Joe Sandbox Cloud Basic Analysis Report
Create Interactive Tour

Analysis Report wavebrowser.exe

Overview

General Information

Sample Name:wavebrowser.exe
Analysis ID:414615
MD5:41fd728e578068e9fc245ebd57d80a92
SHA1:5fc690887bdb0e20c66eda4e6b7b5452f71a0da8
SHA256:cc4fdc0d54b223af071017f50a86dcfc63bdbad251b3d277804297a355e643ca
Infos:
Errors
  • Corrupt sample or wrongly selected analyzer. Details: 36B1

Detection

Score:3
Range:0 - 100
Whitelisted:false
Confidence:60%

Signatures

Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to dynamically determine API calls
Contains functionality to query locales information (e.g. system language)
Detected potential crypto function
Found potential string decryption / allocating functions
PE file contains more sections than normal
PE file contains sections with non-standard names
PE file contains strange resources
Program does not show much activity (idle)
Sample file is different than original file name gathered from version info

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Analysis Advice

Contains functionality to modify the execution of threads in other processes
Sample may offer command line options, please run it with the 'Execute binary with arguments' cookbook (it's possible that the command line switches require additional characters like: "-", "/", "--")



Startup

  • System is w10x64
  • wavebrowser.exe (PID: 7148 cmdline: 'C:\Users\user\Desktop\wavebrowser.exe' MD5: 41FD728E578068E9FC245EBD57D80A92)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

  • Compliance
  • Networking
  • System Summary
  • Data Obfuscation
  • Malware Analysis System Evasion
  • Anti Debugging
  • Language, Device and Operating System Detection

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: wavebrowser.exeStatic PE information: certificate valid
Source: wavebrowser.exeStatic PE information: GUARD_CF, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT, HIGH_ENTROPY_VA
Source: Binary string: wavebrowser.exe.pdb source: wavebrowser.exe
Source: wavebrowser.exeString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: wavebrowser.exeString found in binary or memory: http://cacerts.digicert.com/DigiCertEVCodeSigningCA-SHA2.crt0
Source: wavebrowser.exeString found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0
Source: wavebrowser.exeString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
Source: wavebrowser.exeString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
Source: wavebrowser.exeString found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: wavebrowser.exeString found in binary or memory: http://crl3.digicert.com/EVCodeSigningSHA2-g1.crl07
Source: wavebrowser.exeString found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
Source: wavebrowser.exeString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: wavebrowser.exeString found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: wavebrowser.exeString found in binary or memory: http://crl4.digicert.com/EVCodeSigningSHA2-g1.crl0J
Source: wavebrowser.exeString found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
Source: wavebrowser.exeString found in binary or memory: http://ocsp.digicert.com0C
Source: wavebrowser.exeString found in binary or memory: http://ocsp.digicert.com0H
Source: wavebrowser.exeString found in binary or memory: http://ocsp.digicert.com0I
Source: wavebrowser.exeString found in binary or memory: http://ocsp.digicert.com0O
Source: wavebrowser.exeString found in binary or memory: http://www.digicert.com/CPS0
Source: wavebrowser.exeString found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0
Source: wavebrowser.exeString found in binary or memory: https://crashpad.chromium.org/
Source: wavebrowser.exeString found in binary or memory: https://crashpad.chromium.org/bug/new
Source: wavebrowser.exeString found in binary or memory: https://crashpad.chromium.org/https://crashpad.chromium.org/bug/new
Source: wavebrowser.exeString found in binary or memory: https://www.digicert.com/CPS0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117513100_2_00007FF711751310
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117E72800_2_00007FF7117E7280
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7118A12800_2_00007FF7118A1280
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117331A00_2_00007FF7117331A0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71180D19C0_2_00007FF71180D19C
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71171D2100_2_00007FF71171D210
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7118851500_2_00007FF711885150
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117A74C00_2_00007FF7117A74C0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71171D4D00_2_00007FF71171D4D0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117DD4700_2_00007FF7117DD470
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117DF4900_2_00007FF7117DF490
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117793C00_2_00007FF7117793C0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117C94100_2_00007FF7117C9410
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71174D4100_2_00007FF71174D410
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117E33200_2_00007FF7117E3320
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117473200_2_00007FF711747320
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117613800_2_00007FF711761380
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71172F6B00_2_00007FF71172F6B0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7118216BC0_2_00007FF7118216BC
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117217100_2_00007FF711721710
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117136300_2_00007FF711713630
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117676800_2_00007FF711767680
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71172B6900_2_00007FF71172B690
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117EF5A00_2_00007FF7117EF5A0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71180B5E00_2_00007FF71180B5E0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7118655E00_2_00007FF7118655E0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117715700_2_00007FF711771570
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71175F5900_2_00007FF71175F590
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117278B00_2_00007FF7117278B0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71176D8B00_2_00007FF71176D8B0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117518500_2_00007FF711751850
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7118038740_2_00007FF711803874
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7118517600_2_00007FF711851760
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711745AC00_2_00007FF711745AC0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711851AC00_2_00007FF711851AC0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711779A900_2_00007FF711779A90
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71187F9B00_2_00007FF71187F9B0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117DF9C00_2_00007FF7117DF9C0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71182F9D00_2_00007FF71182F9D0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117139E00_2_00007FF7117139E0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117DBA100_2_00007FF7117DBA10
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71173D9700_2_00007FF71173D970
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71172B9700_2_00007FF71172B970
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711851CA00_2_00007FF711851CA0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711863C800_2_00007FF711863C80
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71187DBE00_2_00007FF71187DBE0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711723B600_2_00007FF711723B60
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117A5EF00_2_00007FF7117A5EF0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711723E300_2_00007FF711723E30
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71182DE400_2_00007FF71182DE40
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711853E900_2_00007FF711853E90
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117D9DC00_2_00007FF7117D9DC0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117F5DC00_2_00007FF7117F5DC0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711821DD00_2_00007FF711821DD0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711717D400_2_00007FF711717D40
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71176BD700_2_00007FF71176BD70
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711805D940_2_00007FF711805D94
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71182C0AC0_2_00007FF71182C0AC
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117E20C00_2_00007FF7117E20C0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7118041040_2_00007FF711804104
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117701000_2_00007FF711770100
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117520200_2_00007FF711752020
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7118260480_2_00007FF711826048
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71175A0400_2_00007FF71175A040
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117DC0900_2_00007FF7117DC090
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711719FB00_2_00007FF711719FB0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117F82A00_2_00007FF7117F82A0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117F22B00_2_00007FF7117F22B0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71185A2D00_2_00007FF71185A2D0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117F62300_2_00007FF7117F6230
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7118062940_2_00007FF711806294
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117A21A00_2_00007FF7117A21A0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71182A1980_2_00007FF71182A198
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117E01D00_2_00007FF7117E01D0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117CA1200_2_00007FF7117CA120
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: String function: 00007FF7117C7150 appears 100 times
Source: wavebrowser.exeStatic PE information: Number of sections : 12 > 10
Source: wavebrowser.exeStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: wavebrowser.exeStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: wavebrowser.exeBinary or memory string: OriginalFilename vs wavebrowser.exe
Source: wavebrowser.exeBinary string: sbox_alternate_desktop_local_winstation_0x%X\Device\\/?/?\**~*
Source: wavebrowser.exeBinary string: ntdll.dllHKEY_CLASSES_ROOTHKEY_CURRENT_USERHKEY_LOCAL_MACHINEHKEY_USERSHKEY_PERFORMANCE_DATAHKEY_PERFORMANCE_TEXTHKEY_PERFORMANCE_NLSTEXTHKEY_CURRENT_CONFIGHKEY_DYN_DATA\Device\\Device\HarddiskVolumentdll.dll
Source: classification engineClassification label: unknown3.winEXE@1/0@0/0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71174BEC0 FormatMessageA,GetLastError,0_2_00007FF71174BEC0
Source: wavebrowser.exeStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
Source: wavebrowser.exeString found in binary or memory: Try '%ls --help' for more information.
Source: wavebrowser.exeString found in binary or memory: Try '%ls --help' for more information.
Source: wavebrowser.exeString found in binary or memory: Try '%ls --help' for more information.
Source: wavebrowser.exeString found in binary or memory: Try '%ls --help' for more information.
Source: wavebrowser.exeString found in binary or memory: Try '%ls --help' for more information.
Source: wavebrowser.exeString found in binary or memory: Try '%ls --help' for more information.
Source: wavebrowser.exeString found in binary or memory: --help display this help and exit
Source: wavebrowser.exeString found in binary or memory: --help display this help and exit
Source: wavebrowser.exeString found in binary or memory: free-invalid-address
Source: wavebrowser.exeString found in binary or memory: --monitor-self--monitor-self-argument=--monitor-self is not supported--no-identify-client-via-url--no-periodic-tasks--no-rate-limit--no-upload-gzip--monitor-self-annotation=%s=%s../../components/gwp_asan/crash_handler/crash_handler.ccDetected GWP-ASan crash with missing metadata.Detected GWP-ASan crash for allocation at 0x) of type Invalid address passed to free() is Experienced internal error: partitionallocunexpected allocator typeheap-use-after-freeheap-buffer-underflowheap-buffer-overflowdouble-freefree-invalid-addressunexpected error type
Source: wavebrowser.exeStatic PE information: certificate valid
Source: wavebrowser.exeStatic PE information: Virtual size of .text is bigger than: 0x100000
Source: wavebrowser.exeStatic PE information: Image base 0x140000000 > 0x60000000
Source: wavebrowser.exeStatic file information: File size 2125928 > 1048576
Source: wavebrowser.exeStatic PE information: Raw size of .text is bigger than: 0x100000 < 0x194400
Source: wavebrowser.exeStatic PE information: More than 200 imports for KERNEL32.dll
Source: wavebrowser.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: wavebrowser.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: wavebrowser.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: wavebrowser.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: wavebrowser.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: wavebrowser.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
Source: wavebrowser.exeStatic PE information: GUARD_CF, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT, HIGH_ENTROPY_VA
Source: wavebrowser.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Binary string: wavebrowser.exe.pdb source: wavebrowser.exe
Source: wavebrowser.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
Source: wavebrowser.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
Source: wavebrowser.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
Source: wavebrowser.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
Source: wavebrowser.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711745A70 LoadLibraryW,GetProcAddress,0_2_00007FF711745A70
Source: wavebrowser.exeStatic PE information: section name: .00cfg
Source: wavebrowser.exeStatic PE information: section name: .gehcont
Source: wavebrowser.exeStatic PE information: section name: .retplne
Source: wavebrowser.exeStatic PE information: section name: CPADinfo
Source: wavebrowser.exeStatic PE information: section name: _RDATA
Source: all processesThread injection, dropped files, key value created, disk infection and DNS query: no activity detected
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71172D9B0 GetCurrentThread,IsDebuggerPresent,_Init_thread_header,GetModuleHandleW,GetProcAddress,_Init_thread_footer,GetCurrentThreadId,RaiseException,0_2_00007FF71172D9B0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711745A70 LoadLibraryW,GetProcAddress,0_2_00007FF711745A70
Source: all processesThread injection, dropped files, key value created, disk infection and DNS query: no activity detected
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117A5EF0 GetCurrentProcessId,CreateEventW,CreateEventW,CreateEventW,CreateEventW,SetUnhandledExceptionFilter,CreateThread,GetLastError,0_2_00007FF7117A5EF0
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: try_get_function,GetLocaleInfoW,0_2_00007FF71181FB38
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711749610 GetVersion,CreateNamedPipeW,0_2_00007FF711749610
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF7117DD470 QueryPerformanceCounter,QueryPerformanceCounter,GetSystemTimeAsFileTime,GetSystemTimeAsFileTime,QueryPerformanceCounter,0_2_00007FF7117DD470
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF711811900 _get_daylight,_get_daylight,_get_daylight,GetTimeZoneInformation,0_2_00007FF711811900
Source: C:\Users\user\Desktop\wavebrowser.exeCode function: 0_2_00007FF71176F6E0 GetVersionExW,GetLastError,0_2_00007FF71176F6E0

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsCommand and Scripting Interpreter2Path InterceptionProcess Injection1Process Injection1OS Credential DumpingSystem Time Discovery2Remote ServicesArchive Collected Data1Exfiltration Over Other Network MediumEncrypted Channel1Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsNative API1Boot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsDeobfuscate/Decode Files or Information1LSASS MemorySecurity Software Discovery1Remote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothJunk DataExploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or Information1Security Account ManagerSystem Information Discovery12SMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationSteganographyExploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 414615 Sample: wavebrowser.exe Startdate: 14/05/2021 Architecture: WINDOWS Score: 3 4 wavebrowser.exe 2->4         started       

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
wavebrowser.exe0%VirustotalBrowse
wavebrowser.exe0%MetadefenderBrowse
wavebrowser.exe0%ReversingLabs

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

No contacted domains info
NameSourceMaliciousAntivirus DetectionReputation
https://crashpad.chromium.org/wavebrowser.exefalse
    		high
    https://crashpad.chromium.org/https://crashpad.chromium.org/bug/newwavebrowser.exefalse
      		high
      https://crashpad.chromium.org/bug/newwavebrowser.exefalse
        		high

        Contacted IPs

        No contacted IP infos

        General Information

        Joe Sandbox Version:32.0.0 Black Diamond
        Analysis ID:414615
        Start date:14.05.2021
        Start time:21:23:14
        Joe Sandbox Product:CloudBasic
        Overall analysis duration:0h 3m 24s
        Hypervisor based Inspection enabled:false
        Report type:full
        Sample file name:wavebrowser.exe
        Cookbook file name:default.jbs
        Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
        Number of analysed new started processes analysed:2
        Number of new started drivers analysed:0
        Number of existing processes analysed:0
        Number of existing drivers analysed:0
        Number of injected processes analysed:0
        Technologies:
        • HCA enabled
        • EGA enabled
        • HDC enabled
        • AMSI enabled
        Analysis Mode:default
        Analysis stop reason:Timeout
        Detection:UNKNOWN
        Classification:unknown3.winEXE@1/0@0/0
        EGA Information:Failed
        HDC Information:
        • Successful, ratio: 100% (good quality ratio 59.9%)
        • Quality average: 39.7%
        • Quality standard deviation: 39.6%
        HCA Information:
        • Successful, ratio: 100%
        • Number of executed functions: 0
        • Number of non-executed functions: 208
        Cookbook Comments:
        • Adjust boot time
        • Enable AMSI
        • Found application associated with file extension: .exe
        • Unable to launch sample, stop analysis
        Warnings:
        • Execution Graph export aborted for target wavebrowser.exe, PID 7148 because there are no executed function
        Errors:
        • Corrupt sample or wrongly selected analyzer. Details: 36B1

        Simulations

        No simulations

        Joe Sandbox View / Context

        IPs

        No context

        Domains

        No context

        ASN

        No context

        JA3 Fingerprints

        No context

        Dropped Files

        No context

        Created / dropped Files

        No created / dropped files found

        Static File Info

        General

        File type:PE32+ executable (GUI) x86-64, for MS Windows
        Entropy (8bit):6.599651926098097
        TrID:
        • Win64 Executable GUI (202006/5) 92.65%
        • Win64 Executable (generic) (12005/4) 5.51%
        • Generic Win/DOS Executable (2004/3) 0.92%
        • DOS Executable Generic (2002/1) 0.92%
        • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
        File name:wavebrowser.exe
        File size:2125928
        MD5:41fd728e578068e9fc245ebd57d80a92
        SHA1:5fc690887bdb0e20c66eda4e6b7b5452f71a0da8
        SHA256:cc4fdc0d54b223af071017f50a86dcfc63bdbad251b3d277804297a355e643ca
        SHA512:89fa475c72255f44e3d1cc49ece1552508be6ed52f35bfdc0304408499edfd2492548e048d950513b042749a0c413e04460f31bf17085277f5fcc73dbefe6412
        SSDEEP:49152:O4sunx2oKwgRNHIAZrkst4zDRX3PjfR/QEKwakOTVX:xn4oqI+AU4FjfYX
        File Content Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d......`.........."......D..........`..........@..............................!.....Za!...`........................................

        File Icon

        Icon Hash:70cc92b090c0f070

        Static PE Info

        General

        Entrypoint:0x1400ef760
        Entrypoint Section:.text
        Digitally signed:true
        Imagebase:0x140000000
        Subsystem:windows gui
        Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
        DLL Characteristics:GUARD_CF, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT, HIGH_ENTROPY_VA
        Time Stamp:0x60860280 [Mon Apr 26 00:00:00 2021 UTC]
        TLS Callbacks:0x40028640, 0x1, 0x400521a0, 0x1, 0x400edd60, 0x1, 0x40099db0, 0x1
        CLR (.Net) Version:
        OS Version Major:5
        OS Version Minor:2
        File Version Major:5
        File Version Minor:2
        Subsystem Version Major:5
        Subsystem Version Minor:2
        Import Hash:8b6a03add5dfafc2c4b0ce5945ef9d5a

        Authenticode Signature

        Signature Valid:true
        Signature Issuer:CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US
        Signature Validation Error:The operation completed successfully
        Error Number:0
        Not Before, Not After
        • 1/27/2021 1:00:00 AM 1/26/2023 12:59:59 AM
        Subject Chain
        • CN=Wavesor Software, O=Wavesor Software, L=Agios Athanasios, C=CY, SERIALNUMBER=EE 52849, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=CY
        Version:3
        Thumbprint MD5:0502083BE13B02B6CB6F2F2241FEF927
        Thumbprint SHA-1:D9D521276B3311A00B2E9A0960EB293FEF7F12DA
        Thumbprint SHA-256:F70AA5181181825DA22D31F4E3567CB864AF13C3C798643A0CD7433DA6EB5CB4
        Serial:04E41F85C676A21263778BD92DFBBBB8
        Instruction
        dec eax
        sub esp, 28h
        call 00007F4304CE48B0h
        dec eax
        add esp, 28h
        jmp 00007F4304CE471Fh
        int3
        int3
        dec eax
        mov dword ptr [esp+20h], ebx
        push ebp
        dec eax
        mov ebp, esp
        dec eax
        sub esp, 20h
        dec eax
        mov eax, dword ptr [000F4EF0h]
        dec eax
        mov ebx, 2DDFA232h
        cdq
        sub eax, dword ptr [eax]
        add byte ptr [eax+3Bh], cl
        ret
        jne 00007F4304CE4916h
        dec eax
        and dword ptr [ebp+18h], 00000000h
        dec eax
        lea ecx, dword ptr [ebp+18h]
        call dword ptr [000E582Ah]
        dec eax
        mov eax, dword ptr [ebp+18h]
        dec eax
        mov dword ptr [ebp+10h], eax
        call dword ptr [000E56FCh]
        mov eax, eax
        dec eax
        xor dword ptr [ebp+10h], eax
        call dword ptr [000E56D8h]
        mov eax, eax
        dec eax
        lea ecx, dword ptr [ebp+20h]
        dec eax
        xor dword ptr [ebp+10h], eax
        call dword ptr [000E5970h]
        mov eax, dword ptr [ebp+20h]
        dec eax
        lea ecx, dword ptr [ebp+10h]
        dec eax
        shl eax, 20h
        dec eax
        xor eax, dword ptr [ebp+20h]
        dec eax
        xor eax, dword ptr [ebp+10h]
        dec eax
        xor eax, ecx
        dec eax
        mov ecx, FFFFFFFFh
        NameVirtual AddressVirtual Size Is in Section
        IMAGE_DIRECTORY_ENTRY_EXPORT0x1d45170x75.rdata
        IMAGE_DIRECTORY_ENTRY_IMPORT0x1d458c0x50.rdata
        IMAGE_DIRECTORY_ENTRY_RESOURCE0x2040000x10f18.rsrc
        IMAGE_DIRECTORY_ENTRY_EXCEPTION0x1f00000xd0d4.pdata
        IMAGE_DIRECTORY_ENTRY_SECURITY0x2054000x1c68.rsrc
        IMAGE_DIRECTORY_ENTRY_BASERELOC0x2150000x2228.reloc
        IMAGE_DIRECTORY_ENTRY_DEBUG0x1d1df40x1c.rdata
        IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
        IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
        IMAGE_DIRECTORY_ENTRY_TLS0x1d1c500x28.rdata
        IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x1aee900x130.rdata
        IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
        IMAGE_DIRECTORY_ENTRY_IAT0x1d4ce00x700.rdata
        IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x1d37880x140.rdata
        IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
        IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

