File name:

Wave Browser.zip

Full analysis: https://app.any.run/tasks/65dcaec6-2050-4fc1-82ae-38c5300b834f
Verdict: Malicious activity
Analysis date: June 19, 2024, 16:41:10
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/zip
File info: Zip archive data, at least v2.0 to extract, compression method=deflate
MD5:

A566AF47E396C2105D5CDC57E4EC5DC6

SHA1:

02F216C029334B52564F1A901A6EEACD2E3F0B87

SHA256:

0DA3A72B6F93B8FF86D5E4B05A548DDD4E7CFCE29BAB8166EA3069EAF964C8DB

SSDEEP:

49152:rt01jJMLXqLFy4NVtEaAw/01YVzZnW0QvrpF9+ogFeqs+yRl/g16j76g+dalY9G/:rgj2L6LBVtTAwsyVzZnCd+TO+yTg4jWC

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • WinRAR.exe (PID: 3344)
      • Wave Browser.exe (PID: 3432)
      • SWUpdaterSetup.exe (PID: 2752)
      • SWUpdater.exe (PID: 2108)

    • Changes the autorun value in the registry

      • SWUpdater.exe (PID: 2108)

  • SUSPICIOUS

    • Reads security settings of Internet Explorer

      • WinRAR.exe (PID: 3344)
      • Wave Browser.exe (PID: 3432)

    • Reads settings of System Certificates

      • Wave Browser.exe (PID: 3432)
      • SWUpdater.exe (PID: 3124)
      • SWUpdater.exe (PID: 2580)
      • SWUpdater.exe (PID: 3156)

    • Reads the Internet Settings

      • Wave Browser.exe (PID: 3432)
      • SWUpdater.exe (PID: 2580)
      • SWUpdater.exe (PID: 3124)
      • SWUpdater.exe (PID: 3156)
      • taskmgr.exe (PID: 3328)

    • Executable content was dropped or overwritten

      • Wave Browser.exe (PID: 3432)
      • SWUpdaterSetup.exe (PID: 2752)
      • SWUpdater.exe (PID: 2108)

    • Starts itself from another location

      • SWUpdater.exe (PID: 2108)

    • Creates/Modifies COM task schedule object

      • SWUpdater.exe (PID: 2092)

    • Application launched itself

      • SWUpdater.exe (PID: 2580)
      • taskmgr.exe (PID: 3328)

  • INFO

    • Checks supported languages

      • Wave Browser.exe (PID: 3432)
      • SWUpdaterSetup.exe (PID: 2752)
      • SWUpdater.exe (PID: 2108)
      • SWUpdater.exe (PID: 2092)
      • SWUpdater.exe (PID: 3124)
      • SWUpdater.exe (PID: 2952)
      • SWUpdater.exe (PID: 2580)
      • SWUpdater.exe (PID: 3156)
      • SWUpdater.exe (PID: 2036)

    • Reads the computer name

      • Wave Browser.exe (PID: 3432)
      • SWUpdater.exe (PID: 2108)
      • SWUpdater.exe (PID: 2952)
      • SWUpdater.exe (PID: 3124)
      • SWUpdater.exe (PID: 2580)
      • SWUpdater.exe (PID: 3156)

    • Reads the machine GUID from the registry

      • Wave Browser.exe (PID: 3432)
      • SWUpdater.exe (PID: 2108)
      • SWUpdater.exe (PID: 2580)
      • SWUpdater.exe (PID: 2952)
      • SWUpdater.exe (PID: 3124)
      • SWUpdater.exe (PID: 3156)

    • Disables trace logs

      • Wave Browser.exe (PID: 3432)

    • Create files in a temporary directory

      • Wave Browser.exe (PID: 3432)
      • SWUpdaterSetup.exe (PID: 2752)

    • Reads Environment values

      • Wave Browser.exe (PID: 3432)

    • Reads the software policy settings

      • Wave Browser.exe (PID: 3432)
      • SWUpdater.exe (PID: 3124)
      • SWUpdater.exe (PID: 3156)
      • SWUpdater.exe (PID: 2580)

