba71210e41841cdab209188dbbfc974146f825f1d59115d203b62f21d5c9d
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt
Filesize353B
MD545021f4cb753a5824e90543b26f9a7d7
SHA100e59254c2081fd18951a5c7be63b23d8d1e7780
SHA256438d4e8e1c253d041484f0f303580050e495318c6969d21d5ae1f396fa865cd1
SHA5120bda4ffa44a3b35447c08f0f9b8759ce61e8145b761a4d925585a8df139e703f7e2f1114151f6a9fb382aa01d58f1174e768e23340913862d4ea84242b55c3d9
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\b59efb97-7e7a-4d12-b868-671c11cca292\index-dir\the-real-index
Filesize72B
MD53246795053eb8b4adfb464bd213b6351
SHA1ff23dc4e6310f54fb682129ff0e5aa8a8b9c0cf4
SHA2567cc86df2c43430bb2a6513121687f71a9efb1eb278ddb0e01b1dc5ce6512a4fc
SHA512ac6251e6fdf249084ed2f12cdc4f639a405de3b72bf4926480eb89e780ec8cea2e31ba30f772240603ce0ca83aeb2e33cd890f8100449113058075168536700b
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\b59efb97-7e7a-4d12-b868-671c11cca292\index-dir\the-real-index~RFe59a260.TMP
Filesize48B
MD5f2ea7403f01b1ee73072f3ce20fe7ef8
SHA1f5375924729dfdaa765aa2fa106675e5b8fb3900
SHA2565dbd1feff4c6e99f28ab8185545f83b35469df4fa3a1a5159cd6182b7fcf55d5
SHA51202cdbfd67771e68e5799a4db721f2f2161127ee680e455c2250fa8893c91afba0ed5210061acf44c02624a3721ca2c85d4ab8ef9c2555a005eeb52eaa754d0fa
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\fe621b06-bb0f-476f-932f-62650044ec0c\index-dir\the-real-index
Filesize1KB
MD57ee055a50d4c46a30b52cb81fe0a3bea
SHA17332d6f8aeb5a7e7e20a3fc674ba743541115d73
SHA2568e89f5f947781d2e8a83be9eaa9485512c1c090b2d6a0f8f4050d7ac906a1cbf
SHA512c2bf5508bb0813f99c008b67338ce71d24489926265178425a7141e84ec764695055036d18d84311e191ad4485a3246e74deba501662e8b4beb251ea9922e66b
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\fe621b06-bb0f-476f-932f-62650044ec0c\index-dir\the-real-index~RFe59aca1.TMP
Filesize48B
MD5353105da3501397c13c8797c119d9d7d
SHA13d9204cd6fbd362aed2b02e167d03d0988d1f90f
SHA25673e072b5128834a35b26540dcd842fe7f31dc476e8a60988eb75d7df0c45c701
SHA512a638e7a6d7aac26e35e069648530e612945780ce2bee68a424145898863ce345c9a6d7443945a6726d67e6694aa2d4f60fa1051c2fb632f283e2855f2dbcd877
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\index.txt
Filesize109B
MD56d142c97891695ad31a3d345f853d014
SHA1cee8015afeaee1523d51016aa996298c9dd5a952
SHA2566321a378ee69924015d8c4be8b670167f58f12133b29d3906cc9370308060cba
SHA512efe1738f2cb349aa73247adc3276483e9cbf54258365aa7ccb5748d20ac3d374b3b0443a86176058c45f25b6786abc6d7e79e7de675ebd096a2321e0feb83dc4
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\index.txt
Filesize204B
MD5a9b5575428f2229232a7ac34faee7583
SHA1ae96ed57ef25ce5889de82c01dae7f2a775582a4
SHA256dabeb1f4331e52aff124ea3f5394e0295c3a147c0fda61ac0535334d01efcfbe
SHA51281e5adeaba0c5a45090704a795206235859c3cdc72580907ab49a8203068c9f3ef99137d3be3ab68deef6a8bac1c80a3d7a26d52d73c93161a0bc3ccf82faa7d
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\index.txt
Filesize201B
MD575cbb5a7856b0e479dbbc92f3e806d1f
SHA1e5a78d2f80b4f046e5822fea2093f19385f6c2ee
SHA25679cbe21770531ad3cb548c9241f0d482c3ff95096e198e901fc270b0eb765e4f
SHA512330a8e7b57acaac4ff06197cb9758665e15f401c20525c2c96d41f5193e572762373071714e93ea282423e2395844fae1dbda204c541a90424671e92fc0c1a44
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\eb6d0556-2fdd-4d85-94a1-7285abb71898\index
Filesize24B
MD554cb446f628b2ea4a5bce5769910512e
SHA1c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA5128f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\index.txt
Filesize160B
MD551dfcab2ef57881a52b27d301b4e2a13
SHA1225caaea7c33e37ae934fd7f7c851fa471705cbe
SHA2562b260d43dad2b11434930e9ea21642788e92ec284e542044e2bd4adef124a206
SHA5125cf98cf73c2ad11464b62c2fa2404752d4c30804bbdba85dc3f274f16906c3ca343091c2471672b15cbf0a66d9aaf63ec736d08cfef4d3cd83e9fb1faa7fabcd
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\index.txt
Filesize153B
MD58ab08fea0e82b3a08baecd7837b3d238
SHA1ba882f7ad523750815b256c8d7de7cdad26c522d
SHA256adfd0d3a9d86ec88604ecf2f77298f4a994e0552e19ad4df78696c1bf2e0c5b7
SHA51230993dc2c90fd9eb0c1301128f6f3dbf44517bff06ebf2b58ace5207a415a6d94e90e930ab228bfdf920e351dc84c1b507390422afd1b4cfa874a8015dc9ddd1
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f56bfb986dc43b7d725c421f76f49d3c8fb9acfd\index.txt~RFe5a0030.TMP
Filesize94B
MD5663015121fbe74f90e0224c730929afd
SHA125d0ded8338f264e57dea58b51c6b9215f79ee69
SHA2564192e796438a45d387688cebe9ab6e01e75eb2e2aac5f3db2dec4f5d22bbdd9a
SHA5122bafac9144d67f6d7ffa8bed4b1e2bd6529b4ce2913175ba044215b7a44e64d668b3e99622ec89294ceb58bb77c092e300bea2da84172bcd85387c9506241474
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize120B
MD5ed94bb271d90adec0a4d2b87037ec1e6
SHA16f1aa4669728544ae1f45eda49fa845bc7a950e9
SHA256681b1ef92b6df51a9bf792283907a978a8b5aa67d16bdaa1a58a5e26df7995a7
SHA512ad8aeb13ff6ae8a3f5b7da3e9b10170cd929f3d94d767b616fe396b64278c5ad2d1f108cfdcd02ec29dc0cbac078123e17640f95e5d0390f8a373865d315960a
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize144B
MD553f6972684ed8ddc1a591f0803f982aa
SHA1a95c965e0916210d76f9db8e730e6dc87ae6ec95
SHA256b012c0bb994ebacb25b5987be25af1f1787c68a8683c3c6e276975b9f973f029
SHA512a47f318895d775f5fa5164d5e7e551f18045ccd8c3f90203b7fc0ea2fb37894e4f1cc99c5d18d20aa670b8ac1e027b82d28206428c5417aedb452db871adf755
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize216B
MD50f903e8bc70de8b15e5c5ed817d8bf34
SHA132b8ebbdd9fc995de7740e6fe4bdece96b49295d
SHA2568dac8a7eaa024b8e656d61df1372db2e7c1599672285c18e0ee4b6bbd013dfcd
SHA512c23544c6c104d99ac87dd6757354dcece3a0659ee64768078c0abb2222d65b75c60ad4f9852656444d710465aaf4c0f643f8112495d70aa094d506733f15b638
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize72B
MD5d02298c29ae1646467cd69d1ed640fc0
SHA18109dd2b0482cc3b91cf85f4fe738e62cda92325
SHA256ebbbe91c95a248186eca29958ae8297213d3269aa880cecde1d2394447f02e21
SHA51231f90eb94f61d65f6e0abb0b2f1b1f21646db9a10f6464a9e0bdf06fa9e1825c802ead776dd656e8190fc262484f8e14cb7429da47564ff90742236cb16c3e6f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59a232.TMP
Filesize48B
MD52786bb1497b0fc66af8c265dc72f70a2
SHA1b46ec06d2e92765fee0fbb70b61791e7658ae378
SHA256e8b0c3496aa461c3d13bca78db207678bcc79d44f5d389ed36057f37e80f8daa
SHA512555ee58e86a197c10a31e5a0d9decb87d1af3c68a074a0ad49cb34b6bcaefa0cf37d43cc3cb1e8c46dc8bdfd122a634fa8c146fa20676b61e2797d2929406082
-
Filesize
347B
MD57615681a623674ab418a1cc8dec25be8
SHA13b1377a50546f643828a92843ab4559223d5aa3d
SHA256996b8aa340266b1ca6b775d2b77fc7856ba52d5d91e46e460dd40e995c0f25a3
SHA5125fa8cc50795ebc0f57c3e5b642e4cda3c12d8f446d843ef054eb6fe98006f851cc108a308d594f29772fc642c8448ae8efa2b69b1cbcaaad0aeb3417e4c429ff
-
Filesize
323B
MD502e4c60ebadb2e6c95ff89abb8387274
SHA15cecef3c38db4b30407463758c2159ecffa8234a
SHA256c5410f31448bb832331aa48d4da699f227b2f031e0709049bd1b3444a7e07d4a
