4f99a508b9a1ee927425cb60dabbef9262afff15f36b8bed21eb02771955a95b

Analysis

max time kernel
151s
max time network
204s
platform
windows10-2004_x64
resource
win10v2004-20220721-en
resource tags

arch:x64arch:x86image:win10v2004-20220721-enlocale:en-usos:windows10-2004-x64system
submitted
12-08-2022 07:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

DriverPack-17-Online.exe
Size

8.6MB
MD5

b2bd71bc2ca60dc56ce7a249fff69c42
SHA1

6b8d4ec65300d9147105d1b72a4731ce68afb9fa
SHA256

4f99a508b9a1ee927425cb60dabbef9262afff15f36b8bed21eb02771955a95b
SHA512

ce28dad8b6ddf721aa3c894ed78b1da64714ffd39156dbaf79a717065e7f3ec7f1d89d65281a782d32003b9f2db7a059f264d6d8f4173db730f2d1843648cc1d

Score

8^/10

discovery evasion upx

Malware Config

Signatures

Blocklisted process makes network request 40 IoCs

Processes:

mshta.execmd.exe

flow	pid	process
59	8	mshta.exe
60	8	mshta.exe
64	8	mshta.exe
66	8	mshta.exe
69	8	mshta.exe
71	8	mshta.exe
73	8	mshta.exe
75	8	mshta.exe
77	8	mshta.exe
79	8	mshta.exe
81	8	mshta.exe
82	8	mshta.exe
83	8	mshta.exe
87	8	mshta.exe
89	8	mshta.exe
90	8	mshta.exe
91	8	mshta.exe
92	8	mshta.exe
93	8	mshta.exe
99	8	mshta.exe
100	8	mshta.exe
101	8	mshta.exe
102	8	mshta.exe
103	8	mshta.exe
104	8	mshta.exe
105	8	mshta.exe
106	8	mshta.exe
108	784	cmd.exe
115	8	mshta.exe
116	8	mshta.exe
117	8	mshta.exe
118	8	mshta.exe
123	8	mshta.exe
124	8	mshta.exe
125	8	mshta.exe
129	8	mshta.exe
130	8	mshta.exe
133	8	mshta.exe
134	8	mshta.exe
135	8	mshta.exe

Downloads MZ/PE file

Executes dropped EXE 24 IoCs

Processes:

driverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.execmd.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exewmiprvse.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exe

pid	process
4100	driverpack-wget.exe
612	driverpack-wget.exe
4108	driverpack-wget.exe
3100	driverpack-wget.exe
2152	driverpack-wget.exe
2084	driverpack-wget.exe
784	cmd.exe
4932	driverpack-wget.exe
5012	driverpack-wget.exe
2484	driverpack-wget.exe
1852	driverpack-wget.exe
1676	driverpack-wget.exe
4524	driverpack-wget.exe
4880	driverpack-wget.exe
4596	wmiprvse.exe
3592	driverpack-wget.exe
4420	driverpack-wget.exe
4044	driverpack-wget.exe
3156	driverpack-wget.exe
4300	driverpack-wget.exe
4920	driverpack-wget.exe
4384	driverpack-wget.exe
3700	driverpack-wget.exe
1664	driverpack-wget.exe

Modifies Windows Firewall 1 TTPs 2 IoCs
evasion

Modify Existing Service
T1031

Processes:

netsh.exenetsh.exe

pid process

5032 netsh.exe
2420 netsh.exe

pid	process
5032	netsh.exe
2420	netsh.exe

UPX packed file 63 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
behavioral3/memory/4100-176-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4100-183-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
behavioral3/memory/612-184-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/3100-186-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4108-185-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
behavioral3/memory/784-219-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/2484-223-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/1852-224-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/1676-225-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/5012-222-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4932-221-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/2084-216-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/2152-212-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
behavioral3/memory/4880-249-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4596-250-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/3592-254-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4596-253-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4880-252-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/3592-251-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4524-247-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4044-266-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/3156-267-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/3156-269-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4420-268-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4420-265-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4920-275-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4300-274-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/3700-285-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4384-286-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/1664-287-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/1084-295-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/2608-297-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4020-296-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/2420-298-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4200-299-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/1480-303-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/3276-306-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4832-307-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/4820-305-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/3480-310-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/5116-311-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/3604-312-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/2852-313-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/796-319-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/2996-318-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral3/memory/2720-317-0x0000000000400000-0x00000000004EF000-memory.dmp	upx

Checks computer location settings 2 TTPs 2 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

Processes:

cmd.exemshta.exe

description	ioc	process
Key value queried	\REGISTRY\USER\S-1-5-21-2660308776-3705150086-26593515-1000\Control Panel\International\Geo\Nation	cmd.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2660308776-3705150086-26593515-1000\Control Panel\International\Geo\Nation	mshta.exe

Loads dropped DLL 3 IoCs

Processes:

DriverPack-17-Online.exe

pid process

316 DriverPack-17-Online.exe
316 DriverPack-17-Online.exe
316 DriverPack-17-Online.exe
Checks for any installed AV software in registry 1 TTPs 1 IoCs

Security Software Discovery
T1063

Processes:

mshta.exe

description ioc process

Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast mshta.exe
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

pid	process
316	DriverPack-17-Online.exe
316	DriverPack-17-Online.exe
316	DriverPack-17-Online.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast	mshta.exe

Drops file in Program Files directory 64 IoCs

Processes:

DriverPack-17-Online.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exe

description	ioc	process
File created	C:\Program Files (x86)\DriverPack\img\screens\menu-diagnostics.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\device-class\default.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\device-class\new-ui\inputdev.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\device-class\new-ui\sound.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\programs\installed-programs_info-warn.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\languages\fa.js	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\languages\te.js	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\css\fonts\DRPicons\DRPicons-webfont.svg	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\banner_opera-bg.gif	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\drivers\bluetooth.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\controls\pause.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\drivers\Scanner.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\programs\uninstall-single-loader.gif	DriverPack-17-Online.exe
File opened for modification	C:\Program Files (x86)\DriverPack\audio\en\EXPERT-PROTECT-1.mp3	driverpack-wget.exe
File created	C:\Program Files (x86)\DriverPack\img\assistant-chat\no-sound.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\assistant-chat\start-chat-img.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\fake-installation\vpn.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\screens\menu-offline.png	DriverPack-17-Online.exe
File opened for modification	C:\Program Files (x86)\DriverPack\audio\en\EXPERT-DRIVERS-1.mp3	driverpack-wget.exe
File opened for modification	C:\Program Files (x86)\DriverPack\audio\en\TEAM-PROOF-1.mp3	driverpack-wget.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\drivers\tvtuner.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\new-ui\programs-finish.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\onboarding\likes\down.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\onboarding-new\waiting.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\languages\el.js	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\games\games-bottom-logo.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\controls\reload_disable.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\controls\reload_hover.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\languages\ka.js	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\audio\en\intro.mp3	driverpack-wget.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\controls\play_hover.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\banner_auth-bg.jpg	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\bugreport\BugReport_icon_ie.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\charms\setup.jpg	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\final\final_success$2x.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\assistant-chat\no-sound-hover.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\device-class\monitor.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\onboarding-new\compilation.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\DriverPackSolution.html	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\charms\toolkit.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\banner_browsers-bg.jpg	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\languages\sw.js	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\css\fonts\ProximaNova\proxima_nova_semibold-webfont.ttf	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\screens\arrow-start-screen-toggle.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\screens\menu-games.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\onboarding-new\opera-notebook.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\languages\yo.js	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\audio\en\EXPERT-DRIVERS-1.mp3	driverpack-wget.exe
File created	C:\Program Files (x86)\DriverPack\css\fonts\Open-Sans\opensans-semibold-webfont.ttf	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\med_logo_ui2.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\new-ui-assistant\arrow-right.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\games\games-button-icon-green.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\screens\driver-filter-arrow.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\Uninstall.exe	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\no_internet\no_internet-complete.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\languages\de.js	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\languages\ko.js	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\languages\ps.js	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\audio\en\ANTIVIRUS-3.mp3	driverpack-wget.exe
File created	C:\Program Files (x86)\DriverPack\css\fonts\Open-Sans\opensans-semibold-webfont.eot	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\controls\less_hover.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\controls\play.png	DriverPack-17-Online.exe
File created	C:\Program Files (x86)\DriverPack\audio\en\ANTIVIRUS-1.mp3	driverpack-wget.exe
File created	C:\Program Files (x86)\DriverPack\img\screens\configurator-loader.gif	DriverPack-17-Online.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Modifies registry class 2 IoCs

Processes:

cmd.exemshta.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-2660308776-3705150086-26593515-1000_Classes\Local Settings	cmd.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2660308776-3705150086-26593515-1000\{225F0E75-FF50-4EC5-A3DC-F6CB0E50B6B8}	mshta.exe

Runs net.exe

Script User-Agent 4 IoCs

Uses user-agent string associated with script host/environment.

Processes:

description	flow	ioc
HTTP User-Agent header	164	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	167	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	135	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	163	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)

Suspicious use of AdjustPrivilegeToken 56 IoCs

Processes:

mshta.exeAUDIODG.EXE

description	pid	process
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: 33	4784	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4784	AUDIODG.EXE
Token: 33	8	mshta.exe
Token: SeIncBasePriorityPrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe
Token: SeShutdownPrivilege	8	mshta.exe
Token: SeCreatePagefilePrivilege	8	mshta.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

DriverPack-17-Online.execmd.exemshta.execmd.execmd.execmd.execmd.execmd.execmd.exe

description	pid	process	target process
PID 316 wrote to memory of 3528	316	DriverPack-17-Online.exe	cmd.exe
PID 316 wrote to memory of 3528	316	DriverPack-17-Online.exe	cmd.exe
PID 316 wrote to memory of 3528	316	DriverPack-17-Online.exe	cmd.exe
PID 3528 wrote to memory of 8	3528	cmd.exe	mshta.exe
PID 3528 wrote to memory of 8	3528	cmd.exe	mshta.exe
PID 3528 wrote to memory of 8	3528	cmd.exe	mshta.exe
PID 8 wrote to memory of 2464	8	mshta.exe	rundll32.exe
PID 8 wrote to memory of 2464	8	mshta.exe	rundll32.exe
PID 8 wrote to memory of 2464	8	mshta.exe	rundll32.exe
PID 8 wrote to memory of 3432	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 3432	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 3432	8	mshta.exe	cmd.exe
PID 3432 wrote to memory of 2420	3432	cmd.exe	netsh.exe
PID 3432 wrote to memory of 2420	3432	cmd.exe	netsh.exe
PID 3432 wrote to memory of 2420	3432	cmd.exe	netsh.exe
PID 8 wrote to memory of 3964	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 3964	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 3964	8	mshta.exe	cmd.exe
PID 3964 wrote to memory of 5032	3964	cmd.exe	netsh.exe
PID 3964 wrote to memory of 5032	3964	cmd.exe	netsh.exe
PID 3964 wrote to memory of 5032	3964	cmd.exe	netsh.exe
PID 8 wrote to memory of 4988	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 4988	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 4988	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 3480	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 3480	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 3480	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 1292	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 1292	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 1292	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 1768	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 1768	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 1768	8	mshta.exe	cmd.exe
PID 3480 wrote to memory of 4100	3480	cmd.exe	driverpack-wget.exe
PID 3480 wrote to memory of 4100	3480	cmd.exe	driverpack-wget.exe
PID 3480 wrote to memory of 4100	3480	cmd.exe	driverpack-wget.exe
PID 4988 wrote to memory of 612	4988	cmd.exe	driverpack-wget.exe
PID 4988 wrote to memory of 612	4988	cmd.exe	driverpack-wget.exe
PID 4988 wrote to memory of 612	4988	cmd.exe	driverpack-wget.exe
PID 1292 wrote to memory of 3100	1292	cmd.exe	driverpack-wget.exe
PID 1292 wrote to memory of 3100	1292	cmd.exe	driverpack-wget.exe
PID 1292 wrote to memory of 3100	1292	cmd.exe	driverpack-wget.exe
PID 1768 wrote to memory of 4108	1768	cmd.exe	driverpack-wget.exe
PID 1768 wrote to memory of 4108	1768	cmd.exe	driverpack-wget.exe
PID 1768 wrote to memory of 4108	1768	cmd.exe	driverpack-wget.exe
PID 8 wrote to memory of 2180	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 2180	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 2180	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 2528	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 2528	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 2528	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 4016	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 4016	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 4016	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 820	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 820	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 820	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 1124	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 1124	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 1124	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 3940	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 3940	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 3940	8	mshta.exe	cmd.exe
PID 8 wrote to memory of 3960	8	mshta.exe	cmd.exe

C:\Users\Admin\AppData\Local\Temp\DriverPack-17-Online.exe
"C:\Users\Admin\AppData\Local\Temp\DriverPack-17-Online.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
PID:316

C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Program Files (x86)\DriverPack\start.bat" "DriverPack-17-Online.exe""
2⤵
- Checks computer location settings
- Modifies registry class
- Suspicious use of WriteProcessMemory
PID:3528

C:\Windows\SysWOW64\mshta.exe
"C:\Windows\SysWOW64\mshta.exe" "C:\Program Files (x86)\DriverPack\run.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} --sfx "DriverPack-17-Online.exe"
3⤵
- Blocklisted process makes network request
- Checks computer location settings
- Checks for any installed AV software in registry
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:8

C:\Windows\SysWOW64\rundll32.exe
rundll32 kernel32,Sleep
4⤵
PID:2464

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c "netsh advfirewall firewall delete rule name="DriverPack aria2c.exe" || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_17398.txt""
4⤵
- Suspicious use of WriteProcessMemory
PID:3432

