d45a0055ec3bc02e7eb412d7c1b0aba124966a827db66f7bdbc6ac035d8bbf33

Analysis

max time kernel
33s
max time network
65s
platform
windows10-2004_x64
resource
win10v2004-20230221-es
resource tags

arch:x64arch:x86image:win10v2004-20230221-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
28-03-2023 17:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
Size

8.4MB
MD5

33392cd0b796d29536f5f7395ce848bd
SHA1

2f7b3514f6c5bfac7ef8a191827566117da3fc64
SHA256

d45a0055ec3bc02e7eb412d7c1b0aba124966a827db66f7bdbc6ac035d8bbf33
SHA512

b3a997bc43a1a2c199445bf12be0843def35f08c4dd4a512f2bf80b8f523c679ec976a9d34cd8a8309a5d021b7551e99ddedbc1bdc8c4739882914b5f964dcaa
SSDEEP

196608:fLpq7HUPSNCk6cpYiBQhHJ9umZV7/l0J7mnN62AAERvtpe:fLUEQscpYiGdJtVyJ7mN62AAye

Score

8^/10

discovery evasion upx

Malware Config

Signatures

Blocklisted process makes network request 26 IoCs

Processes:

mshta.exe

flow	pid	process
27	2900	mshta.exe
28	2900	mshta.exe
30	2900	mshta.exe
34	2900	mshta.exe
36	2900	mshta.exe
38	2900	mshta.exe
41	2900	mshta.exe
42	2900	mshta.exe
43	2900	mshta.exe
45	2900	mshta.exe
52	2900	mshta.exe
53	2900	mshta.exe
55	2900	mshta.exe
56	2900	mshta.exe
57	2900	mshta.exe
58	2900	mshta.exe
61	2900	mshta.exe
68	2900	mshta.exe
69	2900	mshta.exe
71	2900	mshta.exe
72	2900	mshta.exe
73	2900	mshta.exe
74	2900	mshta.exe
75	2900	mshta.exe
76	2900	mshta.exe
79	2900	mshta.exe

Downloads MZ/PE file
Modifies Windows Firewall 1 TTPs 2 IoCs
evasion

Modify Existing Service
T1031

Processes:

netsh.exenetsh.exe

pid process

4624 netsh.exe
4544 netsh.exe

pid	process
4624	netsh.exe
4544	netsh.exe

Checks computer location settings 2 TTPs 2 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

Processes:

cmd.exemshta.exe

description	ioc	process
Key value queried	\REGISTRY\USER\S-1-5-21-2805025096-2326403612-4231045514-1000\Control Panel\International\Geo\Nation	cmd.exe
Key value queried	\REGISTRY\USER\S-1-5-21-2805025096-2326403612-4231045514-1000\Control Panel\International\Geo\Nation	mshta.exe

Executes dropped EXE 12 IoCs

Processes:

driverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exewmiprvse.exe

pid	process
3824	driverpack-wget.exe
1784	driverpack-wget.exe
4640	driverpack-wget.exe
2016	driverpack-wget.exe
2452	driverpack-wget.exe
1780	driverpack-wget.exe
3924	driverpack-wget.exe
4316	driverpack-wget.exe
5068	driverpack-wget.exe
4308	driverpack-wget.exe
2908	driverpack-wget.exe
3588	wmiprvse.exe

Loads dropped DLL 3 IoCs

Processes:

DriverPack-17-Online_undefined__p4apjlazy2p0170.exe

pid	process
4024	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
4024	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
4024	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe

UPX packed file 45 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
behavioral1/memory/1784-901-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/4640-912-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/2016-916-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/3824-915-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/4640-914-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/2016-913-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/3824-902-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
behavioral1/memory/4316-980-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/3588-1009-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/2908-1007-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/4308-1006-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/5068-1004-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/1780-1003-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/3924-989-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/2452-988-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe	upx
behavioral1/memory/4316-1043-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/876-1044-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/1272-1045-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/404-1047-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/876-1058-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/4316-1064-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/1272-1060-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/404-1059-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/4768-1103-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/4732-1104-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/3836-1106-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/876-1135-0x0000000000400000-0x00000000004EF000-memory.dmp	upx
behavioral1/memory/404-1143-0x0000000000400000-0x00000000004EF000-memory.dmp	upx

Checks for any installed AV software in registry 1 TTPs 1 IoCs

Security Software Discovery
T1063

Processes:

mshta.exe

description ioc process

Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast mshta.exe
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

description	ioc	process
Key opened	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast	mshta.exe

Drops file in Program Files directory 64 IoCs

Processes:

DriverPack-17-Online_undefined__p4apjlazy2p0170.exedriverpack-wget.exedriverpack-wget.exedriverpack-wget.exe

description	ioc	process
File created	C:\Program Files (x86)\DriverPack\img\programs\installed-programs_info-success.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\programs\star-empty-protect.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\Tools\load8.gif	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\css\lte-ie9.css	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\games\games-top-hitman.jpg	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\drivers\restore_point.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\soft\Internet.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\statuses\done.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\languages\om.js	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\med_logo_dark.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\charms\info.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\banner_catalog-bg-ru.jpg	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\controls\info_normal.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\new-ui-assistant\icon-footer-splite.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\server_err_no_internet\browser.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\Tools\patch.reg	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\css\fonts\ProximaNova\proxima_nova_semibold-webfont.woff	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\med_logo.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\burger\auto_installation.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\onboarding-new\second-browser-firefox.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\programs\[email protected]	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\banner_protect-bg-de.jpg	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\controls\close_hover.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\programs\btn-icon.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\audio\en\START-INITIAL-1.mp3	driverpack-wget.exe
File created	C:\Program Files (x86)\DriverPack\audio\en\intro.mp3	driverpack-wget.exe
File created	C:\Program Files (x86)\DriverPack\audio\en\START-SETUP-1.mp3	driverpack-wget.exe
File created	C:\Program Files (x86)\DriverPack\img\fake-installation\torrent.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\banner_protect-bg-ru.jpg	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\drivers\tvtuner.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\new-ui\popups\with-ads.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\onboarding-new\opera-mining.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\onboarding-new\opera-slow-connection.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\css\fonts\DRPicons\DRPicons-webfont.ttf	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\css\fonts\ProximaNova\proxima_nova_regular-webfont.woff	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\controls\play_hover.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\onboarding-new\second-browser-edge.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\languages\ur.js	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\css\fonts\ProximaNova\ProximaNova-Bold.ttf	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\charms\arrow.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\device-class\video.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\device-class\webcamera.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\soft\Backup.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\bugreport\BugReport_icon_skip.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\popup-button-arrow-right.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\soft\Player.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\onboarding\autostart.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\onboarding\blocked.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\onboarding-new\reliability.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\drivers\wifi.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\screens\expert_hover.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\languages\nl.js	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\css\fonts\DRPcheckbox\DRPcheckbox.woff	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\device-class\wifi.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\banner_bullit-active.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\onboarding-new\stories\about.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\languages\fil.js	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\cam.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\device-class\tvtuner.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\controls\more_normal.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\drivers\inputdev.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\languages\no.js	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\charms\reload-sm.png	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
File created	C:\Program Files (x86)\DriverPack\img\installation\banner_how-it-works-bg.jpg	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Modifies registry class 2 IoCs

Processes:

mshta.execmd.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2805025096-2326403612-4231045514-1000\{67B7F7CE-9296-407D-B38D-E9D929CB7035}	mshta.exe
Key created	\REGISTRY\USER\S-1-5-21-2805025096-2326403612-4231045514-1000_Classes\Local Settings	cmd.exe

Runs net.exe

Script User-Agent 4 IoCs

Uses user-agent string associated with script host/environment.