SHA512a5689864da2fcacb1a1129eb9a1f30606ebff4e9c7789628df13e071d5e4ecab8b82cb4cf09b918ab69e39e3af5d127cbb188b11a633af22dd53ba242888a982
-
Filesize
323B
MD54b6fa2ecde8dc6a63e3e6b0ac6879061
SHA10463b4d4647e6d1ec8076c19ef1d1fbfaa1cbd66
SHA256c14a5fbac8d0cc0674a5a49f83fc6efe2b6e2a1a03146bbc587a6007d37a53a9
SHA512234100dcd1555dcc208f69011bc6f674d50ae90338465685f40117dffa39aa3d21f7a59daf109eb3687fcf236b01f51e85e06d5e4cdce3e29675f621a748362a
-
Filesize
2KB
MD5362a8353653f10f2befe2f747d532c74
SHA18ce463b4621ad17cf430ef46810b2042602ee450
SHA2568b2a0739b73dc23f517ecc9ab40a9d7bd39012f64770d592ea8ab8eaeeb338aa
SHA512009615203b214f481a0f1fb1371f87a2a5836702771a88732ba6ef60f18167af17895f9abdf0f8785adeb3a119352367cbb4d40b6b97f963e4ca01cbf94e96a1
-
Filesize
3KB
MD5c9c7b7500cfe030a690626a80be1664e
SHA1fb7d9420b6548124420c409a027f1a45d61df86c
SHA2561d54e1d52cbe0607f39ccd59595730732d0d092c5cea9545baf66e1d74514445
SHA51258f85233bd1cee57c5343fe351df64a7c2b8fe9a73a004a48604254b370f8653851ebf7583f3eeb23cde64436a53d8f03a87f3a34c06cb384fc21d3a22397eb7
-
Filesize
3KB
MD5a72ea0eb5b376723115d843d96ccae6f
SHA195b6f17df2f40a7f70efbc97d5e37992c380bd92
SHA2565a2af99eaf214f1d7cffd10fd999dae8f9ae61e20f2ace4ab492fb8d899b18c5
SHA512599149b95dcdd926a9f0a38ad3d08a6c1a2367f66cc06778d244df25ce99f724c2e8dc1f3697a1cc1eb781416dacf55139bd02b1becaf6b3e8acda0093f3698d
-
Filesize
3KB
MD5e4478d94084eb00704cba83f843e4b85
SHA12e1ff563f32f9ed2bf4558a39f11241bf8f27bd8
SHA2566bceb6d772fd4ababd2080c0fb27ae38341cd9ba0707cb26a2eb9439796a5f2f
SHA5121a0dcf5938159e9863e09e790d47a7f916ed500edfc9ce88d96c8b72b7287d95175f14660ae73a446fc5fd7b294957850d39c11cf031653bab7480cf2a9eeaf4
-
Filesize
5KB
MD5a4fa6cbbced58de699d15e062bed8bf9
SHA1270c5116f0c059b27fbc8e55fc0d5c25c94b0015
SHA256e98c94173dea042355160ae59256ebf98ad0ec25aca9382f8187017fab08f72c
SHA5121345475a031a22bb15e282420d5365047b9b8d1eafd3d0480e0e8509c1404d58ac410296b95f2738e55dbee7ebdeaa85c10173db38472755836b13e8b8c76fed
-
Filesize
5KB
MD56b7e20433b2b0eb65f7b93c29da10c5e
SHA181173a4cf1f7a7248933b015ba08eae47303c7e4
SHA2560405bc33b417fa1fbd3ee8f6d7aeca7ec84b66bdded540aba4b2c567005d9640
SHA5126deaf8e24b3d1dab2a472a5fd18e6c56fff6709b04daf627972ffefee42ecd7011bbd4578dd666dc079499e45ab47673a18fb906790e8080176931692d0374be
-
Filesize
7KB
MD5269f081ed89d88d699d65e52f6d4152e
SHA1df78fd8d0d5dfa87468143cd562e19bb563dcc7f
SHA2564379c6b96f0d0e3662e789adcdfa79096b4dd4a0e2e57f89e5821b0e66a830ae
SHA51286d858ad537deb4f9cef260c010d33b0582a920c814a7b67fd5fef83a605bd720c44c7011e6d66ac07a4cb113eb443b19a88a4af6d3bc5fc381bccaba4560f2c
-
Filesize
8KB
MD52bbf3f78f30d611c4f2e3ce91e6b0bd7
SHA1f6f49f71bb9b6477a775774b4ed1871a1b2c53a8
SHA256b4718c38580584797d566e35318fdab0d6d238ab1112e00cfcf65729aeca8a0b
SHA512c52bbad6683aeb4483ad995fbc337ba4fe239ceedd3882fa6e81b1dd88f838dd2ba579d223d7f464782f415d329f43f616df94be8386ee55a78e71580491175d
-
Filesize
2KB
MD5667d08f704c13046511451dabd438894
SHA15687c9dbfe28a712592d2c4546317df1da9fbcaa
SHA256ed7461d3ac984abe5083529a4fe4a65a15745414c3a2b2661903e365ad725884
SHA512fb75ccd5a14e6fe4632035774501a64c9a456ce5a1d4815b562c8e86f46413f2a38b3a5dcd9f386c2bc71999c13d8be08dcb82be61039e88c6c3aba43a222cbd
-
Filesize
3KB
MD55490f9bc9e72e9f27aef371f0fe48756
SHA19afb5cb77a33b2975121156379e8c6efc2323f4c
SHA25655a73502498316a499b4a5a55f7dae74eb88ba5c393dab60ffc64da9a0f99a62
SHA512e04c621518f44e32270291dfacc5ccbcdef0ccffee7177319dbdabbf14dbdd7a9423fa4e5c5f82a14fc73bdf0fdbb59799a5a7492b6b3b737ecb4ee6c5023686
-
Filesize
5KB
MD5bd5e957e9a784d541b71cc62608159db
SHA149850da6b9748ada5e3eec92e2814b06e99a047c
SHA25631576c360d117dfb5c12cec3d9cd8b20f409937a053e9621c41eebb8df34b608
SHA512951c89365eb42df73bdd345762f35ff74e4b3fc5bbde2ba58fbad8edf9b620461155a43ca97dc90fa97ca14b0444aaf0a922c7a3c040dd270baa90c0e6ff5358
-
Filesize
6KB
MD559fa17f72287d583f36b2e82b72b636d
SHA1e73c80058f658954bc52292836f1736cbc7e97ec
SHA256268a16ebdee09366afa593d8501b988608f6b779ee05150da551cd8a22666d37
SHA512a5b0ab08ed2c15b77c3eda8b64920cdc7f51f9ca65b75b5fd0ab5d592a8ee3b4e5b879d2a13c1866a682a3741a30f4f8ff67d2e26af4267af6ff8fc4bf2ecd67
-
Filesize
2KB
MD537277a42d0fe5b257d7040d3dd5851d4
SHA15efdfd43cff2ea415aac9c74b75049579497e06a
SHA256c92991abaa84613b02f16cf686ecfa240e43763f722adcd510894a58ccad7c83
SHA5125abe8e7a0526e2a7db5bf327c3b4a304970b0d99406563c73ec1b6e92d320e1fce2150eef76a3d79cfa46ba4fa0735009ddd34f1b74e62caa8bf296c4996b38e
-
Filesize
3KB
MD5e84c8969694a8a69a9f6075c2f607e9b
SHA14a64ea1fa721ff39fc3990fbf4abbf7951af189f
SHA256b57e92b7507c07faa79aff69c77c1a31a019bbe8ff89d134c3c821b5c384439a
SHA5127b64a779793d3f22666dfae83c9c5998f8a561d14620820a3e9821a7ea852cd953c27d9bdb01cabd766941ab90d346a24312446821a272c4ed411f2c4c85883d
-
Filesize
3KB
MD57a3b8f54b73d34158bdce5f61ea2da1a
SHA1c40996742d99328a062de57234524113be6eaa0b
SHA2565c1d4c6aa7418469fe43ec8b2f8906b877f07e0bff727aaf6918d6257f28d4fc
SHA512e6f3bad234fdc79372b8cc500b8f4da27b2937bf25153b6d410428d53e40d95f64961cc1f27e867bc4e9837f720f4f9d5a0861e03cb43ea41afc840a070ee376
-
Filesize
3KB
MD5a09ae5d170e911f591d9b0ee1879f9a2
SHA11ef6bd02375e550339f2e5760309247b4bd15c9a
SHA25698826f1082260a4271ff64f32d41a60e241d07b1213c2f7245eecd9097bc9560
SHA512c5e08707d674a2b40ec9fb098a0ffd5db4148c902934075e63e2a99a0c96000e2e7a2f66593f965bbfbe0efd48814366a8ea5541fcf74edd7996d2844b5e8cbf
-
Filesize
6KB
MD5c74660ae59ea0148312967c198d6d749
SHA13d8f5898e455f03a3da42bbc73ee097d8ba7bdf2
SHA256ec44e473237f9fbcff989c0a70a99df803472305851414eed4f852d5de980889
SHA5128e9292ccdaaa74539166013de7be0d1d724ac8005e388170036335d448ec3db319246bebaf4dd0254f03ff75c4eb538d9c1c98cfb89894005b0d46196764e55d
-
Filesize
5KB
MD5f35103cd3c4fad7cd0eeadb3bacd0ea7
SHA170c552331bd6d1b87249bdd392b5e347d11d7662
SHA2561b00d26e13b5648185436333b343f8fc746ad4fe73d49eb10dd7679707b7a873
SHA512377a4607293063e827b13ea2738a33e30128614ef908aa491381d2f38b4a0fdcc3ae105c83211f968a8d82d9005274cd9119fc05894a96efb566625d3a8c3629
-
Filesize
5KB
MD5e0991f69e07e5bb326aed59ea57b3faf
SHA18cf185c58fbd883d672980a6b138bd3aff80cc2b
SHA2567d75ae53f99bd1833da5184d6c1a28491724c0f86ff0d08dce3bfff94628ca36
SHA512af82eb87ca23dd3d9b72b144c256a3c551bd7f16481028479e23d061c81e4b7751ae58bb5b220a6bfbfdfaad5f35f108b0bc5f0bcb3a6ee59bb07551abfa5cb0
-
Filesize
2KB
MD568534aa7f0680ec5588a5993dc240216
SHA1db43e9c2d285806b293aad94366a26cf29385b2a
SHA256030d08fc75096c2451b2dd602f02e6320bd49f25352da0eac9513ba9186ed6ce
SHA51205a01f636ba26ec4459faa1dc7e24ed2d1a349a0ae69ded02319c5a70fc8032eadb17f5ce41f9350bfec0c2ad1a859b294cd2edf962609a68ae712d5a921b5b7
-
Filesize
2KB
MD5d58413b193d9c42ee50deab09032ac05
SHA1fb5e4f522b903437985db94206148394375d210c
SHA256bfbd014219f1ff13ce6451108703475f75c0569b211a148936ed00c1acb74c3c
SHA512d667873205d514e43238086c28319866dfdf22daa4a99142afeeecf190c0595ad89e42f8eecfb5e9b34682235896d6d563d7c2c03c4b050e87b3413f21544e04
-
Filesize
5KB
