10155e8a3d0746109004fff991656a0e8a80b4e2867fc7bcd8d74ac8f12af011

Analysis

max time kernel
264s
max time network
269s
platform
windows10-2004_x64
resource
win10v2004-20250217-en
resource tags

arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
submitted
18-02-2025 09:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Baso Network_2.1.0_x64-setup.exe
Size

23.3MB
MD5

540d44f9f7ccc140cb504778b044ea63
SHA1

a212d4b8d9a325741053a17ff8a25443f6801430
SHA256

10155e8a3d0746109004fff991656a0e8a80b4e2867fc7bcd8d74ac8f12af011
SHA512

ffda2e75e440be3aae37c0087e42191adcf67f108de9c4de566f7f67aa29a5dfbfbc33ba6083bfa876f1ea51f86e9ff5617ee5d04bc22824c5fd8936c8a250c1
SSDEEP

393216:wpys0GZx3fLJBT/RBnbUCGC6F+wrGj49/2IlNWCl0/vq/5Az6nzLNtVMEay8Hdkk:wdP3fLJaTp0ElNncvqienjVMtdjUVhAn

Score

10^/10

defense_evasion discovery trojan

Malware Config

Signatures

Suspicious use of NtCreateUserProcessOtherParentProcess 1 IoCs

description	pid	Process	procid_target
PID 2492 created 3408	2492	Baso Network_2.1.0_x64-setup.exe	56

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-100612193-3312047696-905266872-1000\Control Panel\International\Geo\Nation	basonw.exe

Executes dropped EXE 1 IoCs

pid	Process
1452	basonw.exe

Loads dropped DLL 4 IoCs

pid	Process
2492	Baso Network_2.1.0_x64-setup.exe
2492	Baso Network_2.1.0_x64-setup.exe
2492	Baso Network_2.1.0_x64-setup.exe
2492	Baso Network_2.1.0_x64-setup.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Checks whether UAC is enabled 1 TTPs 1 IoCs

defense_evasion trojan

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	basonw.exe

Network Share Discovery 1 TTPs
Attempt to gather information on host network.
discovery

Network Share Discovery
T1135
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Baso Network_2.1.0_x64-setup.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedgewebview2.exe

Modifies data under HKEY_USERS 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedgewebview2.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2492	Baso Network_2.1.0_x64-setup.exe
2492	Baso Network_2.1.0_x64-setup.exe
5056	msedgewebview2.exe
5056	msedgewebview2.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 1 IoCs

pid	Process
3216	msedgewebview2.exe

Suspicious use of FindShellTrayWindow 3 IoCs

pid	Process
1452	basonw.exe
1452	basonw.exe
1452	basonw.exe

Suspicious use of SendNotifyMessage 2 IoCs

pid	Process
1452	basonw.exe
1452	basonw.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2492 wrote to memory of 1452	2492	Baso Network_2.1.0_x64-setup.exe	91
PID 2492 wrote to memory of 1452	2492	Baso Network_2.1.0_x64-setup.exe	91
PID 1452 wrote to memory of 3216	1452	basonw.exe	92
PID 1452 wrote to memory of 3216	1452	basonw.exe	92
PID 3216 wrote to memory of 2072	3216	msedgewebview2.exe	93
PID 3216 wrote to memory of 2072	3216	msedgewebview2.exe	93
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 4748	3216	msedgewebview2.exe	94
PID 3216 wrote to memory of 2352	3216	msedgewebview2.exe	95
PID 3216 wrote to memory of 2352	3216	msedgewebview2.exe	95
PID 3216 wrote to memory of 5400	3216	msedgewebview2.exe	96
PID 3216 wrote to memory of 5400	3216	msedgewebview2.exe	96
PID 3216 wrote to memory of 5400	3216	msedgewebview2.exe	96
PID 3216 wrote to memory of 5400	3216	msedgewebview2.exe	96
PID 3216 wrote to memory of 5400	3216	msedgewebview2.exe	96