Processes:

description	flow	ioc
HTTP User-Agent header	79	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	118	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	119	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	123	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)

Suspicious use of AdjustPrivilegeToken 28 IoCs

Processes:

mshta.exeAUDIODG.EXE

description	pid	process
Token: SeShutdownPrivilege	2900	mshta.exe
Token: SeCreatePagefilePrivilege	2900	mshta.exe
Token: SeShutdownPrivilege	2900	mshta.exe
Token: SeCreatePagefilePrivilege	2900	mshta.exe
Token: SeShutdownPrivilege	2900	mshta.exe
Token: SeCreatePagefilePrivilege	2900	mshta.exe
Token: SeShutdownPrivilege	2900	mshta.exe
Token: SeCreatePagefilePrivilege	2900	mshta.exe
Token: 33	4252	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4252	AUDIODG.EXE
Token: 33	2900	mshta.exe
Token: SeIncBasePriorityPrivilege	2900	mshta.exe
Token: SeShutdownPrivilege	2900	mshta.exe
Token: SeCreatePagefilePrivilege	2900	mshta.exe
Token: SeShutdownPrivilege	2900	mshta.exe
Token: SeCreatePagefilePrivilege	2900	mshta.exe
Token: SeShutdownPrivilege	2900	mshta.exe
Token: SeCreatePagefilePrivilege	2900	mshta.exe
Token: SeShutdownPrivilege	2900	mshta.exe
Token: SeCreatePagefilePrivilege	2900	mshta.exe
Token: SeShutdownPrivilege	2900	mshta.exe
Token: SeCreatePagefilePrivilege	2900	mshta.exe
Token: SeShutdownPrivilege	2900	mshta.exe
Token: SeCreatePagefilePrivilege	2900	mshta.exe
Token: SeShutdownPrivilege	2900	mshta.exe
Token: SeCreatePagefilePrivilege	2900	mshta.exe
Token: SeShutdownPrivilege	2900	mshta.exe
Token: SeCreatePagefilePrivilege	2900	mshta.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

DriverPack-17-Online_undefined__p4apjlazy2p0170.execmd.exemshta.execmd.execmd.execmd.execmd.execmd.execmd.exenet.exe

description	pid	process	target process
PID 4024 wrote to memory of 368	4024	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe	cmd.exe
PID 4024 wrote to memory of 368	4024	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe	cmd.exe
PID 4024 wrote to memory of 368	4024	DriverPack-17-Online_undefined__p4apjlazy2p0170.exe	cmd.exe
PID 368 wrote to memory of 2900	368	cmd.exe	mshta.exe
PID 368 wrote to memory of 2900	368	cmd.exe	mshta.exe
PID 368 wrote to memory of 2900	368	cmd.exe	mshta.exe
PID 2900 wrote to memory of 940	2900	mshta.exe	rundll32.exe
PID 2900 wrote to memory of 940	2900	mshta.exe	rundll32.exe
PID 2900 wrote to memory of 940	2900	mshta.exe	rundll32.exe
PID 2900 wrote to memory of 3732	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 3732	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 3732	2900	mshta.exe	cmd.exe
PID 3732 wrote to memory of 4544	3732	cmd.exe	netsh.exe
PID 3732 wrote to memory of 4544	3732	cmd.exe	netsh.exe
PID 3732 wrote to memory of 4544	3732	cmd.exe	netsh.exe
PID 2900 wrote to memory of 4996	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 4996	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 4996	2900	mshta.exe	cmd.exe
PID 4996 wrote to memory of 4624	4996	cmd.exe	netsh.exe
PID 4996 wrote to memory of 4624	4996	cmd.exe	netsh.exe
PID 4996 wrote to memory of 4624	4996	cmd.exe	netsh.exe
PID 2900 wrote to memory of 4196	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 4196	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 4196	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 4984	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 4984	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 4984	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 4244	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 4244	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 4244	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 636	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 636	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 636	2900	mshta.exe	cmd.exe
PID 4196 wrote to memory of 3824	4196	cmd.exe	driverpack-wget.exe
PID 4196 wrote to memory of 3824	4196	cmd.exe	driverpack-wget.exe
PID 4196 wrote to memory of 3824	4196	cmd.exe	driverpack-wget.exe
PID 4984 wrote to memory of 1784	4984	cmd.exe	driverpack-wget.exe
PID 4984 wrote to memory of 1784	4984	cmd.exe	driverpack-wget.exe
PID 4984 wrote to memory of 1784	4984	cmd.exe	driverpack-wget.exe
PID 4244 wrote to memory of 4640	4244	cmd.exe	driverpack-wget.exe
PID 4244 wrote to memory of 4640	4244	cmd.exe	driverpack-wget.exe
PID 4244 wrote to memory of 4640	4244	cmd.exe	driverpack-wget.exe
PID 636 wrote to memory of 2016	636	cmd.exe	driverpack-wget.exe
PID 636 wrote to memory of 2016	636	cmd.exe	driverpack-wget.exe
PID 636 wrote to memory of 2016	636	cmd.exe	driverpack-wget.exe
PID 2900 wrote to memory of 2888	2900	mshta.exe	net.exe
PID 2900 wrote to memory of 2888	2900	mshta.exe	net.exe
PID 2900 wrote to memory of 2888	2900	mshta.exe	net.exe
PID 2888 wrote to memory of 4276	2888	net.exe	net1.exe
PID 2888 wrote to memory of 4276	2888	net.exe	net1.exe
PID 2888 wrote to memory of 4276	2888	net.exe	net1.exe
PID 2900 wrote to memory of 4908	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 4908	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 4908	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 4136	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 4136	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 4136	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 2696	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 2696	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 2696	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 3732	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 3732	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 3732	2900	mshta.exe	cmd.exe
PID 2900 wrote to memory of 3120	2900	mshta.exe	cmd.exe

C:\Users\Admin\AppData\Local\Temp\DriverPack-17-Online_undefined__p4apjlazy2p0170.exe
"C:\Users\Admin\AppData\Local\Temp\DriverPack-17-Online_undefined__p4apjlazy2p0170.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
PID:4024

C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Program Files (x86)\DriverPack\start.bat" "DriverPack-17-Online_undefined__p4apjlazy2p0170.exe""
2⤵
- Checks computer location settings
- Modifies registry class
- Suspicious use of WriteProcessMemory
PID:368

C:\Windows\SysWOW64\mshta.exe
"C:\Windows\SysWOW64\mshta.exe" "C:\Program Files (x86)\DriverPack\run.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} --sfx "DriverPack-17-Online_undefined__p4apjlazy2p0170.exe"
3⤵
- Blocklisted process makes network request
- Checks computer location settings
- Checks for any installed AV software in registry
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2900

C:\Windows\SysWOW64\rundll32.exe
rundll32 kernel32,Sleep
4⤵
PID:940

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c "netsh advfirewall firewall delete rule name="DriverPack aria2c.exe" || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_32619.txt""
4⤵
- Suspicious use of WriteProcessMemory
PID:3732

C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall delete rule name="DriverPack aria2c.exe"
5⤵
- Modifies Windows Firewall
PID:4544

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c "netsh advfirewall firewall add rule name="DriverPack aria2c.exe" dir=in action=allow program="C:\Program Files (x86)\DriverPack\tools\aria2c.exe" || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_18721.txt""
4⤵
- Suspicious use of WriteProcessMemory
PID:4996

