Analysis Overview
SHA256
211c2b34bf222617bc590f0f219cc4232c4484de0302b5ae0843d5d4a55d8cef
Threat Level: Likely malicious
The file 299f2c755b4d230d0d1ed70d9026df3f_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Blocklisted process makes network request
Modifies Windows Firewall
UPX packed file
Reads user/profile data of web browsers
Checks installed software on the system
Modifies Windows Firewall
Downloads MZ/PE file
Loads dropped DLL
Program crash
Enumerates physical storage devices
One or more HTTP URLs in qr code identified
Command and Scripting Interpreter: JavaScript
Unsigned PE
NSIS installer
Runs net.exe
Script User-Agent
Suspicious use of WriteProcessMemory
Runs .reg file with regedit
Modifies Internet Explorer settings
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-05-09 10:55
Signatures
One or more HTTP URLs in qr code identified
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
NSIS installer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral15
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20240221-en
Max time kernel
122s
Max time network
130s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\ar.js
Network
Files
Analysis: behavioral18
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240426-en
Max time kernel
149s
Max time network
157s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\az.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.131.50.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| BE | 2.17.196.184:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.196.17.2.in-addr.arpa | udp |
| BE | 2.17.196.184:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 123.10.44.20.in-addr.arpa | udp |
Files
Analysis: behavioral22
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240508-en
Max time kernel
90s
Max time network
98s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\bg.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| BE | 2.17.196.113:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.196.17.2.in-addr.arpa | udp |
| BE | 2.17.196.113:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
Files
Analysis: behavioral27
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20240221-en
Max time kernel
118s
Max time network
122s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\cs.js
Network
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20240508-en
Max time kernel
142s
Max time network
125s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2376 -s 224
Network
Files
memory/2376-0-0x000000006E5C0000-0x000000006E5CD000-memory.dmp
Analysis: behavioral26
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240508-en
Max time kernel
148s
Max time network
155s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\ca.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.17.178.52.in-addr.arpa | udp |
Files
Analysis: behavioral30
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240226-en
Max time kernel
140s
Max time network
158s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\de.js
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4788 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| GB | 142.250.187.202:443 | chromewebstore.googleapis.com | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.173.189.20.in-addr.arpa | udp |
Files
Analysis: behavioral19
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20240215-en
Max time kernel
121s
Max time network
129s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\be.js
Network
Files
Analysis: behavioral10
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240508-en
Max time kernel
147s
Max time network
152s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\config.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.71.105.51.in-addr.arpa | udp |
Files
Analysis: behavioral21
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20240508-en
Max time kernel
122s
Max time network
127s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\bg.js
Network
Files
Analysis: behavioral24
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240426-en
Max time kernel
135s
Max time network
101s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\bn.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| BE | 2.17.196.91:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 205.131.50.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.196.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| BE | 2.17.196.91:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20240221-en
Max time kernel
30s
Max time network
158s
Command Line
Signatures
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Downloads MZ/PE file
Modifies Windows Firewall
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\299f2c755b4d230d0d1ed70d9026df3f_JaffaCakes118.exe | N/A |
Enumerates physical storage devices
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Styles | C:\Windows\SysWOW64\reg.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Styles\MaxScriptStatements = "4294967295" | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Styles | C:\Windows\SysWOW64\reg.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Styles\MaxScriptStatements = "4294967295" | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SysWOW64\mshta.exe | N/A |
Runs .reg file with regedit
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\regedit.exe | N/A |
Runs net.exe
Script User-Agent
| Description | Indicator | Process | Target |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\299f2c755b4d230d0d1ed70d9026df3f_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\299f2c755b4d230d0d1ed70d9026df3f_JaffaCakes118.exe"
C:\Windows\SysWOW64\reg.exe
C:\Windows\system32\reg.exe import "C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\Tools\patch.reg"
C:\Windows\SysWOW64\mshta.exe
C:\Windows\system32\mshta.exe "C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\run.hta" --sfx "299f2c755b4d230d0d1ed70d9026df3f_JaffaCakes118.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c "netsh advfirewall firewall delete rule name="DriverPack aria2c.exe" || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_51590.txt""
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall delete rule name="DriverPack aria2c.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c "netsh advfirewall firewall add rule name="DriverPack aria2c.exe" dir=in action=allow program="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\aria2c.exe" || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_47999.txt""
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall add rule name="DriverPack aria2c.exe" dir=in action=allow program="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\aria2c.exe"
C:\Windows\SysWOW64\net.exe
"C:\Windows\System32\net.exe" start wscsvc
C:\Windows\SysWOW64\net1.exe
C:\Windows\system32\net1 start wscsvc