        Sections

        NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
        .text0x10000x1943fd0x194400False0.485741100417data6.58901817484IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
        .rdata0x1960000x4bc8c0x4be00False0.3110295253295View capture file5.60248859193IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
        .data0x1e20000xdc080x3c00False0.149153645833data3.24321154288IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
        .pdata0x1f00000xd0d40xd200False0.514750744048data5.97399753413IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
        .00cfg0x1fe0000x280x200False0.056640625data0.420787258814IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
        .gehcont0x1ff0000x380x200False0.1015625big endian ispell hash file (?), 8-bit, no capitalization, 26 flags0.437109725135IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
        .retplne0x2000000xc0x200False0.046875ASCII text, with no line terminators0.22011315744
        .tls0x2010000x1310x200False0.04296875data0.136463791656IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
        CPADinfo0x2020000x380x200False0.04296875data0.122275881259IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
        _RDATA0x2030000x940x200False0.20703125data1.45583795213IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
        .rsrc0x2040000x10f180x11000False0.306942210478data5.18099903245IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
        .reloc0x2150000x22280x2400False0.293836805556data5.3709486269IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ
        NameRVASizeTypeLanguageCountry
        GOOGLEUPDATEAPPLICATIONCOMMANDS0x214ad80x4dataEnglishUnited States
        RT_ICON0x2049e00x25a8dBase IV DBT of `.DBF, block length 9216, next free block index 40, next free block 0, next used block 0EnglishUnited States
        RT_ICON0x206fa00xea8dBase III DBT, version number 0, next free block index 40, 1st item "\251\317"EnglishUnited States
        RT_ICON0x207e480x8a8dBase III DBT, version number 0, next free block index 40, 1st item "\251\317"EnglishUnited States
        RT_ICON0x2086f00x568GLS_BINARY_LSB_FIRSTEnglishUnited States
        RT_ICON0x208c580x7c8PNG image data, 256 x 256, 8-bit colormap, non-interlacedEnglishUnited States
        RT_ICON0x2094200x25a8dataEnglishUnited States
        RT_ICON0x20b9c80x10a8dataEnglishUnited States
        RT_ICON0x20ca700x468GLS_BINARY_LSB_FIRSTEnglishUnited States
        RT_ICON0x20cf400x4a8dataEnglishUnited States
        RT_ICON0x20d3e80x1234dataEnglishUnited States
        RT_ICON0x20e6200x2668dataEnglishUnited States
        RT_ICON0x210c880x184bPNG image data, 257 x 256, 8-bit/color RGBA, non-interlacedEnglishUnited States
        RT_ICON0x2125180x25a8dBase IV DBT of `.DBF, block length 9216, next free block index 40, next free block 0, next used block 0EnglishUnited States
        RT_GROUP_ICON0x206f880x14dataEnglishUnited States
        RT_GROUP_ICON0x20ced80x68dataEnglishUnited States
        RT_GROUP_ICON0x2124d80x3edataEnglishUnited States
        RT_GROUP_ICON0x214ac00x14dataEnglishUnited States
        RT_VERSION0x214ae00x438dataEnglishUnited States
        RT_MANIFEST0x2045100x4ccXML 1.0 document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminatorsEnglishUnited States
        DLLImport
        wavebrowser_elf.dllGetInstallDetailsPayload, SignalChromeElf, SignalInitializeCrashReporting
        KERNEL32.dllAcquireSRWLockExclusive, AssignProcessToJobObject, CloseHandle, CompareStringW, ConnectNamedPipe, CreateDirectoryW, CreateEventW, CreateFileMappingW, CreateFileW, CreateIoCompletionPort, CreateJobObjectW, CreateMutexW, CreateNamedPipeW, CreateProcessW, CreateRemoteThread, CreateSemaphoreW, CreateThread, DebugBreak, DeleteCriticalSection, DeleteFileW, DeleteProcThreadAttributeList, DisconnectNamedPipe, DuplicateHandle, EncodePointer, EnterCriticalSection, EnumSystemLocalesEx, EnumSystemLocalesW, ExitProcess, ExitThread, ExpandEnvironmentStringsW, FileTimeToSystemTime, FindClose, FindFirstFileExW, FindNextFileW, FlsAlloc, FlsSetValue, FlushFileBuffers, FlushViewOfFile, FormatMessageA, FreeEnvironmentStringsW, FreeLibrary, FreeLibraryAndExitThread, GetACP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetComputerNameExW, GetConsoleMode, GetConsoleOutputCP, GetCurrentDirectoryW, GetCurrentProcess, GetCurrentProcessId, GetCurrentProcessorNumber, GetCurrentThread, GetCurrentThreadId, GetDateFormatW, GetDriveTypeW, GetEnvironmentStringsW, GetExitCodeProcess, GetFileAttributesW, GetFileInformationByHandle, GetFileInformationByHandleEx, GetFileSizeEx, GetFileTime, GetFileType, GetFullPathNameW, GetLastError, GetLocalTime, GetLocaleInfoW, GetLongPathNameW, GetModuleFileNameW, GetModuleHandleA, GetModuleHandleExW, GetModuleHandleW, GetNativeSystemInfo, GetOEMCP, GetProcAddress, GetProcessHandleCount, GetProcessHeap, GetProcessHeaps, GetProcessId, GetProcessTimes, GetProductInfo, GetQueuedCompletionStatus, GetStartupInfoW, GetStdHandle, GetStringTypeW, GetSystemDefaultLCID, GetSystemDirectoryW, GetSystemInfo, GetSystemTimeAsFileTime, GetTempPathW, GetThreadContext, GetThreadId, GetThreadLocale, GetThreadPriority, GetTickCount, GetTimeFormatW, GetTimeZoneInformation, GetUserDefaultLCID, GetUserDefaultLangID, GetUserDefaultLocaleName, GetVersion, GetVersionExW, GetWindowsDirectoryW, HeapDestroy, HeapSetInformation, InitOnceExecuteOnce, InitializeCriticalSection, InitializeCriticalSectionAndSpinCount, InitializeProcThreadAttributeList, InitializeSListHead, IsDebuggerPresent, IsProcessorFeaturePresent, IsValidCodePage, IsValidLocale, IsWow64Process, K32GetPerformanceInfo, K32GetProcessMemoryInfo, LCMapStringW, LeaveCriticalSection, LoadLibraryExA, LoadLibraryExW, LoadLibraryW, LocalFree, LockFileEx, MapViewOfFile, MoveFileW, MultiByteToWideChar, OpenProcess, OutputDebugStringA, PeekNamedPipe, PostQueuedCompletionStatus, ProcessIdToSessionId, QueryDosDeviceW, QueryInformationJobObject, QueryPerformanceCounter, QueryPerformanceFrequency, QueryThreadCycleTime, RaiseException, ReadConsoleW, ReadFile, ReadProcessMemory, RegisterWaitForSingleObject, ReleaseSRWLockExclusive, ReleaseSemaphore, RemoveDirectoryW, ReplaceFileW, ResetEvent, ResumeThread, RtlCaptureContext, RtlCaptureStackBackTrace, RtlLookupFunctionEntry, RtlPcToFileHeader, RtlUnwind, RtlUnwindEx, RtlVirtualUnwind, SearchPathW, SetConsoleCtrlHandler, SetCurrentDirectoryW, SetEndOfFile, SetEnvironmentVariableW, SetEvent, SetFileAttributesW, SetFilePointerEx, SetHandleInformation, SetInformationJobObject, SetLastError, SetNamedPipeHandleState, SetProcessShutdownParameters, SetStdHandle, SetThreadAffinityMask, SetThreadPriority, SetUnhandledExceptionFilter, SignalObjectAndWait, Sleep, SleepConditionVariableSRW, SleepEx, SuspendThread, SystemTimeToTzSpecificLocalTime, TerminateJobObject, TerminateProcess, TlsAlloc, TlsFree, TlsGetValue, TlsSetValue, TransactNamedPipe, TryAcquireSRWLockExclusive, UnhandledExceptionFilter, UnlockFileEx, UnmapViewOfFile, UnregisterWait, UnregisterWaitEx, UpdateProcThreadAttribute, VerSetConditionMask, VerifyVersionInfoW, VirtualAlloc, VirtualAllocEx, VirtualFree, VirtualFreeEx, VirtualProtect, VirtualProtectEx, VirtualQuery, VirtualQueryEx, WaitForMultipleObjects, WaitForSingleObject, WaitForSingleObjectEx, WaitNamedPipeW, WakeAllConditionVariable, WideCharToMultiByte, Wow64GetThreadContext, WriteConsoleW, WriteFile, WriteProcessMemory, lstrlenW
        VERSION.dllGetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW
        NameOrdinalAddress
        GetHandleVerifier10x140051320
        IsSandboxedProcess20x140069910
        DescriptionData
        LegalCopyrightCopyright 2021 Wavesor Software. All rights reserved.
        InternalNamewavebrowser_exe
        CompanyShortNameWavesor Software
        FileVersion1.1.1.2
        CompanyNameWavesor Software
        ProductShortNameWaveBrowser
        ProductNameWaveBrowser
        LastChange7db2fbfa957252143806cfd3ad96ed67efae18ad
        ProductVersion1.1.1.2
        FileDescriptionWaveBrowser
        OriginalFilenamewavebrowser.exe
        Official Build1
        Translation0x0409 0x04b0

        Possible Origin

        Language of compilation systemCountry where language is spokenMap
        EnglishUnited States

        Network Behavior

        No network behavior found

        Code Manipulations

        Statistics

        CPU Usage

        0510s020406080100

        Click to jump to process

        Memory Usage

        Click to jump to process

        System Behavior

        Analysis Process: wavebrowser.exe PID: 7148 Parent PID: 6076

        Function Logs

        General

        Start time:21:24:04
        Start date:14/05/2021
        Path:C:\Users\user\Desktop\wavebrowser.exe
        Wow64 process (32bit):false
        Commandline:'C:\Users\user\Desktop\wavebrowser.exe'
        Imagebase:0x7ff711710000
        File size:2125928 bytes
        MD5 hash:41FD728E578068E9FC245EBD57D80A92
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Show Windows behavior

        Memory Activities

        Disassembly

        Code Analysis

        Analysis Process: wavebrowser.exe PID: 7148 Parent PID: 6076 wavebrowser.exeCOMMON