C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall delete rule name="DriverPack aria2c.exe"
5⤵
- Modifies Windows Firewall
PID:2420

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c "netsh advfirewall firewall add rule name="DriverPack aria2c.exe" dir=in action=allow program="C:\Program Files (x86)\DriverPack\tools\aria2c.exe" || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_94875.txt""
4⤵
- Suspicious use of WriteProcessMemory
PID:3964

C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall add rule name="DriverPack aria2c.exe" dir=in action=allow program="C:\Program Files (x86)\DriverPack\tools\aria2c.exe"
5⤵
- Modifies Windows Firewall
PID:5032

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/intro.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_80914.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_80914.txt""
4⤵
- Suspicious use of WriteProcessMemory
PID:4988

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/intro.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_80914.log"
5⤵
- Executes dropped EXE
- Drops file in Program Files directory
PID:612

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/START-INITIAL-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_35609.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_35609.txt""
4⤵
- Suspicious use of WriteProcessMemory
PID:3480

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/START-INITIAL-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_35609.log"
5⤵
- Executes dropped EXE
PID:4100

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/START-LOADED-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_33473.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_33473.txt""
4⤵
- Suspicious use of WriteProcessMemory
PID:1292

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/START-LOADED-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_33473.log"
5⤵
- Executes dropped EXE
PID:3100

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/START-SETUP-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_20183.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_20183.txt""
4⤵
- Suspicious use of WriteProcessMemory
PID:1768

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/START-SETUP-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_20183.log"
5⤵
- Executes dropped EXE
PID:4108

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_35565.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_35565.txt""
4⤵
PID:2180

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_35565.log"
5⤵
- Executes dropped EXE
- Drops file in Program Files directory
PID:2152

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_56751.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_56751.txt""
4⤵
PID:4016

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_56751.log"
5⤵
PID:784

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_83039.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_83039.txt""
4⤵
PID:820

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_83039.log"
5⤵
- Executes dropped EXE
- Drops file in Program Files directory
PID:5012

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_48533.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_48533.txt""
4⤵
PID:3940

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_48533.log"
5⤵
- Executes dropped EXE
PID:1676

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_19879.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_19879.txt""
4⤵
PID:2264

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_19879.log"
5⤵
- Executes dropped EXE
PID:1852

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_67156.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_67156.txt""
4⤵
PID:3960

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_67156.log"
5⤵
- Executes dropped EXE
PID:2484

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_29629.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_29629.txt""
4⤵
PID:1124

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_29629.log"
5⤵
- Executes dropped EXE
PID:4932

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_30343.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_30343.txt""
4⤵
PID:2528

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_30343.log"
5⤵
- Executes dropped EXE
PID:2084

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_20987.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_20987.txt""
4⤵
PID:4988

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_20987.log"
5⤵
- Executes dropped EXE
- Drops file in Program Files directory
PID:3592

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_57028.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_57028.txt""
4⤵
PID:4052

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_57028.log"
5⤵
PID:4596

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_88473.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_88473.txt""
4⤵
PID:3608

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_88473.log"
5⤵
- Executes dropped EXE
- Drops file in Program Files directory
PID:4524

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_89872.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_89872.txt""
4⤵
PID:4600

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_89872.log"
5⤵
- Executes dropped EXE
PID:4880

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_67625.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_67625.txt""
4⤵
PID:3400

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_67625.log"
5⤵
- Executes dropped EXE
PID:4420

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_72879.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_72879.txt""
4⤵
- Blocklisted process makes network request
- Executes dropped EXE
PID:784

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_72879.log"
5⤵
- Executes dropped EXE
PID:4044

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_19954.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_19954.txt""
4⤵
PID:1468

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_19954.log"
5⤵
- Executes dropped EXE
PID:3156

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_7323.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_7323.txt""
4⤵
PID:4016

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_7323.log"
5⤵
- Executes dropped EXE
PID:4300

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_48169.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_48169.txt""
4⤵
PID:3960

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_48169.log"
5⤵
- Executes dropped EXE
PID:4920

C:\Windows\SysWOW64\net.exe
"C:\Windows\System32\net.exe" start wscsvc
4⤵
PID:2452

C:\Windows\SysWOW64\net1.exe
C:\Windows\system32\net1 start wscsvc
5⤵
PID:3060

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-PROTECT-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_7525.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_7525.txt""
4⤵
PID:1648

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-PROTECT-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_7525.log"
5⤵
- Executes dropped EXE
- Drops file in Program Files directory
PID:4384

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-PROTECT-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_99702.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_99702.txt""
4⤵
PID:2116

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-PROTECT-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_99702.log"
5⤵
- Executes dropped EXE
PID:3700

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-PROTECT-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_9231.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_9231.txt""
4⤵
PID:4792

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-PROTECT-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_9231.log"
5⤵
- Executes dropped EXE
PID:1664

C:\Windows\SysWOW64\net.exe
"C:\Windows\System32\net.exe" start wscsvc
4⤵
PID:3432

C:\Windows\SysWOW64\net1.exe
C:\Windows\system32\net1 start wscsvc
5⤵
PID:508

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_41709.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_41709.txt""
4⤵
PID:784

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_41709.log"
5⤵
PID:4020

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_74019.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_74019.txt""
4⤵
PID:5048

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_74019.log"
5⤵
PID:2420

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-4.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_48892.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_48892.txt""
4⤵
PID:3956

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-4.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_48892.log"
5⤵
PID:1084

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-5.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_62487.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_62487.txt""
4⤵
PID:1852

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-5.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_62487.log"
5⤵
PID:4200

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_62981.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_62981.txt""
4⤵
PID:2484

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_62981.log"
5⤵
PID:2608

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-6.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_96347.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_96347.txt""
4⤵
PID:3208

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-6.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_96347.log"
5⤵
PID:1480

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-CONFIGURATOR-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_34519.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_34519.txt""
4⤵
PID:2672

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-CONFIGURATOR-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_34519.log"
5⤵
PID:4820

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-CONFIGURATOR-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_3068.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_3068.txt""
4⤵
PID:1508

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-CONFIGURATOR-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_3068.log"
5⤵
PID:3276

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-CONFIGURATOR-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_36122.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_36122.txt""
4⤵
PID:868

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-CONFIGURATOR-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_36122.log"
5⤵
PID:4832

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_50643.log"
5⤵
PID:2084

C:\Windows\SysWOW64\rundll32.exe
rundll32 kernel32,Sleep
4⤵
PID:2752

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/soft/Chrone.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_71598.txt""
4⤵
PID:3956

C:\Program Files (x86)\DriverPack\tools\aria2c.exe
"tools\aria2c.exe" "http://dl.driverpack.io/soft/Chrone.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120
5⤵
PID:4804

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/soft/OperaXP.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_27461.txt""
4⤵
PID:2608

C:\Program Files (x86)\DriverPack\tools\aria2c.exe
"tools\aria2c.exe" "http://dl.driverpack.io/soft/OperaXP.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120
5⤵
PID:3160