MD55f43bdc69b742b3bf0d2ccdd9f8e77bc
SHA1d4afdff9e0ae670701d7a4db9c8fb2cb8a0e8934
SHA25631f57de130a2abc92519f779517188ae54f7a8b61502a98090b42fcfa551a128
SHA51237a6a90db12c9df72c8fa7ccc7c41400ef1a81fa5cb7ef6ed1cb9743a3f73e51c7bc36e5516239d5f9dbfbba192fedfbaa88c4765b7afe27875fba11096d4a0f
-
Filesize
3KB
MD5cd8a60a4b9a38697170256f159307aad
SHA140d0a2b1662b9b8ddf45ffe8c011cb652dba65eb
SHA25601eff46ff5f75c603dfd65ae02ccad8afb8336351282a9c56fec3460d73495ae
SHA51225573bc564994ba44d8db64005eea614f67d584349e88224417d64e0139cded44bd14dba1c41b40a12f7d19f1c47bf43df78a0fec6670a76e93a483ef513e7e0
-
Filesize
3KB
MD5a3db2254cff464d88512511dfd1001f0
SHA1db46e81929df985c1ffede9d112736bc5237d26f
SHA256893b2e1516c5d7d6256cb8b73be8d3405b85bd49fd27f13df177ed78f0bc8d41
SHA512b5e399eebfc7e8f03331d855be19e8ea15715fcd9a1371fbd6fc55c1ffe1570e497e11004b55777c3ad44eefe306a985f4b627d12885b215488d2b9bc2568bfd
-
Filesize
7KB
MD57ea8c3ce59d9c039e0f4da5c65bd422d
SHA1af20517ab0b3779725f277ee20dd33d6b4fa96cd
SHA2561d37164fded037708afaf0430269e5a9ec3ba13448a46e7d336681cb00e4ff5c
SHA512e2b7e927b24fe070c63a93089dadac7aa7abc3fb8e1bd6e03b1d72584c7167ea89695a1b444f598bfba85f4ff64509d92e2a683282cc4ec8ec39d81e9e5443cb
-
Filesize
3KB
MD57a73945a028091fed1c7af87c9efcd14
SHA149cb8ac9f8aa682c6cbfec8ea79c8e77d36b3544
SHA2562017c3b17160a75ed7ca5cc251846ec0ab7dfa2d73cb41789c888d0939d97711
SHA51297030beff0abf03490a9bb77176abf4877bed9ff7d8eb76b679149df285abcc8983c03acb391980cbcb58b97572e49c20b76f4f461cc5cf30dc5e79b12a5ecec
-
Filesize
3KB
MD56fed80707095fa1e2c3af27849d98340
SHA119f9796748657c268514cb1903d16604c9fdb943
SHA2562a0475a9912663df1f06d27a12a1d858b64f83c4eef2a1d327ca961de3d11026
SHA512e3f594143de35f13d9cfa35d51efb613881f79bf275f6ab1e894f10eaebbad006d55ff1a3b71448378d8bad4509abd4393e13c00cd1f7d7fdf42f5bc0bdd6c52
-
Filesize
3KB
MD5a1157b0deb63706f2a8e762a75ca2228
SHA177befce6925f07a3d528eca93704d5e0d6dc2987
SHA256d299ed705e02aa39b49a57a54933552b35cce3444ec0c380ba648c5671cbba9e
SHA512c9ba432f60cf09af98d55a0aa0800e81c2bae413dc30373301f7a9fa23de8b61bc00b7665efb0d28699ea73f409b7629283bd7f7fb30c3205951e23e3f791d7a
-
Filesize
706B
MD5a296f0dc3056e4834c21873c9b923aff
SHA1b18158eb6e7e19ea09c376e728ab074a84de7e6d
SHA2567b4a81f44150f17b3cd208d097035cd2ff37e4d7215d96596bcd0d4ffa9ae686
SHA5124f7e9180d683030c9b145f4b9baeffa9195bffdb5cd6bda9ba3a97c62709983303a393523a0bb2ff5411e3c3b20947acf503e9cf4b5800e76e8db8108a925485
-
Filesize
128KB
MD5cad76ea1a6a1f5dc48403c1603bf1a7e
SHA1439c4ae51f7b665f3bfe280dfdc680b3008a6fee
SHA2565fcc8536a93ce19df19e535021ae5a59f811d10b53481ced2efacb25d269c42a
SHA5129e8f64b98794e8bdedf15c64ec199fbd6e063ef4dbb5b06ec7597d2d30cbdc3e7a9c3c4e9dc5cb3a96ad722b573fdd9477fc2eb319bf3aad99b37dac2d1b885c
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
16B
MD5aefd77f47fb84fae5ea194496b44c67a
SHA1dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA2564166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3
-
Filesize
11B
MD5838a7b32aefb618130392bc7d006aa2e
SHA15159e0f18c9e68f0e75e2239875aa994847b8290
SHA256ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa
SHA5129e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9
-
Filesize
8KB
MD5b1a25986989bef196cd8381853054450
SHA128f8b957deb009a5f4260d869184547be299b0bb
SHA25603bf40ee317021fbe8fd6809790a55707da1a8acc4dbb7fb19057766ae2774b9
SHA512c833fa3c2cb4e89525cb1b4bd42a9481e75071655fbf38b4520d3f2702bb906d3765fcf53f50558021e904939a477a8db2a1c25e54a8009878d964340c131d26
-
Filesize
11KB
MD5e57cf5242c4e04bccc7dafc37baf0269
SHA1bc786faa0fd7ca5d8c1a043f8dbda9be9c8bac19
SHA2563486d5ea5f0e0a5d2691cf8ab366733b7081008a95b422bcf5291813d5c1761a
SHA5124185b923b1b6982a18a8696ad602201b7f264cc188870d26980206065a8ea73022bdc6fc0c730268a46f5fa48d0f38de00e98b88fc71ffe8ce56522aa2dab0f9
-
Filesize
11KB
MD5386a6acc03898afc29a6325238063154
SHA1eb228aebc0e47532b0b3f2413aed9152dc25daa4
SHA25679d559e4986fb1c52e7fb56b6a666b11dc46dc1262a30ac011a88a0cc0bbda76
SHA512da6c6670ba63b6b02df4b28ddd1ddb4fc97b17ac6c0151e7c7b300e7e297fa99be7705e507f3648ab68c48cd1b2a4b37a8964e645b0a2a2d9079a6b9bdc9a527
-
Filesize
11KB
MD56d12d90c89564a7e6909c4f646803142
SHA1e0b90592346342ebb3abd02768ac2dfc66eab0af
SHA256db9f861d837a5edace7daa069c7211992eeca83a44b3a2e03214864cce050db1
SHA512b793fd61024fd9cf32eee7c2f1230544a380de2c4e3c56182fb7d4d53a8334b406ca2e8d391ac93e853943433ac202d4fb6eff6bf416dc030465a74103771920
-
Filesize
11KB
MD5a7c91b6eb88678a7aa1c6c26d86e1853
SHA18ca4adeadb11af1f3d3a2c4e189f2049dc6e6159
SHA25636adde0b8e0231989e4dee0f0359e983e31aff6aaad0d4cfb95a3bc396b2f2fa
SHA5127a6cd52ca4174652c2950e0b07be7a7a9ebebdf1332c836da03324368640abd5dda9e9d449cfee0ba95134d2cdc45be642b43fe916ab88bf676a6edc76c6ccdc
-
Filesize
11KB
MD5796945cd1fd6b8a51e8c917fcae796fa
SHA13819a799dad3e98c65846c691fbf2083b59857e2
SHA2562d2d334b89882aaf4ec9f6abd9b4858fff34d44410fcabedc121e70e7255351f
SHA512b38811327cb956e0f92f96d2f9487d66258285deff70698f8c6c1e7a4fa7e7a4950a479a30b93e599d09fc35e2eb7988503fbe3362ff3c8a2a61776cdc95f529
-
Filesize
264KB
MD5fe5733b0443647796e2bac46a42def97
SHA11c67fc57971b02c049016e30718b3cae907450b4
SHA256cf0d682b3a74c5fc139da3629ba2b3b4cf760d7b9989ebf02a9ba683d4da82d2
SHA512f99a1c31633546da9743adbe9cddd5605e14af63858eed20676b6863fb2ad3fdd1a719ac016232369a88b3313a72b7234fbb4faad7c39dd2ce37a0504b38c748
-
Filesize
264KB
MD5f50f89a0a91564d0b8a211f8921aa7de
SHA1112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58
-
C:\Users\Admin\AppData\Local\Packages\microsoft.windows.authhost.a_8wekyb3d8bbwe\AC\INetCache\6TE4HEU2\4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhWdRFD48TE63OOYKtrw2IJllpy8[1].woff
Filesize27KB
MD501d2a80f169902d43ae9db5a95a041fd
SHA10e5baa2730735a6dbd8ebd4e9d6b5bdf48e6afd0
SHA2566864fc8d95f3229ffcdfb1f58bdede5793d51cf95e8a38827219bbc66b8b7809
SHA5126c061fce28ecb708cf43762ac1462dd90b4f1ac040e174e395133ef2cdb142c138691e3151a05a92ed60ea0050c83b39c1bbd655a259d64e9c3d537a61d5b65e
-
C:\Users\Admin\AppData\Local\Packages\microsoft.windows.authhost.a_8wekyb3d8bbwe\AC\INetCache\6TE4HEU2\4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpy8[1].woff
Filesize27KB
MD546340077cb37c81b2bc0b03299108bc4
SHA12957977405fe3c8c0198e225ba86021f37fc5122
SHA2560bf0857a7247d0ca9f0221bee4203b003207eecb888651660594710230091bbb
SHA51201ebfa7efb4f7c265b2c0eead23158fff094b2d3a69d8be4ba9844f89d18efde1030ccdd5bc278c47ef0cc202fb14f0879a1ca5fa1609b8a0b70a1750ce93d18
-
C:\Users\Admin\AppData\Local\Packages\microsoft.windows.authhost.a_8wekyb3d8bbwe\AC\INetCache\HBHQQSQF\4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpy8[1].woff
Filesize26KB
MD55ec579e39f77190de20a4cb4d7b082dc
SHA1d99f1d73c37968cbdbe44c7387e7474056c4b034
SHA256031c66a54247283c9430caeb5c54a90e5974244c9ccb0234d53b27d4a484816b
SHA5123e11f6d2fa13eecd4fc34b1186a96dad8dacb629c046e606f2dc7cb53385ae9a4e0f3aa950b1698fa188c3e449cbf03423e46f8632b81425d8abcc4b145cb617