        Executed Functions

        Non-executed Functions

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Process$CurrentErrorLastOpen
        • String ID: --initial-client-data=$../../third_party/crashpad/crashpad/client/crashpad_client_win.cc$::DeleteProcThreadAttributeList$::InitializeProcThreadAttributeList$::UpdateProcThreadAttribute$CloseHandle process$CloseHandle thread$CreateProcess$InitializeProcThreadAttributeList$InitializeProcThreadAttributeList (size)$InitializeProcThreadAttributeList (size) succeeded, expected failure$OpenProcess$UpdateProcThreadAttribute$annotation$attachment$database$h$kernel32.dll$metrics-dir$rundll32.exe$url
        • API String ID: 4227934283-1676744296
        • Opcode ID: 93a6d654bb00d525109e7ee6886c0a086ee903196e86b70ce8886cb0bdc43e12
        • Instruction ID: 24d55f6a8723ca77fa071820601419d41dd7d01592f3c8eec304c4daa0dd80d5
        • Opcode Fuzzy Hash: 93a6d654bb00d525109e7ee6886c0a086ee903196e86b70ce8886cb0bdc43e12
        • Instruction Fuzzy Hash: BFB2A561A0CE8285FB20BB15E4443BAE358EB88BB0F844135DA9D5B796DFBCE54DC710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: memcpy_s$_invalid_parameter_noinfo
        • String ID: $ $%llu$MZx
        • API String ID: 2880407647-1073590698
        • Opcode ID: d57b59f58c255db48b993bd0f15d803073c24f6e41c00c5e554bfee9d8f628a5
        • Instruction ID: 1d2801099e69d1e561121b45c1b54a580eba8e7500e480922cf0dac3b3f1b8c2
        • Opcode Fuzzy Hash: d57b59f58c255db48b993bd0f15d803073c24f6e41c00c5e554bfee9d8f628a5
        • Instruction Fuzzy Hash: 75032872A189C68BE735EE24D4407F977D8FB843ACF909135DA0A5FB44DB78AA18C710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Library$AddressFreeLoadProc$ComputerName
        • String ID: GetUserNameW$SHGetSpecialFolderPathW$WTSFreeMemory$WTSQuerySessionInformationW$advapi32.dll$shell32.dll$wtsapi32.dll
        • API String ID: 1411496036-2002134302
        • Opcode ID: 4cbe8a8616522eb73a53e0c462f0d7cd853eb07ce8b4c21d2d11e0e46ba93441
        • Instruction ID: 0e975b9f1ebbb81f7944d38c54ca759ad95c66aade1d45170f904a14d629aaef
        • Opcode Fuzzy Hash: 4cbe8a8616522eb73a53e0c462f0d7cd853eb07ce8b4c21d2d11e0e46ba93441
        • Instruction Fuzzy Hash: 3F92D822A08F8285DBA0BF15D0242B9A7B4FB487B4F848235DA5D0B7D5DFBCE55D8360
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Process
        • String ID: $../../third_party/crashpad/crashpad/snapshot/win/exception_snapshot_win.cc$../../third_party/crashpad/crashpad/snapshot/win/process_reader_win.cc$0$ContextRecord$EXCEPTION_POINTERS read failed$ExceptionRecord$GetThreadContext$NtOpenThread$NtQueryInformationThread$NtQuerySystemInformation$ResumeThread$dropping chained ExceptionRecord$null ExceptionRecord
        • API String ID: 1235230986-3040209045
        • Opcode ID: 5c876b60a1be4472149ddb61fa181dbcfbec2c83b4712a172dd64a2ea6cb4212
        • Instruction ID: b0ea78071f7392504760b893221e389f05c457ba1b2ff658e307a7dd0dedeaa3
        • Opcode Fuzzy Hash: 5c876b60a1be4472149ddb61fa181dbcfbec2c83b4712a172dd64a2ea6cb4212
        • Instruction Fuzzy Hash: B272A421B18E8281EB20EB15E4053FAE369EB897E4F804135DE5D1B7D6DEADE14DC720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$Acquire$ErrorInit_thread_footerInit_thread_headerLastReleaseValue
        • String ID:
        • API String ID: 278479926-0
        • Opcode ID: 11ecbaa09f5942f6a2c5168d7e50d45297c05e7040b8562af4d3297605500e1d
        • Instruction ID: d1c116ca094e8b790c58177a5e23060fc3562cbe668af26dc65388658f339bf5
        • Opcode Fuzzy Hash: 11ecbaa09f5942f6a2c5168d7e50d45297c05e7040b8562af4d3297605500e1d
        • Instruction Fuzzy Hash: 9D42F621E08E8686FB10BB15E448379A369EF987B0F944131DA5E4F796DFACE54DC320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: _invalid_parameter_noinfo$memcpy_s$fegetenv
        • String ID: 1#IND$1#INF$1#QNAN$1#SNAN$MZx
        • API String ID: 808467561-2638907429
        • Opcode ID: de0b68078dc7b1c274ac372b23c34b705eaabb76f92c8356e0621dea3c02a12c
        • Instruction ID: 97488605cb7635e35757d0f18ca55c0a25c31be189f12052b3c5ba555206927b
        • Opcode Fuzzy Hash: de0b68078dc7b1c274ac372b23c34b705eaabb76f92c8356e0621dea3c02a12c
        • Instruction Fuzzy Hash: 9DB24972E08A828BE7269E64C4407FDB7A5FB443B4F909135DA0D5FA84DFB8E518CB50
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Info$MemoryPerformanceProcess
        • String ID: ProcessPeakPagefileUsage$ProcessPeakWorkingSetSize$ProcessPrivateUsage$SystemCommitLimit$SystemCommitRemaining$Win64$cana$channel$plat$prod$ptype$ver
        • API String ID: 2600119024-1714930364
        • Opcode ID: f39432113fa79583f84a5ac9c7923c5142a14d10a263dc10a959ad33a7636611
        • Instruction ID: 4e55326af2d18cab4c68358879f65ab5730bfa0b719dfcca4aed3582060cc5ce
        • Opcode Fuzzy Hash: f39432113fa79583f84a5ac9c7923c5142a14d10a263dc10a959ad33a7636611
        • Instruction Fuzzy Hash: 05127531A08EC295EB61AB25E4503EAE364FB897A4F804131DA8C4B796DFBCE15DC711
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLastVersion
        • String ID: %lu$%s %u.%u.%u.%s%s$../../third_party/crashpad/crashpad/snapshot/win/system_snapshot_win.cc$Debug,$GetVersionEx$Patched,$Prerelease,$Private,$Special,$Unknown$Windows NT$kernel32.dll
        • API String ID: 305913169-1074762537
        • Opcode ID: 474e6e15ba4ea5dc28d0eba3b3c6941364846a45da49943625fe29f13834fd36
        • Instruction ID: 85741dc50e858bbfcc409cd6ad58675842bb5c365c4c33c8349d5ab2e082d2ff
        • Opcode Fuzzy Hash: 474e6e15ba4ea5dc28d0eba3b3c6941364846a45da49943625fe29f13834fd36
        • Instruction Fuzzy Hash: DEF19222A0CEC281F731AB24E0543AAA768FB89764FC44131DA8D4B756DFBDE58DC711
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        • UncheckedAllocate, xrefs: 00007FF71176E221
        • VirtualQueryEx, xrefs: 00007FF71176D80D
        • <failed to retrieve error message (0x%lx)>, xrefs: 00007FF71176D431
        • ../../third_party/crashpad/crashpad/util/win/process_info.cc, xrefs: 00007FF71176D7E8, 00007FF71176D837, 00007FF71176E18B, 00007FF71176E1F6
        • (0x%08lx), xrefs: 00007FF71176D4AD
        • , xrefs: 00007FF71176D3E1
        • ntdll.dll, xrefs: 00007FF71176D3A4
        • RegionSize == 0, xrefs: 00007FF71176D85C
        • NtQuerySystemInformation SystemExtendedHandleInformation, xrefs: 00007FF71176E1B6
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CurrentDuplicateHandleProcess
        • String ID: $ (0x%08lx)$../../third_party/crashpad/crashpad/util/win/process_info.cc$<failed to retrieve error message (0x%lx)>$NtQuerySystemInformation SystemExtendedHandleInformation$RegionSize == 0$UncheckedAllocate$VirtualQueryEx$ntdll.dll
        • API String ID: 1009649615-2775717338
        • Opcode ID: c1edce04d9689c501f50a6893e8a3aa84ea75a4ae51f1daab5a5fce96575be55
        • Instruction ID: bbf8170bf16a3a51be3cf5da5864062e181ece33f5b270b1896df8de77bb471c
        • Opcode Fuzzy Hash: c1edce04d9689c501f50a6893e8a3aa84ea75a4ae51f1daab5a5fce96575be55
        • Instruction Fuzzy Hash: 95729332A18E8585FB20AF15E4413BAE3A5FB887A4F844131DB9D1B796DFBCD189C710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$Acquire$ErrorLast$ReleaseValue
        • String ID:
        • API String ID: 485931750-0
        • Opcode ID: e9def38771c52adbf6817529788ed72f21f375262b42791aa6b030f975b27d1b
        • Instruction ID: fd8bc81f3d421f86e19bbe6be5fcc4616c90bee51bebff5e1b1dcda981ad52fb
        • Opcode Fuzzy Hash: e9def38771c52adbf6817529788ed72f21f375262b42791aa6b030f975b27d1b
        • Instruction Fuzzy Hash: 02F11922B18E8686EB10AB14E4543BDA369EF447F4F848131DA5E0B791DFBCE559C330
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Create$Event$CurrentErrorExceptionFilterLastProcessThreadUnhandled
        • String ID: ../../third_party/crashpad/crashpad/client/crashpad_client_win.cc$CreateNamedPipe$CreateThread$\\.\pipe\crashpad_%lu_
        • API String ID: 1093327153-1892946667
        • Opcode ID: 65ac638338d3ee0b3822c5f495cca87cf9a74bdf65f365d7efbcffe45dc1c49e
        • Instruction ID: c83755761d1b96717f23b44aff1a34b2857710ddd8e7b6d7c3637277b5a10ee7
        • Opcode Fuzzy Hash: 65ac638338d3ee0b3822c5f495cca87cf9a74bdf65f365d7efbcffe45dc1c49e
        • Instruction Fuzzy Hash: C9F19872A09E8285EB20EB15F4047FAA398FB88BA4F844135DA4D0B796DFBCD15DC310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLastValue
        • String ID:
        • API String ID: 1151882462-0
        • Opcode ID: 9facc0fe74f38c9fa778fd943e1fb4b6c1fe6936469d59243508158a572f5fd0
        • Instruction ID: 74acf85a042d639eb45102ea2141ae6d6d8d693e773495ff1015739e1a26f792
        • Opcode Fuzzy Hash: 9facc0fe74f38c9fa778fd943e1fb4b6c1fe6936469d59243508158a572f5fd0
        • Instruction Fuzzy Hash: 3402F762E0CE8686E754AB19A40037DA769FF54BB0F848131EE5E0B795DFBCD458C320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLast$ProcessTerminate
        • String ID:
        • API String ID: 2942684591-0
        • Opcode ID: 39e2ef87d9c246f18edbfb0bb5f701c33ab81212998babc5e9dfe0c8518cb397
        • Instruction ID: 46ad45d4687ab568cda7bd5a19c2cc4fbd8986d756a229ae6be461e2091a732c
        • Opcode Fuzzy Hash: 39e2ef87d9c246f18edbfb0bb5f701c33ab81212998babc5e9dfe0c8518cb397
        • Instruction Fuzzy Hash: BCC17432A09E4285E720AB11A4543BEE359FF88BA4F854131DD5D4BB96DFBCE44DC720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: audio$cdm$icon_reader$mf_cdm$network$none$none_and_elevated$pdf_conversion$ppapi$print_compositor$proxy_resolver$speech_recognition$video_capture$xr_compositing
        • API String ID: 0-1415188817
        • Opcode ID: 1c4cb7be44a5e98a1cc86955c94936a2a9bfb70f2985e3c85f5e2d9776583425
        • Instruction ID: 4b2b363403e9e8fb266d2e3fec0b306cf1e14c18821e9f142bbe446b0693a57d
        • Opcode Fuzzy Hash: 1c4cb7be44a5e98a1cc86955c94936a2a9bfb70f2985e3c85f5e2d9776583425
        • Instruction Fuzzy Hash: 5BC1C422E4DE5280E740E76299102B5A3595F4A7B0F954332DCBD5B3D2EEBCE55EC320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CurrentThread$AcquireAddressDebuggerExceptionExclusiveHandleInit_thread_footerInit_thread_headerLockModulePresentProcRaise
        • String ID: Kernel32.dll$SetThreadDescription
        • API String ID: 3439133180-1724334159
        • Opcode ID: b7e0c8e5ca7e763910bb893ed5724cce33dfdbf21652522809560a1d0ae0a7e7
        • Instruction ID: b0e8819d394534cbbe3edf7cade33365cab420dbd5db5d9468eaa348008f3bb4
        • Opcode Fuzzy Hash: b7e0c8e5ca7e763910bb893ed5724cce33dfdbf21652522809560a1d0ae0a7e7
        • Instruction Fuzzy Hash: 58318232A08E528AFB10AB11E8142BDA3B8FB55BB0F848471D94D5B795DEBCE55DC320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: bf78cf767a10d03ee74fbc5d94efb56e8a4c914552a4469793ad76dda9a655f0
        • Instruction ID: de557a96f4bc1fb12f0bc4f63024731f9eb0f266b3eec28c37643f2458977408
        • Opcode Fuzzy Hash: bf78cf767a10d03ee74fbc5d94efb56e8a4c914552a4469793ad76dda9a655f0
        • Instruction Fuzzy Hash: AD420622A09F8985EB11AB24D0057AAB358FF587A4F848335DE9D0B796DFBCE15DC310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLastLongNamePath
        • String ID: \??\$\Device\HarddiskVolume$\\.\$pipe\
        • API String ID: 1903379502-4039816857
        • Opcode ID: 227fc23090392ea7623d37555c73cb8f621bd8d526f2f64479cde19da30d5ff7
        • Instruction ID: 43556631e59a24ca9816fd0aa4ec3bc785583d39d5b819688d7bab25bc2c0027
        • Opcode Fuzzy Hash: 227fc23090392ea7623d37555c73cb8f621bd8d526f2f64479cde19da30d5ff7
        • Instruction Fuzzy Hash: 6F32C762A1CEC185EB20AB25D4043AEE798FB887A4FD04231DA9D4B7D6DFBDD14D8710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLast$CreateFile
        • String ID: ../../base/files/file_win.cc$DoInitialize
        • API String ID: 1722934493-2688016777
        • Opcode ID: 1f2b78d4dba667969017d7574cd7111bb9e06ae22aeb2f6327c46803cc30ef93
        • Instruction ID: 152c57f855096ae6325ce0e4ce63f4c7a6382802becd18f5881e4977de680261
        • Opcode Fuzzy Hash: 1f2b78d4dba667969017d7574cd7111bb9e06ae22aeb2f6327c46803cc30ef93
        • Instruction Fuzzy Hash: 9F516922A18E4685FB14AB58E819779E265FB98370F868034DE1E4B3D2EFBCD54DC310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLast$CurrentProcess$DuplicateFreeHandleLocal
        • String ID:
        • API String ID: 981145269-0
        • Opcode ID: 459dbc861320967123ece893ef7dfd482ca3f585d9bf7fea866bce11754e0b1f
        • Instruction ID: 2ba8d1765f5f88854115cd9025cfd351686068b1463b584a208dc47c862fa3ea
        • Opcode Fuzzy Hash: 459dbc861320967123ece893ef7dfd482ca3f585d9bf7fea866bce11754e0b1f
        • Instruction Fuzzy Hash: 8CB1B531B1DE4286EB64BB25A40437AE398AB48BB4F944131DE5E4B7D6DEBCE44DC310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireErrorFileHandleInformationLastRelease
        • String ID: ../../third_party/crashpad/crashpad/util/win/exception_handler_server.cc$GetFileInformationByHandleEx$\\.\pipe
        • API String ID: 3726419365-838569524
        • Opcode ID: 9bb15fe452e62b853ba318896c4a3cd4ea767165a10a21000890840c369189ca
        • Instruction ID: b3182a56b941da060e89440e21f28d0878ff4d826f7b1d1a93c9813a3c12660f
        • Opcode Fuzzy Hash: 9bb15fe452e62b853ba318896c4a3cd4ea767165a10a21000890840c369189ca
        • Instruction Fuzzy Hash: BCE1B622A08F8181EB10EB15E4507A9E768FF88BA4F884135DE5E0B796DFBDE45DC310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
          • Part of subcall function 00007FF7117C97E0: TlsGetValue.KERNEL32(?,?,?,00007FF7117D40F9,?,?,?,?,?,?,00000000,00007FF7117D4068), ref: 00007FF7117C97EE
        • GetCurrentThreadId.KERNEL32 ref: 00007FF7117C9467
        • TryAcquireSRWLockExclusive.KERNEL32 ref: 00007FF7117C950D
        • ReleaseSRWLockExclusive.KERNEL32 ref: 00007FF7117C96F8
        • _Init_thread_header.LIBCMT ref: 00007FF7117C9711
        • _Init_thread_footer.LIBCMT ref: 00007FF7117C974F
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireCurrentInit_thread_footerInit_thread_headerReleaseThreadValue
        • String ID: 33333333$UUUUUUUU
        • API String ID: 2678241846-3483174168
        • Opcode ID: 5abda030fe93f4711a254729dfbf0b942a523e644d2b741f72e5a9e2823d1c3b
        • Instruction ID: 429f1dc526ca3aaf0f7804592b232e21032de6584a4fcbd48b3deb331d261d50
        • Opcode Fuzzy Hash: 5abda030fe93f4711a254729dfbf0b942a523e644d2b741f72e5a9e2823d1c3b
        • Instruction Fuzzy Hash: 3391C821A2DE4785EF90AB15E4503B9E394BB89BB4F848031D94D0B796EEBCE55DC320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Current$FreeLocalProcessThread
        • String ID: 0x%X$local_winstation_
        • API String ID: 3144071100-3811309876
        • Opcode ID: c0b75d3a2bc361d741898c1c0078e176dc97a11b73f2bf1929507f17dfd450c3
        • Instruction ID: cfc8fa7fd07e3cb45df3d4e7dd8cd26fecc2fdd1b7763c0f1d6018216519bc1a
        • Opcode Fuzzy Hash: c0b75d3a2bc361d741898c1c0078e176dc97a11b73f2bf1929507f17dfd450c3
        • Instruction Fuzzy Hash: 3261A321A0CE8281F750AB15E81437AF368FF987A4F948035EA8D4BB55DF7CE19D8710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: AddressHandleInit_thread_footerInit_thread_headerModuleProc
        • String ID: GetAppContainerFolderPath$userenv
        • API String ID: 4175341172-80420106
        • Opcode ID: 7ad2a5d76488e95ad10da08faea7def10a34bfbf4c24a68568328eeb3c1fa138
        • Instruction ID: 9351035ddde283fb40f6c9cfa276c72b4654895e5b6b1fd5c7930c82ca5f2107
        • Opcode Fuzzy Hash: 7ad2a5d76488e95ad10da08faea7def10a34bfbf4c24a68568328eeb3c1fa138
        • Instruction Fuzzy Hash: F091B523B08E4286EB50EF25E8402BDA354FB94BB4F949531ED0E4B795DEBCE099C350
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorFileLast$CreateMappingView
        • String ID: ../../base/files/memory_mapped_file_win.cc$MapFileRegionToMemory
        • API String ID: 2231327692-1672964651
        • Opcode ID: f0d206c4b3b9a103db32254370319ea9517a1cfa8b7fe70c6f9979ed2b173a92
        • Instruction ID: 677f4630a839fdf9efbf1ed0d2c898b3844df4fc8aec245d8a0cefc05eb5bad5
        • Opcode Fuzzy Hash: f0d206c4b3b9a103db32254370319ea9517a1cfa8b7fe70c6f9979ed2b173a92
        • Instruction Fuzzy Hash: 2451A725B19E4282E760AB15B54137AA3A9FF487B4F805031DE8E0B756DFBCE15E8310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: InfoProcess$CountHandleMemoryPerformance
        • String ID: ActivityTracker.CollectCrash.Status$ActivityTrackerLocation
        • API String ID: 868847322-1058927671
        • Opcode ID: 5cecf5e4f5589904525c4d4f5a58de23e57a0d02b68f64f96a38112d266e4b04
        • Instruction ID: 0f21a3bef3001f25c64d50090d602891724d4ad669cf7bc1bf7d156d6896d6c8
        • Opcode Fuzzy Hash: 5cecf5e4f5589904525c4d4f5a58de23e57a0d02b68f64f96a38112d266e4b04
        • Instruction Fuzzy Hash: 1A22A432609E8186EB24EB15E0443BAB3A4FB887B0F844135DA9D0B796EF7CE45DC750
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Time$FileSystem$CounterPerformanceQuery
        • String ID: gfffffff$gfffffff
        • API String ID: 3444630516-161084747
        • Opcode ID: 6b717948b45db1aff02f13b2d5548672a2469b0d0185b65519d6d1212e1e509e
        • Instruction ID: 739c66da2a9e7aa4d08be84ce276621063f7b334b0a5e721f98a5c127fc37c1f
        • Opcode Fuzzy Hash: 6b717948b45db1aff02f13b2d5548672a2469b0d0185b65519d6d1212e1e509e
        • Instruction Fuzzy Hash: E691B476A19E4A81EF10DB16F440279A3A4FB88BB4F949131EE4E4B7A5DF7CD449C310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • _get_daylight.LIBCMT ref: 00007FF71181192E
          • Part of subcall function 00007FF711801B04: _invalid_parameter_noinfo.LIBCMT ref: 00007FF711801B18
        • _get_daylight.LIBCMT ref: 00007FF711811950
          • Part of subcall function 00007FF711801AD4: _invalid_parameter_noinfo.LIBCMT ref: 00007FF711801AE8
        • GetTimeZoneInformation.KERNEL32(?,?,00000000,00000000,?,00007FF711811EDB), ref: 00007FF711811977
        • _get_daylight.LIBCMT ref: 00007FF71181193F
          • Part of subcall function 00007FF711801AA4: _invalid_parameter_noinfo.LIBCMT ref: 00007FF711801AB8
        Strings
        • ?, xrefs: 00007FF711811B31
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: _get_daylight_invalid_parameter_noinfo$InformationTimeZone
        • String ID: ?
        • API String ID: 2373669816-1684325040
        • Opcode ID: 5ebc2807f4d87917041706179e334c20696c554a8fe18b46f98520369398e962
        • Instruction ID: 4614bb9b73fc8abb1daafa135a7070ce49ddd742709962c5839dd15604e49ef8
        • Opcode Fuzzy Hash: 5ebc2807f4d87917041706179e334c20696c554a8fe18b46f98520369398e962
        • Instruction Fuzzy Hash: 9841A123A08E024AE310FF31D8814A9E799BF58374B85C035EA4C4B696DF7CE46887A0
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorFormatLastMessage
        • String ID: (0x%lX)$Error (0x%lX) while retrieving error. (0x%lX)
        • API String ID: 3479602957-3206765257
        • Opcode ID: ef14abdfbebfcf1d63e81dd69f7690d7c166e54ac53c4cd245a925bba536a469
        • Instruction ID: 6282cfd0a2d26be329c11491dbeee23005066d66a11eead053b19c4c883ebdc0
        • Opcode Fuzzy Hash: ef14abdfbebfcf1d63e81dd69f7690d7c166e54ac53c4cd245a925bba536a469
        • Instruction Fuzzy Hash: 3631A731A1CA4241F711AB15E4003BAE758FB88BA0F848131EE8D5BB56DFBDE15D8B50
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: GenuineIntel$LogMessage$Micr$osof$t Hv
        • API String ID: 0-4160051531
        • Opcode ID: 2e5bc3419f505798037e3245419d5433002118d19a0247c7116d8f1880f22116
        • Instruction ID: 2dd7192a10b7a1adfc251d40ad961da418d1d630e903bff1b4800d2a326d59e6
        • Opcode Fuzzy Hash: 2e5bc3419f505798037e3245419d5433002118d19a0247c7116d8f1880f22116
        • Instruction Fuzzy Hash: 8281F8739086814BE3299E29A4513AEBB90E758338F45413DEB4F8B7D2DA7DE548C710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: 33333333$33333333$UUUUUUUU$UUUUUUUU
        • API String ID: 0-1344069251
        • Opcode ID: f47e63f47f50bf971b9692b3ae5932e8a9938d46a4e75b2985b3e40c68e403a0
        • Instruction ID: b586e47640ef1439f7a3e95365eda9e1f9777e5e1e0deb78d98404c96354bb16
        • Opcode Fuzzy Hash: f47e63f47f50bf971b9692b3ae5932e8a9938d46a4e75b2985b3e40c68e403a0
        • Instruction Fuzzy Hash: 61C16962B1EE5A41EF12AB128000239D395AF49FF4B88C672DD1D1F795DE7CE469C322
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: InfoLocaletry_get_function
        • String ID: GetLocaleInfoEx
        • API String ID: 2200034068-2904428671
        • Opcode ID: 23631ef50726a6e19c82543d5c3f4ab0d1a7fe764a50efebc0586540a1e2bbaa
        • Instruction ID: a2d31970cb74041096e787c7a8e5988870661dd68eb315ffc24d08ee2b45473c
        • Opcode Fuzzy Hash: 23631ef50726a6e19c82543d5c3f4ab0d1a7fe764a50efebc0586540a1e2bbaa
        • Instruction Fuzzy Hash: 6B01A225B08F8186EB00AB11B4000AAE369BB98BF0F948435DE5C0BB59CE7CD919C750
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: 33333333$33333333$UUUUUUUU$UUUUUUUU
        • API String ID: 0-1344069251
        • Opcode ID: 4f80e399cecaeb21086b587cc810fbbfcfdd575b6c3601361fa5b8b36b875197
        • Instruction ID: a037441d0e8b3609faa71e9835c1fa4c64c27de743119c6f1dda29a34fe13e5d
        • Opcode Fuzzy Hash: 4f80e399cecaeb21086b587cc810fbbfcfdd575b6c3601361fa5b8b36b875197
        • Instruction Fuzzy Hash: F88106A2B09E4641EF14BA16D50837CD256AF5CBF0F49C531CE5E0B79AEEBCE08C8610
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: 33333333$33333333$UUUUUUUU$UUUUUUUU
        • API String ID: 0-1344069251
        • Opcode ID: ce9166f8a8f7d8f17ef9a729fe57961545cb4851cb597ee3dec3ee1b9f522658
        • Instruction ID: f2747812e344e91d923081dd93d2e2b1246051488100c329f86085aef243dbfb
        • Opcode Fuzzy Hash: ce9166f8a8f7d8f17ef9a729fe57961545cb4851cb597ee3dec3ee1b9f522658
        • Instruction Fuzzy Hash: 7281F862B19E0541EF249A16A510338E266EF5CBF0F98C171DE9E0B796DE7DE09E8210
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: 33333333$33333333$UUUUUUUU$UUUUUUUU
        • API String ID: 0-1344069251
        • Opcode ID: eba52d2d18bf5f40e879a3abdbb7ea233ba7c37a1d7a5868a975505e49696cd3
        • Instruction ID: e2ce4461e922692d78bc343948e811bc9971a926f9908875343a799fe36e2328
        • Opcode Fuzzy Hash: eba52d2d18bf5f40e879a3abdbb7ea233ba7c37a1d7a5868a975505e49696cd3
        • Instruction Fuzzy Hash: EE81D9B2B19E0641EF249A169544378E256EF5CBF0F48C531DE9D0F79AEE7DE08E8210
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Virtual$AllocFreeMemoryProcessWrite
        • String ID:
        • API String ID: 3247110995-0
        • Opcode ID: 0361189405df2eac911e862dfee359524b2af4c1135adbafcb1fe9351edf1a52
        • Instruction ID: 140f2bbbad2fc0003110fab6e83963927af075b14a3bb750e3f0cd361012970d
        • Opcode Fuzzy Hash: 0361189405df2eac911e862dfee359524b2af4c1135adbafcb1fe9351edf1a52
        • Instruction Fuzzy Hash: 04118E32719B5141FB50AF12A800B69A6D8BB4DFE0F888034AD4D0BB95EE7CD44A9620
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: ../../third_party/crashpad/crashpad/snapshot/minidump/minidump_simple_string_dictionary_reader.cc$duplicate key $simple_string_dictionary size mismatch
        • API String ID: 0-1121469671
        • Opcode ID: 881f13ab98f4c97f4467ffe190ac01426b380308409cb37270ce44e61dfabafc
        • Instruction ID: 48d7abef7cde4acff66241692498e93e3f49e1309d1993adf5c4fc41b03c8a6a
        • Opcode Fuzzy Hash: 881f13ab98f4c97f4467ffe190ac01426b380308409cb37270ce44e61dfabafc
        • Instruction Fuzzy Hash: 58B1A86160CE8241EB20EB15D4453BAE759BB857F0F808031EE8D4BB9ADFACD15DC720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: out of range$../../third_party/crashpad/crashpad/minidump/minidump_rva_list_writer.cc$child_count
        • API String ID: 0-3308305611
        • Opcode ID: 8a7f284cd50166352595b4ead68c6f16a56f8d954a46d10c59ddf0f7df14c13d
        • Instruction ID: 5dd1b59c605024020bc210e9238fb19a3babccb05e4528059ec17fc2c64dd577
        • Opcode Fuzzy Hash: 8a7f284cd50166352595b4ead68c6f16a56f8d954a46d10c59ddf0f7df14c13d
        • Instruction Fuzzy Hash: 7271D822715E4646EF11EA1AB9442BAD359AB44BF0F984232DE6D0F7D1DEBCE05AC310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: 0x?$global/$shared_memory/
        • API String ID: 0-191796
        • Opcode ID: 5ee6011db15ff2d34761dfbbb6c57c21cf9e82e5b550215e4822a835c960ff9f
        • Instruction ID: f9256de9354315f82c5b1af02eb0aab538cff6bc3e941f528cb19ae65954578b
        • Opcode Fuzzy Hash: 5ee6011db15ff2d34761dfbbb6c57c21cf9e82e5b550215e4822a835c960ff9f
        • Instruction Fuzzy Hash: 5A91E322A08EA385EB21AF15E05437BE354AB497B4F944035DAAE0F7D6DEADE04D8310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: 33333333$DeleteFile.NonRecursive$UUUUUUUU
        • API String ID: 0-2961211931
        • Opcode ID: c121812935cfaea49e03845372368232d4a053bfa9df3057347a76f59e89a7f7
        • Instruction ID: 284c7063e5bdb9bc6e20fde7628a1cc9f833f353cc278bea4133b08813ff2279
        • Opcode Fuzzy Hash: c121812935cfaea49e03845372368232d4a053bfa9df3057347a76f59e89a7f7
        • Instruction Fuzzy Hash: 6151056270EE4649EF609B029400239E7D9BB5CBB4F89C032DE8D5B786DE7CE14D8320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: _invalid_parameter_noinfo
        • String ID: gfffffff
        • API String ID: 3215553584-1523873471
        • Opcode ID: f34b95096b4a37bf7334b7ab0c1e32b732a056a6560bd636489e8501a67e9ea5
        • Instruction ID: 16e4ce23f8275bfc87286a271112f844e621b82eaf172bc42de775c91fd98cd9
        • Opcode Fuzzy Hash: f34b95096b4a37bf7334b7ab0c1e32b732a056a6560bd636489e8501a67e9ea5
        • Instruction Fuzzy Hash: AB917967B08BC546EB12DB2594007B9BB9AAB60BF0F55C071CE5D4B781DE7CE519C310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • _invalid_parameter_noinfo.LIBCMT ref: 00007FF7118216F2
          • Part of subcall function 00007FF71180EA7C: IsProcessorFeaturePresent.KERNEL32(?,?,?,?,00007FF71180ECD5), ref: 00007FF71180EA85
          • Part of subcall function 00007FF71180EA7C: GetCurrentProcess.KERNEL32(?,?,?,?,00007FF71180ECD5), ref: 00007FF71180EAAA
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CurrentFeaturePresentProcessProcessor_invalid_parameter_noinfo
        • String ID: -
        • API String ID: 4036615347-2547889144
        • Opcode ID: fb07916ea03a41aa9a02ff45e1283f6be252788276abd6fd646994331fea731e
        • Instruction ID: e0a6345434942c03809474ced95c032ea47e1107b6cc4311ddc011c519f71a1b
        • Opcode Fuzzy Hash: fb07916ea03a41aa9a02ff45e1283f6be252788276abd6fd646994331fea731e
        • Instruction Fuzzy Hash: A2813426B08B8545EB31AB15940076AF795FB857F0FA48275DA8D0BBC8CFBCE018CB00
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CurrentThread
        • String ID: MessagePumpForUI::ProcessPumpReplacementMessage PeekMessage
        • API String ID: 2882836952-1843155600
        • Opcode ID: fc76145c4925856d979bc9782fe043a5f1a8fa9efd79a71266a5db677b768770
        • Instruction ID: e70ec7a469ec4bf927c4f1fb17005d6fc58604b8ca7f257563d28102da653bb1
        • Opcode Fuzzy Hash: fc76145c4925856d979bc9782fe043a5f1a8fa9efd79a71266a5db677b768770