C:\Windows\Explorer.EXE
C:\Windows\Explorer.EXE
1⤵
PID:3408
- C:\Users\Admin\AppData\Local\Temp\Baso Network_2.1.0_x64-setup.exe
  "C:\Users\Admin\AppData\Local\Temp\Baso Network_2.1.0_x64-setup.exe"
  2⤵
  - Suspicious use of NtCreateUserProcessOtherParentProcess
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2492
- C:\Users\Admin\AppData\Local\Baso Network\basonw.exe
  "C:\Users\Admin\AppData\Local\Baso Network\basonw.exe"
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - Checks whether UAC is enabled
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of WriteProcessMemory
  PID:1452
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=basonw.exe --webview-exe-version=2.0.0 --user-data-dir="C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --autoplay-policy=no-user-gesture-required --disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection --lang=en-US --mojo-named-platform-channel-pipe=1452.2164.15149576330661296029
    3⤵
    - Enumerates system info in registry
    - Modifies data under HKEY_USERS
    - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    - Suspicious use of WriteProcessMemory
    PID:3216
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=132.0.6834.160 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=132.0.2957.140 --initial-client-data=0x15c,0x160,0x164,0x138,0x16c,0x7ffdee1ab078,0x7ffdee1ab084,0x7ffdee1ab090
      4⤵
      PID:2072
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=gpu-process --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView" --webview-exe-name=basonw.exe --webview-exe-version=2.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=1728,i,4194961860022956318,3323059336071247655,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=1724 /prefetch:2
      4⤵
      PID:4748
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView" --webview-exe-name=basonw.exe --webview-exe-version=2.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --always-read-main-dll --field-trial-handle=2056,i,4194961860022956318,3323059336071247655,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=2068 /prefetch:3
      4⤵
      PID:2352
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView" --webview-exe-name=basonw.exe --webview-exe-version=2.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --always-read-main-dll --field-trial-handle=2392,i,4194961860022956318,3323059336071247655,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=2404 /prefetch:8
      4⤵
      PID:5400
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=renderer --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView" --webview-exe-name=basonw.exe --webview-exe-version=2.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --autoplay-policy=no-user-gesture-required --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --always-read-main-dll --field-trial-handle=3616,i,4194961860022956318,3323059336071247655,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=3624 /prefetch:1
      4⤵
      PID:1732
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView" --webview-exe-name=basonw.exe --webview-exe-version=2.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --always-read-main-dll --field-trial-handle=4128,i,4194961860022956318,3323059336071247655,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=4240 /prefetch:8
      4⤵
      PID:5344
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView" --webview-exe-name=basonw.exe --webview-exe-version=2.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=4552,i,4194961860022956318,3323059336071247655,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=308 /prefetch:8
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:5056
- - C:\Users\Admin\AppData\Local\Temp\Baso Network-2.1.4-updater-Jfp8Ys\Baso Network_2.1.4_x64-setup.exe
    "C:\Users\Admin\AppData\Local\Temp\Baso Network-2.1.4-updater-Jfp8Ys\Baso Network_2.1.4_x64-setup.exe" /P /R /UPDATE /ARGS
    3⤵
    PID:404

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x508 0x3ec
1⤵
PID:4828

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Share Discovery

T1135

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Baso Network\basonw.exe

Filesize
37.7MB

MD5
65882b333fdc6a16f7014786aee96626

SHA1
efc036d6ec98eb9c7840c08055f2546e72a76e53

SHA256
506103409670ba91e0574d96517e913ad6a0edac9ffb55e32297589ad101475b

SHA512
b699eece4466d243bf112eb532dea2ffe84aee26d81b5da6bebab80bde5a46e2687076d384e912007f0ea1de722d6d3c5e95c369dfff3055c10054eaa01d83a4

Download Submit
C:\Users\Admin\AppData\Local\Temp\Baso Network-2.1.4-updater-Jfp8Ys\Baso Network_2.1.4_x64-setup.exe