-
C:\Users\Admin\AppData\Local\Packages\microsoft.windows.authhost.a_8wekyb3d8bbwe\AC\INetCache\HFA7209H\4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrzjJ5llpy8[1].woff
Filesize27KB
MD58525b8f65d40a1cb7f29852a3892bf27
SHA13b830675ddb16b60551408037082cc5d4affea92
SHA2566cb2773c98a2dbe514ffcb677ab741e73169f4cf34691f34ea70b09ff48803b7
SHA51287126a3c93c005a9b85192e0a9a7f3824729828db4320c2b6bea05bcb2457c854dfde5742dac5a139cb0ab5fae9ef5f261c5bf3d0ee300391f1220f84f2898e2
-
C:\Users\Admin\AppData\Local\Packages\microsoft.windows.authhost.a_8wekyb3d8bbwe\AC\INetCache\I2TWHMMK\4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhWdRFD48TE63OOYKtrwEIJllpy8[1].woff
Filesize26KB
MD5ee1a7e476486629ebbb831d03a108eab
SHA116207a424b451b8087feeae8622880fa7bc7a63f
SHA256414729175c41ac6cf56080cc6d7205e37002e238f0368578a1ce06f6df79ec62
SHA51238bd61e6cfa8bb15bc089bd0418ad4ab662f8dd34752b24b8c55745b43480ebb6c4454f52e4665b28a7690a6023c10d6890e835b41c1ff8d59ee3c305afc2fed
-
C:\Users\Admin\AppData\Local\Packages\microsoft.windows.authhost.a_8wekyb3d8bbwe\AC\INetCache\I2TWHMMK\4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhWdRFD48TE63OOYKtrzjJ5llpy8[1].woff
Filesize27KB
MD5050ebc66b426284b76a6d653814048f9
SHA1c61d16d44ac27c6345a4fcbaa2cc4b17bc43a147
SHA2566fabe61043cbb9b253eaf0727abc30278903bf98e90426c08e20cd2f86afe5fc
SHA512af531773861de863dae1afd5a3aceaef9c842d20b8f53fee26c5c9ccefbcd070c2a88f6858576c4d9ec20fca03201d8f3502458eae4789cc01645e43de8578ab
-
Filesize
377KB
MD5797684f924e5887fd19bf3e3db752b77
SHA1e19a6086c2e87eac03c802737f40e7ff842fa44f
SHA2561dc3edd13c8c702426d614addf5ef1b5380cb78b7bff7886943c21c354cada0a
SHA512bddf7202395db21d5dceb3f91338dab3f85586abff64ce78ab7df369b8b17b5fc337f2318822701c652383f7cb009da2a1e931f15676cdf1f9b3011b815625eb
-
Filesize
797KB
MD5d083a07a3dca2d0ea5ddb0e959fb8ff4
SHA186f3f43729db553d45b728b1409b73d3de5a5915
SHA25605e1c6babb787f24d8a60f8ded2c216c9bc2956970d75073a71139fe168a122f
SHA512d16259a1fcb29def140e9e1768b99d973b434c97bf7b09bd0d223143a622ee720d2531a84dd4edf082300fb5f4f00812e418c0131b196375821e612bf34f7aac
-
C:\Users\Admin\AppData\Local\Temp\scoped_dir3376_944924567\CRX_INSTALL\assets\index.ts-loader-13a0f470.js
Filesize341B
MD537ba3a70722df270b2f69dd60db8f1dc
SHA18c61f83d7e13b5efed2335a14bdfce2463fbaa9f
SHA25613a0f470c87bf4ac0613fe1c0fd3fbedd5ce1606cb2d491fb93b3cb5bb2e2d75
SHA51275d1e0556a2ecc24cc3a06619b1894973d391fe089c59bd33033286de99799968cc2137b0c0099d3cc63545ef317ec82cf3534a2739c909644bb01137401d10e
-
Filesize
326B
MD52539c2a2c52cf0c2b882b5363af82310
SHA17f963d00c03cc299b47169343017549fd17d78a7
SHA256d5246a3cdfe9167182ee4dee9b9c041f037892cd38e999a5af391be01fca0c2a
SHA512a8ed794cde1b9985920afe706afa5a3775772289b25129cde384854481beea524177f47a19eb1ddc5c2781eb328c9115115f0561193877c6a48937336c3d17d0
-
Filesize
603KB
MD5456481d81ffa03e23627350ec30b0c38
SHA1d8ea11c3e22f0644dc23d22329e89464055d4768
SHA256d33ca1873d3ce9fde875d94152d3989ad3ef7a0daa0ed300a37d7acafc932854
SHA512cfaf2ace55d4c32835622b23e86812ee7e740f5788690c40a440cd7a110d273b0f41ce7b884f84f9f5a58a7563ab4c970ffb4465e889a259e678a00789cb73af
-
Filesize
40B
MD5ed8e64a9cecfaea7e6fd79b0bad44360
SHA18d56d96dcb5ce12213d9747ee7831ad3cfb3ae8f
SHA2561a707db239021833660798be6bcfb41472fc681bfe91e11168eec4e90c9884b8
SHA512a423d1ac1c011433b1907639c8eafc7e0bf8620af5e5b29ab6b7054063665336590feb55b44b7fb5c1ad9d4e52ed0ed53790977680dbf60ed78455507d10c214
-
Filesize
173KB
MD5c30a3e8f3e6a8a236cdc1d58adea97c4
SHA1088c616ddd1e0ac605a0cde72f91b484db404853
SHA2563f6c91bbb2b842af6d53144f0767f6db735a7b7706e1c40e6bed7c4ce2a0a9fb
SHA512d83e01aea95d890a1dd6ab1fb006f6b58e975af87078edbce844b5dcaf972735064a36c5098cebdf14efbbfc5c7dd5d3840af760eca7564f96137c6f2fac5cc4
-
Filesize
22KB
MD58da77fac7cf2f8e1636e9e30e6aefa9e
SHA1868154729e4f301d1babb65b432abceb5149113e
SHA2561780288d90fc0d24e3bd7ecd9582de4bfac2c14be7014a450c5bd80478ebfd7f
SHA512fbbf6de9a7aef69f7430b1013109302b6738b050e81c58d910979511264855fa4c8095b1231e145d3057df1a1b71369ce94b06b02cfc46706f3a93b198943162
-
Filesize
140KB
MD592567f14ba864954114d02e274a05a22
SHA14410dd2041cfd8120f0289b8783651026a2228ef
SHA256f3e382e975948a8847884fe9912471f73b1b5af07945302868686c4fad1aeeb7
SHA5127abaf22044dca32332d1544d9e9f2139676f0f73610332fc1d191a07442377ff1979d4239c57c55b9f3b9cb5b5a625954e1e431ecbda9a09dc5cb6c5dcda42c2
-
Filesize
98KB
MD548406cae7d2083a5748212503c59c16d
SHA1616425c446ed1f5fd5d0ff4f74e6ee229235d2a0
SHA256d75717e063f72ba896f879989dab2c29f851f7501775640d634d4cc1659aa597
SHA512748bfd8045cdfc719c51b3de00957ac603c3414eab2cdc7e7a5e181a892aba4ab05a5e4fc509e3d10aefda7be29768587a7c321430c1f415be8766d2bfd677c4
-
Filesize
102KB
MD50d578987acf20b232e345a764601de49
SHA14d360e8b3c764ea3a52f2557a3dd2a1778b7ab4d
SHA256b97c8f58ea23fba92585c51507a9f3199c0f55f078f2b54578c7af9a68c9cd7a
SHA5129281c0ce7f7ecf6c891c01bf085251f47452794f23bf05a26c92a758e80b0e1234eb5579615ad89b697358c6afa0ba15fa7abb44b08d94ef12698d487d02e518
-
Filesize
47KB
MD58e433c0592f77beb6dc527d7b90be120
SHA1d7402416753ae1bb4cbd4b10d33a0c10517838bd
SHA256f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
SHA5125e90f48b923bb95aeb49691d03dade8825c119b2fa28977ea170c41548900f4e0165e2869f97c7a9380d7ff8ff331a1da855500e5f7b0dfd2b9abd77a386bbf3
-
Filesize
8.2MB
MD5fee4315e33a8cb1bafed00f755920325
SHA1b9db920f1fdbb93a41827afe890e64b101abad35
SHA2561feac355e8a7d426f35f1584622a2f3a4279d9eda6c114b53ae68bb9b9086f99
SHA512cceeedd85cb3edf60f2ae28c6e5f6c638ef60ec328dea5bdffec489ae83bd116f1cfd2feee4663ed760bb4f9ff56f209bf3902c95544a2f85302db527b479da4
-
Filesize
633KB
MD55dd6d724b8d36deb7c6341b490afa015
SHA1ce6b245ad04f72d32e8703cefb086f25754c2ea9
SHA2562b8b52d96118f27bc01770b028d0b52686efc438f5211c2e0c637a538ef244f7
SHA5123a0edb4259e8a94c273eb641aa8b4d4dcbbc31a704bf8df6929671cb16a5a1431fad5654b1f1bd2e4cfbec3859c907c798e946b92dc0fab31e11432318c88bbe
-
Filesize
41KB
MD5eb5a2664e28afd5b3f84eee71c63c325
SHA13488d1364d6c0076da189691642f1065166baeba
SHA25683ead51b907289d883321a16162b11d9a371c63506efb4387481ad67f39376ab
SHA512e2bdc5da83514d20978c292caae5db61d9959b7029894669ddabb9ae0540d9eb182363b29467e1006c9257d1f1e0dd68633ec8a3a845a0642ef9fa49a310173f
-
Filesize
96KB
MD5ee2a1febfc5b74601ce2d70322eb55b3
SHA1708dee902da0932384968e5a95d1291b3a4cae4d
SHA256499d74a9fb96c13eabacd47f6d29518dd0e183cf34829d2c9ff79bf00f782bd0
SHA5126eeef867373d9cb8b079d5d748b06380c8fd09b8ce7a925db13132a225b4efd244707f29901e6220935113527abbd520a0f409b5707038a0d2d02bf9fd8a205c
-
Filesize
873KB
MD55033d79a4e006f102ae2d09bf2d56fe9
SHA142b7bbe1f52ccf33da90e6575c7c726107296848
SHA2562cdd25a2df182f30e44d7c6c43eb199b4f674736ab68d382f012aa7fb67d6a5a
SHA51238670e6d6ba06bd458516fb78c6c96597d55f82bbb827ae4776347c71c81a71fe5f98ad9a75d7e602e08e3b452cd2d05367ffe8da862ce9d454587eea33f69b0
-
Filesize
96KB
MD5237595c428e0ce83c3ebcdfd4c6b2805