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe" http://download.drp.su/assistant/beetle/speed-test-5 -o "C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\speed-test.log" || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_11620.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_42343.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_42343.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_1068.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_1068.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_76155.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_76155.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/intro.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_49796.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_49796.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe" http://download.drp.su/assistant/beetle/speed-test-5 -o "C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\speed-test.log"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_23284.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_23284.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_50604.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_50604.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_1068.log"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_41303.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_41303.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_76155.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/intro.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_49796.log"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/P3-OPERA-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_68720.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_68720.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_23284.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_42343.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_41303.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_50604.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/P3-OPERA-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_68720.log"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/P3-OPERA-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_82308.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_82308.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/P3-OPERA-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_82308.log"
C:\Windows\SysWOW64\rundll32.exe
rundll32 kernel32,Sleep
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_98160.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_98160.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_59644.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_59644.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_82385.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_82385.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_59644.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_98160.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DRIVERS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_82385.log"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_48850.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_48850.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_34562.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_34562.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_48850.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_34562.log"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_91612.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_91612.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_72933.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_72933.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_91612.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROGRAMS_CHECKBOX_USED-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_72933.log"
C:\Windows\SysWOW64\rundll32.exe
rundll32 kernel32,Sleep
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/tools/DriverPack-Alice.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_47800.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/soft/DirectX.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_9941.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/soft/RuntimePack.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_85047.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/soft/DotNetXP.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_92981.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/soft/ab/4/Internet-Start.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_7660.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\aria2c.exe
"tools\aria2c.exe" "http://dl.driverpack.io/soft/DotNetXP.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\aria2c.exe
"tools\aria2c.exe" "http://dl.driverpack.io/soft/RuntimePack.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\aria2c.exe
"tools\aria2c.exe" "http://dl.driverpack.io/soft/ab/4/Internet-Start.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\aria2c.exe
"tools\aria2c.exe" "http://dl.driverpack.io/tools/DriverPack-Alice.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\aria2c.exe
"tools\aria2c.exe" "http://dl.driverpack.io/soft/DirectX.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROTECT-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_60289.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_60289.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROTECT-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_66575.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_66575.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROTECT-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_82585.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_82585.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROTECT-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_66575.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROTECT-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_82585.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-PROTECT-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_60289.log"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_76854.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_76854.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_6605.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_6605.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_98155.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_98155.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-4.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_16243.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_16243.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-5.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_41522.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_41522.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_6605.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_98155.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_76854.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-5.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_41522.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-4.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_16243.log"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-6.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_94297.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_94297.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-DIAGNOSTICS-6.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_94297.log"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-CONFIGURATOR-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_97408.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_97408.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-CONFIGURATOR-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_33053.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_33053.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-CONFIGURATOR-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_91267.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_91267.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-CONFIGURATOR-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_97408.