Filesize
23.3MB

MD5
5647fe9874b762a854bddd0de5f5305f

SHA1
788abf5cdc8402fa7b048faf1f25759b75f57326

SHA256
39638c94323ea1f330fd719b7559601d73bde692707b8b18a2276e71dc846c21

SHA512
c4a599e79cbccffbcb3752e6391a42f8402b681ba77b8d2dd93383cc35da59bad826b41158be46452bd9ca3af84e169b6f959a17f8e692166eb3250c27fa95c3

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsdDA45.tmp\System.dll

Filesize
12KB

MD5
cff85c549d536f651d4fb8387f1976f2

SHA1
d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

SHA256
8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

SHA512
531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsdDA45.tmp\modern-wizard.bmp

Filesize
25KB

MD5
cbe40fd2b1ec96daedc65da172d90022

SHA1
366c216220aa4329dff6c485fd0e9b0f4f0a7944

SHA256
3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2

SHA512
62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsdDA45.tmp\nsDialogs.dll

Filesize
9KB

MD5
6c3f8c94d0727894d706940a8a980543

SHA1
0d1bcad901be377f38d579aafc0c41c0ef8dcefd

SHA256
56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2

SHA512
2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsdDA45.tmp\nsis_tauri_utils.dll

Filesize
29KB

MD5
c5bd51b72a0de24a183585da36a160c7

SHA1
f99a50209a345185a84d34d0e5f66d04c75ff52f

SHA256
5ef1f010f9a8be4ffe0913616f6c54acf403ee0b83d994821ae4b6716ec1d266

SHA512
1349027b08c7f82e17f572e035f224a46f33f0a410526cf471b22a74b7904b54d1befb5ea7f23c90079605d4663f1207b8c81a45e218801533d48b6602a93dbc

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\05a71b4d-203b-437c-a744-56b62bf1feb2.tmp

Filesize
4KB

MD5
d8c5703d815412fcb4ce99a9d75d13c1

SHA1
9b08c7bbaebda7afba3511e2fe285234dc6e2d21

SHA256
940dd315a409e4853817a86ff89919b484fe502beda0cc2447dd25814b0ac6c9

SHA512
a0772ef546607781bf2ade29e7888c90b5f7a83735a7f6c0c60176e46d99cfad77be52d7436a46a1b89e06240316fdb5d741d8d989f828f72f3c0225100dc6b2

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\5ae098f9-899e-4873-ac08-84762480445c.tmp

Filesize
4KB

MD5
43f23a73de0cf560450638b23f1ccd01

SHA1
5feb14b2afb874ad8ef80f6f79030913c1bfa0d0

SHA256
4cd6d994d5dda3f00a6c384b3c488043496e6db847e9dd92216e8be90c27024d

SHA512
b2cbb029b42e7a76854de9c90dd529aad96aa1a33392379d621fc0c33a15f6440fd2619824ff2c439e6394ca05d430374b18e88fb651a7f1c386e2b61c1df84b

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Crashpad\settings.dat

Filesize
280B

MD5
cd0f8c693d22ed9558d404c883454815

SHA1
83e5c3c5d147049f3f069b5c9623037948e89893

SHA256
567bb3ca2461e3b686d56c9e25749543a1b36497fae0b06380d90959309e8923

SHA512
df6eabdc4e8b332618c94bdfe79242c1e3cdc60de038d0e638da920980d13e42ae133e3252adeee39701b4a2c5a73b907f4521e88382452940a61e32b60ef92c

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Crashpad\settings.dat

Filesize
280B

MD5
635fe099ac76e5273c5083e644ef4ed1

SHA1
e75969adc3a14ad133e42be104e7877c3a70a89d

SHA256
73517cb8364e8e687989869b9057c9724e848d13d2f5810289b6a5dcdc5b9419

SHA512
5baf0b599eba194b6eaa714c4d098f526ec25ff06eb6bf87a507031a4e0fce9a827b7b34398488985ec39ba0b95bfbd6ff0cab66f93fa949faa137d2742a280a