    • Executable content was dropped or overwritten

      • WinRAR.exe (PID: 3344)

    • Manual execution by a user

      • mmc.exe (PID: 3116)
      • taskmgr.exe (PID: 3328)
      • taskmgr.exe (PID: 2120)
      • mmc.exe (PID: 2528)
      • powershell.exe (PID: 540)

    • Reads security settings of Internet Explorer

      • taskmgr.exe (PID: 3328)

    • Checks current location (POWERSHELL)

      • powershell.exe (PID: 540)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.zip | ZIP compressed archive (100)

EXIF

ZIP

ZipRequiredVersion: 20
ZipBitFlag: -
ZipCompression: Deflated
ZipModifyDate: 2024:06:05 09:40:40
ZipCRC: 0x093ccd08
ZipCompressedSize: 915498
ZipUncompressedSize: 1274792
ZipFileName: Wave Browser.exe
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
70
Monitored processes
17
Malicious processes
7
Suspicious processes
1

Behavior graph

Click at the process to see the details
start winrar.exe wave browser.exe swupdatersetup.exe swupdater.exe swupdater.exe no specs swupdater.exe swupdater.exe no specs swupdater.exe swupdater.exe swupdater.exe no specs mmc.exe no specs mmc.exe taskmgr.exe no specs taskmgr.exe no specs taskmgr.exe powershell.exe wininit.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
540"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
explorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Windows PowerShell
Version:
10.0.14409.1005 (rs1_srvoob.161208-1155)
Modules
Images
c:\windows\system32\windowspowershell\v1.0\powershell.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\atl.dll
c:\windows\system32\user32.dll
2036"C:\Users\admin\Wavesor Software\SWUpdater\SWUpdater.exe" /unregserverC:\Users\admin\Wavesor Software\SWUpdater\SWUpdater.exeSWUpdater.exe
User:
admin
Company:
Wavesor Software
Integrity Level:
MEDIUM
Description:
Wavesor SWUpdater
Exit code:
0
Version:
1.3.133.0
Modules
Images
c:\users\admin\wavesor software\swupdater\swupdater.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
2092"C:\Users\admin\Wavesor Software\SWUpdater\SWUpdater.exe" /regserverC:\Users\admin\Wavesor Software\SWUpdater\SWUpdater.exeSWUpdater.exe
User:
admin
Company:
Wavesor Software
Integrity Level:
MEDIUM
Description:
Wavesor SWUpdater
Exit code:
0
Version:
1.3.133.0
Modules
Images
c:\users\admin\wavesor software\swupdater\swupdater.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
2108C:\Users\admin\AppData\Local\Temp\GUM2A72.tmp\SWUpdater.exe /install "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1"C:\Users\admin\AppData\Local\Temp\GUM2A72.tmp\SWUpdater.exe
SWUpdaterSetup.exe
User:
admin
Company:
Wavesor Software
Integrity Level:
MEDIUM
Description:
Wavesor SWUpdater
Exit code:
2147747849
Version:
1.3.133.0
Modules
Images
c:\users\admin\appdata\local\temp\gum2a72.tmp\swupdater.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
2120"C:\Windows\system32\taskmgr.exe" /4C:\Windows\System32\taskmgr.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Task Manager
Exit code:
1
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\taskmgr.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
2528"C:\Windows\system32\mmc.exe" "C:\Windows\system32\taskschd.msc" /sC:\Windows\System32\mmc.exe
explorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft Management Console
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\mmc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\mfc42u.dll
2580"C:\Users\admin\Wavesor Software\SWUpdater\SWUpdater.exe" -EmbeddingC:\Users\admin\Wavesor Software\SWUpdater\SWUpdater.exe
svchost.exe
User:
admin
Company:
Wavesor Software
Integrity Level:
MEDIUM
Description:
Wavesor SWUpdater
Exit code:
0
Version:
1.3.133.0
Modules
Images
c:\users\admin\wavesor software\swupdater\swupdater.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
2752"C:\Users\admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe" /install "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1"C:\Users\admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exe
Wave Browser.exe
User:
admin
Company:
Wavesor Software
Integrity Level:
MEDIUM
Description:
Wavesor SWUpdater Setup
Exit code:
2147747849
Version:
1.3.133.0
Modules
Images
c:\users\admin\appdata\local\temp\wave\swupdatersetup.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
2908"C:\Windows\system32\taskmgr.exe" /1C:\Windows\System32\taskmgr.exe
taskmgr.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Windows Task Manager
Exit code:
1
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\taskmgr.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
2952"C:\Users\admin\Wavesor Software\SWUpdater\SWUpdater.exe" /handoff "bundlename=WaveBrowser&appguid={EB149AD2-CE4E-4F51-B7FC-A149FAA4CCAF}&appname=WaveBrowser&needsadmin=False&lang=en&usagestats=1&installdataindex=1" /installsource otherinstallcmd /sessionid "{3DC9251F-8E59-473B-BB41-A85CC8FF6649}"C:\Users\admin\Wavesor Software\SWUpdater\SWUpdater.exeSWUpdater.exe
User:
admin
Company:
Wavesor Software
Integrity Level:
MEDIUM
Description:
Wavesor SWUpdater
Exit code:
2147747849
Version:
1.3.133.0
Modules
Images
c:\users\admin\wavesor software\swupdater\swupdater.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
Total events
30 441
Read events
29 920
Write events
331
Delete events
190