C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall add rule name="DriverPack aria2c.exe" dir=in action=allow program="C:\Program Files (x86)\DriverPack\tools\aria2c.exe"
5⤵
- Modifies Windows Firewall
PID:4624

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/intro.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_85601.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_85601.txt""
4⤵
- Suspicious use of WriteProcessMemory
PID:4196

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/intro.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_85601.log"
5⤵
- Executes dropped EXE
- Drops file in Program Files directory
PID:3824

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/START-INITIAL-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_41267.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_41267.txt""
4⤵
- Suspicious use of WriteProcessMemory
PID:4984

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/START-INITIAL-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_41267.log"
5⤵
- Executes dropped EXE
- Drops file in Program Files directory
PID:1784

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/START-LOADED-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_12199.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_12199.txt""
4⤵
- Suspicious use of WriteProcessMemory
PID:4244

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/START-LOADED-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_12199.log"
5⤵
- Executes dropped EXE
PID:4640

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/START-SETUP-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_7612.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_7612.txt""
4⤵
- Suspicious use of WriteProcessMemory
PID:636

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/START-SETUP-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_7612.log"
5⤵
- Executes dropped EXE
- Drops file in Program Files directory
PID:2016

C:\Windows\SysWOW64\net.exe
"C:\Windows\System32\net.exe" start wscsvc
4⤵
- Suspicious use of WriteProcessMemory
PID:2888

C:\Windows\SysWOW64\net1.exe
C:\Windows\system32\net1 start wscsvc
5⤵
PID:4276

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_15857.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_15857.txt""
4⤵
PID:4908

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_15857.log"
5⤵
- Executes dropped EXE
PID:5068

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_23338.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_23338.txt""
4⤵
PID:4136

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_23338.log"
5⤵
PID:3588

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_96690.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_96690.txt""
4⤵
PID:3732

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_96690.log"
5⤵
- Executes dropped EXE
PID:2452

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_84398.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_84398.txt""
4⤵
PID:4560

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_84398.log"
5⤵
PID:4316

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_30303.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_30303.txt""
4⤵
PID:4204

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_30303.log"
5⤵
- Executes dropped EXE
PID:3924

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_20792.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_20792.txt""
4⤵
PID:5052

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_20792.log"
5⤵
- Executes dropped EXE
PID:2908

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_83894.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_83894.txt""
4⤵
PID:3120

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/TEAM-PROOF-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_83894.log"
5⤵
- Executes dropped EXE
PID:1780

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_66794.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_66794.txt""
4⤵
PID:2696

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_66794.log"
5⤵
- Executes dropped EXE
PID:4308

C:\Windows\SysWOW64\net.exe
"C:\Windows\System32\net.exe" start wscsvc
4⤵
PID:5112

C:\Windows\SysWOW64\net1.exe
C:\Windows\system32\net1 start wscsvc
5⤵
PID:1400

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_20303.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_20303.txt""
4⤵
PID:2392

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_20303.log"
5⤵
PID:1272

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_15370.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_15370.txt""
4⤵
PID:1432

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_15370.log"
5⤵
PID:876

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_1462.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_1462.txt""
4⤵
PID:1568

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/ANTIVIRUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_1462.log"
5⤵
- Executes dropped EXE
PID:4316

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_93466.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_93466.txt""
4⤵
PID:4616

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/CONTINUOUS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_93466.log"
5⤵
PID:404

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_11404.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_11404.txt""
4⤵
PID:2636

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_11404.log"
5⤵
PID:4732

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_83366.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_83366.txt""
4⤵
PID:4284

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_83366.log"
5⤵
PID:4768

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_37674.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_37674.txt""
4⤵
PID:4288

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_37674.log"
5⤵
PID:3836

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_97938.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_97938.txt""
4⤵
PID:2288

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_97938.log"
5⤵
PID:404

C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_92817.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_92817.txt""
4⤵
PID:3736

C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Program Files (x86)\DriverPack\audio\en" "http://dl.driverpack.io/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_92817.log"
5⤵
PID:876

C:\Windows\SysWOW64\rundll32.exe
rundll32 kernel32,Sleep
4⤵
PID:3024

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x360 0x474
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4252

C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
1⤵
- Executes dropped EXE
PID:3588

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Security Software Discovery

T1063

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\DriverPack\DriverPackSolution.html
Filesize
4KB

MD5
203ac1542d8e93edbbc80f7b59db5c44

SHA1
ba66db0e746bc550ea860f4023c3cb5c72140ba5

SHA256
8892e63141854bcf4bb1452abef68dd2c348c59322d697ef11a7ab7c5e3c4aea

SHA512
53cb5ad72c66e62d9285c318b606a9819053de729fa18ea72e80a7f09b333cc7868b455048660397086fa80a13ca745e42a6dc22df63d059076befca178a8a95

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\Tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\ANTIVIRUS-2.mp3
Filesize
23KB

MD5
b9d3ff97b96457be067dfc0b4bf06cf8

SHA1
ef1d8323a077aec206027af7616843708e898e9f

SHA256
c87feb5bd45ff4ffb897f53c22e3e2f5732ad49d124724248a06627162bc40ab

SHA512
c0e09060fb1c32d296abd0baebf741b5410ed3923da3b942f6e9d2510323cc223597fd0f7d4c7eb78116df0036d5f9d19115305db104eaa8671e3809672a80b2

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\ANTIVIRUS-3.mp3
Filesize
21KB

MD5
79f67c4b6d219574c7ce29e43d6f8256

SHA1
fdd8dc2e990632b8e76d1c40e4db54c7dcdaf781

SHA256
1d23cba7b365efc03cf981a61ad2faf55a93740e077e1ab6569a2ec2c58191fd

SHA512
17ae04ed13d0aebf2668a72f97b761a41fd7b221f7fdd3d01a83711498d18efe2ef452c95547ea6aed1b3937e48e4bcf2729a821b855d1f6c68e287a43ce5364

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\CONTINUOUS-1.mp3
Filesize
9KB

MD5
efa6f5d70c558614f18c17d54c155fe9

SHA1
5fcd5fe13f7e8dcb80c8f3f3febf6cdd00c67c9e

SHA256
571aed8d5306ecfa709dc894f6fe66176bc99380ee42694328b3da237fd6b989

SHA512
0e89ef7cb550ed7340b7e7fb612273938c5b0ce61edb8f4aca1782982067fbb51d099ae2fdf27782173ba0182f487c9fc6b11fe67b109f0c510ef8f2dc8f35cd

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\CONTINUOUS-2.mp3
Filesize
26KB

MD5
9dc08ae4415c783e8e6f7658423def22

SHA1
88a708d3e775dc03f72077217561c4ac12d4f801

SHA256
a3857040e7a5e315d3fbab41ddb232465fc2b57db4aaedef2f3b74c699f01a8a

SHA512
e83e84d6abff2571b97fce5883e37da3aec99c1bff7064a7ba8857da6c13ceed9ddbef26ab37e36f88b85c81e3979cd76f454aa3a22a41e52ec715c6546366cc

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\EXPERT-DRIVERS-1.mp3
Filesize
25KB

MD5
540072f31fd5aa996268425beac11da8

SHA1
2aee0efdd9ed72e969a1bfa8bc4c84656f972f80

SHA256
1f19a45b24a98014ab4821a1c80b1d2120f54e24cf2517b73f015141d6aa98ed

SHA512
477fa6616ce8a55f5e6e7d0e28eba3e821189a08edc11a238b1066a4ae0f4930c85c5684e2570110f30cd04f4db5ecc230c1088a511f46ac5b8fa2168e72ceb1