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Crashpad\throttle_store.dat

Filesize
20B

MD5
9e4e94633b73f4a7680240a0ffd6cd2c

SHA1
e68e02453ce22736169a56fdb59043d33668368f

SHA256
41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304

SHA512
193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\4d582dac-ccc7-4b1c-8030-d24e10029e14.tmp

Filesize
6KB

MD5
f32829549c2a0d6cb8e370e3c5edc314

SHA1
fc686f98c5220a6e71289617fdd821606a02a407

SHA256
e2304a799abdd7ce66f5cf2c0a628e9a93a5cf87c828278c1e92628acc4969cd

SHA512
d9762643742d0490cdfcc25724ac32ac47275959af12e527d037c44b3afd22064de05e1129a8d90279f649d5a3193197f9975aadc6c6cdc8cbf7b5ef162b9fc9

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\Code Cache\js\index-dir\the-real-index

Filesize
48B

MD5
ce893f657286ebf136c8c8f3f72e1d87

SHA1
7fd093d689c5a16561c23346b7f20a6ec2a041c5

SHA256
ef07ac9a43d150d8baf8b912dd655daffc625a8c79d0d8a3fa762801acc7c76e

SHA512
de384d6ac7ea544b7411f44d5e88a46562f381ecd1908305d22544001a09e69162e400220034b151ffd452fffc4361d92e9cf4e693cdac2491625f8b59e73b21

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
92d5ac215ae6eb1254cc7857f3ec3c83

SHA1
d198123f4d24119d9aec5b0a12c6e16577693d36

SHA256
2504eaff601ab637ac36a9afe2a7053d95e026fa099cf33bf45be29015b9c769

SHA512
e6d6146e3f806ad2ea8391462940baa0a95600ffdbd37d9f83cfa5e062a18a5c4bf436153da117807407d9e3d1c63d8f61b9521293ccf051507d73924ceb08fb

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\DawnWebGPUCache\data_0

Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\DawnWebGPUCache\data_1

Filesize
264KB

MD5
d0d388f3865d0523e451d6ba0be34cc4

SHA1
8571c6a52aacc2747c048e3419e5657b74612995

SHA256
902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b

SHA512
376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\DawnWebGPUCache\data_2

Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\DawnWebGPUCache\data_3

Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\Extension Rules\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\Network\696f6741-8dab-47cf-9ca9-520ea330b8bd.tmp

Filesize
356B

MD5
eb32b48ce05d5f84f751cc6409391ae0

SHA1
cc3792ea9f7c238262e1ff6763f5757176bfc93f

SHA256
4d7c8112a8584efe6fbf9d655c3c1a7ee3da4cf25080176d7aea9f4764b05e23

SHA512
63da1aee706f9c05650f5f673d76cd01eec03749ce791ab3627cde917f005984b07a41e014f963586a3d09f22cdfae180e7fd4754b129769c4c388e62ed119d1

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\Network\6b9739d5-5fef-4a8e-ae38-e336337f8d8f.tmp

Filesize
432B

MD5
6231e247eb2b8eb298dbb3a95f1f0b16

SHA1
8c2b5eca55b0731b16652c71f0ed84a05ef6ffd0

SHA256
99cc09fc5e9e596beb17ea863621c15b49cd5eaa7ed54fbc67527600bf602fd3

SHA512
f6f38168ca6727de4b90f27e71c2e04eebf6fca423a326e1c6890dc0bff282b1205a80c5b16ed77e12d3652d1b41e5f07cde788acb682da9dff6309cf6fd0b23

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\Network\Network Persistent State

Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\Network\Network Persistent State