        • Instruction Fuzzy Hash: 2A41A331A08E8642EB21AF15A4503A9A7A4BF9D774FD44031DA4E4B751DFACE14EC720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExceptionRaise_clrfp
        • String ID:
        • API String ID: 15204871-0
        • Opcode ID: 0e72dc5ff28b7374a2f8a10ba2742e377e8cbe53cf684bf0e62ae4dd7e214b63
        • Instruction ID: e73bd310d5e74d51166e6a06fb7deefe450e8d6ff06fff44bf228ae1c7b2f964
        • Opcode Fuzzy Hash: 0e72dc5ff28b7374a2f8a10ba2742e377e8cbe53cf684bf0e62ae4dd7e214b63
        • Instruction Fuzzy Hash: DCB17D73600B858BEB16CF29C88636CB7A0FB44B68F54C821DA5D8BBA4CB79D465C710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: AuthenticAMD$HygonGenuine
        • API String ID: 0-1245188807
        • Opcode ID: 5edbaed51ef6bdac6ed279421483ed60ab3762ebd5481dae9c96b2f7d9b49665
        • Instruction ID: 18642ddfcc53f40dd5461b5bf46e99fe0c63ae3b7607b7ab20a3bb5ee0c6c222
        • Opcode Fuzzy Hash: 5edbaed51ef6bdac6ed279421483ed60ab3762ebd5481dae9c96b2f7d9b49665
        • Instruction Fuzzy Hash: CB320236B08B8586EB00EF26D5087A9A3A4FB89BE4F858131DF5D4B796DF78D149C310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • GetVersion.KERNEL32 ref: 00007FF711749648
          • Part of subcall function 00007FF711749AF0: _Init_thread_header.LIBCMT ref: 00007FF711749B4C
          • Part of subcall function 00007FF711749AF0: _Init_thread_footer.LIBCMT ref: 00007FF711749C71
        • CreateNamedPipeW.KERNEL32(?,?,?,?,?,?,?,?,?,FFFFFFFF,?,?,00007FF711748F75), ref: 00007FF7117496C5
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CreateInit_thread_footerInit_thread_headerNamedPipeVersion
        • String ID:
        • API String ID: 1297100901-0
        • Opcode ID: 3983d9ecd03c4755a6ecca54c1e637ad9b28e2aeecedce15061550fd0dba76bc
        • Instruction ID: f0eb28cf2e8caa6d3c79042ad3ed46a39c970467cba5bbfbd3caf30894e6aad2
        • Opcode Fuzzy Hash: 3983d9ecd03c4755a6ecca54c1e637ad9b28e2aeecedce15061550fd0dba76bc
        • Instruction Fuzzy Hash: 21212731A18A8085F7509F24E44136AF7E4FB8CBA4F548035DA8D4B754EFBDD19A8750
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: 33333333$UUUUUUUU
        • API String ID: 0-3483174168
        • Opcode ID: 1727d5ceb52b4a1e48c73d246b6471737327febc33a4fb466423763230e76dcc
        • Instruction ID: 1199f06ab29a048393bf786fac48e19c0ad32a1e1e40bd563994924528ca830c
        • Opcode Fuzzy Hash: 1727d5ceb52b4a1e48c73d246b6471737327febc33a4fb466423763230e76dcc
        • Instruction Fuzzy Hash: 89912762B19E4685EF95AF128420279A3B5EB54FF4F88C532DE0D1B784DF7CE0698320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: 33333333$UUUUUUUU
        • API String ID: 0-3483174168
        • Opcode ID: 0b0e4785c3b8b91bce4a282061035c9558862e7c8456ab3b0b896cebb9716faf
        • Instruction ID: 7c1285f8161456dc8e3db2eb2de840cd1e06b66f62411fb6875f19647882def3
        • Opcode Fuzzy Hash: 0b0e4785c3b8b91bce4a282061035c9558862e7c8456ab3b0b896cebb9716faf
        • Instruction Fuzzy Hash: BA81D762B2DF1685EF11BF169410339A299AB9DBB4B8C8532DD0D1B746EE7DE09CC310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: 33333333$UUUUUUUU
        • API String ID: 0-3483174168
        • Opcode ID: 69edbf85e144e4b5c9ea5017aeea08419bb13fce02f6ac0538cbc6cd5079d0f6
        • Instruction ID: 818ae4d93216f4e8d6aa9792f070140e70cc949ff9a6311b4baeab59b4c6b385
        • Opcode Fuzzy Hash: 69edbf85e144e4b5c9ea5017aeea08419bb13fce02f6ac0538cbc6cd5079d0f6
        • Instruction Fuzzy Hash: B581BF62709F4580EF229E069450769B7A9EB58BF0F88C176EE9D0B794DE7CE069C310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: 33333333$UUUUUUUU
        • API String ID: 0-3483174168
        • Opcode ID: 38d8164ba000f1a9d1e373d13e236a4e2ca60ba4f3d322928ca9711c95feac91
        • Instruction ID: a274fbb7b9d67582e80420cbf71ccd567664529d6bbe9d25d4f176859d34129f
        • Opcode Fuzzy Hash: 38d8164ba000f1a9d1e373d13e236a4e2ca60ba4f3d322928ca9711c95feac91
        • Instruction Fuzzy Hash: 0681E426B19F4981EB51DB169414239A2A9FF58BF4F89C632DE4D1B340EF7CE4A98310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: 33333333$UUUUUUUU
        • API String ID: 0-3483174168
        • Opcode ID: 697362f008bae06b978e94ec626938c33d6ff6caf29ed913d1eb1ca9179f7b36
        • Instruction ID: a218f5542d35e6a7d9373c4233732e999ab5425c9fc6e06593f05a5cfde58ab4
        • Opcode Fuzzy Hash: 697362f008bae06b978e94ec626938c33d6ff6caf29ed913d1eb1ca9179f7b36
        • Instruction Fuzzy Hash: 5671F862B1AF0A41EF159B129551238A299EF5CBF078DC536DE1D0B786EFBCA05E8310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: 33333333$UUUUUUUU
        • API String ID: 0-3483174168
        • Opcode ID: e6ad15a7ece6c2888603224ec9c3f237b661fc59afe623d50e5d4d783e1aad85
        • Instruction ID: e9f11f023c10f319491ed7c7fa9b26e8422b84650088c5ec68469e4b73027e5a
        • Opcode Fuzzy Hash: e6ad15a7ece6c2888603224ec9c3f237b661fc59afe623d50e5d4d783e1aad85
        • Instruction Fuzzy Hash: 5D61E862B1DF9941EF55EB268400238A299EF5CFA0798C976DD0D1B386DE7CE4DE8310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: 33333333$UUUUUUUU
        • API String ID: 0-3483174168
        • Opcode ID: f3996f7463b476919086a860e3bff6232af7804eb3dbee23280695e1d9dfe501
        • Instruction ID: 0e9a29e224958b95486269795eee73ca81905e865ead5372d049944ca8beaa95
        • Opcode Fuzzy Hash: f3996f7463b476919086a860e3bff6232af7804eb3dbee23280695e1d9dfe501
        • Instruction Fuzzy Hash: AA61D572B19E4681EF15BA16C50827DA396AF5CBE4B898932CD0D0B786DF7CF05D8710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: 33333333$UUUUUUUU
        • API String ID: 0-3483174168
        • Opcode ID: 9dea946b59d23f72d4d416cce1eb48d782c1646684cfd243ceb07323ad0c026a
        • Instruction ID: b6e8139838ce322e9efc9e01355e852f54e1b252faf1a24941eaae3c856b111f
        • Opcode Fuzzy Hash: 9dea946b59d23f72d4d416cce1eb48d782c1646684cfd243ceb07323ad0c026a
        • Instruction Fuzzy Hash: C8510D5270DA5641EFA4AB129420279D369EF15BF0B88C531DE4D0F781DEBEF8AD8311
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: __next_prime overflow
        • API String ID: 0-822664188
        • Opcode ID: 348fff7b52be30ff05a3476d13ccaefd0a4d9ca0e0ee3dad291b5b728d7fd776
        • Instruction ID: 37369967c1ae9ec06a4e2ca985e66be15dea6654e9f748beaa3d9e3f49aff2e1
        • Opcode Fuzzy Hash: 348fff7b52be30ff05a3476d13ccaefd0a4d9ca0e0ee3dad291b5b728d7fd776
        • Instruction Fuzzy Hash: C4327A92B4AF5A02EF58DB59A704174924B5F887E0D8C9479CD0D1BB89CEFCFA4E9310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: 4b58f8f5aa2c37555f6d79329fab524c24d962c092ddf3390679756aeb41795d
        • Instruction ID: 323865cacf1f3a8bfb6d435fe9a2c13fbd199c24b58b25b8b45cf35e946eb365
        • Opcode Fuzzy Hash: 4b58f8f5aa2c37555f6d79329fab524c24d962c092ddf3390679756aeb41795d
        • Instruction Fuzzy Hash: 7002E322A0DE5342EB52BB115401239E688AF45BB8FE4C635DD6D4F3D2DEBCE429C321
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: FeaturePresentProcessor
        • String ID: MDMP
        • API String ID: 2325560087-286595676
        • Opcode ID: 18580e5917b51169826936e14f94370ce101e3967c765cadce666e0175dd6c32
        • Instruction ID: edec724da136f4dacd3242b95a8263ccc1967eca1cfa336429ed16e55738d176
        • Opcode Fuzzy Hash: 18580e5917b51169826936e14f94370ce101e3967c765cadce666e0175dd6c32
        • Instruction Fuzzy Hash: 5E42C332A09ED585EB30AB15E0503E9A3A4EB88BA0F884231DE9D5B7D6DF7CD549C710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: disabled-by-default-*
        • API String ID: 0-3154714094
        • Opcode ID: 3d8e0a8854478b49448f4377a837e9ac5bd73f1ac6d7080c42e28e0ecca0f810
        • Instruction ID: b591eb3a260f56ddb57d27934a8abd796c94ba01a4f11328f36f6d399063bdeb
        • Opcode Fuzzy Hash: 3d8e0a8854478b49448f4377a837e9ac5bd73f1ac6d7080c42e28e0ecca0f810
        • Instruction Fuzzy Hash: 94B13512F0ED9202F7266524945433996CE6B497B0FD9C236CA6E2F3D3D9FDA44DC220
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: disabled-by-default-*
        • API String ID: 0-3154714094
        • Opcode ID: 96c9d80f73568ba05a620885f0835a6f75eadc935793b40e22b15e0343fb81c0
        • Instruction ID: 19f64c47556c3a89f645fd2ca5d06da893ef2270303fd7182dba1ce7f6046ea0
        • Opcode Fuzzy Hash: 96c9d80f73568ba05a620885f0835a6f75eadc935793b40e22b15e0343fb81c0
        • Instruction Fuzzy Hash: 61D1823260DFC580EB719B15E4403AAB7A4EB89764F848135CA9C1BB96CFBCD05DD721
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: Key
        • API String ID: 0-3000888649
        • Opcode ID: e3a29b04eedef408208357d397b496293625541597a1af76078554daf5f058b9
        • Instruction ID: 6c8f328ad07e5ef06cf8e82870bcdc4e8be62e009d5b6fd59f41bcedd19b66d0
        • Opcode Fuzzy Hash: e3a29b04eedef408208357d397b496293625541597a1af76078554daf5f058b9
        • Instruction Fuzzy Hash: 33D16332A08E8185E711EB15E4003BEA3A8FB997A4F944131EB9D0BB96DFBCD55DC710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: LibraryLoad
        • String ID:
        • API String ID: 1029625771-0
        • Opcode ID: fe701d04872d373516be9b24c0c7352e35727185da12a20222cb58038ce38921
        • Instruction ID: 010ec2a883d910088346a9a87e1d2ea6945858786e22eec833325b2e05934a53
        • Opcode Fuzzy Hash: fe701d04872d373516be9b24c0c7352e35727185da12a20222cb58038ce38921
        • Instruction Fuzzy Hash: BCE0E511F09AA343FB7A671024852779AC84F0A774E88C430C6CC0DF82E89CAACE8310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: ?
        • API String ID: 0-1684325040
        • Opcode ID: 6f4f7cc6a67713628dafa1ba69a915f8c005027d11111331ce5e301c3a2bcfe9
        • Instruction ID: f3e393aecde1276a25e3209dbe402ad5a210b8171cd3a62bbac91d728f2c4a9e
        • Opcode Fuzzy Hash: 6f4f7cc6a67713628dafa1ba69a915f8c005027d11111331ce5e301c3a2bcfe9
        • Instruction Fuzzy Hash: E1A11B12E1EE8241FB616A24940417DF6D5AF497B0F95C231CA6D2E3D6FEBCE54C83A0
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: _invalid_parameter_noinfo
        • String ID: 0
        • API String ID: 3215553584-4108050209
        • Opcode ID: 09907e6c8974956fc4e4ab326349e73afb6f2b755dc7bc0999b838c97759bdaf
        • Instruction ID: 2d4765aecdcf7b40db8614f1d926085fd9a6a44d1b48ce875aa961c72fa7306e
        • Opcode Fuzzy Hash: 09907e6c8974956fc4e4ab326349e73afb6f2b755dc7bc0999b838c97759bdaf
        • Instruction Fuzzy Hash: 5E71E525F58A0B42F768BA1D50006B9A3E8EF41774FC4D136DD4D0F699CFADE86B8224
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: _invalid_parameter_noinfo
        • String ID: 0
        • API String ID: 3215553584-4108050209
        • Opcode ID: 524a572cc663ef8c0a990020f2b6949d45480695930522809a6eec73a5eee62a
        • Instruction ID: c642ac8ef0c0b46063e5ae1813c177b09258379ff04482fdf9df61f22a7cacb4
        • Opcode Fuzzy Hash: 524a572cc663ef8c0a990020f2b6949d45480695930522809a6eec73a5eee62a
        • Instruction Fuzzy Hash: 6661E311A0CE4A4EEB64662950003BBD3DA9B42774FC49131DC891F3DACEEDE86F8721
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: ALPC Port
        • API String ID: 0-4176299991
        • Opcode ID: 63b5cf619cea86022599f057122b2bfd9de21089f4fb06c000447e322d5d727f
        • Instruction ID: 5e03ade7086d2d9e484f640774a55d70d7b846bcd489d5841acafb5830ab3e6c
        • Opcode Fuzzy Hash: 63b5cf619cea86022599f057122b2bfd9de21089f4fb06c000447e322d5d727f
        • Instruction Fuzzy Hash: B361A522B18E8141F760AB25A4007FAA398AF897B4FC44131ED9D4B7D6DEBDD54EC710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: -
        • API String ID: 0-2547889144
        • Opcode ID: daa09a52c36cbafe7bbdb60c35650efd95db41ad028f374db2e3d818612a3b01
        • Instruction ID: 116b83b566f1be859fc732ece9505c089429fbd4fca2585b0904e839a5a78289
        • Opcode Fuzzy Hash: daa09a52c36cbafe7bbdb60c35650efd95db41ad028f374db2e3d818612a3b01
        • Instruction Fuzzy Hash: AC517B62F18E9941DB00DA3DA8003B5E759AB95BF0F944331DE3E0FBD6EA7C91498360
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: 15812326e2c441161d00b7ae039648bacf199d1fcf528eec2fc151a96dd577b5
        • Instruction ID: 5df60e4d2d5a2ecfc142ceba5177bad87f2db8efb2407e8f91b4c20eb829394e
        • Opcode Fuzzy Hash: 15812326e2c441161d00b7ae039648bacf199d1fcf528eec2fc151a96dd577b5
        • Instruction Fuzzy Hash: C512C832B0DA4281DBA0AA19D05037CA7B9EB59BF4FD4C131DA4D0B795EFADD41AC320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Concurrency::cancel_current_task
        • String ID:
        • API String ID: 118556049-0
        • Opcode ID: 3dde9bfe70716c0b998b82d363cd6edb93b673f18d8734a63d26a4ad27c1e6d8
        • Instruction ID: c0bf6bcc7c313bbb80c0246e361f6b68bafcd4e2eade7d320d610365e47dfd3c
        • Opcode Fuzzy Hash: 3dde9bfe70716c0b998b82d363cd6edb93b673f18d8734a63d26a4ad27c1e6d8
        • Instruction Fuzzy Hash: B9129432A08F8581D710EF15E44426EB3A8FB48BA4F554235EFAD1B796DF78E099C310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: b8791519ed44b3c8546ec85e6f54de586054c018aebbe17565317ed8da1a4035
        • Instruction ID: b775fefd8ad39ce114677c3ada671c4f58e8c7b3893810d767846bab40eeda6c
        • Opcode Fuzzy Hash: b8791519ed44b3c8546ec85e6f54de586054c018aebbe17565317ed8da1a4035
        • Instruction Fuzzy Hash: 85F16C33704B898AEB14DE2CD4A17B9BB64E794B90F459236CB1A87391EF78D519C310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: 8bf29163db58ea59ab6d9f3250ad0c8fbf7bc9881c23f0b644a3f7945bafca0d
        • Instruction ID: 18fdda10d6ba5fe6d3b288316dacce13dc0a912c5b90505ec1cdb57bb3adc016
        • Opcode Fuzzy Hash: 8bf29163db58ea59ab6d9f3250ad0c8fbf7bc9881c23f0b644a3f7945bafca0d
        • Instruction Fuzzy Hash: 67E10722A19E9181E710AB11D4002AAE3A4EF897B4FC48331EAAD5BBD5DFBCD44DC711
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: 49bcefbd09573a54267847eb356f0282dd809f8d3e4f6e4ef695e463a1484169
        • Instruction ID: 6e69e690713eb608805ee35d5e28be5c6e9020e1acd153d7337d1d6894f2b597
        • Opcode Fuzzy Hash: 49bcefbd09573a54267847eb356f0282dd809f8d3e4f6e4ef695e463a1484169
        • Instruction Fuzzy Hash: 42C17572B04A1186D714AF19D588AB9B365FB447B8F95C331DB390B2D4EABCE49AC310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLastNameTranslatetry_get_function$CodePageValid_invalid_parameter_noinfo
        • String ID:
        • API String ID: 3827717455-0
        • Opcode ID: 2ee31e36def7a56e14192ee3383b56aa65167362e3128027cc21080630c61d64
        • Instruction ID: 89147a5bc9c348acec0c97ac7e246e34bfb1d8cd134a7645a794c2bdfcbf4d4b
        • Opcode Fuzzy Hash: 2ee31e36def7a56e14192ee3383b56aa65167362e3128027cc21080630c61d64
        • Instruction Fuzzy Hash: 4CD1F92AA08A8645E760AF2194103BAA7E8FB947F8FC08131DE4D4B6D5EF7CD559C710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: 07eb38629bc8d17c1fcf9fe8b220fbc9864e53342bf496e4ade1b0c59d785749
        • Instruction ID: 10a776e850d2ad4d19f8d66324efe3082c82dfc2ee88a7580d8284e0291b8226
        • Opcode Fuzzy Hash: 07eb38629bc8d17c1fcf9fe8b220fbc9864e53342bf496e4ade1b0c59d785749
        • Instruction Fuzzy Hash: 67F18522A0CEC180EB31AB15E4103FAA7A4FB88764F844175DA9D5B796DFBCD18EC711
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: 4f7efd8eea2a3b97d81c92d7db3fc968ab39dffd004dddb78e2b1ddd1269e040
        • Instruction ID: c19f703e040c5a7202fdc03853601648ad56d79e4d5ff4c1091779b073fd77bc
        • Opcode Fuzzy Hash: 4f7efd8eea2a3b97d81c92d7db3fc968ab39dffd004dddb78e2b1ddd1269e040
        • Instruction Fuzzy Hash: 95E1BF32A08F8582D750DF26E54016DB7B4FB48BA4F549231EB9D17B96DF78E0A9C310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: 424e38666194c036ef6c45236f59707091d292b2c542ddec4f1b0f4050d91331
        • Instruction ID: 3ecbca4b4184ea6e4e3c1e52571de9d5f4bcb833780f22d487c9c4a73124d253
        • Opcode Fuzzy Hash: 424e38666194c036ef6c45236f59707091d292b2c542ddec4f1b0f4050d91331
        • Instruction Fuzzy Hash: 27A15BD2F85A598BDE489F55A8261B9930AB74CFD0B4CB133DE0E0B799DD3CD199C208
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: 1fb60ea65a430465a1a1e72e22d9b59ced237cdfc05657d2d0a8dd71f7c28784
        • Instruction ID: a8fc098de91637232352b7c595f8fab3aac0ff8b4c7e4ad9341e82acb9252fdb
        • Opcode Fuzzy Hash: 1fb60ea65a430465a1a1e72e22d9b59ced237cdfc05657d2d0a8dd71f7c28784
        • Instruction Fuzzy Hash: ED916B22B18D4A46FB25AA2590103B9A7D8AF40378FA49139DE6E5F7C0CD7CE81D9730
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: bb54842254bff031e8d79cf41fa926e09db5c7bc035c9d5a7764b70c678a1b18
        • Instruction ID: 9db00408750587f28875de1474fb2be56ea6191b0edf2f8686c1cffae8e29165
        • Opcode Fuzzy Hash: bb54842254bff031e8d79cf41fa926e09db5c7bc035c9d5a7764b70c678a1b18
        • Instruction Fuzzy Hash: 18915873B08B9147DB15DF28E894268A795EB99B50F46C33ACE1D477C5EF6CD0098310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: 77cd9fa1b4e144f1e1eeef60d64901641805f5f1b35084a66dff4b597b1263ee
        • Instruction ID: c608f00ceece4cffce26c18e33ef71802dc65b09899511fe6c01e972a7715a9e
        • Opcode Fuzzy Hash: 77cd9fa1b4e144f1e1eeef60d64901641805f5f1b35084a66dff4b597b1263ee
        • Instruction Fuzzy Hash: 76A18722608EC281EB21AF25E4447FAA764FB887A4F844231EAAD17796DF7CD15DC710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: 456ec16b0b8375486450029c8a297fff20f24383d1d3f5325fcef5049b340756
        • Instruction ID: 172c7c2412a95e2c0ceef45b90f0b423ae726cdea26056bd1bedf2f60e922105
        • Opcode Fuzzy Hash: 456ec16b0b8375486450029c8a297fff20f24383d1d3f5325fcef5049b340756
        • Instruction Fuzzy Hash: 92A1E422A08F8681EB51EF15E45426EA7B8FB497A4F414235EE9D0B342DF7CE19CC350
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: 2f7059b9077efb033d56e13cac501074e38899825d1235e892c619b05192e243
        • Instruction ID: dd0f2ef2530f2fdc893abee31b1a3849e512e542295b7719aaad9162b2571394
        • Opcode Fuzzy Hash: 2f7059b9077efb033d56e13cac501074e38899825d1235e892c619b05192e243
        • Instruction Fuzzy Hash: DEA19222A14FC182E7649F24E8403EAB364FB99754F555336EBAE06392DF7CE195C310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: 1471caa29a13a459993aebfc423ece9833b431dd0f063e1869742a2d7fdf0ec2
        • Instruction ID: 906453fad96ff86ea3fb1f777875051489f9970ce761c28daf1e7e536b6238aa
        • Opcode Fuzzy Hash: 1471caa29a13a459993aebfc423ece9833b431dd0f063e1869742a2d7fdf0ec2
        • Instruction Fuzzy Hash: 2871AE61B15E9446EF14E63EE4113AAA789A781BF0F954331EE3A0F3D5DE7C910AC310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: 46c46da7be953ebee0214cab129895825091aa9e7923c741667aa0c4fa384bc6
        • Instruction ID: 2d536d872cf0fb0a4003ba93442270556463aa394ae57c635e95c3599150102d
        • Opcode Fuzzy Hash: 46c46da7be953ebee0214cab129895825091aa9e7923c741667aa0c4fa384bc6
        • Instruction Fuzzy Hash: 2741E422714E5982FF04DF2AD9151ADA3A5AB48FF4B899137DE0D8BB58DF7CD44A8300
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: 8eb7e0405db0a5a36b9d88e6822711930159f567fb5fc83281bdb9792fba7c0a
        • Instruction ID: 3e967af2f11bbce576a19e76121a31475fdd8e09f9a85b95562a6452c5efcd22
        • Opcode Fuzzy Hash: 8eb7e0405db0a5a36b9d88e6822711930159f567fb5fc83281bdb9792fba7c0a
        • Instruction Fuzzy Hash: EA11C2E2349AAA03AD08C2A995BA479D26B97DCBC0750F137DD4E0F3A9CD2D6204C110
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID:
        • API String ID:
        • Opcode ID: 44d6f4b1d19a6a6d8ef676add7194c135e698558c35f201fba145bf91d775a66
        • Instruction ID: 3f230fcd113ed8c86b7f3867d68c39c2d819b3e58e3e2dd6251e730feecf7de6
        • Opcode Fuzzy Hash: 44d6f4b1d19a6a6d8ef676add7194c135e698558c35f201fba145bf91d775a66
        • Instruction Fuzzy Hash: 0D014E7293C8A145C7545B149410DBDB7D4EB45732FC68331DB57672C2CF6D895C8320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • try_get_function.LIBVCRUNTIME ref: 00007FF711820083
        • try_get_function.LIBVCRUNTIME ref: 00007FF7118200A2
          • Part of subcall function 00007FF7118201C4: GetProcAddress.KERNEL32(?,?,?,00007FF71181FFC0,?,?,00000000,00007FF71182252C,?,?,E0000008,00007FF71180AF69,?,?,E0000008,00007FF71180B06F), ref: 00007FF71182031C
        • try_get_function.LIBVCRUNTIME ref: 00007FF7118200C1
          • Part of subcall function 00007FF7118201C4: LoadLibraryExW.KERNEL32(?,?,?,00007FF71181FFC0,?,?,00000000,00007FF71182252C,?,?,E0000008,00007FF71180AF69,?,?,E0000008,00007FF71180B06F), ref: 00007FF711820267
          • Part of subcall function 00007FF7118201C4: GetLastError.KERNEL32(?,?,?,00007FF71181FFC0,?,?,00000000,00007FF71182252C,?,?,E0000008,00007FF71180AF69,?,?,E0000008,00007FF71180B06F), ref: 00007FF711820275
          • Part of subcall function 00007FF7118201C4: LoadLibraryExW.KERNEL32(?,?,?,00007FF71181FFC0,?,?,00000000,00007FF71182252C,?,?,E0000008,00007FF71180AF69,?,?,E0000008,00007FF71180B06F), ref: 00007FF7118202B7
        • try_get_function.LIBVCRUNTIME ref: 00007FF7118200E0
          • Part of subcall function 00007FF7118201C4: FreeLibrary.KERNEL32(?,?,?,00007FF71181FFC0,?,?,00000000,00007FF71182252C,?,?,E0000008,00007FF71180AF69,?,?,E0000008,00007FF71180B06F), ref: 00007FF7118202F0
        • try_get_function.LIBVCRUNTIME ref: 00007FF7118200FF
        • try_get_function.LIBVCRUNTIME ref: 00007FF71182011E
        • try_get_function.LIBVCRUNTIME ref: 00007FF71182013D
        • try_get_function.LIBVCRUNTIME ref: 00007FF71182015C
        • try_get_function.LIBVCRUNTIME ref: 00007FF71182017B
        • try_get_function.LIBVCRUNTIME ref: 00007FF71182019A
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: try_get_function$Library$Load$AddressErrorFreeLastProc
        • String ID: AreFileApisANSI$CompareStringEx$EnumSystemLocalesEx$GetDateFormatEx$GetLocaleInfoEx$GetTimeFormatEx$GetUserDefaultLocaleName$IsValidLocaleName$LCIDToLocaleName$LCMapStringEx$LocaleNameToLCID
        • API String ID: 3255926029-3252031757
        • Opcode ID: 148a9323608d6a5f0d893c52b4a224baccb7c2783ee124f821e1d2d245242f14
        • Instruction ID: ccd992ad5941d5d5c2e9e0f7cde640da42b2419f6591c13bace6a05706d8e501
        • Opcode Fuzzy Hash: 148a9323608d6a5f0d893c52b4a224baccb7c2783ee124f821e1d2d245242f14
        • Instruction Fuzzy Hash: CE316660D59F47A2EF05FB60E8415E4A32BAB04334FC08177D42D1A1B5AEBCE66DC366
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLast$AddressProc$CurrentHandleHeapInformationModuleProcess
        • String ID: SetDefaultDllDirectories$SetProcessMitigationPolicy$kernel32.dll
        • API String ID: 119455626-1152130905
        • Opcode ID: 2fcca0479b9f5fe098495c6928092f12251decff362176d4a36e2864fbc5d17d
        • Instruction ID: 57163cd5c76189788f63820cb38143c04aed8ca084d25b9191685f7cece8e0be
        • Opcode Fuzzy Hash: 2fcca0479b9f5fe098495c6928092f12251decff362176d4a36e2864fbc5d17d
        • Instruction Fuzzy Hash: A8816061E0CA0281FBA47B54B864239A5A99F49BB0FC04035E90E8E3D7DEBDE54D8631
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: File$Attributes$ErrorLast$DeleteDirectoryRemove
        • String ID: ../../base/files/file_util_win.cc$DeleteFile.NonRecursive$DeleteFile.Recursive$DeleteFileAndRecordMetrics$DoDeleteFile$Windows.FilesystemError.$Windows.PostOperationState.$debug.log
        • API String ID: 1056033459-3425003935
        • Opcode ID: 97bbefffd1b2cd99eed600c92906c967c51f9b0cff91f2d3294ebb9807603f03
        • Instruction ID: 9b15a6e5da56813f934b9aaefec10624478c87019ad5a72e4ad827dcc1329f57
        • Opcode Fuzzy Hash: 97bbefffd1b2cd99eed600c92906c967c51f9b0cff91f2d3294ebb9807603f03
        • Instruction Fuzzy Hash: 44D1B921A0CE9241FB216B25A4043BBE399AF887B4F844531DE6D1B7D7DEBCE55D8310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLast$NamedPipe$CreateFileHandleStateTransactWait
        • String ID: , observed $../../third_party/crashpad/crashpad/util/win/registration_protocol_win.cc$CreateFile$SetNamedPipeHandleState$TransactNamedPipe$TransactNamedPipe: expected $WaitNamedPipe
        • API String ID: 3596446487-3702053020
        • Opcode ID: cb09c489542dd1ed6c19f9f506da358075e5af17a7a10420dad382c0a3e76a9d
        • Instruction ID: ebdfaded74880979246f6592cb6a8462d1c819355fea85e37297125fa6af282e
        • Opcode Fuzzy Hash: cb09c489542dd1ed6c19f9f506da358075e5af17a7a10420dad382c0a3e76a9d
        • Instruction Fuzzy Hash: 8E717E35B1890281FB10AB61E4117BAE619AB897B4FC44135E94D0FBC6EFADE60D8760
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • _Init_thread_header.LIBCMT ref: 00007FF71174F584
          • Part of subcall function 00007FF7117FAC50: EnterCriticalSection.KERNEL32 ref: 00007FF7117FAC60
        • GetModuleHandleW.KERNEL32 ref: 00007FF71174F599
        • GetProcAddress.KERNEL32 ref: 00007FF71174F5A9
        • _Init_thread_footer.LIBCMT ref: 00007FF71174F5BD
          • Part of subcall function 00007FF7117FB080: EnterCriticalSection.KERNEL32 ref: 00007FF7117FB090
          • Part of subcall function 00007FF7117FB080: LeaveCriticalSection.KERNEL32 ref: 00007FF7117FB0D0
        • LoadLibraryExW.KERNEL32 ref: 00007FF71174F5E2
        • GetLastError.KERNEL32 ref: 00007FF71174F641
        • LoadLibraryW.KERNEL32 ref: 00007FF71174F6C9
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CriticalSection$EnterLibraryLoad$AddressErrorHandleInit_thread_footerInit_thread_headerLastLeaveModuleProc
        • String ID: ../../base/native_library_win.cc$AddDllDirectory$LibraryLoader.LoadNativeLibraryWindows$LoadNativeLibraryHelper$kernel32.dll
        • API String ID: 476849772-2275649759
        • Opcode ID: feb97b545dd7edd0a53aecf06957a6d24a6822d87935ab985e30559a855bbf87
        • Instruction ID: b3b071d04736645e0dcdee55f5fba1cecbdea7e65cd6d98bb7bf8934a906583f
        • Opcode Fuzzy Hash: feb97b545dd7edd0a53aecf06957a6d24a6822d87935ab985e30559a855bbf87
        • Instruction Fuzzy Hash: CF718131A09D5282FB11AB25E4043BAA3A4BF48BB0F844131DD4D5BBA2DFBCE55D8721
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLast$Process$FileMemoryWrite$HandleView$CloseCreateCurrentDuplicateMappingUnmap
        • String ID:
        • API String ID: 3327337761-0
        • Opcode ID: f2489aacd9ed9d821e55746cd88fdcfc9e0eb225876b558841b8224bec48cf5e
        • Instruction ID: ac30b5adac82f7f45a2fad3a90632f07b5543e57014f068430fc587b9c4011bc
        • Opcode Fuzzy Hash: f2489aacd9ed9d821e55746cd88fdcfc9e0eb225876b558841b8224bec48cf5e
        • Instruction Fuzzy Hash: 9BB19531A18E4285EB20AF12A444379E398FF49BB0F848135DA8D1F796DFBCE54D8324
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • GetModuleHandleExW.KERNEL32 ref: 00007FF71174C122
        • _Init_thread_header.LIBCMT ref: 00007FF71174C183
          • Part of subcall function 00007FF7117FAC50: EnterCriticalSection.KERNEL32 ref: 00007FF7117FAC60
        • GetModuleHandleW.KERNEL32 ref: 00007FF71174C198
        • GetProcAddress.KERNEL32 ref: 00007FF71174C1A8
        • _Init_thread_footer.LIBCMT ref: 00007FF71174C1BC
          • Part of subcall function 00007FF7117FB080: EnterCriticalSection.KERNEL32 ref: 00007FF7117FB090
          • Part of subcall function 00007FF7117FB080: LeaveCriticalSection.KERNEL32 ref: 00007FF7117FB0D0
        • LoadLibraryExW.KERNEL32 ref: 00007FF71174C1E8
        • GetLastError.KERNEL32 ref: 00007FF71174C25A