SHA108cf21ba78f0a37e2a90293f24e407e876b0fe4d
SHA256f89516c94262cd701122e067f721e09007244448f01002fe681e0be8077696bd
SHA51277d02bb3e32121d7002c98f31e9f69424da4d19ccb3478551171d52b075f547cffc4ad58fdeee468258bfc1b791319807f9a3b591dda908495efc8b2dd1970cb
-
Filesize
59KB
MD5fa3c9956d4a1cfac754f98e1477ed0a4
SHA148714ad28722c185f7f950aa159999f3fd942508
SHA2561f7f4a253e5f8880ebe673fe40195977e41e845377c5ce649f32d76772eb8e75
SHA51265b7197c9465a53e4df24f4be2b761b3c3906c8c331edeffe741a4561d9b869b0b4167061c383bec0b04f190c177fdb38083f9dbc57e712bdf4170bced7218aa
-
Filesize
156KB
MD501960740ff643594ffc0f045d484e56c
SHA1ea90518491e37e1f771f8c21c7a72960a1b366e9
SHA25648b8e9fd62301615dd16a2352ef2cf6ba49d7dab0c97133411c95ef59b8f97e3
SHA5121723ecc0cfa37e6cb58bed70838228e69a73b4cb12a33a6fa1671bfd14f7419e9ac3feaeb1bc98664a691227b848b8cafc687171edb1856e093deb545ae2aa44
-
Filesize
20KB
MD587e8230a9ca3f0c5ccfa56f70276e2f2
SHA1eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA51237690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8
-
Filesize
20KB
MD57dc60a62347f28b91c8b6f66165943d1
SHA1fa7b0119761e1e885141e360b30f03bffec30c39
SHA2564f7b0cd3433a8ebd1ff84603d6c9f2b4e210cf2aad6127e7ea6b4c7923715d43
SHA5128a002e5ed40aac84df5dd008b1ba627968eb60806ef808e5aad1cceb18685b1118f9827bb09ba37df93aff9407539813be90b446fa60d5d9033b8a9a2451daee
-
Filesize
39KB
MD59a01b69183a9604ab3a439e388b30501
SHA18ed1d59003d0dbe6360481017b44665153665fbe
SHA25620b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
SHA5120e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca
-
Filesize
54KB
MD54bd06deb3cf26efd99706f4b6bbf5724
SHA1bf5699c61a4deaee97bf6e7a22dd852b960639cc
SHA256901fa10a4c41c9cb7c553557f09cbfd0523ba07553a22a858d3e15411f185f8e
SHA512f98cf057d847ba4b81381211c9d07e12c0ea4869ad963a58184027ce31260dbfb7da3632446f74509f4f1459df43656b5165005f76b69477212cfccb47dd7569
-
Filesize
28KB
MD5c55f0e4a2ffc544918930e02ce96068a
SHA1f1d822a8a11c06c7b09492d02dc30bd9e820c087
SHA2565367153cf2517160651f2caa96f3bfd065fbe32dce712a51bc26a8612eb7fc1c
SHA512ae98418e978ec1e97e8931610963383a0dba9e7e471eff3221979b2ba7c4ff85b7d6436ccbb484ef1fd3f9aeb984e2a1654dc87743197d5ad31bea9ff28af632
-
Filesize
22KB
MD548e7d1126481cae2b4e4f225e9e4d4b8
SHA1f73de855fc02ced7983e51435a6b9ecdf624225c
SHA256d32c9e1f67eca108b8aae943a86943741a2d40be1a70ec2b01a88949afeb2fb2
SHA512c502a4307d1e0fcbc3f6952cb0357f1efec80b113dfb16955a3721f8540114b6cda1d469aed791959ebcaf021485640228a73ef7ebbb5f84c7d2aab33304f97c
-
Filesize
47KB
MD5015c126a3520c9a8f6a27979d0266e96
SHA12acf956561d44434a6d84204670cf849d3215d5f
SHA2563c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
SHA51202a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c
-
Filesize
28KB
MD5127002092616e052f1950014bc24d00a
SHA168f9259fe6bd073a891552ff4f6401640a60a702
SHA256c60ad690958707fdc0108a0e352132c944e67a90fa7f0581a79b725582b92b3b
SHA512f39c0358054fb44329cac15e69b4e689e4447fe8bf92e95b1c6cd697c35f2c8da44eea26a623df19f55dedac5fe799e39aede171be7d6d9c344f559263793667
-
Filesize
1KB
MD549c8eab29dee0887e6c0a0319c0b792d
SHA1cec9461253227ae2f0f695f22665366948149cfe
SHA256109cb0d8e013d2a1491b6818e8ec902666dbbc4bdf439227d275b0fdf7720fea
SHA512d5daf96b7912a47bfccd5d6c059a014e8ccb19c6f975f9ed139ce6bae1e88630ba8d897e4d7448eb18e340b5fea5052b1188a09e7d23a19355e6e2a10df144d1
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe6683ec.TMP
Filesize48B
MD575bfd00d4171d4fbe006225008fcf6c6
SHA1445055e25ec95d4af4a023da0a14b3f9f6bb2c44
SHA25692be4842d9841ce666046ac14321fd45dee532bbc02c3ca590731c3f76b5b667
SHA5127fcbd4259f7787803fb3bcdfbad4791416132bf020626192157c604bd8dd440810df90906f4bc22e19251cbfe875a8f84a40903765b36303ce6afdc79f4467f3
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3376_1978093634\CRX_INSTALL\assets\index.ts-5c6f3b83.js
Filesize56KB
MD552ebda260d370e60901faff13e8c9828
SHA14681cb8093a4159560a8103dc32787ffd55bfa29
SHA2568146421645c3f1f6af4e87a3fb22107220ae417717d7613bb291a0fd330f8437
SHA512283e4308b2e9a93d3871853a0cd17519b39fcb29fd3e1457af8897d9bf12ff5e3430164c63f4164768ecf936e4cd2c48b8b86037d872a9e3c9bec29a9f91a5a0
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3376_1978093634\CRX_INSTALL\assets\index.ts-7d59b331.js
Filesize16KB
MD564fa826b6b9bfa910fed4a18c6a12c9f
SHA1265f312f8187d56522441f869714b9d76229bbeb
SHA256676f44312864a5e6e41bb8b70412ac265b6a293b791679be10049c17fc62d4f8
SHA51232b7d2a64ace406caec91994f6eef6551fe982876e5ff3a5d694929e0fbed4bcd2c7c53b879ff5a32ada0ebd35672e50db30a0a17f39abcac34a1cd13a61abfb
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3376_1978093634\CRX_INSTALL\assets\messages-86fb7e29.js
Filesize21KB
MD56d62c5de88a2381b5627e0d2df7b9a30
SHA108c76dfb73e09780b0b3f98e5da414494904417e
SHA256068f97ff81dc092e4d201f575a2d330a0f5830e847edc6e0e80f8a97684ba75f
SHA512a193d284bc5c017353e8ce1a51f2449e2e58f0f35fbfbe8173f812bfaa91840f2cdede70897c64d271601f8836ef4f694dc099c2271c18b448b9892e5043e291
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3376_1978093634\CRX_INSTALL\manifest.json
Filesize1KB
MD5d1b209dd9c422ea50135dc2bb716d238
SHA1fc13c64e6b1ccb9561e8ee0378dd1418b39e401e
SHA25614abbebee800bc6e73c8302fb892faf2c9ab6df5ac2a8eae66caf583915b7d0b
SHA512f9641b3f7bf52d4dd9f3e223e220a97924ab8fef6d472924f30b15c91414df9d72ec4de00ffbfe9b17c06d8398cfdbe80095b1da06c3b0683ed6a751cc0f8c8b
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3376_1978093634\CRX_INSTALL\service-worker-loader.js
Filesize40B
MD5b48149d66d4bde2196c003629e79ae5a
SHA1276944b5796793effe150b05d0e9a8c9af89bfde
SHA25622002a97ade52f1ede27d832dceab496337b59a6b6e51699d4fa231502fc9f5a
SHA51289edbd1c24a13c6516cef4d23421bfbaa61a7ab37662e393fc27c4a21c94b02a71d348b55f6f2aba66b6cac7cc2f0894487241664672bdd92f113a07984c7555
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3376_1978093634\CRX_INSTALL\src\assets\icons\icon-128.png
Filesize3KB
MD5af719a0c95789b088fe4b9f82dd5ee98
SHA1cca49d2a728cd456b450cfcc20f91acf781c3105
SHA2565b861963c613fca1dc4aac9a416e43b2165b05a4277478f74b7f6562a378ff5f
SHA5124a6f77684b3bc459897ab2709754849868bac64f4e099c1e74970339c944738278454d6c043ee8a2a0337e9891e7e7126bfc41e6fb0f5fac544b978ae36f5082
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3376_1978093634\CRX_INSTALL\src\assets\icons\icon-16.png
Filesize425B
MD546c4711e8452178b9c2471f9c59c2667
SHA1e020f7ba4a787f840d204525e8eeb21d0c21e2be
SHA2564e1aed06fc4105c64aabe9580069d0cdeec3464a693241e7c02771e1beda860f
SHA51242f2161205f28003aff9ea4a8bb33a0a0ebbdbb9bb5e9446efbca4f000a4315b2bf7184d79254c148da40597cc15bf8f22a02a3da78cf5c9026ae35e4bd695bd
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3376_1978093634\CRX_INSTALL\src\assets\icons\icon-32.png
Filesize764B
MD59caefef512720012470700a11b0bd456
SHA1bfc11bafa996fbbce1566a569a79d5d72b08f1e5
SHA25682c0a843e1df5cc10a8c6beabee8416281aa89c73798d7bb6a2cf4a237a24ae0