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/soft/DirectX.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_98822.txt""
4⤵
PID:3988

C:\Program Files (x86)\DriverPack\tools\aria2c.exe
"tools\aria2c.exe" "http://dl.driverpack.io/soft/DirectX.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120
5⤵
PID:3340

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/soft/SearcherBar.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_44644.txt""
4⤵
PID:668

C:\Program Files (x86)\DriverPack\tools\aria2c.exe
"tools\aria2c.exe" "http://dl.driverpack.io/soft/SearcherBar.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120
5⤵
PID:4880

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/tools/DriverPack-Alice.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_1970.txt""
4⤵
PID:4300

C:\Program Files (x86)\DriverPack\tools\aria2c.exe
"tools\aria2c.exe" "http://dl.driverpack.io/tools/DriverPack-Alice.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120
5⤵
PID:3560

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-SETTINGS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_46288.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_46288.txt""
4⤵
PID:2528

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-SETTINGS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_46288.log"
5⤵
PID:3480

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_13369.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_13369.txt""
4⤵
PID:3416

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_13369.log"
5⤵
PID:5116

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_84761.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_84761.txt""
4⤵
PID:1648

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_84761.log"
5⤵
PID:3604

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_30995.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_30995.txt""
4⤵
PID:4792

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_30995.log"
5⤵
PID:2852

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_19038.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_19038.txt""
4⤵
PID:2216

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_19038.log"
5⤵
PID:2720

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_37094.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_37094.txt""
4⤵
PID:4780

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_29591.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_29591.txt""
4⤵
PID:1728

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_60579.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_60579.txt""
4⤵
PID:2072

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_77595.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_77595.txt""
4⤵
PID:4960

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_50643.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_50643.txt""
4⤵
PID:868

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/COMPILATION-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_93738.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_93738.txt""
4⤵
PID:3480

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/COMPILATION-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_93738.log"
5⤵
PID:3084

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/COMPILATION-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_87042.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_87042.txt""
4⤵
PID:1580

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/COMPILATION-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_87042.log"
5⤵
PID:3984

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/COMPILATION-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_76001.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_76001.txt""
4⤵
PID:3584

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x408 0x3f4
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4784

C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
1⤵
- Executes dropped EXE
PID:4596

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_37094.log"
1⤵
PID:796

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_29591.log"
1⤵
PID:2996

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_77595.log"
1⤵
PID:4988

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_60579.log"
1⤵
PID:1084

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/COMPILATION-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_76001.log"
1⤵
PID:2696

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/SERVICE_MODE-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_33294.log"
1⤵
PID:376

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/SERVICE_MODE-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_35498.log"
1⤵
PID:3976

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Security Software Discovery

T1063

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\DriverPack\DriverPackSolution.html
Filesize
4KB

MD5
203ac1542d8e93edbbc80f7b59db5c44

SHA1
ba66db0e746bc550ea860f4023c3cb5c72140ba5

SHA256
8892e63141854bcf4bb1452abef68dd2c348c59322d697ef11a7ab7c5e3c4aea

SHA512
53cb5ad72c66e62d9285c318b606a9819053de729fa18ea72e80a7f09b333cc7868b455048660397086fa80a13ca745e42a6dc22df63d059076befca178a8a95

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\config.js
Filesize
3KB

MD5
31009d2efb710925bf7f308af59c629b

SHA1
5215c77b1719d0974dc529b523b758ef85dbebd4

SHA256
18f86ef3fad86c97d56274e5577b178a77f40587a80451a971013248e37190a6

SHA512
44129d626970c101df41a0bc94ff6120a1034077628da968d9c772fa6125d1f11478480cec7086dfd1625c8fc07820202a711a5598ea131b7742b31211a3f394

Download Submit
C:\Program Files (x86)\DriverPack\css\custom-control.css
Filesize
10KB

MD5
f7f8703ada2176dc144343a2c2acb1cd

SHA1
091334a48056a8baafff0cd672232de1c1f6c838

SHA256
7d7853e95258a7a3f8eaf41795f7124e7d2dacdeb5f1efe212b3ff7ed0da9e50

SHA512
27d46472c06103e0bdd9d40149804c16f469305752c3a6d8473c2f2ab22b2c8fa5d65d61dda7c617a3f12d8526b56a10320b8683f31d210ac2185fd0daed8e97

Download Submit
C:\Program Files (x86)\DriverPack\css\fonts\DRPicons\DRPicons-webfont.eot
Filesize
7KB

MD5
d85a00ccb58d531afd9ad80a067fbf0e

SHA1
0a3c0cfea5b9c0fdd5f17a1df49cb1512316330d

SHA256
0a04d85875091cc334f63b90c8ccfa0838f20023945d949296363369066870e3

SHA512
bce1796d0c71291cb779e2e99399a213b030663d5968330932b4a059ba48f3679e2df9e9c84201efb090a44b499bc5f46d174ad40b4b1d3afb5df5d2f3299261

Download Submit
C:\Program Files (x86)\DriverPack\css\fonts\Open-Sans\opensans-regular-webfont.eot
Filesize
40KB

MD5
88a9c629f26f8563a72eac95cb0744bc

SHA1
484bca13532678133dc14a668c580be2c1346526

SHA256
3ae576bfa96d7cf6614c8c97290c7abe03191a8ceb0c837a21e7ffe70d66ca62

SHA512
b4cdaa3a5a46ef368e9138c9874aa1173b466bc660d5bbbd13fc3f10f509cda9af151a2667ecd079935d60992b1436f6d5843ced5a063769e19e67f84c402af9

Download Submit
C:\Program Files (x86)\DriverPack\css\fonts\ProximaNova\ProximaNova-Bold.eot
Filesize
141KB

MD5
be0e58130a84b19c8523345478a0bd3f

SHA1
35dfea056f715d8191f2647e56c214afaf819eec

SHA256
1c3a470bf710204b1dbd65679b914af4b94e7f018b1f7df3d61ff863d6f335d9

SHA512
c0ca4a33842d69fad8f1795864c9b592d2cedd62b14efeb46676823460ea50693ccc884891d16f4ba1ffdd5e0a80f9d06fd6e65fe184f3ea283ff441e7b874c6

Download Submit
C:\Program Files (x86)\DriverPack\css\fonts\ProximaNova\ProximaNova-Bold.woff
Filesize
57KB

MD5
a3932b53cb250b684b63d1e04af5603e

SHA1
b06c657df6b320b915a17455848e66695a9fc68e

SHA256
2a8f208d9d8556ff58da8a420316de6d634a568a0eeb94c043430659fff7d338

SHA512
e8e68301dde147b7c79e21689066b7c9653a82f9898c2c76f4060af1a48c7f997f4797de5002e870e9ffba05efcb47f10cae5b8beadbe7909a85de4c04c54730