Modification events

(PID) Process:(3344) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
Operation:writeName:ShellExtBMP
Value:
(PID) Process:(3344) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
Operation:writeName:ShellExtIcon
Value:
(PID) Process:(3344) WinRAR.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\182\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(3344) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:3
Value:
C:\Users\admin\Desktop\phacker.zip
(PID) Process:(3344) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:2
Value:
C:\Users\admin\Desktop\Win7-KB3191566-x86.zip
(PID) Process:(3344) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:1
Value:
C:\Users\admin\Desktop\curl-8.5.0_1-win32-mingw.zip
(PID) Process:(3344) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\AppData\Local\Temp\Wave Browser.zip
(PID) Process:(3344) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(3344) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(3344) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
Executable files
27
Suspicious files
6
Text files
1
Unknown types
0

Dropped files

PID
Process
Filename
Type
2752SWUpdaterSetup.exeC:\Users\admin\AppData\Local\Temp\GUM2A72.tmp\SWUpdaterBroker.exeexecutable
MD5:558A3FA51457575EA29F9B041729EE8B
SHA256:74BD216198FF11F08542473AAA7E5A619B50574E344BA8E8CA2C19FF497BF284
3344WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXa3344.9358\Wave Browser.exeexecutable
MD5:1684AAB6FAE1ED888CF6D3C45E3F5FA7
SHA256:4114122C0DCA23F637D83EED33F9ABCDC92709E2AC6F63FFD55F5AAE519B58AB
2752SWUpdaterSetup.exeC:\Users\admin\AppData\Local\Temp\GUM2A72.tmp\SWUpdater.exeexecutable
MD5:57428456C6E6C2EA328C864681DB5DF3
SHA256:EE87747102EBA8844939352740D0BB6C4A67F10C2656961CB2722CD42BA99F40
2752SWUpdaterSetup.exeC:\Users\admin\AppData\Local\Temp\GUM2A72.tmp\swupdater.dllexecutable
MD5:D388D67A1861F9D0CC4F6EDFA97861B4
SHA256:B21F99F14B4CCC78C5E01C269A8EBA83AE0C5912B46D8C1554F329A1076A7617
2752SWUpdaterSetup.exeC:\Users\admin\AppData\Local\Temp\GUM2A72.tmp\psmachine_64.dllexecutable
MD5:19E105E099B7653CF60FF5783EC59453
SHA256:7E05780AFFFB2834EC4E2E1D67C9031616C13394CCFEB3A3C678415F19BA1104
2752SWUpdaterSetup.exeC:\Users\admin\AppData\Local\Temp\GUM2A72.tmp\SWUpdaterOnDemand.exeexecutable
MD5:29B0571D015318EDB1C292AEA8011179
SHA256:CEA433E8FEA8DCF1705016545ABD150A2891291AE122A776CD66DDB802A17587
2752SWUpdaterSetup.exeC:\Users\admin\AppData\Local\Temp\GUM2A72.tmp\psmachine.dllexecutable
MD5:B10F0939BCE18AD24102C03769DDAB9B
SHA256:442AF0A1A403E17B5E5676CB49973D9E3AE067CFE9EFB8B669BF413F7B5A2E1D
2752SWUpdaterSetup.exeC:\Users\admin\AppData\Local\Temp\GUM2A72.tmp\psuser.dllexecutable
MD5:71DD0ABC865C9D8873E93478707A16D8