SHA5123bb42b23babd54cb902e595b84a398ad5b2c9bd2e4bd4951a8b0cdfdbf91f6d0e04bb1fa944c54d673babdbcf0400c1947d0e12fba8057c3f69ab1e61b89aea1
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3376_1978093634\CRX_INSTALL\src\assets\icons\icon-48.png
Filesize1KB
MD52184400582c25500a74577359a1f7e7b
SHA1e69eecf84f7d2d98bf236edbcfc143fa42d01bc3
SHA256c6c3593c7d0af5c9a7f2e26b98ef2629e392c5da87df80653d94ebe412d5c9c0
SHA51224858ebec11fc0bb586eb2d6f555f5e798ec9708ad89b0a94957a1537dc150a584b70865d7fed53d3f122789812d390eb6af6b68ff4cd93296b2b0e5a21b103f
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3376_1978093634\CRX_INSTALL\src\assets\images\adblocker-bg-1.png
Filesize16KB
MD5404ead15b3040c2a16cada6a18088aab
SHA157d6d1b3d601532d1825c738ee51d0971f137af8
SHA256bd474396ecae2864798b9b33062afe3b599dc834db30b6a2f4cff0d0cbb9f9b8
SHA51212173b41f487987aceac82c13f63b1318107c48d6803dc1f89053245c1c08d092761399ab397da44f0ccca5d9ee3c79ab98081cbdb25a78ab5b97f0b52a4f784
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3376_1978093634\CRX_INSTALL\src\assets\images\weather-bg-1.png
Filesize68KB
MD58f158754f161c02baf061d230c993455
SHA141b21d1c3e2aa029ecc77dd6aa5b174d0eab34bf
SHA2560055b3b2ca2078823b01d4cf064d4ebfac5cbce03fa38c8b5e920b92b3b47f6e
SHA5128e417897690aa540ffde4ecc541a7a0a7071f355b6b663601647e6099f67310f540a40b12f6c0a2984965123d9ff3ac9e78f0be7b4abe2d6bc9ae941fd869106
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3376_1978093634\CRX_INSTALL\src\assets\images\[email protected]
Filesize234KB
MD5d336d499edc3d7205948e09647ab5826
SHA1797b756310da1f67d3df61c821377992a305cb6f
SHA25663f3d2622f4927d830412c8b089dfbdc77dbb880f9c49f072c6c8dc0b3cdbd00
SHA512fc0d6b3c8ae83f3db7c5f9ed4a999b090b2a1e8fd80f4b91ce1a42f804cf8c8c49d03dc0f362617c0df130a7b607b5ffe36fdc0edfa5f4a18b308a4a66ca8472
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3376_1978093634\CRX_INSTALL\src\assets\images\weather-qr-1.png
Filesize5KB
MD55cdc09bfeb0cc136c4b8e45114c8b910
SHA19d15f710e94409fc854c30630d70c66959871410
SHA25670697bb3558c12efe9b34ca34b05ff39dadae04df9e4928e0de6811b3efb3a99
SHA51229b8d495506291d46554e0a3951cdcd6fcd5f3c43fb52ac15c4bc13180d88fe91495c616c3e12a2c7edb7a2d64f90c391faa539199ba7532c45fcb827270e131
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\Temp\scoped_dir3376_1978093634\CRX_INSTALL\src\assets\images\[email protected]
Filesize6KB
MD5e86f7685206ae12b271a4c50620f1f81
SHA1b5a96bdd23787dc994406c408c8db08cccffa646
SHA25628cb433c90e6ca9cfa6aaeb6ec60ee2c98d02a255d671c7c47689f9799cdd14f
SHA512fa2fb8ca2050b13193898a48da639673e706b156b666e8159b6a71d417aca7490c4faa8953776fded46226c7ac0b6465c44729cb452fd93fc961ca2bcbaedbba
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\cmjgfhnpipbddcdmmbcfjodjgpfecdaj\1.0.6_0\icons\icon128d.png
Filesize4KB
MD51e56327668359bfcae26c27defb340ef
SHA1c91bde25817086d9b1319c20b1710b09365a70e4
SHA2567ed951f0a157dac2b42a2b003fe76e085017cf425c827b05bf759ebb55db3d6a
SHA5125cb98cfe15c3be976ee6144657eccc05d2104bcab2b8368d1a570395c1c726fc81fe4aa09236fb8dac12c43bf12020449403ec6400c4d9cabff879f4dcd656e2
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\cmjgfhnpipbddcdmmbcfjodjgpfecdaj\1.0.6_0\icons\icon16.png
Filesize605B
MD5c63f512ccf8d6ef497fccbc53c1f950e
SHA1f04e832d89b4eb315d6979780ec6dbfc25361abb
SHA25609780ea3eaa0a432b03214025febb59c28fd6e105a775f065037c5e9720fa150
SHA512f4bd4dfb891c49a36cae8e796e6333984ecc081d259c496fd5015683f9779cfe1ccc53c31185f6d2f14c46ffc66032f6a69e9698baa12c5b9b439a7200fcf5fc
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\cmjgfhnpipbddcdmmbcfjodjgpfecdaj\1.0.6_0\js\background.js
Filesize29KB
MD571215d3e85aa687d34ae441706bc3e9f
SHA1597bbec974c3f5f5b2eceffb1dcb870b7bff84bc
SHA25655345b40109f7c1ee0e67da02202919b7b23e47b14651a19986bb535d2d8bd8a
SHA5122d19ea31a5903b6d638a6f0dbd27d69b61dcd4d9e8e1f916de8f4cee9c1fadc2370ded95b93443493b718b30c16fa5ac61004caae9d144dc2f8ad77144a34b12
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\dkfaejedefgggmibkkddljhbafdcdgjn\1.0.6_0\dist\contentScripts\style.css
Filesize38KB
MD5a2de90a2190cef036f2c6df8ab8f00e4
SHA1d2c76852071c134e386b54d0163640233e8b854a
SHA2568bb83055b42d5b706abb9b10afa55c189f2e451acc976c78430c3d91f555c817
SHA512761d49c55530694df775138dd078c5b7ac91ad2ff561d00df824bb70ec7d63b6e886ff75e195eac6277c535511618bc2c034e2db7693329886b4b87696f7dce3
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\hbgjioklmpbdmemlmbkfckopochbgjpl\1.0.0_0\preferences_schema.json
Filesize7KB
MD5a192304f63ef26c80086f835cc4b7ada
SHA16963e90e752209132b728a938844c4c64dc94d43
SHA2564f72309f9378f04b3f1cb8f46b031ff513ac63e5056d96272f2bdc6d39dcddf9
SHA512be619909cd0c3465966a4018847310c1493bfdecad6f07bb28293f3dcea73dc377f5d52cca040d626368e17828eae28384fe51d20c4a71925c5f31eea8e18561
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\mccchmdkmjpgjlhckmbinjaioihkcnkc\1.1.0_0\icons\icon_active_16.png
Filesize581B
MD5651fdd0b8211535ffba66e151cb544ec
SHA1461183aa5e20f49418d1155bc3c2c200ea6b726a
SHA2562a9056415a4213c72f35b23b5343c8ad8a724a44a1f4a5e3f404f2cc404aaeab
SHA512bf98f57b44fa1c7b788ac056f5e441d373d5be389b54d93d57074d1f5eb8ace11e23c1a7509b5150d7edd24c4a13dd15ea42b6b162b4ad0b4d81aeab0f9e0090
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\mccchmdkmjpgjlhckmbinjaioihkcnkc\1.1.0_0\icons\icon_active_32.png
Filesize1KB
MD5c659bedc1017f7d06527616ce6d30791
SHA1a7327ad8c57a71cdb59c4ad7762ac16f8d1970ec
SHA2569fa3bd9fce21003ecf139260e2e8c5330a2ebe2f6a396e02e6fc52a42b4b7867
SHA5124685568aa0d6f8f22aebd1dc77eab31b2764739540fe5d5e1e47bb874680c4bbf8dfe20ff960dd7a5a51c8a37fb3df68529a4d263e8b2fcf544ae40da9c266ae
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Extensions\mccchmdkmjpgjlhckmbinjaioihkcnkc\1.1.0_0\icons\icon_disabled_128.png
Filesize5KB
MD597198949b5ec1d4a24d23879df3f8ea5
SHA1a5a0b55c98e67faa98e832ee590cab44797d9bb3
SHA256c6b57c062be90cdcaf56ff6c9c05d5753f285733bd191c6c391ccc2649549e37
SHA5125de84e22c3a88085194a470e0e57a9ee9126b24bb1f2b6c3824b2bc5ef540770f7059341036f169d26dfbc31223261187c8df4692ed36156dfff4f38b845c573
-
Filesize
8KB
MD5cf89d16bb9107c631daabf0c0ee58efb
SHA13ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA5128cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0
-
Filesize
8KB
MD50962291d6d367570bee5454721c17e11
SHA159d10a893ef321a706a9255176761366115bedcb
SHA256ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed
-
Filesize
8KB
MD541876349cb12d6db992f1309f22df3f0
SHA15cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e
-
Filesize
9KB
MD561acff0356c976e65c013d23a533a584
SHA1820d40d5ab4161d2f738c04ff61d637d9f0e8184
SHA256855486d64ca13ede05a9989933d25c346558f1983ddf19a1f75b4ecfbaf40ea9
SHA51277207258353d9d4bc787c62c5e663250b762c35d0f92e7ac4c56a23e8155037489acb886208421fa7c70c8990fc24f67910488ae36ae23170db4f7523ab0aa05
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Network\Network Persistent State~RFe67105d.TMP