Filesize
432B

MD5
850e179f5bbf797d7c3e5399b5eff0db

SHA1
5b581669b9d48949c4f9cd93c1d92efcc0bf26f8

SHA256
3d053f0338689ad430986da29de99dc03902f3259934f7c44ca5c37412e59188

SHA512
6a2cd9b2d4661b2583748629a4ac033c4cfd6554cb96d173ff7d2745101295cb283c271fd3a08ca423b24c9d8f7f38111271de29dd44c713b86d7ea8b1427ed8

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\Network\TransportSecurity

Filesize
189B

MD5
84fbd518bbed2c4a249a92f5a89e1960

SHA1
0781672c6e28b02606aee0176b8611903fe62d9b

SHA256
25f0c7626ef35cc601686cabece019ae0d64d0c7849ad3770898d61d3b3c2528

SHA512
8f19cd5adab1d0fa85ad74a27c59d2af0b3eaaf45293d7df6f53dd92f00334a2cdfce78af736da57ee40bd52ad65a56a2b60b08ec48163f0172414579e98bbbf

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\Preferences

Filesize
6KB

MD5
aa3d255f4c6db6a0fbdb93858b0a3628

SHA1
09b9969bb3c31b3c47bfc15c1bb7f5c37c64736d

SHA256
47cc495f172188c16eccb28366bb4de9ce29face965e733b2b2be395ad7080b9

SHA512
d6499eaf83d089e6cecfecd89012062f8e51ae2bcdc86813a9879fc7151ea36169ee6e2c728125e2ba932958d1777bed9f5cc35acd17ff309c333d34513fd0cb

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\Preferences~RFe59c7ea.TMP

Filesize
6KB

MD5
558bc152231e8ecb3bf280f4c2f03ac5

SHA1
4b14e40a42734a0494fb986bb8cab12046820d6a

SHA256
e10f4c80770c7a62241dd1a208752db50a452c6e831a4852efe1e723848535e2

SHA512
f99557c602e1e09128e0ee0341a4e245b269eda2dc313bbfe2fe9f327c86c47a564710df51267d2c12e4a5a6a97ea55426cf15f85078eb216118069552b8a6e6

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Default\Site Characteristics Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Local State

Filesize
1KB

MD5
2ccadaf8647df612cd65ad6374194847

SHA1
8f7bdc96dc490cbd4e6b8467638ff80ee85c9513

SHA256
81209e4fa9389b77a13d74c7b2866196bfa4bf46d52d3c18a4c2228eb9a5a8eb

SHA512
1a05f520ebbe06c100e384d926cb2cebcc4a09c8d1ce1bd30960f1285f3251b50a8378d79c8c832e6935f400356f3590c371754bcf2bd9588be1f8039dd21323

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Local State

Filesize
2KB

MD5
e8f31545ee3ae04b5a57afc349bd7449

SHA1
d5c59a86e610f3777bee843a3e98d209b61cccc8

SHA256
44ee88321dad557d5a3e819c0c2f63d6e55ebd9cb1fe64b049ac01d958703389

SHA512
6141815b2a244f2522e18c5ab8eefe3c2d849f262e9d93048663900c29e344ae3690b675cbd6f96966a5f112e5e8ceb0a9038014b2ab7440fda15f532a844c6f

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Local State

Filesize
3KB

MD5
6d4e5f74fe9f6d5ac863278b14208679

SHA1
876d711cd06b5e8b25d6d0bc8605f148933b1cef

SHA256
c37767c134d65deda5face9598e661acf28536685c53a9c483e93c43e4803dae

SHA512
57d6fa363dd4cb81239549ab4c72463a80d96bf55141191c84ce6a35c154e46239d340992fc53d935abeacf26c0f1013beebcb4e4f3d8756bae84201fa82a260

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Local State

Filesize
4KB

MD5
16b8a40ddb7e23a0d0da973e7af03b87

SHA1
ba6804c8728283c01171c13f8d48b5149238d7f3

SHA256
d28ab528ab3199a5b6a669f52546eebe80388b4aa78ac2bdf6c4fba6cabf43b3

SHA512
399528391f82735beb2f326fa359dae77c5e57045d39a20d29f99afcf160b505e6c9a82ad7f96700fa24aefb351493953b42688b8e8ef94d950f894964b3e39d