Download Submit
C:\Program Files (x86)\DriverPack\css\fonts\ProximaNova\proxima_nova_light-webfont.eot
Filesize
61KB

MD5
ee9163c34f600221169f8ff531e97182

SHA1
57f0b2c837c94f2a0df47ee62b4639fd6426bfa0

SHA256
53f30a622db68cebe92dbd384cc292aef13ad7e3349a10a77c29326e10634c21

SHA512
d51e2a5f6df706eaa2c5ffa071a9a9c08e58a30b4af64a1ccbe81f8e9c38f20429df665cabaf295129490afc639b7e19c0fced428610a284a17899c3290904cb

Download Submit
C:\Program Files (x86)\DriverPack\css\fonts\ProximaNova\proxima_nova_semibold-webfont.eot
Filesize
65KB

MD5
044aa0b596161750cb58aca15c52cf38

SHA1
d40e645b34188a54d909fa40f7eddeefb8b9df03

SHA256
790579e11608136663d073bc6f99848c04b4dcd69216df7daf5be00df573a3fd

SHA512
1a3b3abc614a7ddf673e34a936de63809f8c18a86409364b2bbdeb608fbcd845095ba7cfb34a0826e2ac18cfc5ccd4d47d4bfa13fae3caba7fbc4470d36c8086

Download Submit
C:\Program Files (x86)\DriverPack\css\icons-checkbox.css
Filesize
444B

MD5
3be98220035017d9b818f3cc94f87587

SHA1
bc07f11d0a59f942ac942dba02214a7041ad6e3a

SHA256
cb134dcb95a407795c671a512c389894d3525fba3f6a2168fc5b9b7e875e78dc

SHA512
d2e7d57cb7b7e771c82c75a04fbfb86ebecbb409ecf2c5666aeaa99695474a7985e3367f6a5b3d4ac59f775f60fb084efa9bdda99ce3c077df2690a5f0a6b1d1

Download Submit
C:\Program Files (x86)\DriverPack\css\icons.css
Filesize
509B

MD5
ebae852f3327fdaf3e2fc2bf1cdecb8f

SHA1
f9753fe176069974fc9bce49eae877745282e183

SHA256
b5f111103f7f090c246a223b1ff497b94c4dd3ac64bf5b3fb2d91555fcfd6f2c

SHA512
bf8e7c5db7a1eacd4344d5facfee1cd66e883389b53bc28e4e387cdb67ea40ee26266ba4282e50eb50a7bc3c810d9fdbb50792a46135761b2e8ce52ddc9e394a

Download Submit
C:\Program Files (x86)\DriverPack\css\normalize.min.css
Filesize
1KB

MD5
e8908cf9cb9504b285327d240187f53b

SHA1
20eadf1695eb38bcd92d1706de5335db61b96502

SHA256
86235e2c477078adfe1188d07ca1e5d8198443aaf2436de1785a169f3e1d5463

SHA512
9c828e8942d40da89f33d1db459a7fc12621660331bef307df8649e89758e76b044bf97a2cd36d656915e19a8b04f571cdb61d7cb6f926a3ba151ee67bbcdc4b

Download Submit
C:\Program Files (x86)\DriverPack\css\open-sans.css
Filesize
1KB

MD5
9ed298542b45ef98492e159f68e89f48

SHA1
c4521d9a5dff8a71804c40a909378e8eb5bd66c2

SHA256
b9bd51ae6ccc7df20417e0ef341295b86bf8f74f6e235ee99ddefd675806f47f

SHA512
1c7d5b378d6c627fbbef864035b157c3e7647b699a50d64f6ebf22faac38bf774e0c025bc8dd4ecc9bde7b377b729bc89bf6fbac4d2409240e2d03753cfe680e

Download Submit
C:\Program Files (x86)\DriverPack\css\proximanova.css
Filesize
2KB

MD5
487b553f5f73b30b8d565df02b4103cc

SHA1
6defcf202ce7a04f2bea8aaac8bb01ed44407fa5

SHA256
931071422410d73d9d7d3583745e476eac23c0cac5fbe344f8436499ee40ac46

SHA512
5a94da5d685f6e74f6576c179b8b65b719727163afebf24557b5f23718a8c034f5e2782ff33021c4d029abaa7cdf464ad0a49cce0602b31191b3b6b642bda9ce

Download Submit
C:\Program Files (x86)\DriverPack\css\roboto.css
Filesize
1001B

MD5
f5f5b5e4955262430e7b496247425d2d

SHA1
d4bea186a0d525ce3060e8dd7901311ae4a0735a

SHA256
2537efe2fb974f58cddbc99abfcd7aed6e9df81992eed3e528b5f1748167b8fa

SHA512
16a7ec3d95ed773a0a1ce2c2dc4430677106f0d1042e34cb39ed48f4a495f637ec3eefad05a4ebbddbea71a67e933fa0b56e6beef69700c6e3ac9cda9c17e7ca

Download Submit
C:\Program Files (x86)\DriverPack\css\style.css
Filesize
14KB

MD5
2f4fe7647aa460b8984556a25a74c234

SHA1
8fb2a5135e61a034ecdfef279e92078a7b463123

SHA256
3f8ec31a3c08de6c1aac117347b1b83f391bb0a91c9dbdc57ba9d11d5ba372d5

SHA512
bad4c1419e302f8e5a84c28fb0862dc56167a7353cc5420d8226883203fe03eca7ec8a9f554cfee560523e9ef292cc38200bce6015c80a428ce4c05222be3a58

Download Submit
C:\Program Files (x86)\DriverPack\drp.css
Filesize
190KB

MD5
5fdaf0fd106200153f8243ebb8bc6b18

SHA1
4b9524224954987a07fe1ce5f6f6e83becd5a20b

SHA256
439bfd8bf9f9176c1757ba277850525f0abec59bb3ef7cd8a974a5ad1d2b3004

SHA512
1db1cfcd7e8188594d5b136a479a29797ce1382c471bdd592f7f44f1026e5da845d231eeb09aa6b1b0d36ac2329b3277ee69c9e53049f2726df936a50b898228

Download Submit
C:\Program Files (x86)\DriverPack\drp.js
Filesize
3.7MB

MD5
0f62a60e249a6f77428cba73ee22780b

SHA1
5ce7ef0d538bce26d250d427d17cdedefcad1904

SHA256
06643527422e7f6e3fc094f2314488cb8758bff19f677499d27a4289eb15627e

SHA512
07b6cf625640a9765d28a386a16dc5f3ad7bc8d3baa9756b9869240c60d566bb3e273bdbdc547863bb86bfadf490bc04ae92739e9b59da2062eb05e51a2243ef

Download Submit
C:\Program Files (x86)\DriverPack\img\assistant-faces\start-screen\5.png
Filesize
75KB