Filesize59B
MD52800881c775077e1c4b6e06bf4676de4
SHA12873631068c8b3b9495638c865915be822442c8b
SHA256226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
2KB
MD593b891d9df1c3f8cdda525c611ec5da3
SHA12e9a79ca8de7e69ccbed298c37434095412b1e5b
SHA2564095e4d50fba9a68607a9a11eb21742c305992e9bedf54f5f5257273cd57d767
SHA512d47e1330b1fdabdb7b6aaf0dbcc01c6091fbb7ea46127632850e63f43c72d666e4840614ce11eeaf6972437fbf042be1865faf81a6b6fa56cd82d2fa092f513e
-
Filesize
5KB
MD5bc171b11909d8aa473dde9d3e98942e1
SHA1fb51343e84ff3c3fd921df9240a3f0098977e777
SHA256ea5a7c51f9cdfa538903ecdebd7e61c55ec328fabf298dea9b7eb5c3bc509c1b
SHA51284e57590db6bfa9ab6f4cd60bdfa3aac73d372b2d3e56a000bccf472d2a1774b70fbec61a734c888d78b69b80930dfb591313abaf1c502c6cf3e5e3ea7c82689
-
Filesize
9KB
MD563313b63bcc827fe13f5a763ba846e5b
SHA10eeb14a71975446708dc89fe62549a1f343998dd
SHA256251981a1373123b5564381771aef4e2740d56b5d986b0c0186e52599ecb35417
SHA512ab8e4bc37aa444b95580d450881e52523bd35995cc1a50788a8c2276132082feca7cacde59f2df0086811cef6d2fffcb16f9032debcbfe3cbbf2006b96d13f63
-
Filesize
2KB
MD543de1dac17367294b90ab975eecdd5ce
SHA1742bedba25535f64c8a91b26ed62aebf34375c69
SHA2560dfe53c3d7ef3baa7f8b7623902e9b94e1b688b486889920e2d1522c445c86ea
SHA512c777269328d20d59f472d135a4609683a51fba1d6f558a9bf6f962ba9fce392c4a41a5999daf79141a1609aa7f76a4da60fa25be2b9c1ee7fea9e330807caf5f
-
Filesize
8KB
MD58a7e41405d8a0b4f019561e84402a9c8
SHA1fa70a9a90a1524cb91587d21b17a25ff66ae8b45
SHA2565a42db21ae64db903fe50e88de13641d194f9c307f1435d87e143e6803c01f45
SHA512561c09a77860040567ebedcde08fe6f0f768e5aa0d060c1670a7d3717e973328edbbbb61664918afa0880e606ebe73fdfd9d5261d272b3bc298edb5b881c40b1
-
Filesize
2KB
MD56197bcb1ed9cf230486f17c4f246b04b
SHA129a0ed7c10a8ade579b052920eae6259d81dcb77
SHA2561f97194a511e9e065dc6fdf636452b7b159d5294eda62f90f2603e165c81ed03
SHA512cf46a6ff8a18593f8030492635b3f65672fda4ae18726239af18be7ccd3086d92f8c2f6010cebef70e0fe3e54409b068e355a7d4ec4df39c3ea10785248a7ff7
-
Filesize
2KB
MD5cf0e7b2afff159b11f5a607b052e3a8c
SHA1f2ba656f27ffa028ff49c02f3b6f8ea1e0c8a17f
SHA256e1457ea9f075438450e3be27e29485541770d9b6b40fbb1fa6bbfee3d754090a
SHA512c28bf56507af065dd09c73681f076bd8ab61f23d836c602d0c0f808fe28324a7ef0ab88365518ee83749c3a3b55af1008b4577cea113f042b698d0c99cdc3c5c
-
Filesize
18KB
MD571a0b95784f099f5260d42d1c90d4917
SHA1da0057322b8a037eeda356c8de33d5449e7acd29
SHA2561838b7b8c650c5b3b81c3309a7f0d08416077599135dca882c17fbf7afcac9ac
SHA512cde1266130dc6f98602c5c4de5c6d227a2a70e006f3f0ebbee77cc96291a0212c85d08176cee340198e77f307e81a9fe23b51425219308b4808fa4801adabea7
-
Filesize
19KB
MD5ca958adf5ce8f6d04f5ac2334607d41f
SHA109e0023da5096c9d322d77dcc69fd912a201b371
SHA25688b6d095cf65a4b127f0d5460e4634c428dc75085166ba05895b0941f46cd5eb
SHA512b54e7c03486c278b1ec425b92267541db0b6b36db349deb0ae3b278fa03d76c3401ce7e8742d7028b5672a2375e007207d2cf7c2fba8d5cc20091d8345941e22
-
Filesize
17KB
MD5f0049933f970e26ddc18ad3c2723bc0a
SHA1246c13006412a63b6f6d1353183078e7c03a61bc
SHA256305f3a80287f4ba9805542f2a2aa29bc16258086ccf27abfac47390dd595e155
SHA51234a825a2f945eaa220b7a3b382b143e9bd953c1404ea58bcb5bfa5bb2be89d4dbe0b9099d1700341554b182b5078a03a96120bb3420db4d7f44e22507aea6584
-
Filesize
17KB
MD52d10bb79a7e7af974c89281ac3fd2e9d
SHA197e557e69373a10396894ef791e02ea4cdca3f4a
SHA256226f2c2e471acdc58f51f314837f9e07f799cb6583269c69ee43a701558eb082
SHA51273f17fe0ab8fcb69486cd982d28f2dbd28979b557a9ac62fd11d03529c4f7094e01744cdf2c9dcc10748bf227a538e52512c6e2f0626e621c8800c4cc4d06979
-
Filesize
18KB
MD5951026d5bbf6c49c0c316ff76ead1ba2
SHA185dd345e453d12c23171a53912e9c3222f000f62
SHA2567057ed2273d240fe41c8711dabdb5c88751de9ff3e4a78f0d6a8a2683e081aeb
SHA51293bac5b3a0c36fdd67416eee61d4f139dc663cbde280580f350135bbad9b94e4080ce7f198f1f2a5a55191ce2060444dde3e9aad28113734f291948f35e94770
-
Filesize
18KB
MD507b602d874edc9fa5f41150beb1c51ac
SHA10a33f4cb3ebf1bfed94de7902c1bb3f1cd7b104f
SHA25629bea5a6765405e140740d087b45e9ef3625b903d3cb5ded4d1b8ad88bbf2ca1
SHA51203e86cae89d8c7aa5d181657d70bffd1ee894c7bf52dfcffe5ad88bd76c5a530d8b3e0179b08c39039fe098966e00fa415b4a1b4dd2aa1cb6b38c79ab8cb85c4
-
Filesize
5KB
MD5b6a8b11fa8b889e3986f2e4770858815
SHA117000dc1acde30db214031628a6a4378fb39f01f
SHA2569421d7ffad480cf319cdfcad85ea78d70428f6cadd3b93a062c7b0c2d237a3bd
SHA5120dff91094387d7ea5d8eeb48502c6bb218b8435c6cb32e1ba7dc1bc781f1049e3c1fc1926287fc6120405f0bce8abc9824b9e507c8dec4b84c5e1e1781ddffe1
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
Filesize26KB
MD54285b5cfcfa642d0cb7468fb917e8ee2
SHA189ce6c3816c9a2bf41b499cbd80a3547604ff590
SHA2560924689a8754d180f0f364206acd6a5f04632fe860145a5487105f6e2d0684e2
SHA512c846b278354157763b670fc60dff88b42a5b1b1433951c302e2fe7792641f520281ead53055fb34627816222b73c4b2fc3b4ca6a31bf49369930c2bd1e0d8219
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize288B
MD53cab0f503dcb19b0a3347dce84823883
SHA1f5149208664bb123ac0b2d76d04f4fe140413a54
SHA2564d8e9f4014ae400eb2931e0bcb3001e1ac93e721759abd6cc8c857c142f9b579
SHA5124c89ce55e46ed693db330f545f047bc510a30d0eaea912adf305b56475165dfbe39c8a9f4eee6c1b78a18c0c66398f124c6f22a356cd3f91ac23afb9578ba860
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize264B
MD584fd6ffabb0c3b452b0af928f9825a0e
SHA1db3beaece57ff37b9cef315efac4136d02ae23a4
SHA25661f60dc8ede0a4dd5a9fd84d7a17b3e237dab089d6f0bdf2b7ae12584f3b2be6
SHA51263cf32418112d01cf63c9b32d6f80d39207f3fcd5ac78553bb43d94c8b7a08b3831d8b3c252811bdec4910e6c66a0cae0c3fb90a2117a321dfc0644b8fcdb181
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe66745c.TMP
Filesize48B
MD56b175a6ecd93cc93fb5aa42a43539ab1
SHA16ea31ce834445379ab9d5b9cf995bd0062ce226c
SHA256e889f7d9d4aba188e91d75ace63f4e6c2f38ac0edb2793da840090617e9a5b05
SHA5127e7e47a53d0ac35892dedd9c31ae027e0059e2fe580175c150568df031d318d5602fa10ff9bceda19041c8b5b9fe535d06e370e863b361034602bde34ce6c4a8
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index
Filesize72B
MD5b7221117c44029fbdb08cc590b00ec63
SHA193cfa1aedc8a20d653c200eacf52453675c25b10
SHA256efe21fcb9bf648160ea9af369b08694c0bbf595f1c903e752d1a91e64f72667a
SHA51209894f7fd445bb4eabc7241e5d8a686e62072653a468b63e5d6278df2c9862c8ed5ae331becce9686d4fe8c41b70cfac610b5125af9db6480e28a913526a965c
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index~RFe674c4d.TMP
Filesize48B
MD5a3062f24428f503677e67c38f53f5e46
SHA15c9fad379d315daf82d63b00e8ae1a49dd1420a1
SHA25630e2a0f836ba15ea61bec80ed0b28b5c61a8f00dd4a32deb21533e905a618558
SHA51243bdd7134b85b336b2bd8647056eeeb0d2ca4739b1a7ad63986fbd1f0a047daea1c862f83b487da61db1c99144b0f1faab88903abb2b75182144effed0f95b44
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\Default\Site Characteristics Database\MANIFEST-000001
Filesize41B
MD55af87dfd673ba2115e2fcf5cfdb727ab
SHA1d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b
-
Filesize