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-CONFIGURATOR-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_91267.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-CONFIGURATOR-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_33053.log"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-SETTINGS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_49622.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_49622.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/EXPERT-SETTINGS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_49622.log"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/intro.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_71464.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_71464.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_41906.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_41906.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_97117.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_97117.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_54899.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_54899.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/intro.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_71464.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_41906.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-3.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_54899.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/START-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_97117.log"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\aria2c.exe" "http://dl.driverpack.io/soft/Chrone.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120 || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_12168.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS\RuntimePack.exe" -s || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\installing_16414.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\aria2c.exe
"tools\aria2c.exe" "http://dl.driverpack.io/soft/Chrone.exe.torrent" --dir="C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS" --quiet --continue --min-split-size=1M --follow-torrent=true --check-integrity --seed-time=0 --bt-stop-timeout=120
C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS\RuntimePack.exe
"C:\Users\Admin\AppData\Roaming\DRPSu\PROGRAMS\RuntimePack.exe" -s
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/P3-OPERA-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_72301.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_72301.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/P3-OPERA-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_97262.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_97262.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/P3-OPERA-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_97262.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/P3-OPERA-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_72301.log"
C:\Windows\SysWOW64\cmd.exe
cmd /c ""C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\install.cmd" -s "
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ver
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\comct232.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\comct332.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\comctl32.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\comdlg32.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\dblist32.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\mci32.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\mscomct2.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\mscomctl.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\mscomm32.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\msdatgrd.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\msdatlst.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\msflxgrd.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\mshflxgd.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\msinet.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\msmask32.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\msstdfmt.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\msstkprp.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\mswinsck.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\picclp32.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\richtx32.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\sysinfo.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\tabctl32.ocx"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32.exe /S "C:\Windows\System32\msvbvm50.dll"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/COMPILATION-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_64981.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_64981.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/COMPILATION-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_77289.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_77289.txt""
C:\Windows\SysWOW64\regedit.exe
regedit.exe /s VBA60_OCX_License.reg
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\Sysnative\libcrypto-1_1-x64.dll"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/COMPILATION-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_64981.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/COMPILATION-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_77289.log"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\Sysnative\libssl-1_1-x64.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\Sysnative\OpenAL32.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\Sysnative\wrap_oal.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\atl70.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\atl71.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\comct232.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\comct332.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\comctl32.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\comdlg32.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\dblist32.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\libcrypto-1_1.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\libeay32.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\libssl-1_1.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mci32.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mfc70.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mfc70chs.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mfc70cht.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mfc70deu.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mfc70enu.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mfc70esp.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mfc70fra.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mfc70ita.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mfc70jpn.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mfc70kor.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mfc70u.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\MFC71.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\MFC71CHS.DLL"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\MFC71CHT.DLL"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\MFC71DEU.DLL"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\MFC71ENU.DLL"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\MFC71ESP.DLL"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\MFC71FRA.DLL"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\MFC71ITA.DLL"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\MFC71JPN.DLL"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\MFC71KOR.DLL"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\MFC71u.