MD5
40353d51881300e6cea13d94ae01b756

SHA1
5718f730dcb3349ad6d23972657962663fb38fc1

SHA256
ad615ef1f7016826d475fe90b4363cc149b060de2b9406b4c58cb4a4f1938bef

SHA512
8bc29ecdce2d5f558dd31a1e2424cd1ca94f72e36ea72a491cbcd46f52762f1f44106c749bcb41e6fecd87f9cba2bf6898dbc022a5c46f2ae15aafda3ac3c734

Download Submit
C:\Program Files (x86)\DriverPack\img\header\new-header-logo.png
Filesize
4KB

MD5
10eb51f76f3df7a82b05ed747e27c6a7

SHA1
157e45f82ba308431cecede2d753d775b54e83c8

SHA256
98856383428042c14739159f4a62168e9394f774bf2b696d62f46d70fc2ba175

SHA512
c497fad9597c699a7c6355a5aee999d8e240b1bcfbc39031f0c8b50bdb53f30f7fd43451ba3ea6b99e3fc414bfdd5dae11a499cc9585322b039e6ef87bc31917

Download Submit
C:\Program Files (x86)\DriverPack\img\new-ui-assistant\arrow-recommend.png
Filesize
1KB

MD5
a2b5d78a49f66313a203f666faa64393

SHA1
99c22fd6116d69cd2d21aba072f050b5d8f51006

SHA256
fd42158b4e01b5c86360c9450e9e3db5e399e0eadb28e5420ac69f7da1dc0fc5

SHA512
03a7abce1b4c2bf82f40ba9af1f25022bc20aaddd745b08fada7ac01dffaab05697880f080d38b4672905aad2d0bed319a83e13c3d247b3900673e76fab8cadc

Download Submit
C:\Program Files (x86)\DriverPack\img\new-ui-assistant\icon-footer-splite.png
Filesize
4KB

MD5
9d355f967c8a9312dc7453f97af3d393

SHA1
28dec943e5cbbb56f9676e9f420b0b7742bc861a

SHA256
5e45160ca10f9237661f7c76880f1fed2dc5d2e147061daeeac7080df1502774

SHA512
d42b873275465473ef4539b83a7f9b6807a9dae24a35b47ab47840733e00ca7ff4ebe7cfbc297162bd8d78c2b7a63fd4dea01f05e076d7b6637517ed49060696

Download Submit
C:\Program Files (x86)\DriverPack\img\screens\arrow-top.png
Filesize
2KB

MD5
c88c78c9dcf11880a801e44e705f9708

SHA1
7b98255e87f81c3a655d375f112c188d9bd241a7

SHA256
4f2785a950320440acd22fcc0274944b971d5975de008f69bf81d19d44842925

SHA512
ea1fd00c23c7abdcdcecfce5d93b1946763043bc18cb17846ab3ecb607f19a7ede63ca5308cae6e2395053b223a4e438111cb6170264cc42c817130bd178ff4e

Download Submit
C:\Program Files (x86)\DriverPack\img\screens\new-ui-logo2021.png
Filesize
5KB

MD5
ed623a69120325b464bc149ba5829465

SHA1
17ba0cbe9a7297824d8792becae98d8853c56af6

SHA256
a11af07103005c27c0a5f721d99482e4700c21c85afcbc8e44e4e785af5fa902

SHA512
fc18cde812cd2ac9e8f835971f4226092213737220e70e095bc5186042c061bf335501b098966c34a8c55610afea626061856740532166ea26c71c018b6059e7

Download Submit
C:\Program Files (x86)\DriverPack\languages\en.js
Filesize
86KB

MD5
7507c4174ced52a6c0e1b2bb12ce9f3e

SHA1
6bad4ef261e7b7ab1a02d46341bd1f8a922987da

SHA256
a3df7c1b150504fb96555d8d7f7b9c4129a3225ba241da983d56a9c7a1404aec

SHA512
d13d045bd66bbf104ec533903e4b7bb76dd56f6a1c8346787f419bf1cd0eafc082e757e0c244024d778755c4ab4468da455f2f92fad7f5fdb7a0135c9c6e26cf

Download Submit
C:\Program Files (x86)\DriverPack\run.hta
Filesize
2KB

MD5
6bcab16cd99663b1093d10f827ca0323

SHA1
47b2d7f33da12d88095379fc8ea5bb7114ce75e9

SHA256
02bd627d6825599ed039f053fecbe7f15000b5d5071e9b6baab488befa4f02dd

SHA512
67c23c1f3e8023001336ff7fc9c9052220f2ab67df280ef269b0239d67dfc67e6783dda44dec747ba6689c239d7efdb55262d098868e43ab70a055429349210e

Download Submit
C:\Program Files (x86)\DriverPack\start.bat
Filesize
90B

MD5
f66f13d4770eb90e6d81222fe3525a3f

SHA1
f21bc06a179c108d13c783600b98ea0641076127

SHA256
88ebe6fc9f45e734243dd674a3cdd9222be692bde089d0bc06726dd32156b892

SHA512
3f321a339dee086f474d5ac9e8b247805d070b6c0ab5f9d85c5f1075021a3eb7ae23ab2b577000adc30ad32e66a1e291993f435f8539bb0032a1aca038e1f1b2

Download Submit
C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsaAEF4.tmp\InstallOptions.dll
Filesize
15KB

MD5
ece25721125d55aa26cdfe019c871476

SHA1
b87685ae482553823bf95e73e790de48dc0c11ba

SHA256
c7fef6457989d97fecc0616a69947927da9d8c493f7905dc8475c748f044f3cf

SHA512
4e384735d03c943f5eb3396bb3a9cb42c9d8a5479fe2871de5b8bc18db4bbd6e2c5f8fd71b6840512a7249e12a1c63e0e760417e4baa3dc30f51375588410480

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsaAEF4.tmp\InstallOptions.dll
Filesize
15KB

MD5
ece25721125d55aa26cdfe019c871476

SHA1
b87685ae482553823bf95e73e790de48dc0c11ba

SHA256
c7fef6457989d97fecc0616a69947927da9d8c493f7905dc8475c748f044f3cf

SHA512
4e384735d03c943f5eb3396bb3a9cb42c9d8a5479fe2871de5b8bc18db4bbd6e2c5f8fd71b6840512a7249e12a1c63e0e760417e4baa3dc30f51375588410480

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsaAEF4.tmp\System.dll
Filesize
12KB

MD5
cff85c549d536f651d4fb8387f1976f2

SHA1
d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

SHA256
8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

SHA512
531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_17398.txt
Filesize
9B

MD5
02466847c63e90c5041b8dd7990dce27

SHA1
fdcf71f16e2efcb8815730b4cca5f580b185cf5c

SHA256
195418a93d769a17558aa804568eff487979e62d0731aa8c63d8d0ffc1723321

SHA512
86b11957db369afa71831c72848b897aafd155887467a377484d0346dcaeaac88476cad2331e34a24e7f8ac3a07335dd1e639ae27bfa0d4491dcc6a48a7e6ff3

