Analysis
-
max time kernel
79s -
max time network
179s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
24-01-2022 02:42
General
-
Target
fa68aa01fad37dd7e7d6222ef833ec4e63317c0821a45834dfe284fdafb9069a.exe
-
Size
7.2MB
-
MD5
7560bc4862c99de7d33cd3ae6c93ba8a
-
SHA1
ec1b474aaf772c85c0714e70f8096825a3b63b12
-
SHA256
fa68aa01fad37dd7e7d6222ef833ec4e63317c0821a45834dfe284fdafb9069a
-
SHA512
c209e4bde2e6e36e5480edf11ca67a887724fa5b46836ce4fffc1c814f67132ce88f59b46bb3a1861db28943b8df80e8f0606f52ba0918a68f9f2256fbeb7591
Score
10/10
Malware Config
Signatures
-
StrongPity
StrongPity is a spyware developed by PROMETHIUM APT group mainly used in government sponsored attacks.
-
StrongPity Spyware 4 IoCs
-
suricata: ET MALWARE Possible Malicious Macro DL EXE Feb 2016 (WinHTTPRequest)
suricata: ET MALWARE Possible Malicious Macro DL EXE Feb 2016 (WinHTTPRequest)
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Blocklisted process makes network request 14 IoCs
-
Downloads MZ/PE file
-
Executes dropped EXE 5 IoCs
-
Modifies Windows Firewall 1 TTPs
-
Loads dropped DLL 6 IoCs
-
Checks for any installed AV software in registry 1 TTPs 1 IoCs
-
Drops file in System32 directory 2 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
NSIS installer 3 IoCs
-
Modifies Internet Explorer settings 1 TTPs 5 IoCs
-
Runs net.exe
-
Script User-Agent 9 IoCs
Uses user-agent string associated with script host/environment.
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
-
Suspicious use of WriteProcessMemory 48 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\fa68aa01fad37dd7e7d6222ef833ec4e63317c0821a45834dfe284fdafb9069a.exe"C:\Users\Admin\AppData\Local\Temp\fa68aa01fad37dd7e7d6222ef833ec4e63317c0821a45834dfe284fdafb9069a.exe"1⤵
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-17-Online.exe"C:\Users\Admin\AppData\Local\Temp\DriverPack-17-Online.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\reg.exeC:\Windows\system32\reg.exe import "C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\Tools\patch.reg"3⤵
- Modifies Internet Explorer settings
-
-
C:\Windows\SysWOW64\mshta.exeC:\Windows\system32\mshta.exe "C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\run.hta" --sfx "DriverPack-17-Online.exe"3⤵
- Blocklisted process makes network request
- Checks for any installed AV software in registry
- Modifies Internet Explorer settings
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c "netsh advfirewall firewall delete rule name="DriverPack aria2c.exe" || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_71770.txt""4⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\netsh.exenetsh advfirewall firewall delete rule name="DriverPack aria2c.exe"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c "netsh advfirewall firewall add rule name="DriverPack aria2c.exe" dir=in action=allow program="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\aria2c.exe" || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_78710.txt""4⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\netsh.exenetsh advfirewall firewall add rule name="DriverPack aria2c.exe" dir=in action=allow program="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\aria2c.exe"5⤵
-
-
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" start wscsvc4⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 start wscsvc5⤵
-
-
-
C:\Windows\SysWOW64\net.exe"C:\Windows\System32\net.exe" start wscsvc4⤵
-
C:\Windows\SysWOW64\net1.exeC:\Windows\system32\net1 start wscsvc5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_58116.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_58116.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_58116.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_63499.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_63499.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_63499.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_71682.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_71682.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_71682.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/intro.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_72066.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_72066.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/intro.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_72066.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_41712.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_41712.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_41712.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_5921.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_5921.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_5921.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/DRP_TEAM-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_54995.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_54995.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/DRP_TEAM-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_54995.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_47620.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_47620.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_47620.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_27256.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_27256.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_27256.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/DRP_TEAM-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_21473.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_21473.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/DRP_TEAM-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_21473.log"5⤵
-
-
-
C:\Windows\SysWOW64\rundll32.exerundll32 kernel32,Sleep4⤵
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_47010.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_47010.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_47010.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_27993.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_27993.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_27993.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_86918.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_86918.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_86918.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_17185.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_17185.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_17185.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_73816.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_73816.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_73816.log"5⤵
-
-
-
C:\Windows\SysWOW64\rundll32.exerundll32 kernel32,Sleep4⤵
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/tools/DriverPack-Alice.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_70667.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\aria2c.exe"tools\aria2c.exe" "http://dl.driverpack.io/tools/DriverPack-Alice.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=1205⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/soft/DirectX.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_30845.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\aria2c.exe"tools\aria2c.exe" "http://dl.driverpack.io/soft/DirectX.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=1205⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/soft/RuntimePack.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_76846.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\aria2c.exe"tools\aria2c.exe" "http://dl.driverpack.io/soft/RuntimePack.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=1205⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/soft/DotNetXP.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_15678.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\aria2c.exe"tools\aria2c.exe" "http://dl.driverpack.io/soft/DotNetXP.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=1205⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/soft/Chrone.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_55696.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\aria2c.exe"tools\aria2c.exe" "http://dl.driverpack.io/soft/Chrone.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=1205⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_58868.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_58868.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_58868.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_3451.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_3451.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_3451.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROTECT-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_35129.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_35129.txt""4⤵
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROTECT-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_3430.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_3430.txt""4⤵
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROTECT-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_93828.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_93828.txt""4⤵
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_61052.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_61052.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_61052.log"5⤵
-
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-5.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_8985.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_8985.txt""4⤵
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-4.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_63548.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_63548.txt""4⤵
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_35306.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_35306.txt""4⤵
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_97942.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_97942.txt""4⤵
-
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-6.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_23977.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_23977.txt""4⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-6.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_23977.log"5⤵
-
-
-
-
-
C:\Windows\SysWOW64\seceditr.exeC:\Windows\system32\\seceditr.exe help2⤵
- Executes dropped EXE
-
-
C:\Windows\SysWOW64\seceditr.exeC:\Windows\SysWOW64\seceditr.exe1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\winslui32.exe"C:\Windows\system32\\winslui32.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\ACB-D11C-335AAF\spools32.exe"C:\Users\Admin\AppData\Local\Temp\ACB-D11C-335AAF\spools32.exe"3⤵
- Executes dropped EXE
-
-
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROTECT-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_3430.log"1⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROTECT-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_35129.log"1⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROTECT-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_93828.log"1⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-4.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_63548.log"1⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_35306.log"1⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-5.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_8985.log"1⤵
-
C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\tools\driverpack-wget.exe"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-2022012443025\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_97942.log"1⤵
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
8KB