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mscomct2.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mscomctl.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mscomm32.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\msdatgrd.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\msdatlst.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\msflxgrd.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\MShflxgd.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\msinet.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\msmask32.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\msstdfmt.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\MSSTKPRP.DLL"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\msvbvm50.dll"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/CONTINUOUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_1342.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_1342.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/CONTINUOUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_1342.log"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\msvci70.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\MSVCP70.DLL"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\msvcp71.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\msvcr70.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\msvcr71.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\msvcrt10.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\mswinsck.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\OpenAL32.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\picclp32.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\richtx32.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\ssleay32.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\sysinfo.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\tabctl32.ocx"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\Vb40032.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\wrap_oal.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\Vb40016.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\vbrun100.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\vbrun200.dll"
C:\Windows\SysWOW64\compact.exe
compact.exe /i /c /a /f "C:\Windows\System32\Vbrun300.dll"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/ANTIVIRUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_13628.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_13628.txt""
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c ""tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/ANTIVIRUS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_93061.log" & echo DONE > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_93061.txt""
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/ANTIVIRUS-2.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_93061.log"
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
"tools\driverpack-wget.exe" --tries=3 --timeout 5 --retry-connrefused --wait=5 --timestamping --directory-prefix="C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en" "http://download.drp.su/assistant/beetle/audio/en/ANTIVIRUS-1.mp3" -o "C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_13628.log"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | allfont.ru | udp |
| US | 172.67.209.192:80 | allfont.ru | tcp |
| US | 172.67.209.192:443 | allfont.ru | tcp |
| US | 8.8.8.8:53 | auth.drp.su | udp |
| GB | 87.117.235.115:80 | auth.drp.su | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | update.drp.su | udp |
| RU | 77.88.21.119:443 | mc.yandex.ru | tcp |
| RU | 37.9.8.75:80 | update.drp.su | tcp |
| RU | 37.9.8.75:80 | update.drp.su | tcp |
| US | 8.8.8.8:53 | dl.drp.su | udp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| RU | 37.9.8.75:80 | update.drp.su | tcp |
| RU | 37.9.8.75:80 | update.drp.su | tcp |
| RU | 37.9.8.75:80 | update.drp.su | tcp |
| US | 8.8.8.8:53 | crl.microsoft.com | udp |
| US | 2.18.190.80:80 | crl.microsoft.com | tcp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| RU | 93.158.134.119:443 | mc.yandex.com | tcp |
| US | 8.8.8.8:53 | download.drp.su | udp |
| RU | 37.9.8.75:80 | update.drp.su | tcp |
| RU | 37.9.8.75:80 | update.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 87.117.239.150:80 | download.drp.su | tcp |
| GB | 87.117.239.150:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| RU | 93.158.134.119:443 | mc.yandex.com | tcp |
| US | 8.8.8.8:53 | download.drp.su | udp |
| GB | 87.117.239.150:80 | download.drp.su | tcp |
| GB | 87.117.239.150:80 | download.drp.su | tcp |
| GB | 87.117.231.157:80 | download.drp.su | tcp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| RU | 37.9.8.75:80 | update.drp.su | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.151:80 | dl.driverpack.io | tcp |
| RU | 37.9.8.75:80 | update.drp.su | tcp |
| RU | 37.9.8.75:80 | update.drp.su | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| US | 8.8.8.8:53 | dl.drp.su | udp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| GB | 87.117.239.151:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.151:80 | dl.driverpack.io | tcp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| GB | 87.117.239.151:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.151:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.151:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.151:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| US | 8.8.8.8:53 | dl.drp.su | udp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
| GB | 81.94.192.167:80 | dl.drp.su | tcp |
| US | 8.8.8.8:53 | download-storage.driverpack.io | udp |
| GB | 95.154.194.108:80 | download-storage.driverpack.io | tcp |
| US | 8.8.8.8:53 | download.driverpacks.net | udp |
| DE | 5.9.136.186:80 | download.driverpacks.net | tcp |
| US | 8.8.8.8:53 | bt2.driverpacks.net | udp |
| DE | 178.162.204.29:8080 | bt2.driverpacks.net | tcp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| US | 8.8.8.8:53 | download.driverpacks.net | udp |
| US | 8.8.8.8:53 | dl.drp.su | udp |
| US | 8.8.8.8:53 | bt2.driverpacks.net | udp |
| DE | 5.9.136.186:80 | download.driverpacks.net | tcp |
| GB | 87.117.239.151:80 | dl.drp.su | tcp |
| DE | 178.162.204.29:8080 | bt2.driverpacks.net | tcp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
| US | 8.8.8.8:53 | dl.drp.su | udp |
| US | 8.8.8.8:53 | download.driverpacks.net | udp |
| US | 8.8.8.8:53 | bt2.driverpacks.net | udp |
| GB | 87.117.239.151:80 | dl.drp.su | tcp |
| DE | 5.9.136.186:80 | download.driverpacks.net | tcp |
| DE | 178.162.204.29:8080 | bt2.driverpacks.net | tcp |
| GB | 81.94.192.167:80 | dl.drp.su | tcp |
| GB | 81.94.192.167:80 | dl.drp.su | tcp |
| GB | 81.94.192.167:80 | dl.drp.su | tcp |
| GB | 81.94.192.167:80 | dl.drp.su | tcp |
| GB | 87.117.239.150:80 | dl.drp.su | tcp |
| GB | 87.117.239.150:80 | dl.drp.su | tcp |
| GB | 87.117.239.150:80 | dl.drp.su | tcp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
| US | 8.8.8.8:53 | dl.drp.su | udp |
| US | 8.8.8.8:53 | download.driverpacks.net | udp |
| US | 8.8.8.8:53 | bt2.driverpacks.net | udp |
| DE | 5.9.136.186:80 | download.driverpacks.net | tcp |
| DE | 178.162.204.29:8080 | bt2.driverpacks.net | tcp |
| GB | 87.117.239.150:80 | dl.drp.su | tcp |
| GB | 87.117.239.151:80 | dl.drp.su | tcp |
| US | 8.8.8.8:53 | dl.drp.su | udp |