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\EXPERT-DRIVERS-2.mp3
Filesize
25KB

MD5
009af8af189f6446d8ac3552dc659623

SHA1
77878aa1bb829fcf950fcf0bacd0b5f89e44fbc4

SHA256
9f35f0dbff0fbd1362b8f221550bf9d63e5d30ee8487bb47c78edb1661a52b9b

SHA512
88fe7b3bf30ab34976d5f9ead3dce16861c19810bec70c32a7e651d75842390b0a024bd40ad070d0bf5665b4ef62795f03acaa8070aee2f79165797624bfc9fc

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\EXPERT-DRIVERS-3.mp3
Filesize
36KB

MD5
4314c886eb7bce481ec3209b96fad7f8

SHA1
e365140263b4903945d6b20926b3b1c66c8d6998

SHA256
540abfdf5e2894d09dded9dfffe2d1be207b484f32f8e0aa237aba52142eeb8a

SHA512
9f83709548764477e812157b86fbd0d958b189861b59e8b2f308f734be04f15f8b82938c178b4eda5ee23c12176791f3792ced856ab3f2fd4391513ee37eb706

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\EXPERT-PROGRAMS_CHECKBOX_USED-1.mp3
Filesize
42KB

MD5
c2f74bfffef77facd142047ec62053d1

SHA1
6705db85b4d1fb0154862d47112e0a300d5df401

SHA256
90b0c57398a3dc95f089121e0873719e3fce5978a66bc3f8468fdb375287d37a

SHA512
683339571a0cf5597087f5b779673ff65be19fa29c00b9a82638ead328ec790e4066ea32f32bedcf15e09febe738153b9c79a23173b00bdcfd06e563365bfe02

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\EXPERT-PROGRAMS_CHECKBOX_USED-2.mp3
Filesize
28KB

MD5
c32b72662de149efdde414c6f62b755a

SHA1
219b03d40974b059bb3a162f61c2aa1446d0fa51

SHA256
a5062cbc572ce18afb6e590a74a299f288c593de995841c13981c25a5cc3fcf1

SHA512
f57805be7b781fbc160cabbe2594f3f0aaa45d74608eff486ec077b065abcd87ced756f60ede04d1c9b55bed2932fb7fceabc56e22aa80ec719fb62c6247cbbf

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\START-INITIAL-1.mp3
Filesize
20KB

MD5
95c290a75e2d3d44f0d76142508edcf6

SHA1
a090827bd93cbe812e32d81272f7cfe9a9b31b4a

SHA256
7ce172ba3df0c381dabc6688dc584035860052b57242ec01ee3adc60ccb3bbc3

SHA512
f2bc1232896eefd0b7e27158067bffaa4bacd602a2fd948896ee6123dbb0ad504084f3ced7a9efa3e7c444a1301126f95ae6466fa7004d9c30661dc62b5c9bd3

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\START-LOADED-1.mp3
Filesize
38KB

MD5
00d14954338cfc5a011e75afe7237355

SHA1
5534fcaafd1e9edae19a514c415b48a929842fcf

SHA256
3a2f113b271e4a4a6bc8be28f4396babf7e92331492074c29dbaa83d0c09ad57

SHA512
0c1af04bbf833018d2e39a2d888ef16c9686eb0bf1561030b06e9b257678a5e02328d42d5cc66fa3ebfe8ce8705568012653a0cd236c466ab84ad42a2ede50c7

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\START-SETUP-1.mp3
Filesize
24KB

MD5
5dfd5ac5c08a629db586c6b737905ffd

SHA1
7d7418ec5c0099ce47476cfc63d160ae2f25d16d

SHA256
f01ce28bdb7af9b93ed9e255d5f2c4b7860c97d2f0d58339dbd489828b3484ba

SHA512
90e301b3cc64ba21517823767f5ac44dfd72fcc64eb40b5156c1186c466f2bf1a3e2035f316ee55709051fa47a1fd344e5fddfc88586a55396481e59adedd26d

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\TEAM-PROOF-1.mp3
Filesize
40KB

MD5
7eb9029ffd20e9f7d7e496bb74c581e4

SHA1
edc1dcea8f1bf44e16c25ee5ef7e3303494aa835

SHA256
07eca9f5ef7741062a9081a42dc70200ab38b0a48f31ac62393332ac24e97089

SHA512
4de329408e48b6e78fabfd37b2a710be76550b822df1a6248f8596c4363e311226b2f03bd4fd2c8ae2d2a5efb57fa87edda5a19594755618336597c02ec15f63

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\TEAM-PROOF-2.mp3
Filesize
60KB

MD5
50981b671fbad5e721b83245563dcb66

SHA1
42db8a6291d1f3b33a58a505b446c08e13f7d3c3

SHA256
09bd89dd7b59b6403c9fc495d8e4780840f9ade3ae9744f684e90876b250f981

SHA512
9c7cddbfce10dca0c5359860fe5791be90d3e8a27f77c8c500d9cc8ab180ad691c4a3c9a8044df7577efbb9716150b7cdc23800e54264e2a92af0b4f34b8f1a3

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\TEAM-PROOF-3.mp3
Filesize
17KB

MD5
9935dc6db273291e14ce227eb0542ad9

SHA1
12013732b5d399fa86cff55401345cce39346389

SHA256
91c9b43045e05c5ea9debee09aec46356c9a286369569508181117ac98f6c487

SHA512
37b44a39355a641f3ebcb5cab7dffd03eb67e8c519f384972bd56438ace4065d36c3a26352a9b5065e0365f891dd1a0adc683cc9c0970ff4ce6799feaf3b845d

Download Submit
C:\Program Files (x86)\DriverPack\audio\en\intro.mp3
Filesize
27KB

MD5
691c1edc79b032ea6d150fc291b7613d

SHA1
56049f75783bbed2aae6d03eb91b752bb16548c3

SHA256
8fcbf2cede0ba798aabc145593b273d3c76596ca9bce0a3138684fa7b416359f

SHA512
df1623c1542bbfe3ca2e6505d46538e6ec0eebbde8d712e03d32e8c22aa2a5e62b8369a3ae9263139f0e523826c15749c188b2005212ce6eb2e033054fdcaaa4

Download Submit
C:\Program Files (x86)\DriverPack\config.js
Filesize
3KB

MD5
31009d2efb710925bf7f308af59c629b

SHA1
5215c77b1719d0974dc529b523b758ef85dbebd4

SHA256
18f86ef3fad86c97d56274e5577b178a77f40587a80451a971013248e37190a6

SHA512
44129d626970c101df41a0bc94ff6120a1034077628da968d9c772fa6125d1f11478480cec7086dfd1625c8fc07820202a711a5598ea131b7742b31211a3f394

Download Submit
C:\Program Files (x86)\DriverPack\css\custom-control.css
Filesize
10KB

MD5
f7f8703ada2176dc144343a2c2acb1cd

SHA1
091334a48056a8baafff0cd672232de1c1f6c838

SHA256
7d7853e95258a7a3f8eaf41795f7124e7d2dacdeb5f1efe212b3ff7ed0da9e50

SHA512
27d46472c06103e0bdd9d40149804c16f469305752c3a6d8473c2f2ab22b2c8fa5d65d61dda7c617a3f12d8526b56a10320b8683f31d210ac2185fd0daed8e97

Download Submit
C:\Program Files (x86)\DriverPack\css\fonts\DRPicons\DRPicons-webfont.eot
Filesize
7KB