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CriticalSection$EnterHandleModule$AddressErrorInit_thread_footerInit_thread_headerLastLeaveLibraryLoadProc
        • String ID: ../../base/native_library_win.cc$AddDllDirectory$LibraryLoader.LoadNativeLibraryWindows$LoadSystemLibraryHelper$kernel32.dll
        • API String ID: 391798283-312704109
        • Opcode ID: ff2d59913ad81e14f9cd62b5a00e1c41feee0ac1923d4b7019e1111a1ab028e8
        • Instruction ID: 47c69cf47909508d97a4ded412644bd78e7a2fcc83009172a2a7fd00c61c55a0
        • Opcode Fuzzy Hash: ff2d59913ad81e14f9cd62b5a00e1c41feee0ac1923d4b7019e1111a1ab028e8
        • Instruction Fuzzy Hash: 69519031A19E5285FB10AB15E8007B9A3A8FF48BB4F848031DD4D8B791DFBCE56D8760
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Virtual$Alloc$ErrorLast$Free
        • String ID:
        • API String ID: 472631807-0
        • Opcode ID: 6890e0c55aed72b6c92e62b64b24bba1bbaadfd0f171fd78c6f7aad4f5940937
        • Instruction ID: 7c4b23fcd6a54d468872814785024007aafdcbc203f69f2cc1e94e6b9d8abd15
        • Opcode Fuzzy Hash: 6890e0c55aed72b6c92e62b64b24bba1bbaadfd0f171fd78c6f7aad4f5940937
        • Instruction Fuzzy Hash: 9E919420B1DD1245FB61BB21A804A34E198BF2CFB4FC58435CD0E5B791EEACA51E8361
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLast$FileInfoVersion$QuerySizeValue
        • String ID: ../../third_party/crashpad/crashpad/util/win/module_version.cc$GetFileVersionInfo: $GetFileVersionInfoSize: $VerQueryValue
        • API String ID: 889382252-1549035146
        • Opcode ID: 39f7b53cb1d2b2dbd15de60a3ef8a47064c7f7e1b1426e91be0d0db2dc1fd42a
        • Instruction ID: 0b6143a309b15f18600e5d1dbbfaf6a6b311c11ca00605802ad3f5c8dc9efd64
        • Opcode Fuzzy Hash: 39f7b53cb1d2b2dbd15de60a3ef8a47064c7f7e1b1426e91be0d0db2dc1fd42a
        • Instruction Fuzzy Hash: 9C71B632B0CE4242EB10FB25D1512B9E755AB89BB0F848031DA4D4BB86DFACE25DC761
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Init_thread_footerInit_thread_header
        • String ID: event_name_allowlist$event_whitelist_predicate$heap_profiler_predicate
        • API String ID: 4092853384-4234778608
        • Opcode ID: 80e0062e13473e56c4d7ef7008cf392ae6b83d913df0236d8fd5bed35a679f89
        • Instruction ID: 8446a84bbcc00e8dd488f8e724895d2674968642f417f1c60f61b046ac22bc79
        • Opcode Fuzzy Hash: 80e0062e13473e56c4d7ef7008cf392ae6b83d913df0236d8fd5bed35a679f89
        • Instruction Fuzzy Hash: 8BB1A121A18E4285EB40EB15E45037AB365FB897B0F918131EA5E4B3E6DFBCE55DC320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLastProcess$CurrentOpen
        • String ID: --thread=$database$exception-pointers$process$test-child-process
        • API String ID: 4145867261-4176614265
        • Opcode ID: 7dd3cb220eafbf1d5dc98cbfb88322811bde6afc725fdcd94eed3bc6500b2022
        • Instruction ID: 145c2d36f371f30f3fa85866f085b324157c84ccf02da902317a86fc2a6337f2
        • Opcode Fuzzy Hash: 7dd3cb220eafbf1d5dc98cbfb88322811bde6afc725fdcd94eed3bc6500b2022
        • Instruction Fuzzy Hash: 7A81732160CE8641EB10BB25E4453BAE369EF897A4FC54031DE9D0B797DEACE15D8321
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
          • Part of subcall function 00007FF71171CD00: TryAcquireSRWLockExclusive.KERNEL32 ref: 00007FF71171CD6D
          • Part of subcall function 00007FF71171CD00: ReleaseSRWLockExclusive.KERNEL32 ref: 00007FF71171CE7B
        • SetCurrentDirectoryW.KERNEL32 ref: 00007FF71174A49C
        • LoadLibraryExW.KERNEL32 ref: 00007FF71174A4D6
        • GetLastError.KERNEL32 ref: 00007FF71174A54B
        • GetLastError.KERNEL32 ref: 00007FF71174A5C8
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorExclusiveLastLock$AcquireCurrentDirectoryLibraryLoadRelease
        • String ID: ../../chrome/app/main_dll_loader_win.cc$1.1.1.2$Cannot find module $Failed to load Chrome DLL from $wavebrowser.dll
        • API String ID: 2667114434-1534416038
        • Opcode ID: 4bff73717125b3e29b9caf1b3532664b03c4dd5ac3cb7d012ad122d7f31aa737
        • Instruction ID: e3b979d4723f865f0d1b4cacbce8b3a80c98529ab7df4fed1d3c4fe75e16d841
        • Opcode Fuzzy Hash: 4bff73717125b3e29b9caf1b3532664b03c4dd5ac3cb7d012ad122d7f31aa737
        • Instruction Fuzzy Hash: 6A718271718E8241FB21BB15A4112FAA758AF89BA4FC04131DD5D0B797DEBCD24EC760
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLast$CriticalEnterFreeInit_thread_footerInit_thread_headerLocalSection
        • String ID: ../../third_party/crashpad/crashpad/util/win/registration_protocol_win.cc$BuildSecurityDescriptor$ConvertStringSecurityDescriptorToSecurityDescriptor$D:(A;;GA;;;SY)(A;;GWGR;;;S-1-15-2-1)S:(ML;;;;;S-1-16-0)
        • API String ID: 3098884999-440191626
        • Opcode ID: 7ddb30dd91aa2e2461b32e33ab6d47ea8397889ec120901912965ee03b5578e9
        • Instruction ID: a9775714ef7f3e2873839f1bb54aa7febd6655580bdeb83b19ae2d01a29a4b6d
        • Opcode Fuzzy Hash: 7ddb30dd91aa2e2461b32e33ab6d47ea8397889ec120901912965ee03b5578e9
        • Instruction Fuzzy Hash: B5616431A08E4281FB20AB11E5413B5E3A9AF98BB4F844131D94D1B796EFBCE15DC760
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • CreateEventW.KERNEL32(00000000,00000008,?,00000400,00000000,00000000,?,00007FF71173C086), ref: 00007FF71173C197
        • GetLastError.KERNEL32(?,00007FF71173C086), ref: 00007FF71173C1A5
        • SetLastError.KERNEL32(?,00007FF71173C086), ref: 00007FF71173C1D3
        • GetCurrentProcess.KERNEL32(?,00007FF71173C086), ref: 00007FF71173C1E0
        • DuplicateHandle.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,?,?), ref: 00007FF71173C204
        • CreateEventW.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,?,?), ref: 00007FF71173C226
        • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,?,?), ref: 00007FF71173C234
        • SetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,?,?), ref: 00007FF71173C25E
        • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,?,?), ref: 00007FF71173C26B
        • DuplicateHandle.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,?,?), ref: 00007FF71173C28D
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLast$CreateCurrentDuplicateEventHandleProcess
        • String ID:
        • API String ID: 1286842538-0
        • Opcode ID: 4042c079e9273e8324d61335f0a029f72c218ea1bb1ce09a0a0c7aae2916e8cc
        • Instruction ID: aeca1b7494a4da76442a4daba331912b52680bbee5f51e80ac0ffdb5a81c4175
        • Opcode Fuzzy Hash: 4042c079e9273e8324d61335f0a029f72c218ea1bb1ce09a0a0c7aae2916e8cc
        • Instruction Fuzzy Hash: 2031B632A1DA5681E720BF56A408729A359BB4CBF0F84C431DE4E5B755DFBC905DC310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Current$Thread$ErrorLastProcess$DuplicateHandlePriority
        • String ID:
        • API String ID: 1544239892-0
        • Opcode ID: 956943f6e24c1f820ac0ee76652bba6db58f2e2ec98214a50148a055bbc3623d
        • Instruction ID: 14da36018fc4b7c154e22bce5fee9ee32ce354b7313590cd45c744b7cd53a8f1
        • Opcode Fuzzy Hash: 956943f6e24c1f820ac0ee76652bba6db58f2e2ec98214a50148a055bbc3623d
        • Instruction Fuzzy Hash: 5031A121E1DE0381EB207BA1A805179E298EF59FB0F844171DD1E5B3D2DEACE44E8360
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        • metadata, xrefs: 00007FF71175945F
        • ../../third_party/crashpad/crashpad/client/crash_report_database_win.cc, xrefs: 00007FF711758BDD, 00007FF711758C42, 00007FF711759135, 00007FF711759191, 00007FF7117591E0, 00007FF71175933D, 00007FF711759389, 00007FF7117595BB, 00007FF71175960F, 00007FF7117596C5, 00007FF71175970E, 00007FF711759756, 00007FF71175991D, 00007FF711759A8F, 00007FF711759DA8, 00007FF711759E58
        • reports, xrefs: 00007FF711759481
        • failed to rewind to read, xrefs: 00007FF7117595E6
        • LockFileEx, xrefs: 00007FF71175963A
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: File$CreateErrorLastLock
        • String ID: ../../third_party/crashpad/crashpad/client/crash_report_database_win.cc$LockFileEx$failed to rewind to read$metadata$reports
        • API String ID: 3875127904-1734999745
        • Opcode ID: 8842807d9a2fe169ff7f29182c3adf92abf34b403c4f601da8ca14e16ce3938e
        • Instruction ID: 9bcf14ab3d336c631756e0dfe9be7a27ca91863187e49c6bbee00b71902d604d
        • Opcode Fuzzy Hash: 8842807d9a2fe169ff7f29182c3adf92abf34b403c4f601da8ca14e16ce3938e
        • Instruction Fuzzy Hash: A061C431608F8251EB60AB15E4513AAB368FF897B4F844131DA9C0B796EF7CD25DC760
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLast$Process$AddressCurrentFreeLocalProcSession
        • String ID: NtCreateDirectoryObject$\Sessions\%d\AppContainerNamedObjects\%ls
        • API String ID: 895440898-2316199652
        • Opcode ID: 0cd17db4671a168e92ea7b4edd6c287af762bc841ac564ca7b760a579ae03ac6
        • Instruction ID: e4f9ba1f84db6d17765f85f432a088871e252d72748231a52c228c8fc6d71a9d
        • Opcode Fuzzy Hash: 0cd17db4671a168e92ea7b4edd6c287af762bc841ac564ca7b760a579ae03ac6
        • Instruction Fuzzy Hash: A851A561618F8285E760AB65E4053B9A3A9EF847B0F848031EE4D5B756EFBCD159C320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLastMemoryProcessRead
        • String ID: bytes failed$ of $../../third_party/crashpad/crashpad/util/process/process_memory_win.cc$ReadMemory at 0x
        • API String ID: 2417666006-2955109599
        • Opcode ID: fd0df110a078f6dda2629e4f5c61de1e2473478d7a21f8e744948e35ce3d858b
        • Instruction ID: 9ad442456b4185f2494a671724dfdc7acd565ac0ef836ddf6fbac9b60f3d5788
        • Opcode Fuzzy Hash: fd0df110a078f6dda2629e4f5c61de1e2473478d7a21f8e744948e35ce3d858b
        • Instruction Fuzzy Hash: F941A021A09E4641EB10AB22D8407AAE755BBC9BF0FC4C135DD5D4B796DE7CE51A8320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: HandleModule$AddressFreeLibraryProc
        • String ID: EventSetInformation$Google.Chrome$advapi32.dll$api-ms-win-eventing-provider-l1-1-0.dll
        • API String ID: 3947729631-1037291142
        • Opcode ID: afbbc86f39c1c27557e5d7377e2308cf538574d2578442635e37aa9e659e0489
        • Instruction ID: b5b08e968da9e633fef91f2ef0d4c24e3b1065a59dcf230b5194102eb55ecf64
        • Opcode Fuzzy Hash: afbbc86f39c1c27557e5d7377e2308cf538574d2578442635e37aa9e659e0489
        • Instruction Fuzzy Hash: A4316472618E4686E720AF11F84017AE398FB5CBB4F918036DE4E4B755DEBCE55D8320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CountCurrentLocalThreadTickTime
        • String ID: )] $../../base/metrics/persistent_memory_allocator.cc$UNKNOWN$VERBOSE
        • API String ID: 105047090-3302554768
        • Opcode ID: 68d8746c6ae75da3c30ca28b942a9099e989bcf9dbb3d2f375b85bd3bd41a0e3
        • Instruction ID: 25c21f2b9012445bf873af05e77794ec2eb4fda1986e461459551a9df615f3c4
        • Opcode Fuzzy Hash: 68d8746c6ae75da3c30ca28b942a9099e989bcf9dbb3d2f375b85bd3bd41a0e3
        • Instruction Fuzzy Hash: 7EA1B221A18E8240EB04FB25E4503B8A799AB89BF4FC18135DD4E0F796DEBCE14DC320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireCurrentReleaseThread
        • String ID: ../../base/task/sequence_manager/task_queue_impl.cc$SequenceManagerImpl::UnregisterTaskQueue$TaskQueueImpl::UnregisterTaskQueue$UnregisterTaskQueue
        • API String ID: 135963836-340724832
        • Opcode ID: a9f98ab4ddf4c6c140d8ba2f1f88fd779ea5cbd6d54776ec669295eda2baf496
        • Instruction ID: 96490e10cdb3af9a02c6af969c42f6a23f750fb6f71b04d59e7492e3077a1563
        • Opcode Fuzzy Hash: a9f98ab4ddf4c6c140d8ba2f1f88fd779ea5cbd6d54776ec669295eda2baf496
        • Instruction Fuzzy Hash: 20817221A08E8652EB58BB1195103BAA358FB5D7B4FC54131EE9D0F787DFACE05E8310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CompletionCurrentErrorLastQueuedStatusThread
        • String ID: IOHandler::OnIOCompleted$base,toplevel$dest_file$dest_func
        • API String ID: 2913705192-2347511066
        • Opcode ID: a8eb77bbc047f780d8e4782826f66f3fe487327d3b1847d7336f0db477e4b69e
        • Instruction ID: d24b3c575e116add80e525c9150f9398727609b9730ebac81b3a3b7cfde1452f
        • Opcode Fuzzy Hash: a8eb77bbc047f780d8e4782826f66f3fe487327d3b1847d7336f0db477e4b69e
        • Instruction Fuzzy Hash: 82815E3291CF8586EB10AB15E44036AE7A8FB897A0F948135DACD0BB95DFACD45DC710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CurrentThread
        • String ID: ipc_hash$location$task_posted_to_disabled_queue$task_queue_name$time_since_disabled_ms
        • API String ID: 2882836952-2004826100
        • Opcode ID: 8e883eb046c0192ae2bd8aee40e202708b3966846a33ebb505c5073c54c39821
        • Instruction ID: a75c79a57f09247828d190b99f6462424410adce6c0fc6da44c948398338dec1
        • Opcode Fuzzy Hash: 8e883eb046c0192ae2bd8aee40e202708b3966846a33ebb505c5073c54c39821
        • Instruction Fuzzy Hash: 32518C3291CF8686E711EB11E4447AAB7A8FB853A0F948135EACC0BB56DFBCD059D710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ObjectRegisterSingleWait
        • String ID: ../../third_party/crashpad/crashpad/util/win/exception_handler_server.cc$RegisterWaitForSingleObject crash dump requested$RegisterWaitForSingleObject non-crash dump requested$RegisterWaitForSingleObject process end
        • API String ID: 1092942010-4009962794
        • Opcode ID: 40666ae474e42b0debab5809b91c6b495b3ebb1d51e6607ff2c05936590e17d1
        • Instruction ID: 281fe6d583e08315a4b8a0dda77ff50fc5040e9f9cd12944930e97298b6caadb
        • Opcode Fuzzy Hash: 40666ae474e42b0debab5809b91c6b495b3ebb1d51e6607ff2c05936590e17d1
        • Instruction Fuzzy Hash: C441A160B18E4342FB20BB25E4507B99328AB4ABF4FC44135D94D0FBC6DEADD20E8720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Library$Load$AddressErrorFreeLastProc
        • String ID: MZx$api-ms-
        • API String ID: 2559590344-259127448
        • Opcode ID: c752f0b6cd0a12cde4edffd98cbfd6dee5ce9b3936b71ccba292052341224bb7
        • Instruction ID: 69ff2b4d93667cfc9060cdcfde61ccf246b16705e123ae03d8ed7096eae22bcf
        • Opcode Fuzzy Hash: c752f0b6cd0a12cde4edffd98cbfd6dee5ce9b3936b71ccba292052341224bb7
        • Instruction Fuzzy Hash: 6431CA21B0BE4291EF22EB02A410679B398BF44BB0F898575DD1D0F349DEBCE459C320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Init_thread_footerInit_thread_header
        • String ID:
        • API String ID: 4092853384-0
        • Opcode ID: e6284a61fcb8305b66a2f3217513c03a33980c60c15f01c3ab430997f2365a41
        • Instruction ID: ec34104bbd380886a9e235c8a667de98373c482a1e6b3322b525f323ef5f43ab
        • Opcode Fuzzy Hash: e6284a61fcb8305b66a2f3217513c03a33980c60c15f01c3ab430997f2365a41
        • Instruction Fuzzy Hash: 7CF17171A0CED285EB21AB24D8413F9B364FB58768F948231E95C4B796DF7CA25DC320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: _invalid_parameter_noinfo
        • String ID:
        • API String ID: 3215553584-0
        • Opcode ID: 2ec62d9e7262fd61d986919ba0ad1563c9f4faea53244e06f78eb99e4a69fec9
        • Instruction ID: 9a47673c58c283ea42bc9b68bbe9120fd2f76b17c5de66110aca6ef49e3d9ca9
        • Opcode Fuzzy Hash: 2ec62d9e7262fd61d986919ba0ad1563c9f4faea53244e06f78eb99e4a69fec9
        • Instruction Fuzzy Hash: 08C1B562A08E8A52E761AB15904027DF7D8FB81BB0FC5C131E94D0B795CEBCE46DC722
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireRelease
        • String ID: ../../base/trace_event/trace_log.cc$SetDisabledWhileLocked
        • API String ID: 17069307-388505988
        • Opcode ID: 13a551a9f36d54dd45866b89da18e3f25c4bc60da3bf2c776ce7b562f7748eee
        • Instruction ID: a75fc480366a521e0590a5c6a1fcaf2ae95d94a13eee10d9412d695aefa96766
        • Opcode Fuzzy Hash: 13a551a9f36d54dd45866b89da18e3f25c4bc60da3bf2c776ce7b562f7748eee
        • Instruction Fuzzy Hash: 09918022A09E4781EB10AB15D5502BAE365FB48BF4FD44532DA6D0BB96DFBCE44D8320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • GetLastError.KERNEL32 ref: 00007FF7118653AE
        • TlsGetValue.KERNEL32 ref: 00007FF7118653B8
        • SetLastError.KERNEL32 ref: 00007FF71186544D
        • TryAcquireSRWLockExclusive.KERNEL32 ref: 00007FF711865478
        • AcquireSRWLockExclusive.KERNEL32 ref: 00007FF7118654A7
        • ReleaseSRWLockExclusive.KERNEL32 ref: 00007FF7118654D9
          • Part of subcall function 00007FF71172C7A0: TryAcquireSRWLockExclusive.KERNEL32 ref: 00007FF71172C7F0
          • Part of subcall function 00007FF71172C7A0: AcquireSRWLockExclusive.KERNEL32 ref: 00007FF71172C818
          • Part of subcall function 00007FF71172C7A0: ReleaseSRWLockExclusive.KERNEL32 ref: 00007FF71172C841
          • Part of subcall function 00007FF71172C7A0: TlsSetValue.KERNEL32 ref: 00007FF71172C85B
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$Acquire$ErrorLastReleaseValue
        • String ID:
        • API String ID: 2880920050-0
        • Opcode ID: 521bc5f7f6f77209b04e45624a590c0b67a976fb71a46409e213b809bc486f6c
        • Instruction ID: 91797b9d9edd145a991f222a019fb77e232e9e557c11609be53d55847731790b
        • Opcode Fuzzy Hash: 521bc5f7f6f77209b04e45624a590c0b67a976fb71a46409e213b809bc486f6c
        • Instruction Fuzzy Hash: 52818222B09F8285EB50AF15D48867EA798EB45BF4F888135EE4D4B351DEACD459C330
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$Acquire$ErrorLast$ReleaseValue
        • String ID:
        • API String ID: 485931750-0
        • Opcode ID: 8261c4a0f349cdd96375bd706c4fc6c3d33e2e8d4555a5f6fd07b023754d870a
        • Instruction ID: bd78ef7167c06b58b1b99785eaba6a3b6f7e191e3c3f7ff96cd2ed86e77a5721
        • Opcode Fuzzy Hash: 8261c4a0f349cdd96375bd706c4fc6c3d33e2e8d4555a5f6fd07b023754d870a
        • Instruction Fuzzy Hash: BD61D222F0DE5282EB15AB2498003B9A759AF54BB4F848231DE5D1F391DF7DE42AC360
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • CreateFileMappingW.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 00007FF711721BA8
        • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 00007FF711721BB7
        • SetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 00007FF711721BE7
        • MapViewOfFile.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 00007FF711721C18
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorFileLast$CreateMappingView
        • String ID: ../../base/files/memory_mapped_file_win.cc$MapImageToMemory
        • API String ID: 2231327692-1841746395
        • Opcode ID: 96a82df3c1a8ebced7a27fdae404b9eb4401b54735a054cf6253e494a8b38c04
        • Instruction ID: f97fc5040d193762c0fdc5b1fb6af150e8e654fa4c01fedf2f8d7fbc9637f69a
        • Opcode Fuzzy Hash: 96a82df3c1a8ebced7a27fdae404b9eb4401b54735a054cf6253e494a8b38c04
        • Instruction Fuzzy Hash: 3B419525619E4282FB20AF25F4157AAE369FF89764F844030DA8E0B752EFBDD15EC350
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID:
        • String ID: DeriveAppContainerSidFromAppContainerName$userenv
        • API String ID: 0-855603467
        • Opcode ID: e27ec08b082b679b2c41e4225f989cd0ee83fb719c2245c64854783505f53f78
        • Instruction ID: 95028605e2b022a3b1654b4194e17395f3db0a23e8986a461721db885359ab7a
        • Opcode Fuzzy Hash: e27ec08b082b679b2c41e4225f989cd0ee83fb719c2245c64854783505f53f78
        • Instruction Fuzzy Hash: 0B316521A08E4386FB10EB15E950379F369AB94BB0F94C131D94D4B7A1DFACE59DC720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast
        • String ID: CONOUT$
        • API String ID: 3230265001-3130406586
        • Opcode ID: 688b8772546cc9adb854c9485423390dcb7387252273ca7c2675c2f632556fc6
        • Instruction ID: 863543a86fa348bf59c35d981509503d2e0c19952477c82f4416cb4d75a93830
        • Opcode Fuzzy Hash: 688b8772546cc9adb854c9485423390dcb7387252273ca7c2675c2f632556fc6
        • Instruction Fuzzy Hash: 09118421718E4186E750AF46F844329E7A8FB98FF4F808234D95D8BB94DFBDD4688750
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: AddressProc$HandleModule
        • String ID: RelaunchChromeBrowserWithNewCommandLineIfNeeded$RtlCaptureStackBackTrace$ntdll.dll
        • API String ID: 667068680-1806122627
        • Opcode ID: 781a2e5e9e465ee533b9feb2ace957d73860ee2377e2966e6802cfbc7776b046
        • Instruction ID: 6f9f0439dc864aa9ee00f5d6b5bc6241aaf7332deeecee1bbbc71b01ad342fd4
        • Opcode Fuzzy Hash: 781a2e5e9e465ee533b9feb2ace957d73860ee2377e2966e6802cfbc7776b046
        • Instruction Fuzzy Hash: 48F04454E0AE16C1EF08BB15A88D1389B69AF99F74FD4C431C50D0A368DEACE56D8720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • GetCurrentThreadId.KERNEL32(?,?,?,?,00000000,00007FF71172D9D0), ref: 00007FF71172DB33
        • TryAcquireSRWLockExclusive.KERNEL32(?,?,?,?,00000000,00007FF71172D9D0), ref: 00007FF71172DB3E
          • Part of subcall function 00007FF7117FAD38: Concurrency::cancel_current_task.LIBCPMT ref: 00007FF7117FAD68
        • ReleaseSRWLockExclusive.KERNEL32 ref: 00007FF71172DDC3
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireConcurrency::cancel_current_taskCurrentReleaseThread
        • String ID:
        • API String ID: 546125555-0
        • Opcode ID: 15b855d9657df2a4778950cf1727490b8a432d37263d8b52396cb46f15388446
        • Instruction ID: a23106440440289788b9174cd217c7bf42ed5d98c7a55ac2637592599d662488
        • Opcode Fuzzy Hash: 15b855d9657df2a4778950cf1727490b8a432d37263d8b52396cb46f15388446
        • Instruction Fuzzy Hash: 15B16372A09E4285EB10AB11D44427DA3A9FB5CFE0F858572DA1D0B796DFBCE49EC310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLastObject$Information$Create
        • String ID:
        • API String ID: 2051042135-0
        • Opcode ID: fe098e5dae44e109948992100eaf723465fa2a955ef404b9c5847bc7537d17b1
        • Instruction ID: 0081acd08cd90afc46b69af27623b653303d0db87a195f9bb48ad781d1e2ccf4
        • Opcode Fuzzy Hash: fe098e5dae44e109948992100eaf723465fa2a955ef404b9c5847bc7537d17b1
        • Instruction Fuzzy Hash: 3A41D232A09E0A86F720AF55F40037EA254EB887B0F848436DE4E5B796DEBCD44DC360
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLast$CurrentProcess$DuplicateHandle
        • String ID:
        • API String ID: 4190883320-0
        • Opcode ID: 12d8d51889f80c87c7f8d8486c76baa2409235cb0b19fc411c32ec761f79515b
        • Instruction ID: d0c049123614dba23ad08e7a77135e11bf611e1f7fa6d70fa44fe593ed741b4c
        • Opcode Fuzzy Hash: 12d8d51889f80c87c7f8d8486c76baa2409235cb0b19fc411c32ec761f79515b
        • Instruction Fuzzy Hash: 90317531A0DE4286F710AB25B40427AA2A4FB497B0F984435DA8E5B756DFBCD44DC720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLast$CurrentProcess$DuplicateHandle
        • String ID:
        • API String ID: 4190883320-0
        • Opcode ID: 3dc5b1d1642a83d503f4db617ac2dc56357eb4413d56fa16f7bd06708ced7d95
        • Instruction ID: e2e4e0bc94633b19e6f3fc79a84bf4370bb9686c7d569cfded70e56510539e11
        • Opcode Fuzzy Hash: 3dc5b1d1642a83d503f4db617ac2dc56357eb4413d56fa16f7bd06708ced7d95
        • Instruction Fuzzy Hash: 5B219231A0DE03D5EB10AF55B40437AA368AF49BB0F888435EE4E8B756DFBCD44C8220
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
          • Part of subcall function 00007FF71171CD00: TryAcquireSRWLockExclusive.KERNEL32 ref: 00007FF71171CD6D
          • Part of subcall function 00007FF71171CD00: ReleaseSRWLockExclusive.KERNEL32 ref: 00007FF71171CE7B
        • GetModuleHandleExW.KERNEL32 ref: 00007FF71174FCBB
        • GetModuleHandleExW.KERNEL32 ref: 00007FF71174FDD7
        • GetLastError.KERNEL32 ref: 00007FF71174FF00
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveHandleLockModule$AcquireErrorLastRelease
        • String ID: ../../base/native_library_win.cc$PinSystemLibrary
        • API String ID: 3372891471-2485478218
        • Opcode ID: 8c33f29a044337e011caea730dd0ce7f8cfe99b4c830075b32558cc4c8eecf9e
        • Instruction ID: 6ddf8b55b6c019a20bb90514814f5cc264f45fcfc7922472689b7bc2e7eefa33
        • Opcode Fuzzy Hash: 8c33f29a044337e011caea730dd0ce7f8cfe99b4c830075b32558cc4c8eecf9e
        • Instruction Fuzzy Hash: 12A1723190CED241EB35AB19A0043BAE7A4EF88BA4F844031DA8D1BF56DFBDE54D8751
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: LongNamePath
        • String ID: ../../base/files/file_util_win.cc$.tmp$CreateAndOpenTemporaryFileInDir$c
        • API String ID: 82841172-3174832177
        • Opcode ID: 7eaa6843b8b13d715a78ce03ebc54bcf4a4c5165263b635abe673cdb5ddbf65f
        • Instruction ID: 8bf88a97cbf684b09d7fdac28afd3e500e77d97618f5ae653c30da2253c58bcc
        • Opcode Fuzzy Hash: 7eaa6843b8b13d715a78ce03ebc54bcf4a4c5165263b635abe673cdb5ddbf65f
        • Instruction Fuzzy Hash: E681732261CEC241EB21AB15E5513FAE3A4FB89BA4F804131EACD0BB96DE7CD15D8710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: File$Create$CurrentDirectoryModuleName
        • String ID: debug.log
        • API String ID: 4120427848-600467936
        • Opcode ID: f68bc0e2ce94c7c19fe2d2ad5451d7cf2e1ed49a69072a2c296269fb157bf215
        • Instruction ID: 5eb45c83877ddde33b26ab6d02f4b109358eff58e62e921ad1de156d43a86b4a
        • Opcode Fuzzy Hash: f68bc0e2ce94c7c19fe2d2ad5451d7cf2e1ed49a69072a2c296269fb157bf215
        • Instruction Fuzzy Hash: 5F61F931A08E4686FB10BB11E544379A769AF45BB4F848631CA5D0FBD5DFBDE0AD8320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
          • Part of subcall function 00007FF71181F0F4: GetLastError.KERNEL32(?,?,?,00007FF711801C57,?,?,00000000,00007FF71180ED11), ref: 00007FF71181F103
          • Part of subcall function 00007FF71181F0F4: SetLastError.KERNEL32(?,?,?,00007FF711801C57,?,?,00000000,00007FF71180ED11), ref: 00007FF71181F1A1
        • TranslateName.LIBCMT ref: 00007FF711823B8D
        • TranslateName.LIBCMT ref: 00007FF711823BC8
        • GetACP.KERNEL32(?,?,?,00000000,00000092,00007FF71180B798), ref: 00007FF711823C0D
        • IsValidCodePage.KERNEL32(?,?,?,00000000,00000092,00007FF71180B798), ref: 00007FF711823C35
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLastNameTranslate$CodePageValid
        • String ID: utf8
        • API String ID: 2136749100-905460609
        • Opcode ID: b3798b299371796b74ba52a3ccde69230e180322825b9deffbd8499b13f39897
        • Instruction ID: 079bb277c3b0fc084001a2ab3b1dbcfc0961f7d4d29280651688b5d432e59e0b
        • Opcode Fuzzy Hash: b3798b299371796b74ba52a3ccde69230e180322825b9deffbd8499b13f39897
        • Instruction Fuzzy Hash: A1517422A0CB4281E761BF11D4602B9A269AF58BB0F84C071DE5D4F6D5DFBCE569C321
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: AddressCurrentHandleModuleProcProcess
        • String ID: GetProcessMitigationPolicy$kernel32.dll
        • API String ID: 4190356694-1680159014
        • Opcode ID: c9f7e6a9580b0e828c12530a125b2f043233d111647d56e99bb00a73868d1f38
        • Instruction ID: 7307abc75a031948cb7155965b7f3ef18fa1188b6f1732d037eca05c347db048
        • Opcode Fuzzy Hash: c9f7e6a9580b0e828c12530a125b2f043233d111647d56e99bb00a73868d1f38
        • Instruction Fuzzy Hash: 18518432D0DF8781FB15A714D5483BCAA58AB29774F848435CA9D1FBD2DEFCA06C9220
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: _get_daylight$InformationTimeZone_invalid_parameter_noinfo
        • String ID: @
        • API String ID: 3482513350-2766056989
        • Opcode ID: 2303f4cfe16c87634bee359b9b0879f5b8d2b0be80fec61e690b02e1208d965b