| US | 8.8.8.8:53 | download.driverpacks.net | udp |
| US | 8.8.8.8:53 | bt2.driverpacks.net | udp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
| DE | 5.9.136.186:80 | download.driverpacks.net | tcp |
| DE | 178.162.204.29:8080 | bt2.driverpacks.net | tcp |
| GB | 87.117.239.151:80 | dl.drp.su | tcp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| DE | 178.162.204.29:8080 | bt2.driverpacks.net | tcp |
| DE | 178.162.204.29:8080 | bt2.driverpacks.net | tcp |
| DE | 178.162.204.29:8080 | bt2.driverpacks.net | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| DE | 178.162.204.29:8080 | bt2.driverpacks.net | tcp |
| DE | 178.162.204.29:8080 | bt2.driverpacks.net | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 87.117.231.157:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| US | 8.8.8.8:53 | download.drp.su | udp |
| GB | 87.117.239.151:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 87.117.239.150:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 87.117.239.150:80 | download.drp.su | tcp |
| GB | 87.117.239.150:80 | download.drp.su | tcp |
| GB | 87.117.239.150:80 | download.drp.su | tcp |
| GB | 87.117.239.151:80 | download.drp.su | tcp |
| GB | 87.117.239.151:80 | download.drp.su | tcp |
| GB | 87.117.239.151:80 | download.drp.su | tcp |
| GB | 87.117.239.151:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 81.94.192.167:80 | download.drp.su | tcp |
| GB | 87.117.239.150:80 | download.drp.su | tcp |
| US | 8.8.8.8:53 | dl.driverpack.io | udp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 81.94.192.167:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.150:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.151:80 | dl.driverpack.io | tcp |
| GB | 87.117.239.151:80 | dl.driverpack.io | tcp |
| US | 8.8.8.8:53 | download.driverpacks.net | udp |
| US | 8.8.8.8:53 | dl.drp.su | udp |
| US | 8.8.8.8:53 | bt2.driverpacks.net | udp |
| DE | 5.9.136.186:80 | download.driverpacks.net | tcp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
| DE | 178.162.204.29:8080 | bt2.driverpacks.net | tcp |
| GB | 87.117.239.150:80 | dl.drp.su | tcp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
| GB | 81.94.192.167:80 | dl.drp.su | tcp |
| GB | 81.94.192.167:80 | dl.drp.su | tcp |
| GB | 81.94.192.167:80 | dl.drp.su | tcp |
| GB | 87.117.239.150:80 | dl.drp.su | tcp |
| GB | 87.117.239.150:80 | dl.drp.su | tcp |
| GB | 87.117.239.151:80 | dl.drp.su | tcp |
| GB | 87.117.239.151:80 | dl.drp.su | tcp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
| GB | 81.94.192.167:80 | dl.drp.su | tcp |
| GB | 87.117.239.150:80 | dl.drp.su | tcp |
| GB | 87.117.239.151:80 | dl.drp.su | tcp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
| GB | 81.94.192.167:80 | dl.drp.su | tcp |
| GB | 81.94.192.167:80 | dl.drp.su | tcp |
| GB | 87.117.239.150:80 | dl.drp.su | tcp |
| GB | 87.117.239.150:80 | dl.drp.su | tcp |
| GB | 87.117.239.151:80 | dl.drp.su | tcp |
| GB | 87.117.239.151:80 | dl.drp.su | tcp |
| DE | 178.162.204.29:8080 | bt2.driverpacks.net | tcp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
| GB | 87.117.231.157:80 | dl.drp.su | tcp |
Files
\Users\Admin\AppData\Local\Temp\nst98F7.tmp\System.dll
| MD5 | 8643641707ff1e4a3e1dfda207b2db72 |
| SHA1 | f6d766caa9cafa533a04dd00e34741d276325e13 |
| SHA256 | d1b94797529c414b9d058c17dbd10c989eef59b1fa14eea7f61790d7cfa7fd25 |
| SHA512 | cc8e07395419027914a6d4b3842ac7d4f14e3ec8be319bfe5c81f70bcf757f8c35f0aaeb985c240b6ecc71fc3e71b9f697ccda6e71f84ac4930adf5eac801181 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\img\installation\drivers\Notebook.png
| MD5 | e9c35a488b41ffa9645c0592b13c8c15 |
| SHA1 | f54aefb44fe34cceae28a808c270fe8f670b922f |
| SHA256 | 025e7e8699fd9c246452c6634d4935149baa6a6acadb91b0f9adf52d11a094f9 |
| SHA512 | 33ab1cace6ff121a34d262855219cfaf22c4e3b94eeacabfd3ee290784c261885a270aec9354d639ccd9bbcba3eeb658554ae440373c43cc8cc35313f7867485 |
memory/1720-453-0x0000000000400000-0x0000000000441000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\Tools\patch.reg
| MD5 | d49db2ec30494b46d332d516cead4969 |
| SHA1 | 3d9ce116afe59760c9a1c149ddec92a2f92a0028 |
| SHA256 | c86ef9ed6e111d166818e8e0adb3cf5e2a3a5dfc6edc932abc298141ed6f2208 |
| SHA512 | 1314c6bc4095e445c930c0a0a94a83ff39670081ed916337eed2f74e3453702ae0e0187c0e6c933d52868d80c36e9acbe558faf86f10146d0a825b97c3bc261d |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\run.hta
| MD5 | d20765817cdb05d0805f682ef9193386 |
| SHA1 | 5dcee6bf0aeb0e5ffc9500a5d0bfe93ed1302cdc |
| SHA256 | 6d61529ce3e58354a6476c51aaff4b28e4ddda2433108376ee5f736e78ee1a04 |
| SHA512 | 46a030efe7f87f625bd93f7f6487766b78565f9b1b7004d3afec5072969e5f7d93a46f3b446ffbaf0b3cc1a9d837eba17c3d83b07e40281082a1152a8c08a258 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\DriverPackSolution.html
| MD5 | ef5e55c1187442b6278452429b93ef85 |
| SHA1 | 012bc5f42a31ccb817e12457c50d8ff51450e33b |
| SHA256 | ba9168498ea0e20f95d9c1c67cfb9e4f79e0775db8aac50d2983494316e38281 |
| SHA512 | d8e20e220d156793d2c2da462c36cb9708396c2db08faa876aca7fef63bdcd6b7d31a6fc7d78659f682ba30cf73ab7b565a1f9226e434deaa8f86f7f9341c3b8 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\css\style.css
| MD5 | 20589be5d23018b08a731926fa7a95c1 |
| SHA1 | 45d848e1fe86188529829c32a3197e9adb3076c4 |
| SHA256 | e6fc08a2364fd4797ae92ab58d676f0448ead49c0971a6a4426a93f8ae507629 |
| SHA512 | 704fe9cc99a8f58386fa0981f9b95b3f35e6ed844bab12f0b4a2f2e045c4e707e12eb7e16ce456d6b4ebd45a3c6bb1d674624e6677a3f8747fb9d3ab1bdb7354 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\css\icons.css
| MD5 | ebae852f3327fdaf3e2fc2bf1cdecb8f |
| SHA1 | f9753fe176069974fc9bce49eae877745282e183 |
| SHA256 | b5f111103f7f090c246a223b1ff497b94c4dd3ac64bf5b3fb2d91555fcfd6f2c |
| SHA512 | bf8e7c5db7a1eacd4344d5facfee1cd66e883389b53bc28e4e387cdb67ea40ee26266ba4282e50eb50a7bc3c810d9fdbb50792a46135761b2e8ce52ddc9e394a |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\css\icons-checkbox.css
| MD5 | 3be98220035017d9b818f3cc94f87587 |
| SHA1 | bc07f11d0a59f942ac942dba02214a7041ad6e3a |
| SHA256 | cb134dcb95a407795c671a512c389894d3525fba3f6a2168fc5b9b7e875e78dc |
| SHA512 | d2e7d57cb7b7e771c82c75a04fbfb86ebecbb409ecf2c5666aeaa99695474a7985e3367f6a5b3d4ac59f775f60fb084efa9bdda99ce3c077df2690a5f0a6b1d1 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\css\custom-control.css
| MD5 | f7f8703ada2176dc144343a2c2acb1cd |
| SHA1 | 091334a48056a8baafff0cd672232de1c1f6c838 |
| SHA256 | 7d7853e95258a7a3f8eaf41795f7124e7d2dacdeb5f1efe212b3ff7ed0da9e50 |
| SHA512 | 27d46472c06103e0bdd9d40149804c16f469305752c3a6d8473c2f2ab22b2c8fa5d65d61dda7c617a3f12d8526b56a10320b8683f31d210ac2185fd0daed8e97 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\config.js
| MD5 | ac11e452f1fdbf0e70902e6f0ba6c170 |
| SHA1 | 9f94c6ccd79b5d3b572566f5c1e49e432d094e87 |
| SHA256 | cde4e4d41ced1e56d245603b9a9b8f891255e3754222576dd2381a41e5a99ccc |
| SHA512 | 84e7c9fd3f9fa0a72a0c75e570c4945376c3ab168dafb1865f453b74a3e453ab3df9f6d84555a52597f1c8f681925a10755ec4df5a77048c8f92c7f8850d13a2 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\drp.js
| MD5 | 3f79b5293be8c52ddd1ba1fbfd136fd9 |
| SHA1 | 0f6b5e2dd8630d4b38d33b5f3efbddc5c5ce642f |
| SHA256 | c777348d9c87b74a3d6195ebfa60b50ec5dfd19688cc7b61f543d63dbf4b87e7 |
| SHA512 | 70dd47e16ce80764f1ae9ff557bace69cb9c2c4fd3f72292485a0700a2c4fa6d9e54d88c44bfe0b7a65a963dc66a23d7124cd476630089422a7f1f5a23b0b00a |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\drp.css
| MD5 | e211b4aa8fdcd2742d48ad039af46245 |
| SHA1 | b1e5552147066fa116887122f0f89f56b68bc80a |