MD5
d85a00ccb58d531afd9ad80a067fbf0e

SHA1
0a3c0cfea5b9c0fdd5f17a1df49cb1512316330d

SHA256
0a04d85875091cc334f63b90c8ccfa0838f20023945d949296363369066870e3

SHA512
bce1796d0c71291cb779e2e99399a213b030663d5968330932b4a059ba48f3679e2df9e9c84201efb090a44b499bc5f46d174ad40b4b1d3afb5df5d2f3299261

Download Submit
C:\Program Files (x86)\DriverPack\css\fonts\Open-Sans\opensans-regular-webfont.eot
Filesize
40KB

MD5
88a9c629f26f8563a72eac95cb0744bc

SHA1
484bca13532678133dc14a668c580be2c1346526

SHA256
3ae576bfa96d7cf6614c8c97290c7abe03191a8ceb0c837a21e7ffe70d66ca62

SHA512
b4cdaa3a5a46ef368e9138c9874aa1173b466bc660d5bbbd13fc3f10f509cda9af151a2667ecd079935d60992b1436f6d5843ced5a063769e19e67f84c402af9

Download Submit
C:\Program Files (x86)\DriverPack\css\fonts\ProximaNova\ProximaNova-Bold.eot
Filesize
141KB

MD5
be0e58130a84b19c8523345478a0bd3f

SHA1
35dfea056f715d8191f2647e56c214afaf819eec

SHA256
1c3a470bf710204b1dbd65679b914af4b94e7f018b1f7df3d61ff863d6f335d9

SHA512
c0ca4a33842d69fad8f1795864c9b592d2cedd62b14efeb46676823460ea50693ccc884891d16f4ba1ffdd5e0a80f9d06fd6e65fe184f3ea283ff441e7b874c6

Download Submit
C:\Program Files (x86)\DriverPack\css\fonts\ProximaNova\ProximaNova-Bold.woff
Filesize
57KB

MD5
a3932b53cb250b684b63d1e04af5603e

SHA1
b06c657df6b320b915a17455848e66695a9fc68e

SHA256
2a8f208d9d8556ff58da8a420316de6d634a568a0eeb94c043430659fff7d338

SHA512
e8e68301dde147b7c79e21689066b7c9653a82f9898c2c76f4060af1a48c7f997f4797de5002e870e9ffba05efcb47f10cae5b8beadbe7909a85de4c04c54730

Download Submit
C:\Program Files (x86)\DriverPack\css\fonts\ProximaNova\proxima_nova_light-webfont.eot
Filesize
61KB

MD5
ee9163c34f600221169f8ff531e97182

SHA1
57f0b2c837c94f2a0df47ee62b4639fd6426bfa0

SHA256
53f30a622db68cebe92dbd384cc292aef13ad7e3349a10a77c29326e10634c21

SHA512
d51e2a5f6df706eaa2c5ffa071a9a9c08e58a30b4af64a1ccbe81f8e9c38f20429df665cabaf295129490afc639b7e19c0fced428610a284a17899c3290904cb

Download Submit
C:\Program Files (x86)\DriverPack\css\fonts\ProximaNova\proxima_nova_semibold-webfont.eot
Filesize
65KB

MD5
044aa0b596161750cb58aca15c52cf38

SHA1
d40e645b34188a54d909fa40f7eddeefb8b9df03

SHA256
790579e11608136663d073bc6f99848c04b4dcd69216df7daf5be00df573a3fd

SHA512
1a3b3abc614a7ddf673e34a936de63809f8c18a86409364b2bbdeb608fbcd845095ba7cfb34a0826e2ac18cfc5ccd4d47d4bfa13fae3caba7fbc4470d36c8086

Download Submit
C:\Program Files (x86)\DriverPack\css\icons-checkbox.css
Filesize
444B

MD5
3be98220035017d9b818f3cc94f87587

SHA1
bc07f11d0a59f942ac942dba02214a7041ad6e3a

SHA256
cb134dcb95a407795c671a512c389894d3525fba3f6a2168fc5b9b7e875e78dc

SHA512
d2e7d57cb7b7e771c82c75a04fbfb86ebecbb409ecf2c5666aeaa99695474a7985e3367f6a5b3d4ac59f775f60fb084efa9bdda99ce3c077df2690a5f0a6b1d1

Download Submit
C:\Program Files (x86)\DriverPack\css\icons.css
Filesize
509B

MD5
ebae852f3327fdaf3e2fc2bf1cdecb8f

SHA1
f9753fe176069974fc9bce49eae877745282e183

SHA256
b5f111103f7f090c246a223b1ff497b94c4dd3ac64bf5b3fb2d91555fcfd6f2c

SHA512
bf8e7c5db7a1eacd4344d5facfee1cd66e883389b53bc28e4e387cdb67ea40ee26266ba4282e50eb50a7bc3c810d9fdbb50792a46135761b2e8ce52ddc9e394a

Download Submit
C:\Program Files (x86)\DriverPack\css\normalize.min.css
Filesize
1KB

MD5
e8908cf9cb9504b285327d240187f53b

SHA1
20eadf1695eb38bcd92d1706de5335db61b96502

SHA256
86235e2c477078adfe1188d07ca1e5d8198443aaf2436de1785a169f3e1d5463

SHA512
9c828e8942d40da89f33d1db459a7fc12621660331bef307df8649e89758e76b044bf97a2cd36d656915e19a8b04f571cdb61d7cb6f926a3ba151ee67bbcdc4b

Download Submit
C:\Program Files (x86)\DriverPack\css\open-sans.css
Filesize
1KB

MD5
9ed298542b45ef98492e159f68e89f48

SHA1
c4521d9a5dff8a71804c40a909378e8eb5bd66c2

SHA256
b9bd51ae6ccc7df20417e0ef341295b86bf8f74f6e235ee99ddefd675806f47f

SHA512
1c7d5b378d6c627fbbef864035b157c3e7647b699a50d64f6ebf22faac38bf774e0c025bc8dd4ecc9bde7b377b729bc89bf6fbac4d2409240e2d03753cfe680e

Download Submit
C:\Program Files (x86)\DriverPack\css\proximanova.css
Filesize
2KB

MD5
487b553f5f73b30b8d565df02b4103cc

SHA1
6defcf202ce7a04f2bea8aaac8bb01ed44407fa5

SHA256
931071422410d73d9d7d3583745e476eac23c0cac5fbe344f8436499ee40ac46

SHA512
5a94da5d685f6e74f6576c179b8b65b719727163afebf24557b5f23718a8c034f5e2782ff33021c4d029abaa7cdf464ad0a49cce0602b31191b3b6b642bda9ce

Download Submit
C:\Program Files (x86)\DriverPack\css\roboto.css
Filesize
1001B

MD5
f5f5b5e4955262430e7b496247425d2d

SHA1
d4bea186a0d525ce3060e8dd7901311ae4a0735a

SHA256
2537efe2fb974f58cddbc99abfcd7aed6e9df81992eed3e528b5f1748167b8fa

SHA512
16a7ec3d95ed773a0a1ce2c2dc4430677106f0d1042e34cb39ed48f4a495f637ec3eefad05a4ebbddbea71a67e933fa0b56e6beef69700c6e3ac9cda9c17e7ca

Download Submit
C:\Program Files (x86)\DriverPack\css\style.css
Filesize
14KB

MD5
2f4fe7647aa460b8984556a25a74c234

SHA1
8fb2a5135e61a034ecdfef279e92078a7b463123

SHA256
3f8ec31a3c08de6c1aac117347b1b83f391bb0a91c9dbdc57ba9d11d5ba372d5

SHA512
bad4c1419e302f8e5a84c28fb0862dc56167a7353cc5420d8226883203fe03eca7ec8a9f554cfee560523e9ef292cc38200bce6015c80a428ce4c05222be3a58