        • Instruction ID: fc3d59e3ff24bb4261fdf26cfaaefbdc52d558f8c3e061ad8ee105689a3e647b
        • Opcode Fuzzy Hash: 2303f4cfe16c87634bee359b9b0879f5b8d2b0be80fec61e690b02e1208d965b
        • Instruction Fuzzy Hash: AB51D533A08E4246E710FF21D8814A9E7A9BF587B4F84C135EA4D4BB96DF7CE4688750
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: AddressParametersProcProcessShutdown
        • String ID: ChromeMain$service$type
        • API String ID: 3280105418-1431260351
        • Opcode ID: 153ba99bad4bfff3e8806de2280b4a9427ce5ea10ef9593b245b4d833d0fc392
        • Instruction ID: 34e9fbef87eb6dd9035f35bf315b4ab3b9ad8e0295db96a7f889236ccdd70e56
        • Opcode Fuzzy Hash: 153ba99bad4bfff3e8806de2280b4a9427ce5ea10ef9593b245b4d833d0fc392
        • Instruction Fuzzy Hash: 27518621A08F8281E711AB25E4053BAE7A8BF497A4F944131EE5D0B396DFBCE55DC360
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: File$ErrorLastMoveReplace
        • String ID: ../../base/files/file_util_win.cc$ReplaceFileW
        • API String ID: 3435996589-538166249
        • Opcode ID: d65b6719e0247045791bcbcced6773c82a47251395972b4f80e8acd1d6b2d92e
        • Instruction ID: da4120fbacb3e3f29f1743d979aa89dc7a37ca3b8e5c900659f3761acaee78c7
        • Opcode Fuzzy Hash: d65b6719e0247045791bcbcced6773c82a47251395972b4f80e8acd1d6b2d92e
        • Instruction Fuzzy Hash: 52413751B1CDC649FB21BB26D4017BAA754AF49BB4F884030EE4D0F386DEADE19D8360
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • GetProcessTimes.KERNEL32 ref: 00007FF711755E25
          • Part of subcall function 00007FF7117F89E0: GetLastError.KERNEL32(00000000,?,?,00007FF711755E40), ref: 00007FF7117F8A09
          • Part of subcall function 00007FF7117F89E0: SetLastError.KERNEL32(?,?,00007FF711755E40), ref: 00007FF7117F8A2F
        • GetLastError.KERNEL32 ref: 00007FF711755EF8
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLast$ProcessTimes
        • String ID: ../../components/browser_watcher/exit_code_watcher_win.cc$Invalid parent handle, can't get parent process ID.$Invalid parent handle, can't get parent process times.
        • API String ID: 3240624824-3911762962
        • Opcode ID: c78a4a9d97590cac5d23a24fa7788f27467684fc24095d00cebb17e1296ecf88
        • Instruction ID: 001bc10164233ead66ccbd2faae93f715ed39fff09c8fc18643d80956ea43951
        • Opcode Fuzzy Hash: c78a4a9d97590cac5d23a24fa7788f27467684fc24095d00cebb17e1296ecf88
        • Instruction Fuzzy Hash: 98317121B18E0341FB60B721A9113BA96599F8DBF4FC48031D94D4F787DEACE20E9761
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • _Init_thread_footer.LIBCMT ref: 00007FF71174FA9F
          • Part of subcall function 00007FF7117FB080: EnterCriticalSection.KERNEL32 ref: 00007FF7117FB090
          • Part of subcall function 00007FF7117FB080: LeaveCriticalSection.KERNEL32 ref: 00007FF7117FB0D0
        • _Init_thread_header.LIBCMT ref: 00007FF71174FA80
          • Part of subcall function 00007FF7117FAC50: EnterCriticalSection.KERNEL32 ref: 00007FF7117FAC60
        • _Init_thread_header.LIBCMT ref: 00007FF71174FACC
        • _Init_thread_footer.LIBCMT ref: 00007FF71174FB0B
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CriticalSection$EnterInit_thread_footerInit_thread_header$Leave
        • String ID: user32.dll
        • API String ID: 173937045-38312619
        • Opcode ID: 85df685713eced4a9c7e2467a47189ca4bbbb057b69896e6156a6739608a04c9
        • Instruction ID: a5ea4eae0c259f614898482eba89d73b7956f85aba3512cbf800e8399ff97c4e
        • Opcode Fuzzy Hash: 85df685713eced4a9c7e2467a47189ca4bbbb057b69896e6156a6739608a04c9
        • Instruction Fuzzy Hash: F6314D70A28E1785EB00EB14E864275B368AF597B0FD08131D81C4B7A1CFBCE85EC720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: _set_statfp
        • String ID:
        • API String ID: 1156100317-0
        • Opcode ID: d6dcfd19d676058ad078c3dae7af313f87eb62da58ea0a5a8e793a6b840e1f3e
        • Instruction ID: 0f3070caec2ffd3db291b254907bf5ae2396f9979e846afb9c166abe60ebd25b
        • Opcode Fuzzy Hash: d6dcfd19d676058ad078c3dae7af313f87eb62da58ea0a5a8e793a6b840e1f3e
        • Instruction Fuzzy Hash: EC514C16D08D9685F763BA38E440775E268BF417B0F84C275E91E1E5D0EFBCE4A9C620
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireRelease$Concurrency::cancel_current_taskCurrentThread
        • String ID:
        • API String ID: 387503476-0
        • Opcode ID: 44b8b7c1711c56946be54dd3f8bd3c9dbcbe9de2439c80e05200a260fc897b14
        • Instruction ID: 14402abe979134f6b3ed3ec63c9075ff8b8b5f0162ea7445287a3f15f091a3cf
        • Opcode Fuzzy Hash: 44b8b7c1711c56946be54dd3f8bd3c9dbcbe9de2439c80e05200a260fc897b14
        • Instruction Fuzzy Hash: C0519722A08E4242EB20BB25D54437DE354FF99BB0F944171DA5E0B792DFBDD44E8320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • LocalFree.KERNEL32(?,?,?,?,?,?,?,?,00000000,-5555555555555555,?,?,?,00007FF711753794), ref: 00007FF711755554
        • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,00000000,-5555555555555555,?,?,?,00007FF711753794), ref: 00007FF711755585
        • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,00000000,-5555555555555555,?,?,?,00007FF711753794), ref: 00007FF71175558F
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLast$FreeLocal
        • String ID: ;;;$S:(
        • API String ID: 1627422176-3740438060
        • Opcode ID: 258402e05b54681cec25edc12802a97fc60f29e3d99a7fcc87408db92fd2234e
        • Instruction ID: 82585f1ae9cfc244bc528b82f7193862b7c97fb4488849839b95ad109f8e055f
        • Opcode Fuzzy Hash: 258402e05b54681cec25edc12802a97fc60f29e3d99a7fcc87408db92fd2234e
        • Instruction Fuzzy Hash: B141D622A1CE4285E740FF25E45027AE769EF89BB0F949031E94D8B756DEBCD04DC720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireInit_thread_footerInit_thread_headerReleaseValue
        • String ID:
        • API String ID: 3774927250-0
        • Opcode ID: b8217ed583176479b0e7a0f631d1b95c1e498e474f696a0be496ff3976d7f6c3
        • Instruction ID: 5317baaa72cec9ad329e28bc92f35dc878c4320fe45d02a116aaead6a5f442fb
        • Opcode Fuzzy Hash: b8217ed583176479b0e7a0f631d1b95c1e498e474f696a0be496ff3976d7f6c3
        • Instruction Fuzzy Hash: CA316475A08D0386FB10BB14E8405B8A369EBA8770FD58231D55E4B7E1DFBCA45DD320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • TlsGetValue.KERNEL32(?,?,00007FF7117141B2,00007FF7117140C5), ref: 00007FF711713738
        • TlsSetValue.KERNEL32(?,?,00007FF7117141B2,00007FF7117140C5), ref: 00007FF711713764
        • TlsSetValue.KERNEL32(?,?,00007FF7117141B2,00007FF7117140C5), ref: 00007FF711713792
        • TlsFree.KERNEL32(?,?,00007FF7117141B2,00007FF7117140C5), ref: 00007FF7117137E2
          • Part of subcall function 00007FF711713860: TlsAlloc.KERNEL32 ref: 00007FF711713868
        • TlsFree.KERNEL32(?,?,00007FF7117141B2,00007FF7117140C5), ref: 00007FF711713816
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Value$Free$Alloc
        • String ID:
        • API String ID: 4173863045-0
        • Opcode ID: 4eff6ba1f322fea7db8c69fea83a564d7c584b9cc861088f8b1cb211f1b02308
        • Instruction ID: deef4492a2d78e89311db1e44f4f45cd894407de94c40f4fffed77b8b4dfaf90
        • Opcode Fuzzy Hash: 4eff6ba1f322fea7db8c69fea83a564d7c584b9cc861088f8b1cb211f1b02308
        • Instruction Fuzzy Hash: 5631B671A1C94249E724B724A45127AE259AF883B4F804234F97D0F7D6DEACE50FCB20
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • _Init_thread_footer.LIBCMT ref: 00007FF711719485
          • Part of subcall function 00007FF7117FB080: EnterCriticalSection.KERNEL32 ref: 00007FF7117FB090
          • Part of subcall function 00007FF7117FB080: LeaveCriticalSection.KERNEL32 ref: 00007FF7117FB0D0
        • _Init_thread_header.LIBCMT ref: 00007FF711719454
          • Part of subcall function 00007FF7117FAC50: EnterCriticalSection.KERNEL32 ref: 00007FF7117FAC60
        • TryAcquireSRWLockExclusive.KERNEL32 ref: 00007FF711719494
        • _Init_thread_header.LIBCMT ref: 00007FF711719525
        • _Init_thread_footer.LIBCMT ref: 00007FF711719556
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CriticalSection$EnterInit_thread_footerInit_thread_header$AcquireExclusiveLeaveLock
        • String ID:
        • API String ID: 2014417079-0
        • Opcode ID: 74a08879effef339375c6f8018c90b822dd2c57da00cd74a4b9da08aad29576b
        • Instruction ID: 31952f2cc59de4c0bfb760410b7f1ec6f25dcce94c9248632196530ac6277bd0
        • Opcode Fuzzy Hash: 74a08879effef339375c6f8018c90b822dd2c57da00cd74a4b9da08aad29576b
        • Instruction Fuzzy Hash: 8D413325D08E4385F714B711E8502B5B368AF58770F908231D96D4B3A6EEBCE49D8770
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CloseCreateErrorFreeHandleLastLibraryThread_invalid_parameter_noinfo
        • String ID:
        • API String ID: 2067211477-0
        • Opcode ID: 614521b57d3baf3844f406ffa187f2c709e591b7d85731e95de3de02e146ec7d
        • Instruction ID: 09eef144fd1802128963d0d25fbe1dc97219df43bf02f36bbcd686248ed11ccd
        • Opcode Fuzzy Hash: 614521b57d3baf3844f406ffa187f2c709e591b7d85731e95de3de02e146ec7d
        • Instruction Fuzzy Hash: 7E214425A09F4782EF15FB65E41007EE3A8AF88BB0F848530DD6D5B756DEACE41C8620
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Thread$CurrentPriority
        • String ID:
        • API String ID: 1343868529-0
        • Opcode ID: 999bb8283250650120ba75e7979039d97d81798e7d437d31db2456bd6e49f984
        • Instruction ID: e052a9dad6d01ed6dbfc8e0ead303dd4185c06bff0ff498623e21bfb04591d08
        • Opcode Fuzzy Hash: 999bb8283250650120ba75e7979039d97d81798e7d437d31db2456bd6e49f984
        • Instruction Fuzzy Hash: 97017525E0ED0282EB107719A841165A359DF99B71FE5C170D92D5A390DDFCE89F5220
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireCurrentReleaseThread
        • String ID: (%.3f ms)
        • API String ID: 135963836-2313934612
        • Opcode ID: ae3b8aa60a83bb0a719cdf1c7d2a2bc93adaf61de7f23529f8f3fa2f56284109
        • Instruction ID: c89ff45f19c690dd433c4507ba892dd82eb40463d5b628050c951fe69e44a1f4
        • Opcode Fuzzy Hash: ae3b8aa60a83bb0a719cdf1c7d2a2bc93adaf61de7f23529f8f3fa2f56284109
        • Instruction Fuzzy Hash: A6F18471608F8285EB60EB11E4502AAF768FB85BB4FC48031EA8D0BB59CFBCD159C710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireRelease
        • String ID: ../../base/task/sequence_manager/task_queue_impl.cc$PushOntoDelayedIncomingQueue
        • API String ID: 17069307-2913814977
        • Opcode ID: e3c872c5ba0849cca353c60500439d470a41319c7fbb6ffd9277de1067153513
        • Instruction ID: c0feb4e50a1c8761f4ab0a4c1f14fcb5b6c7b8120e6d1fabf7204dba02403511
        • Opcode Fuzzy Hash: e3c872c5ba0849cca353c60500439d470a41319c7fbb6ffd9277de1067153513
        • Instruction Fuzzy Hash: 79B1A562B19A4241EB10AB26B5003B9A355AB09BF0FD54231DE6D1FBD6DFBCE14EC310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: AttributesErrorFileLast
        • String ID: \??\$pipe\
        • API String ID: 1799206407-81082026
        • Opcode ID: 7e3761dc44d421b12a1011a9a690c36ea14c1396a4ecf4d849312bd8ac14fc5c
        • Instruction ID: 84246098bf2809efdf821a9e34f9ea6f590071c80cfe438c00d76585d3e87681
        • Opcode Fuzzy Hash: 7e3761dc44d421b12a1011a9a690c36ea14c1396a4ecf4d849312bd8ac14fc5c
        • Instruction Fuzzy Hash: FB91C322A1CE8281EB11AB15D54037EE764EB89BB4FC44131EAAD0B7D6DFBDE05D8710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireRelease
        • String ID: process-$ss-phase
        • API String ID: 17069307-1645460407
        • Opcode ID: 31ab52faad3c695e6b58119f5713c1247603d415fb6e5ea26700d8cca4b246aa
        • Instruction ID: 7b407bb5213d407d822eeac9d01f1235c509e35d24bf9aafb73db5605e6dfa33
        • Opcode Fuzzy Hash: 31ab52faad3c695e6b58119f5713c1247603d415fb6e5ea26700d8cca4b246aa
        • Instruction Fuzzy Hash: 8491B321A18E8185EB60AB12E4103FAB3B4EF957B4F808032DE4D1B795DFBCD55A8710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: _invalid_parameter_noinfo
        • String ID: -$e+000$gfff
        • API String ID: 3215553584-2620144452
        • Opcode ID: 71e68543a7e7240c59a1ab7e6c04a4c2a534c46dfd9c105cd5554dce5292adc4
        • Instruction ID: 81338fe5fe9aa0762480a6134d31978f684f22e5dd313335fabd199495c04b82
        • Opcode Fuzzy Hash: 71e68543a7e7240c59a1ab7e6c04a4c2a534c46dfd9c105cd5554dce5292adc4
        • Instruction Fuzzy Hash: BC711662B18BC586E7219F25A440369B7A5E740BB0F98C271DBAC4BBC5DF7CD458CB10
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Init_thread_footerInit_thread_header
        • String ID: ../../base/run_loop.cc$Run
        • API String ID: 4092853384-3948912905
        • Opcode ID: 76357c2c248c9f0c0afce454c62efa92eab745df4b97b8b813f40afc4da13e6a
        • Instruction ID: 45cd4583c79a64e5f27cd8ba07d71605164c6860b234c0e4858b38fb15844daa
        • Opcode Fuzzy Hash: 76357c2c248c9f0c0afce454c62efa92eab745df4b97b8b813f40afc4da13e6a
        • Instruction Fuzzy Hash: D2715F21A18E0785EB10FB11E8503B9A3A8FB48BB4FD48131E95D4B396DEBCE15DC320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • TryAcquireSRWLockExclusive.KERNEL32(?,?,?,?,?,00000000,00007FF7117D27C9), ref: 00007FF7117D20A5
        • ReleaseSRWLockExclusive.KERNEL32(?), ref: 00007FF7117D21BB
          • Part of subcall function 00007FF7117C8BA0: QueryPerformanceCounter.KERNEL32 ref: 00007FF7117C8BD8
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireCounterPerformanceQueryRelease
        • String ID: @KL$@KL
        • API String ID: 465813119-316066620
        • Opcode ID: c93b3028f19b0484f961a2f010f5d10cfb33df7df9124e108fe97692f7addc75
        • Instruction ID: f9bd2926ff33dd915a330f01f0a96886d654da1861335f5e8f406e6c97ecdf1d
        • Opcode Fuzzy Hash: c93b3028f19b0484f961a2f010f5d10cfb33df7df9124e108fe97692f7addc75
        • Instruction Fuzzy Hash: 2361AC76608F4982DF64DB21E540369A3A5FB88BB0F848132CB9E47B95DF7CE45AC310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • TryAcquireSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF711731640), ref: 00007FF71173175F
        • ReleaseSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF711731640), ref: 00007FF7117317DD
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireRelease
        • String ID: @KL$@KL
        • API String ID: 17069307-316066620
        • Opcode ID: 37cf9815e11d2be6d351c7bfbef42308617b786d5365c9f2a1bafda70a76c7ec
        • Instruction ID: 01278f9e7eb3b7d76bc34ed1b9c16a831589da5570193c618b0aa52bb225d2df
        • Opcode Fuzzy Hash: 37cf9815e11d2be6d351c7bfbef42308617b786d5365c9f2a1bafda70a76c7ec
        • Instruction Fuzzy Hash: B2517332614A8582EB15EB15E5503AAE3A5FB48BB0F944131DB9E0B795DFBCE449C310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • TryAcquireSRWLockExclusive.KERNEL32(?,?,-5555555555555556,00000058,00000000,00000000,Histogram.TooManyBuckets.1000,00007FF7117E12A9,00007FF7117E0F65), ref: 00007FF7117E1F21
        • ReleaseSRWLockExclusive.KERNEL32(?,?,-5555555555555556,00000058,00000000,00000000,Histogram.TooManyBuckets.1000,00007FF7117E12A9,00007FF7117E0F65), ref: 00007FF7117E1FE9
        • ReleaseSRWLockExclusive.KERNEL32(?,?,-5555555555555556,00000058,00000000,00000000,Histogram.TooManyBuckets.1000,00007FF7117E12A9,00007FF7117E0F65), ref: 00007FF7117E2013
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$Release$Acquire
        • String ID: Histogram.TooManyBuckets.1000
        • API String ID: 1021914862-786474106
        • Opcode ID: a61b0381fcd9175f78f11badff4ecd498c6b1ebbc8c45f43663fc491984caf4c
        • Instruction ID: 27e94154426ae0eb9b8996b253474073a21630f9fe71125c4656f98103d8807a
        • Opcode Fuzzy Hash: a61b0381fcd9175f78f11badff4ecd498c6b1ebbc8c45f43663fc491984caf4c
        • Instruction Fuzzy Hash: C3417921A1EE0281EB10BB11A4111B99799AF58BF0FD4C031ED4D2F796DEBDE45DC320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • TryAcquireSRWLockExclusive.KERNEL32 ref: 00007FF7117C625B
        • ReleaseSRWLockExclusive.KERNEL32 ref: 00007FF7117C6294
        • GetCurrentThreadId.KERNEL32 ref: 00007FF7117C62C1
          • Part of subcall function 00007FF7117D4020: AcquireSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,00000000,00007FF711711127), ref: 00007FF7117D406B
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$Acquire$CurrentReleaseThread
        • String ID: value
        • API String ID: 1385397084-494360628
        • Opcode ID: 200726520912b6593b9e6212e04c374463932e41d364110e60bf8209da190d73
        • Instruction ID: 93a0ceb1de660dab708e07bc92083515c695e0dde1b66d2953edfb129e20531e
        • Opcode Fuzzy Hash: 200726520912b6593b9e6212e04c374463932e41d364110e60bf8209da190d73
        • Instruction Fuzzy Hash: 36417332A18A4286E750AF25E4403B9B7E4BB88BB4F948035DE9D0B756DF7CE05EC710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CurrentThread
        • String ID: ../../base/run_loop.cc$Quit$RunLoop::Quit
        • API String ID: 2882836952-2468178849
        • Opcode ID: d5b30653239f0c8b3b66a703e7ab6b8b42332cf8af408e8364ae031629236422
        • Instruction ID: 1afee681a1a464b0ca33823e9690a03c194361094f2ae08b440a864790a4eda4
        • Opcode Fuzzy Hash: d5b30653239f0c8b3b66a703e7ab6b8b42332cf8af408e8364ae031629236422
        • Instruction Fuzzy Hash: 26418571609E4685FB60AF21E4103B9E7A8BB48BE0F948035DE8D1BB96CEBCD44DC710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$Acquire$Release
        • String ID: @
        • API String ID: 1678258262-2766056989
        • Opcode ID: 32e900067c3aa63e54c08258d9c15a3850b4176de7b62fd3ffc93f22c76ce171
        • Instruction ID: e0767bae102e56079fe83277bf9341d6fef67ef67ed5b90c1c25d99ef37acfaa
        • Opcode Fuzzy Hash: 32e900067c3aa63e54c08258d9c15a3850b4176de7b62fd3ffc93f22c76ce171
        • Instruction Fuzzy Hash: 3C310A21D19F4783F724A711E84437AA698AF18774F944235DE6F0A3D2EEBCA19DD320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
          • Part of subcall function 00007FF711736D70: GetProcAddress.KERNEL32(?,?,?,?,?,00000000,00000000,00007FF711736CCD), ref: 00007FF711736DAE
        • GetCurrentProcess.KERNEL32 ref: 00007FF71173D4C3
        • DuplicateHandle.KERNEL32 ref: 00007FF71173D4E7
        • CloseHandle.KERNEL32 ref: 00007FF71173D51E
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Handle$AddressCloseCurrentDuplicateProcProcess
        • String ID: NtCreateFile
        • API String ID: 1945942884-1055312982
        • Opcode ID: e8d055061a6d2ce0d8dec8542f04594e4ae292e783c560cb0bf530f39b1ebd13
        • Instruction ID: f8dfcb5ac1f0d87bb24b57505b73fcdd8c8da3077f8ae86dbfbdccc3c0e906e7
        • Opcode Fuzzy Hash: e8d055061a6d2ce0d8dec8542f04594e4ae292e783c560cb0bf530f39b1ebd13
        • Instruction Fuzzy Hash: 3B31AF32618B8186E7209F16E84066AF7A8F788BB4F904135EE9D47B95CF7CE449CB00
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: FileWrite
        • String ID: ../../base/files/file_win.cc$File::Write$Write
        • API String ID: 3934441357-2974260537
        • Opcode ID: 9252bf255624e6c86fe98a1693745b9ceee0cbc943add660f2c5125277ffab51
        • Instruction ID: 2225b930f5ba90775e0b90f7e0ec79b4a2e5fe728f5cf48e7bdb59c75f4d7f97
        • Opcode Fuzzy Hash: 9252bf255624e6c86fe98a1693745b9ceee0cbc943add660f2c5125277ffab51
        • Instruction Fuzzy Hash: D931C33161899191FB21AB15F801BE9E3E8BF947A4F808131FE8D1B755EE7CD18AC710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
          • Part of subcall function 00007FF7117FD22C: RtlPcToFileHeader.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF711849FA4), ref: 00007FF7117FD270
          • Part of subcall function 00007FF7117FD22C: RaiseException.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF711849FA4), ref: 00007FF7117FD2B6
        • _Init_thread_header.LIBCMT ref: 00007FF7118316A7
        • _Init_thread_footer.LIBCMT ref: 00007FF7118316DF
          • Part of subcall function 00007FF711831610: _Init_thread_abort.LIBCMT ref: 00007FF711831715
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExceptionFileHeaderInit_thread_abortInit_thread_footerInit_thread_headerRaise
        • String ID: __thread_specific_ptr construction failed
        • API String ID: 3827081746-969011497
        • Opcode ID: 6f2b76760b65ebd7e175fbf2a601752620f7c33b4cf04c042548b45afe526de6
        • Instruction ID: 33ef407acd3077d200948aa6dab3924a559936c776d8714b80a70b73b4da92ce
        • Opcode Fuzzy Hash: 6f2b76760b65ebd7e175fbf2a601752620f7c33b4cf04c042548b45afe526de6
        • Instruction Fuzzy Hash: D9215225918E4396FB10FB20E8401B8A369BF54770FD4C231D92D4B6A5EFACE56DC720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: FileWrite
        • String ID: ../../base/files/file_win.cc$File::WriteAtCurrentPos$WriteAtCurrentPos
        • API String ID: 3934441357-2300577854
        • Opcode ID: 98ba5fccec06d0199accd095e6e618eb6a8c43115f4f4c082633eb9df4f49a17
        • Instruction ID: b418ddaa0e4863a8c1b51da6f1b430a6988c0f995edb25e22eb35c1f86ff8f4a
        • Opcode Fuzzy Hash: 98ba5fccec06d0199accd095e6e618eb6a8c43115f4f4c082633eb9df4f49a17
        • Instruction Fuzzy Hash: D631D531628D6191F720AB15A4007EAE3E4BF88BB4F809131EE8D1BB95DEBDD55E8350
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: FileSize
        • String ID: ../../base/files/file_win.cc$File::GetLength$GetLength
        • API String ID: 3433856609-2366038222
        • Opcode ID: 3425a46dff6e2e42212ca879f63e75d8748f2ba9d9294d69994b892447f5355e
        • Instruction ID: 2baa2c58c5147823ca5c234e659a4d01b26b6eff2da72d0495b845f759ab482f
        • Opcode Fuzzy Hash: 3425a46dff6e2e42212ca879f63e75d8748f2ba9d9294d69994b892447f5355e
        • Instruction Fuzzy Hash: A921A231A18A9291FB106F24E5017E9E3A4BF947A4F809031E98D1BA56DEBDD15E8310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorFileLastUnlock
        • String ID: ../../third_party/crashpad/crashpad/util/file/file_io_win.cc$UnlockFileEx
        • API String ID: 3655728120-3846138344
        • Opcode ID: 3f440c401908d2002ce0a6df41690a077b0f60e0a96353739d1c8fa6f14b68ee
        • Instruction ID: d76878c89a16db8872fd58bcfd0e3bd2fc67617857cc194774c92ac47213aa85
        • Opcode Fuzzy Hash: 3f440c401908d2002ce0a6df41690a077b0f60e0a96353739d1c8fa6f14b68ee
        • Instruction Fuzzy Hash: 1311D321B1CE4241F721BB25A4117EA9368AF897B4FC04231ED9C0B7D6EE6CD19D8720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • GetModuleHandleW.KERNEL32(?,00000000,?,?,00007FF71173D231), ref: 00007FF71173D3D5
        • GetProcAddress.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00007FF71173D3E5
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: AddressHandleModuleProc
        • String ID: RtlInitUnicodeString$ntdll.dll
        • API String ID: 1646373207-760228555
        • Opcode ID: a38934cd2805678850b2b7f573f1d5cc57df2556857e98c3b086263976b02b8c
        • Instruction ID: e981f497ec3a8ff0317e21ef81b5378fa376f56dbb806d024da3068088ced6e8
        • Opcode Fuzzy Hash: a38934cd2805678850b2b7f573f1d5cc57df2556857e98c3b086263976b02b8c
        • Instruction Fuzzy Hash: 63018432A09B4592E7209F12F844729B764B748BB0F888434DE8D4B790DF7CE5AD8310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Init_thread_footerInit_thread_header
        • String ID: ::NtQuerySystemInformation$ntdll.dll
        • API String ID: 4092853384-3971455606
        • Opcode ID: 1692addd230243949d5a8ebbbd5569aa9b1b1574e9db31eb00c7807a62e1a55d
        • Instruction ID: b2fc1617510b697600bb4c45456e1840406034b5980e4fe12525f67b54e3fe95
        • Opcode Fuzzy Hash: 1692addd230243949d5a8ebbbd5569aa9b1b1574e9db31eb00c7807a62e1a55d
        • Instruction Fuzzy Hash: 3F018021A08D6B81EB10AB05EC414B9B328AF68BB0FC18531DC1D5B3F1DEACE46DC720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Init_thread_footerInit_thread_header
        • String ID: ::NtOpenThread$ntdll.dll
        • API String ID: 4092853384-48547937
        • Opcode ID: 94f6b058d0ed915a519816178272f4615c186919fa67e458c93ebde87d3b3397
        • Instruction ID: 46fad2019d79b6781d325740813aa2e86730f9d74a77d0621c0e91f7351600bb
        • Opcode Fuzzy Hash: 94f6b058d0ed915a519816178272f4615c186919fa67e458c93ebde87d3b3397
        • Instruction Fuzzy Hash: 6D014020A0CD1781FB00EB05EC815B5A329AB64BB0FD48131EC0E5B3E5DEACA56DC720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Init_thread_footerInit_thread_header
        • String ID: ::NtQueryInformationThread$ntdll.dll
        • API String ID: 4092853384-2895289717
        • Opcode ID: f17fbeb17973b409d3a85e01121ca6cd779614c7e82714cfb3f5bd097e157ac4
        • Instruction ID: 5145e4b9e682994aa39ec36e8680370a432f94503ab4c25ee3f0fdb602584b79
        • Opcode Fuzzy Hash: f17fbeb17973b409d3a85e01121ca6cd779614c7e82714cfb3f5bd097e157ac4
        • Instruction Fuzzy Hash: 6F014021A18D1385E700AB15EC855B5B368AB68BB0F81C531ED0C8B7E5DEACA96D8720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Init_thread_footerInit_thread_header$CriticalEnterSection
        • String ID:
        • API String ID: 371409586-0
        • Opcode ID: c08e8f2e089abb43d0aa12d89ae504d8be01708189c05714634e4f02814f37d1
        • Instruction ID: d478247b4d62e2d52f58785618ac34ba7aa59ff1eee7c15a5eb4ee8598d73092
        • Opcode Fuzzy Hash: c08e8f2e089abb43d0aa12d89ae504d8be01708189c05714634e4f02814f37d1
        • Instruction Fuzzy Hash: C3127F32A08E8684EB119F65D4402BCB779FB58BA8F948132CE4E5BB96CF78D54DD310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CurrentInit_thread_footerInit_thread_headerThread
        • String ID:
        • API String ID: 1220260953-0
        • Opcode ID: cc1a41b8b3cc69a616b5241c3c78ab2ae1acb3ac8e0b9a48b8025fa3c81cbcdb
        • Instruction ID: d7c6f94bb8788090aeecc4f2eea8ac5eb511356b63d4eb9beb74f72ec46a33da
        • Opcode Fuzzy Hash: cc1a41b8b3cc69a616b5241c3c78ab2ae1acb3ac8e0b9a48b8025fa3c81cbcdb
        • Instruction Fuzzy Hash: 56718231618E8685EB50EB11E8402AAB764FB987B0F904131EE9D4B7D6DEBCD49DC710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireInit_thread_footerInit_thread_headerRelease
        • String ID:
        • API String ID: 2580794422-0
        • Opcode ID: aa03a63b80c9ff58d76df1b3843249f8c39b618f648bcda287fee7204b012981
        • Instruction ID: 055da252cc2a6b31e891f3441e5446ec9719c0cc2c3f715518b226bd28467ca3
        • Opcode Fuzzy Hash: aa03a63b80c9ff58d76df1b3843249f8c39b618f648bcda287fee7204b012981
        • Instruction Fuzzy Hash: 7A816271A09E4282EB11AB15E4406B9B368FF987B0FD14131DA5D0B796EF7CE55EC320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: _get_daylight$_isindst
        • String ID:
        • API String ID: 4170891091-0
        • Opcode ID: e0d0b3211337a2a641495d0c05f67c9983a4a5c57c306115ecbdf240a64d3a4e
        • Instruction ID: 90899f7ba30d1826c834379c48115b17ff55d59232b91fafbc29ade3b658a8f6
        • Opcode Fuzzy Hash: e0d0b3211337a2a641495d0c05f67c9983a4a5c57c306115ecbdf240a64d3a4e
        • Instruction Fuzzy Hash: C3512A72F059124AFB15EF6498455FCA7A9BB00378FD08135DD0F1BAD5DB78A41AC720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireRelease
        • String ID:
        • API String ID: 17069307-0
        • Opcode ID: 1412e86a69f80dfabeeca41a5dccf912d6d8be6a08d2e521856ee0449012a7a8
        • Instruction ID: b51902e278a5952fc4e5c9893f9d7642b9cba6200607d0124702a2920298bc65
        • Opcode Fuzzy Hash: 1412e86a69f80dfabeeca41a5dccf912d6d8be6a08d2e521856ee0449012a7a8
        • Instruction Fuzzy Hash: B0514D32A08F1696EB14EF1AD15436DA3A4FB48BB4F848035DE4D0BB51DF7CE4A98361
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: File$ErrorHandleInformationLastNamedPeekPipeType
        • String ID:
        • API String ID: 2780335769-0
        • Opcode ID: 4255684396ea9677249066fd978669bcd904bab34854246a79134bcbfc8eae44
        • Instruction ID: 8233985ee66cecff1f97e6798503941d85188eb317c101ec5b30dc78b3bd6dd6
        • Opcode Fuzzy Hash: 4255684396ea9677249066fd978669bcd904bab34854246a79134bcbfc8eae44
        • Instruction Fuzzy Hash: 4741C222E18A0589F710EF70D4413BDA3E9AB48B78F90C639DE0D5B789DFB8D4598320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CriticalSection$EnterLeave
        • String ID: g_shared_delayed_integrity_level$g_shared_delayed_mitigations
        • API String ID: 3168844106-1566576417
        • Opcode ID: fb841bf851395d68f09ec400534e4bde01729714b0b7b89300c4a2007811e545
        • Instruction ID: 8931492c935c8ed84bc065bdd9e65bd96a869acb33ff7e1a76277f05cffe542a
        • Opcode Fuzzy Hash: fb841bf851395d68f09ec400534e4bde01729714b0b7b89300c4a2007811e545
        • Instruction Fuzzy Hash: 4B510C26618E4291FB55EF11D5543B9A368FB48BA0F958032DE4D4B792EFBCE42DC320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireRelease
        • String ID:
        • API String ID: 17069307-0
        • Opcode ID: adfeb34acdc413e5a9cb75b71dd050a54c70a33774fd7ea78fe7b564a7e3d7ed
        • Instruction ID: 4803b02d08317b1d4e1c81414d47306ed8a43a92c6cc366e3b35c9c64c91c32f
        • Opcode Fuzzy Hash: adfeb34acdc413e5a9cb75b71dd050a54c70a33774fd7ea78fe7b564a7e3d7ed
        • Instruction Fuzzy Hash: BA319335A09E0646EF247B1AA5543799359AF44BF0F98C034CE0E0FF51EEACE45E8221
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • InitOnceExecuteOnce.KERNEL32 ref: 00007FF7117621F9
        • TlsGetValue.KERNEL32 ref: 00007FF711762212
        • AcquireSRWLockExclusive.KERNEL32 ref: 00007FF71176222A
        • ReleaseSRWLockExclusive.KERNEL32 ref: 00007FF711762248
          • Part of subcall function 00007FF7117FCA40: IsProcessorFeaturePresent.KERNEL32(?,?,?,?,00007FF71171111F), ref: 00007FF7117FCA66
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLockOnce$AcquireExecuteFeatureInitPresentProcessorReleaseValue
        • String ID:
        • API String ID: 3678319540-0
        • Opcode ID: 0fbb110eb59237f68a0b987e3021c15d26dbba5b3874176f1176dbeda7ac54dc
        • Instruction ID: 522a9479bfdc1d5f4bd4f14a40a06033b9691c9ebf32b069a5c1febc6299ac98
        • Opcode Fuzzy Hash: 0fbb110eb59237f68a0b987e3021c15d26dbba5b3874176f1176dbeda7ac54dc
        • Instruction Fuzzy Hash: 76319E25A0DE4785FB64BB11A850179A368AF88BB0FC58431DD1D0E7A2DEACE45EC321
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • TryAcquireSRWLockExclusive.KERNEL32 ref: 00007FF71176D23E
        • ReleaseSRWLockExclusive.KERNEL32 ref: 00007FF71176D263
          • Part of subcall function 00007FF71171E740: TryAcquireSRWLockExclusive.KERNEL32 ref: 00007FF71171E754
          • Part of subcall function 00007FF71171E740: ReleaseSRWLockExclusive.KERNEL32 ref: 00007FF71171E770
        • TryAcquireSRWLockExclusive.KERNEL32 ref: 00007FF71176D291
        • ReleaseSRWLockExclusive.KERNEL32 ref: 00007FF71176D2AA
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$AcquireRelease
        • String ID:
        • API String ID: 17069307-0
        • Opcode ID: 902fd32637624887c6f3f677a40f646e52e3f9ffd39597f47089301492205659
        • Instruction ID: 2bb5943782d4269f8c27cd188f43f5f579bdda41f46990375c4c453c62469274
        • Opcode Fuzzy Hash: 902fd32637624887c6f3f677a40f646e52e3f9ffd39597f47089301492205659
        • Instruction Fuzzy Hash: B7313661618E0681FB24BF11E55137DA365AB89BB4F945031DA8E0F797DEBCE08DC350
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Init_thread_footerInit_thread_header
        • String ID:
        • API String ID: 4092853384-0
        • Opcode ID: 71bbb8ecc6465f3e8c6e9dff14cebb8f5eeab21ac2d760db615ad7ed3f26fb7e
        • Instruction ID: e746554c5d446dc3d24d8a0f96f3d29bd342132da3b335593cbf1a8dedcd596e
        • Opcode Fuzzy Hash: 71bbb8ecc6465f3e8c6e9dff14cebb8f5eeab21ac2d760db615ad7ed3f26fb7e
        • Instruction Fuzzy Hash: 7131A421A18E0785EB50BB05E8503B9A379FB95B70F848130DE1D4B3E1CFBCE5598350
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: File$Read$ErrorLastType
        • String ID:
        • API String ID: 2614319393-0
        • Opcode ID: 76e5ed74605cda89b18e6b2cb911c894299ec5b1b7b22044b70777cb9a65bf24
        • Instruction ID: e6ce493b429284f0b7a33dad87d086fd6c7654125b480c570f036cdbcde4af8e
        • Opcode Fuzzy Hash: 76e5ed74605cda89b18e6b2cb911c894299ec5b1b7b22044b70777cb9a65bf24
        • Instruction Fuzzy Hash: A921F63261890246E7209B26B80472AF3D4AB8DBB4F844231ED6C8BFD4DF7CD50A8B10
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
          • Part of subcall function 00007FF71171F930: TryAcquireSRWLockExclusive.KERNEL32(0000000800000000,0000000400000000,00000000,0000000400000000,00007FF71171F833), ref: 00007FF71171F94D
          • Part of subcall function 00007FF71171F930: ReleaseSRWLockExclusive.KERNEL32 ref: 00007FF71171F9AA
        • VerSetConditionMask.KERNEL32 ref: 00007FF71171F8C6
        • VerSetConditionMask.KERNEL32 ref: 00007FF71171F8D3
        • VerSetConditionMask.KERNEL32 ref: 00007FF71171F8E0
        • VerifyVersionInfoW.KERNEL32 ref: 00007FF71171F907
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ConditionMask$ExclusiveLock$AcquireInfoReleaseVerifyVersion
        • String ID:
        • API String ID: 2002708333-0
        • Opcode ID: 3f4fe3fcc7d22f0fec96c39bbec85d9c7cba9d05f037f4a3223e12a8e3b60458
        • Instruction ID: b04fcee55eb37b20a7a507b5bb36b07a449e4abf641a43bd6e15fed251f866ce
        • Opcode Fuzzy Hash: 3f4fe3fcc7d22f0fec96c39bbec85d9c7cba9d05f037f4a3223e12a8e3b60458
        • Instruction Fuzzy Hash: 13213821B1864205FB10E731A8153EA97455B987B4FC54134DD6C4F7D6DDBCD05F5720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Init_thread_footerInit_thread_header$CriticalEnterSection
        • String ID:
        • API String ID: 371409586-0
        • Opcode ID: f30dfb87ff015480f507091e982b20ad5d9e8492aff161729562753aeeb8d3ad
        • Instruction ID: ffdfb18893c30a3a3920f95543b3ac96d606f92f8efe436a07e28bdf1bb0c75f
        • Opcode Fuzzy Hash: f30dfb87ff015480f507091e982b20ad5d9e8492aff161729562753aeeb8d3ad
        • Instruction Fuzzy Hash: 1221BC35908E4389EB10AB24E8401B5B369FB94778FE08335E52D4B3A5DFBCA56DC720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • TryAcquireSRWLockExclusive.KERNEL32 ref: 00007FF711755F94
        • ReleaseSRWLockExclusive.KERNEL32 ref: 00007FF711755FD5
        • _Init_thread_header.LIBCMT ref: 00007FF711755FEF
        • _Init_thread_footer.LIBCMT ref: 00007FF711756020
          • Part of subcall function 00007FF7117D4020: AcquireSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,00000000,00007FF711711127), ref: 00007FF7117D406B
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExclusiveLock$Acquire$Init_thread_footerInit_thread_headerRelease
        • String ID:
        • API String ID: 1863739313-0
        • Opcode ID: 67fd5237f3db1ea4a75c561a8932792a4b2117f94b00f2a68230e7f79a09d657
        • Instruction ID: 91667a8eb18e8acd2cd128e855a181e7c8a532b71f78a5785d350dccfdb0e063
        • Opcode Fuzzy Hash: 67fd5237f3db1ea4a75c561a8932792a4b2117f94b00f2a68230e7f79a09d657
        • Instruction Fuzzy Hash: B0213D31A08E0385EB50BB04E890378A328EB59B70FA58235D55E4B7E1DFBDA05E8320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CloseErrorHandleLast
        • String ID: ../../third_party/crashpad/crashpad/util/file/file_io_win.cc$CloseHandle
        • API String ID: 918212764-1576210609
        • Opcode ID: 539dd72b985c5ad25cc81e3023ebf9308af0dcc26e1c08c77b19fe5b72f99426
        • Instruction ID: ece2a84876d8caeffefcdf05067c33fc5fc1970fe4dcea59d4b13998006fd9c4
        • Opcode Fuzzy Hash: 539dd72b985c5ad25cc81e3023ebf9308af0dcc26e1c08c77b19fe5b72f99426
        • Instruction Fuzzy Hash: 7F019231B1CD5351FB60BB25A5017BA9218AF897B0FC14031DD4D0F786DE9CE64E87A1
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorFreeLastLocal
        • String ID: ../../third_party/crashpad/crashpad/util/win/scoped_local_alloc.cc$LocalFree
        • API String ID: 3928016487-3002241238
        • Opcode ID: e97e14750f32fb46e843efccac038462bb5e957417eaf1b8c06d7ff8fb0a5a43
        • Instruction ID: 1fe4eb41029a4a6226b44c0e0ef3b1404b9fe857a96c0fd5d890411ddd0fb746
        • Opcode Fuzzy Hash: e97e14750f32fb46e843efccac038462bb5e957417eaf1b8c06d7ff8fb0a5a43
        • Instruction Fuzzy Hash: 7D011E21B1C95291FB60BB21A4123B9A2589F4DBA4FC08035D94D0F786DE9CE21E8761
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: _invalid_parameter_noinfo
        • String ID: unsupported locale for standard input
        • API String ID: 3215553584-1804333875
        • Opcode ID: a05bf871309fcb5a35ed3ec5479e4af7054a6f9071d024668bd7a2711acea20c
        • Instruction ID: 73b60b8e1baa3c1cef118fc801a1c3d2aa91feabf7465c8a1124256f27b742dc
        • Opcode Fuzzy Hash: a05bf871309fcb5a35ed3ec5479e4af7054a6f9071d024668bd7a2711acea20c
        • Instruction Fuzzy Hash: FFB15822F04E8286F750AB66E4511B9A3B9EB087B4F948131DE5D0B796DF7CE05EC720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • _get_daylight.LIBCMT ref: 00007FF711812099
        • _get_daylight.LIBCMT ref: 00007FF711812128
          • Part of subcall function 00007FF711801AA4: _invalid_parameter_noinfo.LIBCMT ref: 00007FF711801AB8
        • _invalid_parameter_noinfo.LIBCMT ref: 00007FF711812422
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: _get_daylight_invalid_parameter_noinfo
        • String ID: MZx
        • API String ID: 474895018-2575928145
        • Opcode ID: f46897d7e2b06de3d55ba1b1c1190b55d1f2fa827ef5813ab0676bea22b0c8b5
        • Instruction ID: e3a1d614027c1d085b80075cb412c6cbfbc9cbbfa5cd6b4cc768f6c648941ebb
        • Opcode Fuzzy Hash: f46897d7e2b06de3d55ba1b1c1190b55d1f2fa827ef5813ab0676bea22b0c8b5
        • Instruction Fuzzy Hash: 07D1D873D0C9538BE329AF04E840539F76AFB94770F918136D5498AAA4DBBCE468CB50
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorFileLastRead
        • String ID: MZx
        • API String ID: 1948546556-2575928145
        • Opcode ID: 7a575d471721a74ed32b2b485e95e01823a6389eb2deb9e6336b8e6bc304cf44
        • Instruction ID: bfac73ee1023c983d22553c48e3f46f0a40204dd73384d3d8a7325f2ad2f2e5b
        • Opcode Fuzzy Hash: 7a575d471721a74ed32b2b485e95e01823a6389eb2deb9e6336b8e6bc304cf44
        • Instruction Fuzzy Hash: C3913E12A1DAC986E761AA2494403BCABC4FB45BB4F84C131D55E8F2D5CEBCD05EC323
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: HandleModule
        • String ID: ntdll.dll
        • API String ID: 4139908857-2227199552
        • Opcode ID: e92e04fdb35aa6f3f21a19c43c35fecf088492f4721c035cbbf0fc0353383ba8
        • Instruction ID: 55c226da12d2a2bd262aaea677bf61f48e1a7cb91c8a332bc4954c9e621e1b01
        • Opcode Fuzzy Hash: e92e04fdb35aa6f3f21a19c43c35fecf088492f4721c035cbbf0fc0353383ba8
        • Instruction Fuzzy Hash: 26A18F22A1CEC1C5E721AB15E4513BAB3A9FB88BA4F444131DA8D0B796DF7DD09DC710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: AcquireExclusiveLock
        • String ID: DeleteFile.NonRecursive
        • API String ID: 4021432409-3982342438
        • Opcode ID: c997a14003bd58a54c45cc93fae0660f31f3ee621df58e57bf4002ebe9897049
        • Instruction ID: b2ac31fc2b14991eb53256365c9e1c119d7527dc34f5050678a5ca124ec7b127
        • Opcode Fuzzy Hash: c997a14003bd58a54c45cc93fae0660f31f3ee621df58e57bf4002ebe9897049
        • Instruction Fuzzy Hash: 38516B12A19D0645EB12B7246911175D368BF497F4FD5C231ED1E2F395EFBCA09F8220
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CurrentThread
        • String ID: SequenceManagerImpl::UnregisterTaskQueue$queue_name
        • API String ID: 2882836952-1475601120
        • Opcode ID: 93b760e2637707d156e259d2cc55361b3f62f1e93d3a7c664d59d2114a63155d
        • Instruction ID: d597fbf9728b5d55ce67713a6c90e65a2934bcb48b4efb30a6b4f553b008f1a8
        • Opcode Fuzzy Hash: 93b760e2637707d156e259d2cc55361b3f62f1e93d3a7c664d59d2114a63155d
        • Instruction Fuzzy Hash: 00718232A08F4185EB55AF11E540369B7A8FB89BA0F994132DE8D0B756DFBCE05DC320
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CurrentThread
        • String ID: ThreadController active
        • API String ID: 2882836952-742296238
        • Opcode ID: ca118d2e34ff62f53fb5827debb1ed28910b3af51a0fe8e1dacdd0c6d51d11fb
        • Instruction ID: fa9066500639ef6d5f7dfd59a97c17575e0e8dc3cb513ff953eb55bafe096749
        • Opcode Fuzzy Hash: ca118d2e34ff62f53fb5827debb1ed28910b3af51a0fe8e1dacdd0c6d51d11fb
        • Instruction Fuzzy Hash: 8171BC32A19E4686EB14AF15D5403ADE3A8AB487B4F948235DA2D0B7C2DFBCE15DC310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CloseDeleteFileHandle
        • String ID: vmodule
        • API String ID: 2633145722-2939338212
        • Opcode ID: 894ea9b46f417cd3439394387d5f1196b560f93c0ef9416681b9fc9e64f2d2fe
        • Instruction ID: e6a309caf19e3a570dd175e47ddf550d82c6a3418a757355ea10bdd949e1ae07
        • Opcode Fuzzy Hash: 894ea9b46f417cd3439394387d5f1196b560f93c0ef9416681b9fc9e64f2d2fe
        • Instruction Fuzzy Hash: B4517421A09F4281FB50BB11E850379A769AF99BB0FC48031DE4D4F792DEBCE49D8360
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CurrentThread
        • String ID: ThreadController active
        • API String ID: 2882836952-742296238
        • Opcode ID: eeedf67618d9dcd37d876bc542e91f581eabb7c68e8a92efc94a159b3b4f1503
        • Instruction ID: 25d48fb1ab1473dd719efbde811e4ab9b51cf6b53da943643adee9681037c816
        • Opcode Fuzzy Hash: eeedf67618d9dcd37d876bc542e91f581eabb7c68e8a92efc94a159b3b4f1503
        • Instruction Fuzzy Hash: 73417036A0DE4285E711AB19A5443BAE7E4AB987B4F944131EE4D0AB96CFBCD04DC710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorFileLastWrite
        • String ID: U
        • API String ID: 442123175-4171548499
        • Opcode ID: 8772cac4676397cdfcc9ac5fb189f0d7f3f8269aa240d55522edb339ba086f9a
        • Instruction ID: 4bd693fb6467f2db450ad4307318b076e7b783a9b5b6c052de9ba2c0bb3f2799
        • Opcode Fuzzy Hash: 8772cac4676397cdfcc9ac5fb189f0d7f3f8269aa240d55522edb339ba086f9a
        • Instruction Fuzzy Hash: B241B663B1CA8185DB209F25E4443A9A764FB587B4F818031EE4D8B788DFBCD455C750
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • WaitForSingleObject.KERNEL32(?,?,-55555555555554D6,00007FF711715D0B), ref: 00007FF7117EA8CA
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ObjectSingleWait
        • String ID: ../../base/synchronization/waitable_event_win.cc$Wait
        • API String ID: 24740636-241924016
        • Opcode ID: 028978e5d4c355fd7e69f6d618bb14bbfc0d2ff37003bd553c74b7b50645ad2c
        • Instruction ID: b55dd8ffe59f3e9db1a52c829d166f1b413a36812b25cc92f518aed44b73df1f
        • Opcode Fuzzy Hash: 028978e5d4c355fd7e69f6d618bb14bbfc0d2ff37003bd553c74b7b50645ad2c
        • Instruction Fuzzy Hash: 3341F421A0DAC245F771A729A4013B9A3E4AFD9374F948130DA8C0A786EEBDD58EC710
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Init_thread_footerInit_thread_header
        • String ID:
        • API String ID: 4092853384-3916222277
        • Opcode ID: 4d584b9ecf319d9b12836e26efb8991b78caf819717375874c2fde29e821e741
        • Instruction ID: e955e37c368f686b6a8449967274b394e897c1e64ad7e66a7bde837e13723957
        • Opcode Fuzzy Hash: 4d584b9ecf319d9b12836e26efb8991b78caf819717375874c2fde29e821e741
        • Instruction Fuzzy Hash: FB41A831918E8281F711AB14E4513B5A7A4BF98774F804331EA9D4B7A1EFBDE19EC720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: MemoryProcessRead
        • String ID: $%
        • API String ID: 1726664587-2111875603
        • Opcode ID: b5b2a9531ac6ea76796575093998658bf3179a7454e63427203edf36e0514a8e
        • Instruction ID: e40f438a16e0442e03f094f431ad686c06675b5a9e3e3ed728937498af78bb5b
        • Opcode Fuzzy Hash: b5b2a9531ac6ea76796575093998658bf3179a7454e63427203edf36e0514a8e
        • Instruction Fuzzy Hash: 8F31C362E0CD8142F7605B15A84047AE3D4EF9CBB4F501231EA8D0AB95DFBCE58B8720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • GetCurrentThreadId.KERNEL32(?,7FFFFFFFFFFFFFFF,?,?,00007FF7117379D6,?,00007FF711737856), ref: 00007FF7117F780D
        • GetCurrentThreadId.KERNEL32(?,7FFFFFFFFFFFFFFF,?,?,00007FF7117379D6,?,00007FF711737856), ref: 00007FF7117F7885
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CurrentThread
        • String ID: ThreadController active
        • API String ID: 2882836952-742296238
        • Opcode ID: a5474a6192aa279bfc9e73d6770c3a953b9299a0c25e071e5320270ea08b2cdc
        • Instruction ID: c174665c2d96078c7f8fc445a42d439db7ec7b25cd98d6979275bfa9cdaef436
        • Opcode Fuzzy Hash: a5474a6192aa279bfc9e73d6770c3a953b9299a0c25e071e5320270ea08b2cdc
        • Instruction Fuzzy Hash: 5031B032918E4382E710AF24A4403AAE3E4BB98774F949131D94D4B386CFBCE44DC760
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CurrentDirectory
        • String ID: ../../base/files/file_util_win.cc$GetCurrentDirectoryW
        • API String ID: 1611563598-109067590
        • Opcode ID: b3065b72bdb99f7f6ee89c83d5a394e77098a983333b0af6ef405e88145af6f9
        • Instruction ID: b6604169b12432ac6771eb04959ed7ca9e414def3fb93736cd775a7d7c6fa744
        • Opcode Fuzzy Hash: b3065b72bdb99f7f6ee89c83d5a394e77098a983333b0af6ef405e88145af6f9
        • Instruction Fuzzy Hash: 1E21B32170C98651FB11BF25E8556EAA365BF88BE0FC44030DE8D0B756DE7CD28E8350
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CurrentDirectory
        • String ID: :
        • API String ID: 1611563598-336475711
        • Opcode ID: 4d01a3334e943557edff8d31d8a4452fe3e5e87d2d76ed48e9c147bf2949c871
        • Instruction ID: 195ce49db2f83f4ad82a7c2e6ae02720d804f266227c60336b45f6296290054b
        • Opcode Fuzzy Hash: 4d01a3334e943557edff8d31d8a4452fe3e5e87d2d76ed48e9c147bf2949c871
        • Instruction Fuzzy Hash: C321E972B08A8181EB21AB15D0442BDA3A9FB88B74FC5C035D64E4B685CFFCD559CB70
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • WriteProcessMemory.KERNEL32 ref: 00007FF711723596
        • WriteProcessMemory.KERNEL32 ref: 00007FF7117235FB
          • Part of subcall function 00007FF711723640: VirtualProtectEx.KERNEL32 ref: 00007FF711723683
          • Part of subcall function 00007FF711723640: WriteProcessMemory.KERNEL32 ref: 00007FF7117236B1
          • Part of subcall function 00007FF711723640: VirtualProtectEx.KERNEL32 ref: 00007FF7117236D1
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: MemoryProcessWrite$ProtectVirtual
        • String ID:
        • API String ID: 2340208871-3916222277
        • Opcode ID: 1ceb68bb680ad7e1a5243135cf5a764d53a5a76131e3ab20d7ea5037c6973154
        • Instruction ID: 051f756612cc2160d68423ca11521f6a64135790682580dd1e691f799d6549ce
        • Opcode Fuzzy Hash: 1ceb68bb680ad7e1a5243135cf5a764d53a5a76131e3ab20d7ea5037c6973154
        • Instruction Fuzzy Hash: CA21B53171CF4541FB709B16A4007A9A3A8FB4CBA4F944171DE8D5BB45DFBCD59A8310
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: _set_errno_from_matherr
        • String ID: pow
        • API String ID: 1187470696-2276729525
        • Opcode ID: 5e2ea314ea36b3af4602464bd2d99e47ec8726ebad0bd5163dae9885a8e88c60
        • Instruction ID: fa0af778a7e674873a9fd594e8c0d402cdf076fc6b22fe9861835c72d9629923
        • Opcode Fuzzy Hash: 5e2ea314ea36b3af4602464bd2d99e47ec8726ebad0bd5163dae9885a8e88c60
        • Instruction Fuzzy Hash: E6215E32A18A458BD761EF28E44066AF2E4FF89360F909135F68E86B59EF7CD414CF10
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CompareStringtry_get_function
        • String ID: CompareStringEx
        • API String ID: 3328479835-2590796910
        • Opcode ID: 2934df6798605dadd02bf41b78150d9be535345ed0cafef900720b2c25afa994
        • Instruction ID: 2e85a9b86b96f2bae8d0f2817dee418d5d832675e7ae8aa12d9dde8eb27af471
        • Opcode Fuzzy Hash: 2934df6798605dadd02bf41b78150d9be535345ed0cafef900720b2c25afa994
        • Instruction Fuzzy Hash: D8113E32A0CBC186DB60DB15B4402AAF7A9FBC9BA0F548135EE8D87B59CF7CD4548B40
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Stringtry_get_function
        • String ID: LCMapStringEx
        • API String ID: 2588686239-3893581201
        • Opcode ID: 8d16586ce5643bcc2270622b39f22daeadecf6d3bf2a21a1e4ba40228498ad37
        • Instruction ID: 1ba6e5c16b8067cb47c9a6f2b7a65ca0f7001b5b3f15d33330873ccd47986084
        • Opcode Fuzzy Hash: 8d16586ce5643bcc2270622b39f22daeadecf6d3bf2a21a1e4ba40228498ad37
        • Instruction Fuzzy Hash: 37115E36A0CB8186D760DB05B4402AAF7A9FB88BA0F548135EE8D47B59CF3CD5588B00
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CurrentDirectory
        • String ID: ../../base/files/file_util_win.cc$SetCurrentDirectoryW
        • API String ID: 1611563598-2829811002
        • Opcode ID: 137cac3d820b07818c92a622625adfc89dc4ac77df272c145fc2b92589cd6223
        • Instruction ID: cb00f86bc0978df9c5869ad413d4f31daa0710e4c7cd87f2103ade4b5ed6f58f
        • Opcode Fuzzy Hash: 137cac3d820b07818c92a622625adfc89dc4ac77df272c145fc2b92589cd6223
        • Instruction Fuzzy Hash: DB119111A08D9252FB216B29A4017F5A378AF94BA4F848031EE8D1B751EE7DE69F8350
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • RtlPcToFileHeader.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF711849FA4), ref: 00007FF7117FD270
        • RaiseException.KERNEL32(?,?,?,?,?,?,?,?,?,00007FF711849FA4), ref: 00007FF7117FD2B6
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ExceptionFileHeaderRaise
        • String ID: csm
        • API String ID: 2573137834-1018135373
        • Opcode ID: 7a682058bb75a07f5d188efbfc174790cfe5064784a4f2cd712aba952977658e
        • Instruction ID: 8a48c2dbd697fb84c31b47271f253761b8ba3418a2f91a2bdd304d5760df730e
        • Opcode Fuzzy Hash: 7a682058bb75a07f5d188efbfc174790cfe5064784a4f2cd712aba952977658e
        • Instruction Fuzzy Hash: D8116D3660CF8182EB609F15E44026AB7A8FB88BA4F588231DE9C0B755DF7CC559CB40
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CreateThread
        • String ID: ../../third_party/crashpad/crashpad/util/thread/thread_win.cc$CreateThread
        • API String ID: 2422867632-2064233884
        • Opcode ID: 36d83d45ba5a2cf28aef5b8599be5f2a620b9b25454c5274cb6633fe7c0987e0
        • Instruction ID: d628150d63321d9b322b5b184028e18604c1bdf8c0d9d76645edb6bbed9b21e4
        • Opcode Fuzzy Hash: 36d83d45ba5a2cf28aef5b8599be5f2a620b9b25454c5274cb6633fe7c0987e0
        • Instruction Fuzzy Hash: D501B561A1DE1282FB14F725E4113B9A358AF89BB0FC48035D94E0FB95DFACE15E8714
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • CreateSemaphoreW.KERNEL32(?,?,?,?,00000000,?,00007FF71174DA52), ref: 00007FF71174DB83
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: CreateSemaphore
        • String ID: ../../third_party/crashpad/crashpad/util/synchronization/semaphore_win.cc$CreateSemaphore
        • API String ID: 1078844751-3592173286
        • Opcode ID: 7b50c18aac3257651f726b74b18d473b21258d5e5dcd3e7aeb6e19514c480efa
        • Instruction ID: 674aa96b9cfce6718fb5c47daed9063862363afe96ba3126afbe36b8bed429f8
        • Opcode Fuzzy Hash: 7b50c18aac3257651f726b74b18d473b21258d5e5dcd3e7aeb6e19514c480efa
        • Instruction Fuzzy Hash: 70F0A221B2CE0241FB14BB29A5515B9A7595F89BF0FC48035DC4D0FB92DEACE19A8720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • WaitForSingleObject.KERNEL32(?,?,?,?,?,?,00007FF71174F279,?,?,?,?,?,?,?,?,00007FF711736F5F), ref: 00007FF71174F351
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ObjectSingleWait
        • String ID: ../../third_party/crashpad/crashpad/util/thread/thread_win.cc$WaitForSingleObject
        • API String ID: 24740636-2885108434
        • Opcode ID: ea7e5ecc7dae20229b193c86d770180dd2fff856e02c515c12d593f4d4a4410d
        • Instruction ID: aa9a0b22475e18b4d76b3e7cd77885df7425cf5ef25a9d6055aa4e96a29898fc
        • Opcode Fuzzy Hash: ea7e5ecc7dae20229b193c86d770180dd2fff856e02c515c12d593f4d4a4410d
        • Instruction Fuzzy Hash: 53017C21A18E0281FB50B725A855379A258AF89BF0FD48035DC1D0E7A2DEACE19A8720
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: AddressHandleModuleProc
        • String ID: GetHandleVerifier
        • API String ID: 1646373207-1090674830
        • Opcode ID: ab80ce3bc28fcd25fa87d6261bf14d4725bbf3cb5d34f5d1b1b772efc6247e41
        • Instruction ID: 1d7cf8f1e3d5f257b49e8b466fd2d8526ca0a24f2becf55d21196d8ef54b4f4e
        • Opcode Fuzzy Hash: ab80ce3bc28fcd25fa87d6261bf14d4725bbf3cb5d34f5d1b1b772efc6247e41
        • Instruction Fuzzy Hash: 7FF0D024E0EE0381FF18B716B459379A2996F88774FD48039D40F4E7A2EEACA15DC264
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: DefaultUsertry_get_function
        • String ID: GetUserDefaultLocaleName
        • API String ID: 3217810228-151340334
        • Opcode ID: 0f1c7e5c6cdda2c2324ea958a54e2502bab843c2165768b4c8bc09785bd0c08c
        • Instruction ID: 7062b35c5e2492e3d63f675b0dc6852fd06f6163a747a794c1f1fe5ae87b555e
        • Opcode Fuzzy Hash: 0f1c7e5c6cdda2c2324ea958a54e2502bab843c2165768b4c8bc09785bd0c08c
        • Instruction Fuzzy Hash: B6F0B411F1CE4282EB14A761A5401B8A35AAF587B0FC4C031D91D0E691DEBCE46CC321
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Init_thread_footerInit_thread_header
        • String ID: dummy_histogram
        • API String ID: 4092853384-2199933292
        • Opcode ID: 6a7ac5f1893231971e982dbb1a5d390b310fc0801f808efc83458486abecf276
        • Instruction ID: 59425714ba501c5e835b5ff615cde33616f137330778b63d7ab49e44d8b4cbff
        • Opcode Fuzzy Hash: 6a7ac5f1893231971e982dbb1a5d390b310fc0801f808efc83458486abecf276
        • Instruction Fuzzy Hash: 01F01920D08D079AEB10FB14E8941B5A36CBBA4330FD18175E01D4A2E1EFACA5ADDB24
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • try_get_function.LIBVCRUNTIME ref: 00007FF71181FA55
        • TlsSetValue.KERNEL32(?,?,?,00007FF71181F2BA,?,?,?,00007FF71180D881,?,?,?,?,00007FF7117FCB55), ref: 00007FF71181FA6C
        Strings
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: Valuetry_get_function
        • String ID: FlsSetValue
        • API String ID: 738293619-3750699315
        • Opcode ID: cb66da1d3934637d1ba7b551b2ad63b76012f08b66059dcb7ca1b61e700d0036
        • Instruction ID: 4a05ffd5966bce5b3ccd94d4cf607b21325323e44609684493adc33cc4eb39a0
        • Opcode Fuzzy Hash: cb66da1d3934637d1ba7b551b2ad63b76012f08b66059dcb7ca1b61e700d0036
        • Instruction Fuzzy Hash: 35E06562E0CE4292EF04AB51F4004B9A32AAF487B0FD8C576D96D0E295DEBCD56CC321
        Uniqueness