| SHA256 | 5e3f7784269b62516b470d33ad3c94d7452af24063391e8e0d8e1788cf6cccab |
| SHA512 | e781d7f178ad35bb2da988a527a4c6497081ca7d9bf9e129ef32d75363dfb8297dc110fe562355e741e04e264a5a1c9ee59a3421514321ff417243324d8e08ee |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\css\proximanova.css
| MD5 | cf0c65f6d17307ccd7914e984ac86a6f |
| SHA1 | 4fcef85545731123eb5e3e1886817f8014f22e21 |
| SHA256 | 58a658fd04bb4aa2ff90ff7125ca6e1775b1a9d053e2cfa44b8697990f9f134e |
| SHA512 | 0f171b8839385cd192d10c5c06e1b2284e6f2d7d74b9a9d7559252d1b63b8f94c670aa5225e80a5dce9056e92e0fd1506754c6f94b74703a02b7c4687d4976ae |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\css\roboto.css
| MD5 | f5f5b5e4955262430e7b496247425d2d |
| SHA1 | d4bea186a0d525ce3060e8dd7901311ae4a0735a |
| SHA256 | 2537efe2fb974f58cddbc99abfcd7aed6e9df81992eed3e528b5f1748167b8fa |
| SHA512 | 16a7ec3d95ed773a0a1ce2c2dc4430677106f0d1042e34cb39ed48f4a495f637ec3eefad05a4ebbddbea71a67e933fa0b56e6beef69700c6e3ac9cda9c17e7ca |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\css\open-sans.css
| MD5 | 9ed298542b45ef98492e159f68e89f48 |
| SHA1 | c4521d9a5dff8a71804c40a909378e8eb5bd66c2 |
| SHA256 | b9bd51ae6ccc7df20417e0ef341295b86bf8f74f6e235ee99ddefd675806f47f |
| SHA512 | 1c7d5b378d6c627fbbef864035b157c3e7647b699a50d64f6ebf22faac38bf774e0c025bc8dd4ecc9bde7b377b729bc89bf6fbac4d2409240e2d03753cfe680e |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\css\normalize.min.css
| MD5 | e8908cf9cb9504b285327d240187f53b |
| SHA1 | 20eadf1695eb38bcd92d1706de5335db61b96502 |
| SHA256 | 86235e2c477078adfe1188d07ca1e5d8198443aaf2436de1785a169f3e1d5463 |
| SHA512 | 9c828e8942d40da89f33d1db459a7fc12621660331bef307df8649e89758e76b044bf97a2cd36d656915e19a8b04f571cdb61d7cb6f926a3ba151ee67bbcdc4b |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\css\fonts\ProximaNova\proxima_nova_light-webfont.eot
| MD5 | ee9163c34f600221169f8ff531e97182 |
| SHA1 | 57f0b2c837c94f2a0df47ee62b4639fd6426bfa0 |
| SHA256 | 53f30a622db68cebe92dbd384cc292aef13ad7e3349a10a77c29326e10634c21 |
| SHA512 | d51e2a5f6df706eaa2c5ffa071a9a9c08e58a30b4af64a1ccbe81f8e9c38f20429df665cabaf295129490afc639b7e19c0fced428610a284a17899c3290904cb |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\css\fonts\Open-Sans\opensans-regular-webfont.eot
| MD5 | 88a9c629f26f8563a72eac95cb0744bc |
| SHA1 | 484bca13532678133dc14a668c580be2c1346526 |
| SHA256 | 3ae576bfa96d7cf6614c8c97290c7abe03191a8ceb0c837a21e7ffe70d66ca62 |
| SHA512 | b4cdaa3a5a46ef368e9138c9874aa1173b466bc660d5bbbd13fc3f10f509cda9af151a2667ecd079935d60992b1436f6d5843ced5a063769e19e67f84c402af9 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\allfont[1].htm
| MD5 | 5255b05e221a2ee9e73b8d9ca6eaa4ad |
| SHA1 | 28d5fbabcdcc49246e71721c45d49a0dd025cb0b |
| SHA256 | ed2ae741d3478834f11bdecc1f4a8e179bc295a99e489936befac5ee4eaf4cc5 |
| SHA512 | 59941bf156a18037f99367a8455137ffaad3ca0d2da6b3b604e6d17caa4299789b463908cf812e07477aee07e7a6fd4b7fcbad598ffb48d57a76a018da368e05 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\img\screens\new-logo.png
| MD5 | fafd3d362556a1f9e8cddbdaf26c5356 |
| SHA1 | 04797d778ba3fc7ad4cc4485c7070297f6efb796 |
| SHA256 | efa3de8589b68a4ca83147ed77a67bc6af449928368aab0f740d81c11d78dd90 |
| SHA512 | 3f532fa1677b50931fe98e9d0addb49c47784ae59a13415b3b91c05366c24c91a89f944a6675ca1feab123cc8d541739094bb25ea115372ac81233b1bbd9014b |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\languages\en.js
| MD5 | 083ce2a9f9747ee4b31846fc70711ff7 |
| SHA1 | aa9106535103abfdc9d33462c867d84f9f3c4845 |
| SHA256 | 1c93749df80fef09e3b7cbdb0ec4c84185f6ea835afa51a480ffc4b2b12410b9 |
| SHA512 | 3b978d3d8f59c1cd48fd0329a27822f71e7ac4dfd365f9959e5d2d777a2c03104ece1f428b00d17231370b8a627aa118b58392cfa7f2a2a5afa018c07e617a0e |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\img\installation-loader.gif
| MD5 | 753622cdb83a6a695b5e98d7410a3072 |
| SHA1 | aa08f1e0ffeea39d3279d5fc8c0f490458b4966a |
| SHA256 | 30f1b256b3c6f1b99a240ef7054cc5894aa19f1cd5aae2b977fc5beb9923b556 |
| SHA512 | 849a4f08728901d4cd907b06b043e250e8166af09f343df3b127302eb5a66ebd4d127384c87d3b18efd27fc964f92e4d2fc9e928f69c40a96dc6cf9e8071ff33 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\css\fonts\DRPcheckbox\DRPcheckbox.eot
| MD5 | 96d44740679ffaf2e5e1d2a8a75c48ee |
| SHA1 | d7b354e3524bea85e065675d61e0d37c637c87e1 |
| SHA256 | c0c660ec085e958acdb6dab93f7df3b8c2375df26399ba9c62c79a14f4a23c58 |
| SHA512 | 32f60040c4ef1d3e8a7c46f1d078ea0307bbf948761fc053ea14d7edd2dfd41fe6cc2506bed8d0a2275105cf0370592da12c0159824d4de174f7d5e003655ee6 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\css\fonts\ProximaNova\proxima_nova_regular-webfont.eot
| MD5 | e5835857d5dddda8d5f0725a386a2d0e |
| SHA1 | 4c92001174816e973c374986e52af2428af2f6b6 |
| SHA256 | 750e86dc4965d1d63216327777239692fcaf377106e0ed9e3b1e73e7eb89b2a8 |
| SHA512 | 4eee43c691475031bc219bd6bd7001128b62a22b69b89e7668434318b72db61942a58ee85ab49f4864abebeb451b68145543325f1d42840dae7f90b7ea363dd9 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\css\fonts\Roboto\roboto-light-webfont.eot
| MD5 | 889478bc69a9cfe7ce00665a2d307606 |
| SHA1 | 54ad4852e48a7e4762531fe1dce91b2b95dd5406 |
| SHA256 | 1ee590bcbf3a5f0c1b70e93ab1332e6a230cd44dc21fdd87b80d7e8bd3ba1499 |
| SHA512 | ca1be8f6816206b0fcbd1b131a09424a7ab6c0fd4bf40d1643dde00f9d73fca6883add523ab27fc956d4d0244a4495bc6b6291eefb1ae59ea998e0b67c7fcdfc |
C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_51590.txt
| MD5 | 02466847c63e90c5041b8dd7990dce27 |
| SHA1 | fdcf71f16e2efcb8815730b4cca5f580b185cf5c |
| SHA256 | 195418a93d769a17558aa804568eff487979e62d0731aa8c63d8d0ffc1723321 |
| SHA512 | 86b11957db369afa71831c72848b897aafd155887467a377484d0346dcaeaac88476cad2331e34a24e7f8ac3a07335dd1e639ae27bfa0d4491dcc6a48a7e6ff3 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\tools\driverpack-wget.exe
| MD5 | bd126a7b59d5d1f97ba89a3e71425731 |
| SHA1 | 457b1cd985ed07baffd8c66ff40e9c1b6da93753 |
| SHA256 | a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599 |
| SHA512 | 3ef1b83ea9821cb10f8bc149ec481d1e486d246a0cb51fe7983785529df42c6fe775e0d35c64a97f997cdf294464c7640df392239b96ce1be6143ce8f07b5a8a |
memory/1604-554-0x0000000000540000-0x000000000062F000-memory.dmp
memory/2228-558-0x0000000001FC0000-0x00000000020AF000-memory.dmp
memory/2584-563-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2868-567-0x0000000000210000-0x00000000002FF000-memory.dmp
memory/2456-556-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2868-566-0x0000000000210000-0x00000000002FF000-memory.dmp
memory/2660-572-0x0000000002160000-0x000000000224F000-memory.dmp
memory/2020-590-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/848-589-0x0000000002000000-0x00000000020EF000-memory.dmp
memory/2856-608-0x0000000000240000-0x000000000032F000-memory.dmp
memory/2828-613-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2584-612-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2228-611-0x0000000001FC0000-0x00000000020AF000-memory.dmp
memory/2856-610-0x0000000000240000-0x000000000032F000-memory.dmp
memory/2640-594-0x0000000001FE0000-0x00000000020CF000-memory.dmp
memory/2640-593-0x0000000001FE0000-0x00000000020CF000-memory.dmp
memory/2240-585-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2576-584-0x0000000001FD0000-0x00000000020BF000-memory.dmp
memory/2060-583-0x0000000001FB0000-0x000000000209F000-memory.dmp
memory/2060-581-0x0000000001FB0000-0x000000000209F000-memory.dmp
memory/2840-580-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2576-579-0x0000000001FD0000-0x00000000020BF000-memory.dmp