SHA256:A0439F5455EF696B70A230AB76C15F4BC3D7571AD4FBC32FDA95247789AA5822
2752SWUpdaterSetup.exeC:\Users\admin\AppData\Local\Temp\GUM2A72.tmp\SWUpdaterComRegisterShell64.exeexecutable
MD5:10B82DC9D9A29BC4AF224981F0E1C6FE
SHA256:00CD644354032257A39FF710DDD03E9FB98348F5323DEC31CA670C903D68274C
3432Wave Browser.exeC:\Users\admin\AppData\Local\Temp\Wave\SWUpdaterSetup.exeexecutable
MD5:18693249F3A283E83B8179E692FFBBA9
SHA256:3D828BCCCC628E7096856337B178DA5608A6C3DB99383374E6C49D50A1895E64
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
4
TCP/UDP connections
16
DNS requests
7
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
1372
svchost.exe
GET
304
23.53.40.72:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?33775f6043c93e33
unknown
unknown
1372
svchost.exe
GET
200
23.48.23.156:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
unknown
1372
svchost.exe
GET
200
184.30.21.171:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
unknown
1060
svchost.exe
GET
304
23.53.40.40:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?8f69642324cc87bd
unknown
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
1372
svchost.exe
51.104.136.2:443
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4
System
192.168.100.255:137
whitelisted
1060
svchost.exe
224.0.0.252:5355
unknown
4
System
192.168.100.255:138
whitelisted
2564
svchost.exe
239.255.255.250:3702
unknown
3432
Wave Browser.exe
34.228.96.181:443
api.wavebrowserbase.com
AMAZON-AES
US
unknown
1372
svchost.exe
51.124.78.146:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
1372
svchost.exe
23.53.40.72:80
ctldl.windowsupdate.com
Akamai International B.V.
DE
unknown
1372
svchost.exe
23.48.23.156:80
crl.microsoft.com
Akamai International B.V.
DE
unknown
1372
svchost.exe
184.30.21.171:80
www.microsoft.com
AKAMAI-AS
DE
unknown

DNS requests

Domain
IP
Reputation
api.wavebrowserbase.com
  • 34.228.96.181
  • 35.169.100.38
  • 3.89.13.228
  • 34.206.63.247
  • 54.88.56.221
  • 34.199.52.222
unknown
settings-win.data.microsoft.com
  • 51.124.78.146
whitelisted
ctldl.windowsupdate.com
  • 23.53.40.72
  • 23.53.40.49
  • 23.53.40.18
  • 23.53.40.40
  • 23.53.40.35
  • 23.53.40.56
  • 23.53.40.41
whitelisted
crl.microsoft.com
  • 23.48.23.156
  • 23.48.23.143
whitelisted
www.microsoft.com
  • 184.30.21.171
whitelisted
swupdater.com
  • 3.224.68.88
  • 18.211.232.251
unknown

Threats

No threats detected
Process
Message
mmc.exe
Constructor: Microsoft.TaskScheduler.SnapIn.TaskSchedulerSnapIn
mmc.exe
OnInitialize: Microsoft.TaskScheduler.SnapIn.TaskSchedulerSnapIn
mmc.exe
AddIcons: Microsoft.TaskScheduler.SnapIn.TaskSchedulerSnapIn
mmc.exe
ProcessCommandLineArguments: Microsoft.TaskScheduler.SnapIn.TaskSchedulerSnapIn
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
Wave Browser.zip