        Uniqueness Score: -1.00%

        Download Yara Rule
        APIs
        • GetLastError.KERNEL32(?,00000000,?,?,00007FF711745FBB,?,?,-5555555555555556,00007FF711745BCF), ref: 00007FF7117460D9
        • SetLastError.KERNEL32(?,00007FF711745FBB,?,?,-5555555555555556,00007FF711745BCF), ref: 00007FF711746101
        • GetLastError.KERNEL32(?,00000000,?,?,00007FF711745FBB,?,?,-5555555555555556,00007FF711745BCF), ref: 00007FF711746114
        • SetLastError.KERNEL32(?,00007FF711745FBB,?,?,-5555555555555556,00007FF711745BCF), ref: 00007FF71174613E
        Memory Dump Source
        • Source File: 00000000.00000002.654912831.00007FF711711000.00000020.00020000.sdmp, Offset: 00007FF711710000, based on PE: true
        • Associated: 00000000.00000002.654908589.00007FF711710000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655187983.00007FF7118A6000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655214227.00007FF7118CA000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655218128.00007FF7118D2000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655245189.00007FF7118F2000.00000008.00020000.sdmp Download File
        • Associated: 00000000.00000002.655251649.00007FF711900000.00000002.00020000.sdmp Download File
        • Associated: 00000000.00000002.655261882.00007FF711913000.00000002.00020000.sdmp Download File
        Joe Sandbox IDA Plugin
        • Snapshot File: hcaresult_0_2_7ff711710000_wavebrowser.jbxd
        Similarity
        • API ID: ErrorLast
        • String ID:
        • API String ID: 1452528299-0
        • Opcode ID: ecb51e047080818470a5df93c3e20f631a199872e2f60bdd26c861963c565ec0
        • Instruction ID: ea0c51765a1a486ee8d5ab0105968de27d8972ac58357d715216346270157e2d
        • Opcode Fuzzy Hash: ecb51e047080818470a5df93c3e20f631a199872e2f60bdd26c861963c565ec0
        • Instruction Fuzzy Hash: D0414F31A09E43C5EB64AB15E45537AE269EB487A0F808431D64E4AB93DFBCE48DC360
        Uniqueness

        Uniqueness Score: -1.00%