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Local State

Filesize
4KB

MD5
f22ceeb15be474b52f53ad8a499addbf

SHA1
15a6d2507cc0ee5df287906c1aec27d3f7101e4e

SHA256
458a7222690820dcad2d18e28d7dbdbd53ac057413d4f6e4993250fd2e4bcd16

SHA512
e858d9fc4730d8444910cf40cdc4d14216d8a373ef15929b86470d240786f608ea41345248defb1332dfadf6fd084b39c293809114efc72391f02e59e7207bb9

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Local State

Filesize
17KB

MD5
46c94cd5f9ae5db0c2ebc0427be91b9a

SHA1
1dacbe4b5d4d4898c711cb21f4efb3542adb049b

SHA256
c17cb9bb48fe88cec3682fc2f9493acbc159ccfe02082113d5a38eabc50e0e60

SHA512
a80f445bfb7f61b689eb17a817e13d69bc7348c9d1d30675af5130f7ac52b736c212e2522d015ec0854db4851557842bf7ef5872c547c1ec63f2ab9a2ad73e1c

Download Submit
C:\Users\Admin\AppData\Local\net.cubidron.baso\EBWebView\Local State~RFe592570.TMP

Filesize
1KB

MD5
38039edc105dcdad312c7c57574a803e

SHA1
069ffa60e57eec92a4ac9c36c39d45c40a167b90

SHA256
64e32641003dfacc6146f5c94d13c6b6fc6d66df6d6f0928f41f2ad2fc5e2bcc

SHA512
8fb639b1ecd9f87700f9aa4fc87454380ce236a7837d9fd0b4bcd26681ab3a51be3149cb10c04d0a9fab49ad0bc570a70bcf6a57678fe6c78bd980117e148611

Download Submit
memory/1732-179-0x00007FFE0AB70000-0x00007FFE0AB71000-memory.dmp

Filesize
4KB

Download
memory/4748-68-0x00007FFE0AB70000-0x00007FFE0AB71000-memory.dmp

Filesize
4KB

Download
memory/5056-350-0x0000029CE32F0000-0x0000029CE32F1000-memory.dmp

Filesize
4KB

Download
memory/5056-343-0x0000029CE32F0000-0x0000029CE32F1000-memory.dmp

Filesize
4KB

Download
memory/5056-341-0x0000029CE32F0000-0x0000029CE32F1000-memory.dmp

Filesize
4KB

Download
memory/5056-342-0x0000029CE32F0000-0x0000029CE32F1000-memory.dmp

Filesize
4KB

Download
memory/5056-347-0x0000029CE32F0000-0x0000029CE32F1000-memory.dmp

Filesize
4KB

Download
memory/5056-348-0x0000029CE32F0000-0x0000029CE32F1000-memory.dmp

Filesize
4KB

Download
memory/5056-349-0x0000029CE32F0000-0x0000029CE32F1000-memory.dmp

Filesize
4KB

Download
memory/5056-351-0x0000029CE32F0000-0x0000029CE32F1000-memory.dmp

Filesize
4KB

Download
memory/5056-352-0x0000029CE32F0000-0x0000029CE32F1000-memory.dmp

Filesize
4KB

Download
memory/5056-353-0x0000029CE32F0000-0x0000029CE32F1000-memory.dmp

Filesize
4KB

Download
memory/5400-90-0x00007FFE0C280000-0x00007FFE0C281000-memory.dmp

Filesize
4KB

Download
memory/5400-91-0x00007FFE0BF40000-0x00007FFE0BF41000-memory.dmp

Filesize
4KB

Download
memory/5400-212-0x00000190BA9D0000-0x00000190BAA00000-memory.dmp

Filesize
192KB

Download