memory/2660-571-0x0000000002160000-0x000000000224F000-memory.dmp
memory/2228-561-0x0000000001FC0000-0x00000000020AF000-memory.dmp
memory/1604-553-0x0000000000540000-0x000000000062F000-memory.dmp
memory/2660-630-0x0000000002160000-0x000000000224F000-memory.dmp
memory/2616-631-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2840-632-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2240-637-0x0000000000400000-0x00000000004EF000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-DRIVERS-2.mp3
| MD5 | 009af8af189f6446d8ac3552dc659623 |
| SHA1 | 77878aa1bb829fcf950fcf0bacd0b5f89e44fbc4 |
| SHA256 | 9f35f0dbff0fbd1362b8f221550bf9d63e5d30ee8487bb47c78edb1661a52b9b |
| SHA512 | 88fe7b3bf30ab34976d5f9ead3dce16861c19810bec70c32a7e651d75842390b0a024bd40ad070d0bf5665b4ef62795f03acaa8070aee2f79165797624bfc9fc |
memory/2840-666-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2828-677-0x0000000000400000-0x00000000004EF000-memory.dmp
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_finished_41303.txt
| MD5 | d0d964be87663c957866cc96319a0f2e |
| SHA1 | 5a4af1923a1aa9fbdf7f92e9afbc2e47a0297e7f |
| SHA256 | 9a25234ae91ada142892f61bb4a52640d8854872909068b7b1c307a8e16591ed |
| SHA512 | 6f4ded4aeca348cd9234ca0ab1db569338793c586e086db06580a1a879c0c62258fcdfc25fe80d7da376508edd9f023d07183ab89c70ed8663d338ac4163b1e1 |
memory/2616-672-0x0000000000400000-0x00000000004EF000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\P3-OPERA-1.mp3
| MD5 | acdab38cb356d7bf803a0f4564a9daff |
| SHA1 | d5a994483468219af45006c02931f4cef772bcba |
| SHA256 | e47d2a223c5ba6ea94571d0a20f2343bd1852f8aea44ea0bef1463ca4a54b01c |
| SHA512 | 851122293616ff4ec6eb59d5e86da26d236d768198a55b81bd3767d983f4ee2668c4e56fb588ef086c9beee80c23f5687573879d45fd35b81e5d7a3b0fd60d3b |
memory/1824-664-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2584-663-0x0000000000400000-0x00000000004EF000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-DRIVERS-3.mp3
| MD5 | 4314c886eb7bce481ec3209b96fad7f8 |
| SHA1 | e365140263b4903945d6b20926b3b1c66c8d6998 |
| SHA256 | 540abfdf5e2894d09dded9dfffe2d1be207b484f32f8e0aa237aba52142eeb8a |
| SHA512 | 9f83709548764477e812157b86fbd0d958b189861b59e8b2f308f734be04f15f8b82938c178b4eda5ee23c12176791f3792ced856ab3f2fd4391513ee37eb706 |
memory/1844-658-0x0000000000400000-0x00000000004EF000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-DRIVERS-1.mp3
| MD5 | 540072f31fd5aa996268425beac11da8 |
| SHA1 | 2aee0efdd9ed72e969a1bfa8bc4c84656f972f80 |
| SHA256 | 1f19a45b24a98014ab4821a1c80b1d2120f54e24cf2517b73f015141d6aa98ed |
| SHA512 | 477fa6616ce8a55f5e6e7d0e28eba3e821189a08edc11a238b1066a4ae0f4930c85c5684e2570110f30cd04f4db5ecc230c1088a511f46ac5b8fa2168e72ceb1 |
memory/2020-656-0x0000000000400000-0x00000000004EF000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M0HR0P6\START-2[1].mp3
| MD5 | 76aaf0ec221005a029f871f74e091a72 |
| SHA1 | 091671daa5d51fd57ea0aab700fcc2ec363554b3 |
| SHA256 | f99cdc39100c077170d63352ede27206dbdc439ac985de1a5752b8360d989a12 |
| SHA512 | fe333bd11826bb2c61eb1b80ea334127be8d1736b76bee12932cf2ed97ef5e64f5dcdf06800fa8c425c127e68e891670794d27ad9e42defe959bb9823bf85c8e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\intro[1].mp3
| MD5 | 691c1edc79b032ea6d150fc291b7613d |
| SHA1 | 56049f75783bbed2aae6d03eb91b752bb16548c3 |
| SHA256 | 8fcbf2cede0ba798aabc145593b273d3c76596ca9bce0a3138684fa7b416359f |
| SHA512 | df1623c1542bbfe3ca2e6505d46538e6ec0eebbde8d712e03d32e8c22aa2a5e62b8369a3ae9263139f0e523826c15749c188b2005212ce6eb2e033054fdcaaa4 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\START-3[1].mp3
| MD5 | 1d67319175e862dd3ebcc415ae18692d |
| SHA1 | 6e0327f63b1c5d97aaf1c1e9d51430084c053ae5 |
| SHA256 | 30895985c3858cd2f60bb1571904a07aae67e8d3b49bed90dd50408d90acceda |
| SHA512 | 0358f58871eb33c89dfe85473569fb1ea30a3395d892d42c8bbf0b77ff7178d7d7c4eee2b6b4e941355c073d05235cfee435700417443a6419f03df08805aa3e |
memory/2524-705-0x00000000020B0000-0x000000000219F000-memory.dmp
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_76155.log
| MD5 | c384ce97d1c51c038cb4c5ae2e8f1f22 |
| SHA1 | 2e9b2be223084213a930ba3a51b879655b2bb1b2 |
| SHA256 | 80c1115979df932739f2e68fa850aaeda1544b9a2ff4db553f666d78a6ef14eb |
| SHA512 | 0a8942aac717209a8aef583e2e3c8262059d777c0849534e1ec5fc855259bedadbfc526a62cedb49c791e244de7582b6d35db6a294f3d6013943e48f40d7d882 |
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_68720.log
| MD5 | acad98c98c553c5d17668220a00e536a |
| SHA1 | dc99e24bf33a1cff1eb00208908d295ec5abebbd |
| SHA256 | 29cafe1afc7bf15f5ce4b8235b15e39a0dd69a109d0edee6517a6d9c5167fae4 |
| SHA512 | f87bb6192356615af69d70ef5b2cd05a71da25e9127524ca7d56256a0d93a95e6d447aab8ffeeeb74162eeaf65796015e85e5a97a998ee0317f938f0ce6ab353 |
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_50604.log
| MD5 | 34abf3516a764e050ffddfe00d3f0ffc |
| SHA1 | 56c00344d7481a9b3c283eeb8d571ebb9846a28a |
| SHA256 | 284a02bede6088429ca8762d6e756c67ba405d69ba4727152deba7c212fd4b9b |
| SHA512 | 2618883d3bb6f9b73293c0d5941bfcfc5297e8f05a3c977efaa9aa21beffa5f0408050de0f7155b2b67780479e620c43b1eb323d77c8af7527fca37ec23ea340 |
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_49796.log
| MD5 | 3c7798d99daf04eb6b8577085feac0e4 |
| SHA1 | 92d04e2041f7fb0e0ace97650fc6d6a4ddc338e2 |
| SHA256 | b6fa0e3f4d1c8cd566d5e82d340b259ee3f31cdf1227bd66e99e08bdbcccd5c6 |
| SHA512 | b6ef1892b342d61c79241dcccb653ad6d421c83fcba317b572c3f8f291bfd5564292f6c0dde216f15d037e7b08b9dfad980dc38a35fe75347932f00ebe1130a5 |
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_42343.log
| MD5 | d0d604dd3d2d40050e22173bfac83238 |
| SHA1 | 44c355b1f56e99e461af6c0c4d06d41faf083763 |
| SHA256 | 657bddad3c1fa59eb61e8b9f8c83b46a22753045e32f1450f27e57672c90845b |
| SHA512 | d602ed86e157a3a1b706c0cf55fc4425c8bbfb561424d1dc419c2ed2e6e5b596fb2fa03781a9ecd59124fd63329b9e267cd826a3459ec050581b85952c634550 |
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_41303.log
| MD5 | a4ea093f9919f5a1cd48dbb869da0120 |
| SHA1 | fd4ef030246a1fce4f1ab29b972172120192a8b4 |
| SHA256 | eeab86c6104db6973077b1817ebf5ac41e0bc499a4654048c2645117d2309265 |
| SHA512 | aef8cb00f5b8df57bd217b4f1a03810cda05c93f9a39167e88a12ef3b20c3ab9a3476dadd0b17d41d074450d632da6d0efba5d75fec2959b177f465cefdf2a5a |
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_23284.log
| MD5 | 53a10c3c8220483ce8a53eef147bd84c |
| SHA1 | 4e4a6e68a82242db403de876d135c3048ae9c3e2 |
| SHA256 | 0ef44ba2250d967ecf20dbe317876ce729a0643848a7b8024dcb6edd6a27df12 |
| SHA512 | 00d2b956e1528810817dab8b18b3cdb601c84c5f1e72414089304dd874ebd8ac3082bf89d2bfba59defc4939f0db1ec0fa1a7fbe634243c1342f5f1e32238abb |
C:\Users\Admin\AppData\Roaming\DRPSu\temp\wget_log_1068.log
| MD5 | 3ed09a7cb0082ddc748bdf7b485f3d71 |
| SHA1 | bdb4fa451560dad139fd4e73f36ab608d2f7bc73 |
| SHA256 | 117fffe2509b5ee640e41f1bc75d753196e707e834be3758c6bafcd451a06244 |
| SHA512 | 682b1e6ee4c737ae311196efd95c68820ee0134aa021741530c7393a21b84299a7bfa3a13476855c20fe20e9579ff8c4bbe0a807467c14caea67026ff65801f5 |
memory/2456-717-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2456-721-0x0000000000400000-0x00000000004EF000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\P3-OPERA-2.mp3
| MD5 | bcf391863f1e2c7a79df9488c5fd61df |
| SHA1 | 7f1e33d2b2ac6584091bb0d60d5a85af6eac8e7b |
| SHA256 | 70f9baa47404c2e4d3da11aefd7fcc99fd3cb41110f4da813a6e6be3d6816e29 |
| SHA512 | 66c2425fff291e59e9c8d0ce04b84234e3232dad94f88de0b5a85cb02eff0a372c3384ff10459e202abdcb9ff15c1afd6b3d90ffa20b9eff5da1931c65c056fa |