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_94875.txt
Filesize
9B

MD5
47a22a7a342fd09177c62fcb8054933c

SHA1
d2b7928a34eedb04acc61c3a0e01d3138295e855

SHA256
51e6af14fa1e9032300dbf76a85cb8561e523e89c363cec09cdc2128801a191d

SHA512
b9ab174618fe617b061e27c8f0d4b7960271952a67245c2ad6155e93e0c08cab696191fbc7069c89f05ff545318f930cbd0dd7dc41b9cca0e7356143d3b47d98

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_19879.log
Filesize
667B

MD5
27339b90a93080b799c1168b77a5a409

SHA1
8066d2b8d7686ba6c6e2386d0bc9cc1b33c01643

SHA256
05d5bff16a1aff4519c33fec7dd8b5c16221b2c297b320c2123eedf3b98a3500

SHA512
1c28a7059c036b28fb61a22381857f9b4a30ef05880fc1ffee13c26be2be22ca24326be64c89d99c66a8a39432dc8b0bbdac01f68654b8119be70da59863ef62

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_20183.log
Filesize
670B

MD5
1cdbb4d8a244c4cb64535bbfbdb4b009

SHA1
5c85b30dc30f84c818ab33ca7f4e191a6f3170f5

SHA256
66b2f146a82c88dfc0827c193f97567edfdee7111194c71cddbc7cd5bb98b1ea

SHA512
9853e4c7336e5a495ac2e678ef95135bbaebb99eabcfe3ae7d2252da468a50a25af91b245fa901c8def43a1d34d71324ad2aa9c3978a36510689f736d5dfbba2

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_20987.log
Filesize
665B

MD5
0c17c57573c08c8bbc0c51db5c7a8584

SHA1
6d7222b2510194ad6dfc2a3610815e559c87ff9b

SHA256
5065d0f00aabcff160afeeea3f68547130bb6a6863ded4fc959e93d2138f2a60

SHA512
8d611de4359f0afd441c2a72d532b091f832e8b9058ee42d5dadc398b312cb75d94c7bca32dae2c72e5476ab44be518eb68e410509b47474880adb777fa12817

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_29629.log
Filesize
744B

MD5
8e8c9f4a17cb9a60a9b05cd35ce667b5

SHA1
540ccc579c7941b1d501d2c88a70df4df708df86

SHA256
c4637ddbd896e277e3d2d288590e2878561343bf770edbd276ac43d40bc7aaf0

SHA512
b5e99cb51aa56e3f24c1ca5ed6baf9f1ac4ed9388563a28a8bef51ace2b08278c8059a9207743caa105e7c6d954e52e98d54b55dd5c056510dc24ed1b8fe6ca0

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_30343.log
Filesize
679B

MD5
1d6bb9a6fea515dcbf0b3a11efd37971

SHA1
e988e06058ee96ea995acce18d80c66edf0ed5ee

SHA256
02c95746e99d4881e723cde52f6591d1cfe770c2803046deab3c8bcd600cb395

SHA512
f964187f98e5e676c0d31c2acb64a2b77202a41894af4abc5473663a7d6585858605056eb8a87b3849b7bb664a0ec42301a5c2654d1317a9d00e5a377d8133fb

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_33473.log
Filesize
674B

MD5
c79ccc664dbd5921ca650e1968afaf84

SHA1
6ae0bbb09c50e39afc162477c0135122ab8b3aa7

SHA256
c6e334f961fd6b8653a168fea96b340af5cc3a15f8100a0fa7af508f5d1b1077

SHA512
ba65c3a2ebea91e6c9c7e67c207d3aa3581f62a5d67e13e3e90c7fdde10cb47e8c3b8d221e5eb60d7572fafa4a5d96c2f23fb7b21c238d4c5d15dc206f06986f

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_35565.log
Filesize
680B

MD5
7cbf88fd824fb1de30b88bcaacab1aca

SHA1
08d22f9db291aa992efba559e7e6971010308b01

SHA256
46a53d22b47ae1f3b9b80e410ae06f34e87036cbbbe6513cae7fe84300109da4

SHA512
e5af853193413c39c9110084e7d5be7f3f9f1f63a460fc9bd68e8f8f6498cb21835eca17c2beb7cd5579121d830ae227e72acd6c80918b695f18ec7ca9fa0175

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_35609.log
Filesize
676B

MD5
0f7cd7c778e6e26370da148775123260

SHA1
53c9e28d12ae0b760adedadf234040f0a585b37b

SHA256
2d88e9a87cad0fd94cf046f704812f297eec8a75df4deb206dc4f94960c59019

SHA512
8bf6712aefda3072226731d0bfb4a5dde333594975d8c1a059fd5962df81f38f1d336fb73701eb6147d2e0da84f675f59d2699377120de625fc2a8c91718babf

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_48533.log
Filesize
668B

MD5
3f1a5953479fbe0d3155f6ba2747a5dc

SHA1
e30bb9b981d6c03a2dcb5bf831b6301a2ca7484a

SHA256
322dbaa88003abd9d263dd1e1c628e969a7809d72c3ac87c9eb82a9ee9c6ece4

SHA512
2afe94195c982127c521be1e124fa3e1f453abdf85840a1a082bd673f78c343d05fb5b036cba0f53872fe022afacbe245d2bf718ea0c7551869bf4300fc90e44

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_56751.log
Filesize
679B

MD5
423f2d71fb23a5ec0722ae45b9e23eb7

SHA1
fcce3d21ca0a060fdbbe6781908f743bdcab33ad

SHA256
af77600f36cdea03753a23c1ab0555f8823bcba2b30a02991568593b9c0a5246

SHA512
c6c4a76abf5a588db8d4c56692eaa4c19380b3ccbfcdae8ce59daa58d35cbe79d11c4a6e54c2279e7918a8bcb07c6a094d5a166bd7f8f7f69450ef79e32dcd98

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_57028.log
Filesize
665B

MD5
1f95d76d830ad2a0d134bbfcf617ea06

SHA1
bf15a55944d059dd874ef627239202d644bf8831

SHA256
ce18208a466c757c587dd69b05e24fc4ef3fcc174205b51c3fe1766cd51913a8

SHA512
ca86c7c6ae361d2e98c14178be42ffa135434a90d0fe7888441b7e6f2a97aaa412a004f57a7d6b5af04911505fbf311771f456661fe7d3b40d9ff2e82a69224a

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_67156.log
Filesize
662B

MD5
1eb0b9a9b05f2ebf2f3693c2e26b98d1

SHA1
771cf80857eedcac63bc33f3ac3765e2933cba0e

SHA256
20384937663adbdbf15d5bde56e7568991d7975bf3b9c38fe297dc9db2c73e9c

SHA512
e87f375886405500e4b117cc4096c7a48ccd86580d6c6bc015fc9efd38f9caa029c728e19fe4d117b4f626bbb8f11adaf6201ab926b5939a750d0e8fbedfdb98