45KB
MD57864051b08e2206fafcb133d975d4ad0
SHA1b7c1014cd19f2d8372319aaa483a786eaa6e74af
SHA256ea0306efb6568c72359d07c5f04e9579ef63cb211d0e3dd7bac616eeef34eb15
SHA51206af930ea5706622fecdf4bacc09c3f917dbafb9220c89ee57a827486afffdc8226f291819758cf4de9eee892da650aefa0136f04ee9e771ef39ceb518df900b
-
Filesize
4KB
MD533fcd8dc06a2348eed6772b495f5e4f9
SHA199478363b616c586e78bdf74fb7d78deebd071fb
SHA2561cd0789f1af94cf00e75958ba6e20da4f6cb7ba7e4d3676d589becc7887e2e0f
SHA5120188daf2a90d81e8626369c2e90c33e34331e7b3029b139df0f2df822fdbc48de6ba65a10c83dfe11f1221d8f41f1002dfa1fb9e7ed5eda36ed02b741c42a5de
-
Filesize
9KB
MD5465bdffd9e3b173a19a1ebd6c32a9ce6
SHA1cb639276f6bd92d91ad18c7705c65496d1252dd9
SHA25673fa13066f165aebe6cbce963d13855fa621a69a90bcc644991481af1ac1b41e
SHA512795e28d076fa4f5d6bdf5742ac65508d229edee20c638e835694f3186e9f5c8f751c335b93829a1648f64c81ab16fc19d2b9cadccc2891f278616ce90c8983c3
-
Filesize
9KB
MD51be8d767ffa2ad25515be9739b1463d2
SHA13c83f1591b92a1eed38c7794bee3ed980bd56607
SHA256211ace5238cfa33b2be62525a45ee8ae9fd29fd56b6c4bc56332d7d5c721bdfd
SHA512ee3f0019b0f29e63e54031818a84c5ab6a2e974c0a0edf212bbe3905e69ed4ffb85ac8d68d9027c06405debe77d88d9da51794e7fb7ac7d3de8f375498015c53
-
Filesize
4KB
MD53ddcd909af75496cf259398350437bec
SHA1b6470829ea657303cc091528114ff31209594c77
SHA256404ebd43007ccf540c2d03ab06ff918c864afb4767bf094d0633e77283e90695
SHA512a77f2ac124a144f698387a9d26d7c0650de58f9790c306ee250df63ce25482ce391199db0cf4486c00508a8f7840484495ebeab678fe3301d9cab04617ac2ba0
-
Filesize
141KB
MD557086b02f74c3fe7b79a5e2e3d852322
SHA16420387225ddcd5210175de4f3fdb0ab2be8ee9c
SHA256a1b5be8d4aab349aff58ed34e1f3bc6647cf440830da0a12a8bd5a1c976c6407
SHA512b195eb9a9129863e75be603b00b85ecfe46360910529fb38513af6940f9d17efd56f234b47963452329cd85b16bebb5a85ab5d304743e57d33bafd5b59900468
-
Filesize
11KB
MD5dcbc21f395b3f0ae00319a1469e7fe1a
SHA174174899e2274d4b2956b31758539ae12bce37ec
SHA256c114d5c460c137a83aeacdef44b230b491fde87aa26c01961189f4ceea80f79f
SHA512bf19e962036a3b43dad5b928ff379e838c66480b2c7fba6029379d005ae6632c24b74aec950a2616e926eb44e4d8dee9aace66c6fb617421a9388d7d8d2f7aee
-
C:\Users\Admin\AppData\Local\WaveBrowser\User Data\PrivacySandboxAttestationsPreloaded\2025.1.29.0\privacy-sandbox-attestations.dat
Filesize7KB
MD5e623ded1aeaff55f295542a7f39b0ebc
SHA1ab5dca152c870cd5ef4c0152ca4aaa01d14fffde
SHA256ff83284a4f6f79a0c495490f2a4add1f755d1cf75d4e9e5029dd74f0c349cdd8
SHA51203efb1f153ff2286380b4d321e719bef8e871de0f2a68bb6a3f578e3576b61e5e4bb7301580351217ed883c1f2488f8be60e91436cb93747878bca53fcf605d6
-
Filesize
2B
MD5f3b25701fe362ec84616a93a45ce9998
SHA1d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA51298c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84
-
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
Filesize10KB
MD5ea8abb0968574ef6aa3401aa1c98d39a
SHA155c1160d1496c7825955918a62cd27194f1c6cb9
SHA256b136aea80d3a31ee2b020abd65159e289412329896af5f1308f6c0e157836bb2
SHA5120fa1b8a5299c42ca2c20431185759d49a6770abd4723e618ca3c6eba7ef25e8d713a850eb5e522fe2438663ef8d344d8b8bd84e88f244d80c1a979d414243e51
-
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
Filesize10KB
MD522cd32c762d0dff8f8e763a648eea998
SHA12421d7a7470006ba9ea71f1339d59e85909bea24
SHA25626d9352a24559c0a0c9745695081c095780a3f04d3b816408632ef76249ae6fb
SHA512c1cb6127995636ff113a022e2d608ba3b783ef0e19a77fbe257c2b5b17391d5ec3f2f77d2a1bd699556264b45f994938709ff46100dc911763a464d5bb66b069
-
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
Filesize10KB
MD57c5f20df505196abbafdca85f85883fa
SHA1902d945894503cb1464e958b2dd4d579feb5952d
SHA256d928fab32e49814fab3d7405093bfc449cf4868b3fac0adca2d2a9c28f3dd595
SHA512715bb9a02d0743274183b9a38935eb6a4902a689ee1d7e757e3fe776004f131c57e85b8964bc2ab11585f0a5607ca7a94da08090eacf3449f6a14c4a773a0195
-
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
Filesize11KB
MD5bd496d0ccf23f3055c70f620f041902b
SHA15bbd48892a27171683cd20ef2eab38e4a4a061f5
SHA2560d9ebdc425a3db943373e7d68189897e26276ac425c38cdf068f47f70097598d
SHA512694af9a38839ce15f46b727bd369eb01cfdfb31a82a4da89fd4a31859cbf73a449ac142da7b3fefaafb55d1c8a3374ae6ab89ceaa9f6f3ba0ac34ba5c340af70
-
Filesize
2KB
MD5e2cbfded81856e7788d16e2e0d4a9a21
SHA17b581c77e574b54290b090aec205bca28cacc020
SHA25629271be877cad1f2933144387ff284b193971cd8712acf92e163f9689f23c179
SHA51236e22249a90609ec2b95e9d4e26f621e4879e129f1fb488bb86ac3fc0b981352b15b8774fc7bf725e6b774ee8e7a68a154285d046910f02314f2e2b3ecedda68
-
Filesize
1.2MB
MD5c9db6b5c84be13a43ad23cc204e4bc52
SHA194bd6634303205715fd04f8aa10d75158390e4d9
SHA25677200156d4773175d341aad11ab23bd52445065cd95060348da17d083dc27688
SHA5129273493c5e5ea24b2f5ee219fdf849546e85b3f5cc24c970f1ab6fdcfe961d96ca6fd41c96f9d915892ab24ce7ff409f0f5a6569b0225e95d36afba51615f8d6
-
Filesize
5.8MB
MD50dc93e1f58cbb736598ce7fa7ecefa33
SHA16e539aab5faf7d4ce044c2905a9c27d4393bae30
SHA2564ec941f22985fee21d2f9d2ae590d5dafebed9a4cf55272b688afe472d454d36
SHA51273617da787e51609ee779a12fb75fb9eac6ed6e99fd1f4c5c02ff18109747de91a791b1a389434edfe8b96e5b40340f986b8f7b88eac3a330b683dec565a7eff
-
Filesize
7.3MB
MD54a2d895aa6bb027fb20d16f09334ec55
SHA1b3de5ce877b672aeb249aee0cae6fe93e5eb79aa
SHA256cab25639d765d84ed24e9cb9e833600cdf20c2cf019a6d5f417cab6bca53184c
SHA512d08ea449f36c2bd100c53ec1de56c5afc13e46f637f9f1ec3bfffef9d06fc626eb7019b03dd63c1d3bcd506164acbc56d43ef0349c2c660d3906190e17cf1c2e
-
Filesize
190B
MD5b0d27eaec71f1cd73b015f5ceeb15f9d
SHA162264f8b5c2f5034a1e4143df6e8c787165fbc2f
SHA25686d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2
SHA5127b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c
-
Filesize
190KB
MD5b483bb4c375468cfdae4a2ed4e40d056
SHA127311ef3b6a323335f46c4e81889a77ffb1b3002
SHA256df80d9477a45eb1ff233f3d361a1d82729c368987de14c09747df0f959184902
SHA5120116e83611626c27099a0171654a4f24d64c0c901bc597bf168f889a300a1f3aa62ef48759a78081fa1add6d82a8dd63d94eeba1d828d1aefa8ef17d2b0fb141
-
Filesize
108KB
MD5b282ce9b81f606d1c6cbda554dcd4efa
SHA17554ca07096a2e410f2cd3c98beb7b7e6be27f3a
SHA2561893941e9dd1ca1296e7f575a9442fa1cc53dfeaf2d1bc94d01608ba9e7e31bb
SHA5129e71f3cb4ea67831dbee5bb4cbb2dbd9f8ff8ffd1158fe2fcac41c89169a9aa3236c8d163f7d4e9df5e2b70ba2be20fe3af97bef70be40f45dd11acb5b4bc184
-
Filesize
4.8MB
MD5e50f33a6b1a15184a9790b61c41e2ed3
SHA198af62c1002e5fd4542251ce1c6f3c199bc339d3
SHA256c228a12ff1460bb8dd5e03d22cd897bed46a220141bb1010f36fbb1c27c8da7e
SHA512240ab25538e46a855ddcb9773267ab6ace09a1784ce95ea61f6f3dd1a6ad0c7102277c2133a6e75e7d18aabd168fc10320148748b9f1881eea4046922e2c2839
-
Filesize
4KB
MD5333335a24318148aae1c30a721726922
SHA147bb5b84ef81fb0fe33bef88be66dd33c982f44d
SHA256420c315a017ec3b2d2641e7d6730e373c99d3763d222663b7fcc10d8aaa15ea5
SHA512508c5b406293d4b7675e5eee413c186b27554e9327d09df257a569ca0716de334e8c9c1bcad9d387276e3c3cb23f8502a4e3bfb532ad62dd5859fcd9b06e3d95