Download Submit
C:\Program Files (x86)\DriverPack\drp.css
Filesize
190KB

MD5
5fdaf0fd106200153f8243ebb8bc6b18

SHA1
4b9524224954987a07fe1ce5f6f6e83becd5a20b

SHA256
439bfd8bf9f9176c1757ba277850525f0abec59bb3ef7cd8a974a5ad1d2b3004

SHA512
1db1cfcd7e8188594d5b136a479a29797ce1382c471bdd592f7f44f1026e5da845d231eeb09aa6b1b0d36ac2329b3277ee69c9e53049f2726df936a50b898228

Download Submit
C:\Program Files (x86)\DriverPack\drp.js
Filesize
3.7MB

MD5
a7af01062ea3c1687b11930f26a6d9e8

SHA1
b6f418996e5f6c3d7de04b621b78de15dce20a35

SHA256
c0ae6134f693b80d71ece89965cde42c819e815c7218d54fcfad0372a62dec21

SHA512
8d0e40bb128bbb1f01ce38295c4c673884a7f07aef543bb39372fb91f1ab9f20c60dec974cb97beb5a58abecd7b6d137f80631c5ca39831e2b59659704634b38

Download Submit
C:\Program Files (x86)\DriverPack\img\assistant-faces\start-screen\5.png
Filesize
75KB

MD5
40353d51881300e6cea13d94ae01b756

SHA1
5718f730dcb3349ad6d23972657962663fb38fc1

SHA256
ad615ef1f7016826d475fe90b4363cc149b060de2b9406b4c58cb4a4f1938bef

SHA512
8bc29ecdce2d5f558dd31a1e2424cd1ca94f72e36ea72a491cbcd46f52762f1f44106c749bcb41e6fecd87f9cba2bf6898dbc022a5c46f2ae15aafda3ac3c734

Download Submit
C:\Program Files (x86)\DriverPack\img\header\new-header-logo.png
Filesize
4KB

MD5
10eb51f76f3df7a82b05ed747e27c6a7

SHA1
157e45f82ba308431cecede2d753d775b54e83c8

SHA256
98856383428042c14739159f4a62168e9394f774bf2b696d62f46d70fc2ba175

SHA512
c497fad9597c699a7c6355a5aee999d8e240b1bcfbc39031f0c8b50bdb53f30f7fd43451ba3ea6b99e3fc414bfdd5dae11a499cc9585322b039e6ef87bc31917

Download Submit
C:\Program Files (x86)\DriverPack\img\installation\drivers\Notebook.png
Filesize
888B

MD5
e9c35a488b41ffa9645c0592b13c8c15

SHA1
f54aefb44fe34cceae28a808c270fe8f670b922f

SHA256
025e7e8699fd9c246452c6634d4935149baa6a6acadb91b0f9adf52d11a094f9

SHA512
33ab1cace6ff121a34d262855219cfaf22c4e3b94eeacabfd3ee290784c261885a270aec9354d639ccd9bbcba3eeb658554ae440373c43cc8cc35313f7867485

Download Submit
C:\Program Files (x86)\DriverPack\img\new-ui-assistant\arrow-recommend.png
Filesize
1KB

MD5
a2b5d78a49f66313a203f666faa64393

SHA1
99c22fd6116d69cd2d21aba072f050b5d8f51006

SHA256
fd42158b4e01b5c86360c9450e9e3db5e399e0eadb28e5420ac69f7da1dc0fc5

SHA512
03a7abce1b4c2bf82f40ba9af1f25022bc20aaddd745b08fada7ac01dffaab05697880f080d38b4672905aad2d0bed319a83e13c3d247b3900673e76fab8cadc

Download Submit
C:\Program Files (x86)\DriverPack\img\new-ui-assistant\icon-footer-splite.png
Filesize
4KB

MD5
9d355f967c8a9312dc7453f97af3d393

SHA1
28dec943e5cbbb56f9676e9f420b0b7742bc861a

SHA256
5e45160ca10f9237661f7c76880f1fed2dc5d2e147061daeeac7080df1502774

SHA512
d42b873275465473ef4539b83a7f9b6807a9dae24a35b47ab47840733e00ca7ff4ebe7cfbc297162bd8d78c2b7a63fd4dea01f05e076d7b6637517ed49060696

Download Submit
C:\Program Files (x86)\DriverPack\img\screens\arrow-top.png
Filesize
2KB

MD5
c88c78c9dcf11880a801e44e705f9708

SHA1
7b98255e87f81c3a655d375f112c188d9bd241a7

SHA256
4f2785a950320440acd22fcc0274944b971d5975de008f69bf81d19d44842925

SHA512
ea1fd00c23c7abdcdcecfce5d93b1946763043bc18cb17846ab3ecb607f19a7ede63ca5308cae6e2395053b223a4e438111cb6170264cc42c817130bd178ff4e

Download Submit
C:\Program Files (x86)\DriverPack\img\screens\new-ui-logo2021.png
Filesize
5KB

MD5
ed623a69120325b464bc149ba5829465

SHA1
17ba0cbe9a7297824d8792becae98d8853c56af6

SHA256
a11af07103005c27c0a5f721d99482e4700c21c85afcbc8e44e4e785af5fa902

SHA512
fc18cde812cd2ac9e8f835971f4226092213737220e70e095bc5186042c061bf335501b098966c34a8c55610afea626061856740532166ea26c71c018b6059e7

Download Submit
C:\Program Files (x86)\DriverPack\languages\en.js
Filesize
86KB

MD5
7507c4174ced52a6c0e1b2bb12ce9f3e

SHA1
6bad4ef261e7b7ab1a02d46341bd1f8a922987da

SHA256
a3df7c1b150504fb96555d8d7f7b9c4129a3225ba241da983d56a9c7a1404aec

SHA512
d13d045bd66bbf104ec533903e4b7bb76dd56f6a1c8346787f419bf1cd0eafc082e757e0c244024d778755c4ab4468da455f2f92fad7f5fdb7a0135c9c6e26cf

Download Submit
C:\Program Files (x86)\DriverPack\run.hta
Filesize
2KB

MD5
6bcab16cd99663b1093d10f827ca0323

SHA1
47b2d7f33da12d88095379fc8ea5bb7114ce75e9

SHA256
02bd627d6825599ed039f053fecbe7f15000b5d5071e9b6baab488befa4f02dd

SHA512
67c23c1f3e8023001336ff7fc9c9052220f2ab67df280ef269b0239d67dfc67e6783dda44dec747ba6689c239d7efdb55262d098868e43ab70a055429349210e

Download Submit
C:\Program Files (x86)\DriverPack\start.bat
Filesize
90B

MD5
f66f13d4770eb90e6d81222fe3525a3f

SHA1
f21bc06a179c108d13c783600b98ea0641076127

SHA256
88ebe6fc9f45e734243dd674a3cdd9222be692bde089d0bc06726dd32156b892

SHA512
3f321a339dee086f474d5ac9e8b247805d070b6c0ab5f9d85c5f1075021a3eb7ae23ab2b577000adc30ad32e66a1e291993f435f8539bb0032a1aca038e1f1b2

Download Submit
C:\Program Files (x86)\DriverPack\tools\driverpack-wget.exe
Filesize
392KB

MD5
bd126a7b59d5d1f97ba89a3e71425731

SHA1
457b1cd985ed07baffd8c66ff40e9c1b6da93753

SHA256
a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599

SHA512
3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\RP56V4OA\collect[1].gif
Filesize
35B