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_80914.log
Filesize
646B

MD5
b7063af1e00c747012afb0d480ff8f47

SHA1
a187286184322852009de070d4efc48e9ff8fe6c

SHA256
68fd2ffb46d33ba13a4a962d4213c7f0d6152ba774574436fcb29c0d92c298b6

SHA512
94a91354450daf3ce7542a1c9f1b864041fc03c1e0a666a47ec70b92ab3c899c0315a1570e0ff34b44c69765b28658b544f2ddacbc34f5d78d034d281d1a48a0

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_83039.log
Filesize
667B

MD5
78b5287efb63d27d2adb82fed82c7894

SHA1
38bc71323c2f071adfb8fa0dbe785be96960c0a0

SHA256
9c88726bf36e11c77ea29ad9810e09e1ac59ae079a88fa18ffe96a0c52b9fe90

SHA512
a9dece235aa8932b610e09fefe8624a672c252db939504cacf75ccaeda16c7af3f8347a28c2d6c7ad93a488927336b3a3a357b8c4392e78154c103efeb91a739

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_88473.log
Filesize
664B

MD5
181de571567c439d726dd7b2bfbd4760

SHA1
409658e54a1befd954117bd0e7c95d9641d695fb

SHA256
4ca4616a163a05d7e3e5871a02d8e460cbf56cf0f1271b1dd81a2d2097213f42

SHA512
a37deecda48f536d453590f2d858c81ab212cbc7715a13b3e4fa2f1f27a5fc4743ded7a86bf46111b4b30d4a6ee674dcea138cc816792b090cdd8173a9d1b051

Download Submit
memory/8-248-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-309-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-304-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-200-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-302-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-199-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-301-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-300-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-321-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-276-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-308-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-226-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-136-0x0000000000000000-mapping.dmp

Download
memory/8-320-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-315-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-314-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-187-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-316-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/8-264-0x0000000010180000-0x0000000010190000-memory.dmp

Filesize
64KB

Download
memory/508-289-0x0000000000000000-mapping.dmp

Download
memory/612-177-0x0000000000000000-mapping.dmp

Download
memory/612-184-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/784-290-0x0000000000000000-mapping.dmp

Download
memory/784-206-0x0000000000000000-mapping.dmp

Download
memory/784-219-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/784-260-0x0000000000000000-mapping.dmp

Download
memory/796-319-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/820-195-0x0000000000000000-mapping.dmp

Download
memory/1084-295-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/1124-196-0x0000000000000000-mapping.dmp

Download
memory/1292-171-0x0000000000000000-mapping.dmp

Download
memory/1468-258-0x0000000000000000-mapping.dmp

Download
memory/1480-303-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/1648-279-0x0000000000000000-mapping.dmp

Download
memory/1664-283-0x0000000000000000-mapping.dmp

Download
memory/1664-287-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/1676-225-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/1676-217-0x0000000000000000-mapping.dmp

Download
memory/1768-172-0x0000000000000000-mapping.dmp

Download
memory/1852-294-0x0000000000000000-mapping.dmp

Download
memory/1852-224-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/1852-214-0x0000000000000000-mapping.dmp

Download
memory/2084-216-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/2084-203-0x0000000000000000-mapping.dmp

Download
memory/2116-281-0x0000000000000000-mapping.dmp

Download
memory/2152-212-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/2152-202-0x0000000000000000-mapping.dmp

Download
memory/2180-192-0x0000000000000000-mapping.dmp

Download
memory/2264-201-0x0000000000000000-mapping.dmp

Download
memory/2420-298-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/2420-164-0x0000000000000000-mapping.dmp

Download
memory/2452-277-0x0000000000000000-mapping.dmp

Download
memory/2464-162-0x0000000000000000-mapping.dmp

Download
memory/2484-223-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/2484-213-0x0000000000000000-mapping.dmp

Download
memory/2484-292-0x0000000000000000-mapping.dmp

Download
memory/2528-193-0x0000000000000000-mapping.dmp

Download
memory/2608-297-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/2720-317-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/2852-313-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/2996-318-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/3060-278-0x0000000000000000-mapping.dmp

Download
memory/3100-186-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/3100-179-0x0000000000000000-mapping.dmp

Download
memory/3156-267-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/3156-263-0x0000000000000000-mapping.dmp

Download
memory/3156-269-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/3276-306-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/3400-259-0x0000000000000000-mapping.dmp

Download
memory/3432-163-0x0000000000000000-mapping.dmp

Download
memory/3432-288-0x0000000000000000-mapping.dmp

Download
memory/3480-170-0x0000000000000000-mapping.dmp

Download
memory/3480-310-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/3528-133-0x0000000000000000-mapping.dmp

Download
memory/3592-251-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/3592-254-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/3592-243-0x0000000000000000-mapping.dmp

Download
memory/3604-312-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/3608-237-0x0000000000000000-mapping.dmp

Download
memory/3700-284-0x0000000000000000-mapping.dmp

Download
memory/3700-285-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/3940-197-0x0000000000000000-mapping.dmp

Download
memory/3956-293-0x0000000000000000-mapping.dmp

Download
memory/3960-271-0x0000000000000000-mapping.dmp

Download
memory/3960-198-0x0000000000000000-mapping.dmp

Download
memory/3964-166-0x0000000000000000-mapping.dmp

Download
memory/4016-194-0x0000000000000000-mapping.dmp

Download
memory/4016-270-0x0000000000000000-mapping.dmp

Download
memory/4020-296-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4044-266-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4044-262-0x0000000000000000-mapping.dmp

Download
memory/4052-236-0x0000000000000000-mapping.dmp

Download
memory/4100-176-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4100-173-0x0000000000000000-mapping.dmp

Download
memory/4100-183-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4108-180-0x0000000000000000-mapping.dmp

Download
memory/4108-185-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4200-299-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4300-274-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4300-272-0x0000000000000000-mapping.dmp

Download
memory/4384-282-0x0000000000000000-mapping.dmp

Download
memory/4384-286-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4420-261-0x0000000000000000-mapping.dmp

Download
memory/4420-268-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4420-265-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4524-239-0x0000000000000000-mapping.dmp

Download
memory/4524-247-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4596-253-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4596-250-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4596-241-0x0000000000000000-mapping.dmp

Download
memory/4600-238-0x0000000000000000-mapping.dmp

Download
memory/4792-280-0x0000000000000000-mapping.dmp

Download
memory/4820-305-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4832-307-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4880-249-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4880-252-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4880-242-0x0000000000000000-mapping.dmp

Download
memory/4920-275-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4920-273-0x0000000000000000-mapping.dmp

Download
memory/4932-221-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4932-208-0x0000000000000000-mapping.dmp

Download
memory/4988-235-0x0000000000000000-mapping.dmp

Download
memory/4988-169-0x0000000000000000-mapping.dmp

Download
memory/5012-210-0x0000000000000000-mapping.dmp

Download
memory/5012-222-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/5032-167-0x0000000000000000-mapping.dmp

Download
memory/5048-291-0x0000000000000000-mapping.dmp

Download
memory/5116-311-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download