MD5
28d6814f309ea289f847c69cf91194c6

SHA1
0f4e929dd5bb2564f7ab9c76338e04e292a42ace

SHA256
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

SHA512
1d68b92e8d822fe82dc7563edd7b37f3418a02a89f1a9f0454cca664c2fc2565235e0d85540ff9be0b20175be3f5b7b4eae1175067465d5cca13486aab4c582c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\RUOQG7D6\46420341[1].gif
Filesize
43B

MD5
df3e567d6f16d040326c7a0ea29a4f41

SHA1
ea7df583983133b62712b5e73bffbcd45cc53736

SHA256
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

SHA512
b2ca25a3311dc42942e046eb1a27038b71d689925b7d6b3ebb4d7cd2c7b9a0c7de3d10175790ac060dc3f8acf3c1708c336626be06879097f4d0ecaa7f567041

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\RUOQG7D6\ANTIVIRUS-1[1].mp3
Filesize
36KB

MD5
7557d8cd4046327c15d600a1d2c94179

SHA1
c5cdb72ff869186fd49bf444b72186d6c64a230c

SHA256
46d1565a9237f7ade1d03a2d70c084f5f688d6a0574220ecc5eb83d5cfd875ed

SHA512
a56981e7b3c9757ff6e11373b5a75e66d70d1f3f5d3539cc647bb229784ba5dc52199eaa4f3f01d9d3fe3ab9730a90fb5e724e3fdfe54bed12e512f76d67a194

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\RUOQG7D6\CONTINUOUS-3[1].mp3
Filesize
26KB

MD5
940828d405c4c92f0bdf931169b6bf14

SHA1
65915dd5622e2ada803525fb3dd259d36546d43f

SHA256
88d420fb6a0a847c522066698efec070203c436aa5e2ff2097bb2e5e3692150b

SHA512
ac18701cb3d4d1e51bd88b35a3be09ee8fd7058e1b4679b5ca8c7e0688f1e27ab834bc955939fd94a2487327f251647c9f46285bfcabb07b2b1bf40e713ad5a4

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsb7E01.tmp\InstallOptions.dll
Filesize
15KB

MD5
ece25721125d55aa26cdfe019c871476

SHA1
b87685ae482553823bf95e73e790de48dc0c11ba

SHA256
c7fef6457989d97fecc0616a69947927da9d8c493f7905dc8475c748f044f3cf

SHA512
4e384735d03c943f5eb3396bb3a9cb42c9d8a5479fe2871de5b8bc18db4bbd6e2c5f8fd71b6840512a7249e12a1c63e0e760417e4baa3dc30f51375588410480

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsb7E01.tmp\InstallOptions.dll
Filesize
15KB

MD5
ece25721125d55aa26cdfe019c871476

SHA1
b87685ae482553823bf95e73e790de48dc0c11ba

SHA256
c7fef6457989d97fecc0616a69947927da9d8c493f7905dc8475c748f044f3cf

SHA512
4e384735d03c943f5eb3396bb3a9cb42c9d8a5479fe2871de5b8bc18db4bbd6e2c5f8fd71b6840512a7249e12a1c63e0e760417e4baa3dc30f51375588410480

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsb7E01.tmp\InstallOptions.dll
Filesize
15KB

MD5
ece25721125d55aa26cdfe019c871476

SHA1
b87685ae482553823bf95e73e790de48dc0c11ba

SHA256
c7fef6457989d97fecc0616a69947927da9d8c493f7905dc8475c748f044f3cf

SHA512
4e384735d03c943f5eb3396bb3a9cb42c9d8a5479fe2871de5b8bc18db4bbd6e2c5f8fd71b6840512a7249e12a1c63e0e760417e4baa3dc30f51375588410480

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsb7E01.tmp\System.dll
Filesize
12KB

MD5
cff85c549d536f651d4fb8387f1976f2

SHA1
d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

SHA256
8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

SHA512
531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsb7E01.tmp\ioSpecial.ini
Filesize
1KB

MD5
2386556fd23037f14455f7b3ef2eb4b2

SHA1
7679d46ab96643e62e67d6d22839a14f7f8c88f0

SHA256
7eaf01a341f6c264f058669cc29f7d1ea159eacee571fb1556d38e20ffc4a02c

SHA512
7d48c44e98b714080d2d20252b832a37e888a0352ca287d2ea27b9b99c8bfa4cdae1729e838eb1c077e7d98b7af13ddb76afaec73db1dd26df7e66bbbc0711df

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_18721.txt
Filesize
9B

MD5
47a22a7a342fd09177c62fcb8054933c

SHA1
d2b7928a34eedb04acc61c3a0e01d3138295e855

SHA256
51e6af14fa1e9032300dbf76a85cb8561e523e89c363cec09cdc2128801a191d

SHA512
b9ab174618fe617b061e27c8f0d4b7960271952a67245c2ad6155e93e0c08cab696191fbc7069c89f05ff545318f930cbd0dd7dc41b9cca0e7356143d3b47d98

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_32619.txt
Filesize
9B

MD5
02466847c63e90c5041b8dd7990dce27

SHA1
fdcf71f16e2efcb8815730b4cca5f580b185cf5c

SHA256
195418a93d769a17558aa804568eff487979e62d0731aa8c63d8d0ffc1723321

SHA512
86b11957db369afa71831c72848b897aafd155887467a377484d0346dcaeaac88476cad2331e34a24e7f8ac3a07335dd1e639ae27bfa0d4491dcc6a48a7e6ff3

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_84398.txt
Filesize
7B

MD5
d0d964be87663c957866cc96319a0f2e

SHA1
5a4af1923a1aa9fbdf7f92e9afbc2e47a0297e7f

SHA256
9a25234ae91ada142892f61bb4a52640d8854872909068b7b1c307a8e16591ed

SHA512
6f4ded4aeca348cd9234ca0ab1db569338793c586e086db06580a1a879c0c62258fcdfc25fe80d7da376508edd9f023d07183ab89c70ed8663d338ac4163b1e1

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_12199.log
Filesize
671B

MD5
e1a57ded5d5ef146b144953fcf352da4

SHA1
e4587e365184ca38ca5af83fdc535e95860f2242

SHA256
be585fd3d3d3889793a2c94657434ad48df826fb3e2d602f175ac16d91938358

SHA512
73d4ec1660c4068ff8db7ccc7860b3e16edc71224c924be05216a467ab9ee734c5229f491d2ebfdd9cb2d743287cca61f8558b3ee2ebb3475543bbc36030b94c

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_1462.log
Filesize
661B

MD5
5ae7ba88e1bdb0a1209e3ab1d9dfa1ea

SHA1
596133facd2395355ec56e8f055dc0c159966588

SHA256
da78324642a6187d62ab974d374ad909b2e9998f10768b04636637ec4cdba0cc

SHA512
8d335741b602026509bef6840c85f828911b11686fbe3da4692f1d4e9ed8df201000e76bb4acc9acf4c6aea2e9fe23fdef8cfeb33805282a7ea2434c263144ad

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_15370.log
Filesize
661B

MD5
442291cfed705507a84a7ac03e545d52

SHA1
0ec0452520ab435eb94d72eb120610237d4fcd38

SHA256
6b7cebae0f27c22f7a4cc055d0a282f037806f0901f16ffe5ebcdcdac54e17a0

SHA512
5207f0f4e9e574b312013a8b6d36efd7a4cca8bbccd007a8abf4d21f9f8bebe64ca7e2ef1dbab5d24d2e4081c01806d9e5569b75505727c1cae239c532c9b1cc

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_15857.log
Filesize
677B

MD5
959e422bb062cef4e98e0275bc829988

SHA1
3a42451e81ab84af2dfc3f8bda562d114663366c

SHA256
653be88c15159223bb40c7bd1e3452eb940631f09f48623aa9b549e208170c4b

SHA512
5ab347a8a92673065e94c3724f2c189f1e3fa90cf65870aab62164ffeb13f197e9bf33f7c1ea3472c870022196385d4a99b91a41f31e821d4de62decb59f30e1

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_20303.log
Filesize
661B

MD5
02555f21b8fd7ec9a31dff2f01a566c1

SHA1
0d679fc53ec20970d15c9f5318b53ba106197cfa

SHA256
92e74694c41e9cb3af04e0ae431b6960faf8ab80bf296ef458d3b3050a6b2a6e

SHA512
778e8698e2837736a3e18047b58b63fef333ae421bd22a116082c21ee8bc9fa4d826b0e99fa6a2a3f43d3ac51b8301fb063c16cc3132d94cdf5aad9f9d5427c4

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_20792.log
Filesize
665B

MD5
8daa2cd56c4ba6b22261d44cc75f99c7

SHA1
a9d3c2b152c797f557dbb3637460f8217f67f270

SHA256
f3abd8f3efe9b9823cfa7e6fbfea62506dfebfb8d3197aa01609199116d40b1a

SHA512
eb3058bbb1fa325dfd46a12e55a4f52756309cb0b52e0e30f20f48b360b4d3052e21c33175e57cdee0aad7ce1d038f7b3df331efddf5cfa49c53b5d0a0722431

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_23338.log
Filesize
677B

MD5
5acb5b91f47ae6e3190d93120aeeb647

SHA1
73e0377886cfa4c90a4b22c6fa8095d882d485d7

SHA256
4bd5d6542cb6b84a8e4913e0a5e39ee9d53c38c74241384e8487efc09a3585a4

SHA512
2fcd939961e5d8d7d1d019527fa332c0026acba27a5b70ea01f0720e43df434e3377f16267028ad70ece5d6c1259c31741f3de5d3004b3c874019cbc1675c9f0

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_30303.log
Filesize
665B

MD5
55f2a06e2632460533e048af7fee8f66

SHA1
2da95fd1950092769e42111ce2b7ab48bb39a6a3

SHA256
88ddb0cba3b16d914bb02c8e95819d84dff4de3ed26cd836e28efd60ba3f9c87

SHA512
c0e048ecd7aa9759df6cda25e90ccdfbc6449b716192820039427537edddfddaf68d70fb22e2b2ef7d9f40d79acf63f618321b863f4761793ea0c9be1640f8d0

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_41267.log
Filesize
674B

MD5
4881d33698dc68b15da0d274832cc2ca

SHA1
7420b948ae901177a62fa15ca943dc6a8368f1fe

SHA256
28db9095f1574429af28b35493cfa92c9978e14abf085f22d6f47f6bdf9b45fa

SHA512
750601591281cae0fca05b15cf982d86c50d1a6184eae3900eb5d47a42f3ebd00920546afcf91d79d8bde7d405ca465c745967d818d65c3ca5478a1dbad32ae6

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_66794.log
Filesize
677B

MD5
63538b1163c1c91ed666af7e398e7a43

SHA1
f8437ab093b3975d21a4fd5628c6c6102f7f7d0d

SHA256
4210af789208d72be0fd2079c87b8ccb691f7272653fad2eaafe66245250668f

SHA512
b48c56e03533ea42a5f2379577848e8f403ceabd646c8ad18849d487e482e627dd90c40599737cb911da7e3ced8186f4ea3b201fa4ace692c3d7657b8161f6c8

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_7612.log
Filesize
668B

MD5
305ea5f56db0a5a235a9eed048f1ce8d

SHA1
ba9c667bb11a9f4bcb7c3a7418d3218e6ababbce

SHA256
32dd0caaa5e1938f2fcd4e86e319f959f0a1ed93fed9114b2887d7e6262622ef

SHA512
306ce2367772d9300fa3fce76baad7b17349d8800efab720f3eefbf8d891ecbfb0e0c217b1e6dc3d17238f1abace22192e732baa10865afd1c51d0c252abbc34

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_83894.log
Filesize
741B

MD5
1dab851e3ab8f7ff63394da9fb6beef0

SHA1
1859ca47ee8e8bcaf5cc9182b59b6b3bc1708660

SHA256
f1a57cea41e260524ab239d9b4814d70a521e74f72abb9c3a25986a65054ed0b

SHA512
21711ea90c0c09821d968281dbc029b1f05579f7773b9079b872d29f9425990088f24d479941ffe2d5395a3e02a4f14c514e663daa38eaf41d0809d47a6724a7

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_84398.log
Filesize
665B

MD5
f0f57033c4f392acf014c7b9d4882af9

SHA1
fb7a906a207c8547ae6f8629b2094a3cecac9da3

SHA256
b9eaa1692e8029cf7d451982ab74daf5921a640e4e42b12e306587ea6cdf238e

SHA512
2c16b152b454c10ca983540069a2a6c1c461d25cacd04437c96b768008c121279d533f6ec5c063bfd5651831933fda17f8f7620aab4d0550219f1cc1bb31ea95

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_85601.log
Filesize
644B

MD5
3c072b6fd29f0d682d9c7c2c8ab937d1

SHA1
08652da72fbc888903efe0a672e01f1730d4e7ac

SHA256
7cfba67ce8190eb4669f62999cd5bb63833e81b7350840371f02d9e9b3d8c3f0

SHA512
54c406b8f549f0063fddf65c3c5b1864661c0ad7a2d178687c441fae4edaa52f8debcb98b239879e1532e31020f8ffb49fc746712b57527eea5794c7de8c0eb7

Download Submit
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_96690.log
Filesize
665B

MD5
da2aae54b5046b083a78af732380d258

SHA1
d30c885f879bb9193fb03d9a26a6a9b40a724384

SHA256
cf1d31f7a45adf4b63f423f43d7ca481c96f6e600ae2efa8abf53c5dc2abf721

SHA512
e5dc39a06324d676bc866cc8dde20fc428316d583518ade08cecdddac2a70ff551bf4e4884a8a839b215c52b21224a6cb40f9757161c026e20b06ec37a5c0a61

Download Submit
memory/404-1143-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/404-1047-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/404-1059-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/876-1135-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/876-1044-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/876-1058-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/1272-1045-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/1272-1060-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/1780-1003-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/1784-901-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/2016-916-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/2016-913-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/2452-988-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/2900-937-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1020-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1019-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-923-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-922-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1131-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1005-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1002-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-987-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1041-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1042-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1130-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1124-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-972-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1048-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-936-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1046-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-955-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-950-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1125-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1119-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-983-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1117-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1115-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1100-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1018-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1015-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1080-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1081-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1083-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1082-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-920-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1091-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1092-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1097-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1098-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2900-1099-0x000000000EAC0000-0x000000000EAD0000-memory.dmp

Filesize
64KB

Download
memory/2908-1007-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/3588-1009-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/3824-915-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/3824-902-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/3836-1106-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/3924-989-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4308-1006-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4316-1064-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4316-980-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4316-1043-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4640-914-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4640-912-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4732-1104-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/4768-1103-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download
memory/5068-1004-0x0000000000400000-0x00000000004EF000-memory.dmp

Filesize
956KB

Download