memory/2172-728-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/952-735-0x0000000002130000-0x000000000221F000-memory.dmp
memory/564-740-0x0000000001FB0000-0x000000000209F000-memory.dmp
memory/1036-745-0x0000000002010000-0x00000000020FF000-memory.dmp
memory/2016-742-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/564-741-0x0000000001FB0000-0x000000000209F000-memory.dmp
memory/792-748-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/952-747-0x0000000002130000-0x000000000221F000-memory.dmp
memory/2948-749-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/1036-746-0x0000000002010000-0x00000000020FF000-memory.dmp
memory/2948-756-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2016-759-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/792-755-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/1996-763-0x0000000000280000-0x000000000036F000-memory.dmp
memory/1996-762-0x0000000000280000-0x000000000036F000-memory.dmp
memory/2636-764-0x0000000002060000-0x000000000214F000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-PROGRAMS-1.mp3
| MD5 | f5d09d70c6d2a65691a2a81ede02e67d |
| SHA1 | 11185e544d995b3038afd0935b85185b8883e69e |
| SHA256 | 3a5402536eebf3a5c29ca1e80cb756f9eeacdc8b09762d9a67f344019ceb657d |
| SHA512 | 91341667b3b0bf254203fafd1b8144910557ab8a7d7c6e4cd71fa21489e49d4914e5fb00ae571e2e981e520387cb83621ad222b831eb0abec8cc1a199b57f68c |
memory/620-781-0x0000000000400000-0x00000000004EF000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-PROGRAMS-2.mp3
| MD5 | a75bdbf4a6eaa47f072ecfb9365680e3 |
| SHA1 | 8be8fb77603f01c593864cdffe74c227b52502ae |
| SHA256 | a28895c390580f1c9748a6daa1ab37d92c8aec2c395e5484d180d5521a830dfe |
| SHA512 | 04b40a64ace4804a6529e1999cf48c33964afa55345d998390a982157c7625a2312d52c79bec8df75fb46f3cab32304dbfbf432141b8c955008218ff26d2e5a3 |
memory/2944-787-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2804-794-0x0000000002050000-0x000000000213F000-memory.dmp
memory/2804-793-0x0000000002050000-0x000000000213F000-memory.dmp
memory/1696-796-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/1784-795-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/1784-836-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/1696-841-0x0000000000400000-0x00000000004EF000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-PROGRAMS_CHECKBOX_USED-2.mp3
| MD5 | c32b72662de149efdde414c6f62b755a |
| SHA1 | 219b03d40974b059bb3a162f61c2aa1446d0fa51 |
| SHA256 | a5062cbc572ce18afb6e590a74a299f288c593de995841c13981c25a5cc3fcf1 |
| SHA512 | f57805be7b781fbc160cabbe2594f3f0aaa45d74608eff486ec077b065abcd87ced756f60ede04d1c9b55bed2932fb7fceabc56e22aa80ec719fb62c6247cbbf |
memory/2736-854-0x0000000001F80000-0x000000000206F000-memory.dmp
memory/1848-858-0x0000000002020000-0x000000000210F000-memory.dmp
memory/2948-857-0x0000000001F90000-0x000000000207F000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-PROTECT-3.mp3
| MD5 | f0f1e1787b8a0a7080bb3b20cbefb6f1 |
| SHA1 | af6cd03851f375bd3606a47693ed7cfac3a91401 |
| SHA256 | 996744756df49ce498243a7fcd70cf5cc9c55f399b8027ed712485c6843d1ced |
| SHA512 | 74075cf3563b27fee97792a20a8953b652a7047c60e82d70e7595159f5e132f3435349e19784d71252fb134a234b603917b5418c919ce4ac068de65692610a75 |
memory/2116-871-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2040-873-0x0000000000990000-0x0000000000F45000-memory.dmp
memory/2684-875-0x0000000000990000-0x0000000000F45000-memory.dmp
memory/2716-876-0x0000000000990000-0x0000000000F45000-memory.dmp
memory/2376-874-0x0000000000990000-0x0000000000F45000-memory.dmp
memory/2580-877-0x0000000000990000-0x0000000000F45000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-PROTECT-1.mp3
| MD5 | 1c404baefb6d12a0792fc622b2d68cc7 |
| SHA1 | 564a16fe633873ee52161ff439162bae299c3bcd |
| SHA256 | 9545c34922b77b59a2fb172bad55f064e14761cf213b89061164cdcbdf8963a7 |
| SHA512 | 8af7ebf97b73182306e96e6f98a6103ffbb3f8faeee032cd1280326ec2607018c868822114bb4b9527692c5377880d280a2387067bd5a63e2fbfc22752a57ced |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-PROTECT-2.mp3
| MD5 | b93826701c603537a71054bca4cde2f4 |
| SHA1 | 28e4e28877a3fc864c42072770e604790656d98f |
| SHA256 | 82d48381d03dba7f4a566420a4921553c6aa15bc6a22bc6e08bb6e8466af8274 |
| SHA512 | 8231dda9f00aa4517f2b43d55df704296615bb0022e3a04c779295382ea3866f194741b77838fc516cf1f4d1ce59801cb80a98ee010e9b3a719bb28155e3b6dc |
memory/2704-885-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2472-887-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2540-897-0x0000000001F70000-0x000000000205F000-memory.dmp
memory/2564-899-0x0000000000180000-0x000000000026F000-memory.dmp
memory/2516-903-0x0000000002020000-0x000000000210F000-memory.dmp
memory/2680-907-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2600-906-0x0000000002090000-0x000000000217F000-memory.dmp
memory/1780-912-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/1780-923-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2680-926-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/1400-925-0x0000000000400000-0x00000000004EF000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-DIAGNOSTICS-2.mp3
| MD5 | 7afb5dcd2817c489e3a501b6e13c9729 |
| SHA1 | 87ed1fdfd13c41d3e5afc9b9d2f9a5d843e79bca |
| SHA256 | 37570e3dd380a1c779db17d7b4ee8b0ca4a25a2302f7112f087c7ab7dc7da517 |
| SHA512 | 3bd1eba015c363e685e1f7f916c7f522459b4d1fb6e8be678516180d460405097fd4f568c4cd70123fb434037e95ccd607cba36c388283286c9e1a9a98e95aad |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-DIAGNOSTICS-1.mp3
| MD5 | 3cb1be978be0c10212b4def521ea8d2c |
| SHA1 | eb78e45b0f9a824d2395ee69dc341b34b7d0cddc |
| SHA256 | f2bf2a1650d308c862394383a09529f8d7ab7313707d6545ceb35f841412645e |
| SHA512 | bb0e0361e8077ab54734519c7b5c87bce18b65782c381cb7f32ad5727f86314563176c3bca76589f716c2a455360864321af6a2c2cd6c45acbf4a9080e417210 |
memory/2012-937-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2844-938-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/1664-941-0x0000000001F50000-0x000000000203F000-memory.dmp
memory/1664-942-0x0000000001F50000-0x000000000203F000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-DIAGNOSTICS-6.mp3
| MD5 | ee7ef721982941fedb8891f5778c99c0 |
| SHA1 | e105c9f19515e4238c3f0380fd6b25c5dfc0e886 |
| SHA256 | 0116eef284c5228183cfd27992eda255775e5ea88b4e7739f2779967bd1b6fb8 |
| SHA512 | 922c9fa44da70cf40e6de1d2c644db838fb78c0cc0ea0a89dc1c467ae66378aff77eb2302625b1efbb70108beaf7cb3d67c53872693219496b1480aa92e11022 |
memory/2740-957-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2472-959-0x0000000002030000-0x000000000211F000-memory.dmp
memory/2472-960-0x0000000002030000-0x000000000211F000-memory.dmp
memory/2504-964-0x0000000001FA0000-0x000000000208F000-memory.dmp
memory/1300-965-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/1864-963-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2948-962-0x0000000001FF0000-0x00000000020DF000-memory.dmp
memory/1608-961-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/1608-990-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/1864-994-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/1300-996-0x0000000000400000-0x00000000004EF000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-CONFIGURATOR-2.mp3
| MD5 | 3c47fb862e42d7a657bb02ddacde77d7 |
| SHA1 | 09d56b2f04121e0a59a5439499c3dd10fecfaf2a |
| SHA256 | 5a3e6a91181f9c87c354447d4e8c06a49cebfd06b2bb76683f44bb6a3200ee86 |
| SHA512 | 9c19726deca2c6c509d1e3b74aecbe7aabb596f081a16c05d2f3a7691d1978bbbf5201bdb2fc09f0ece6e99308aed63ca51552fa020c379dff85ebdb1f8fe7d8 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-CONFIGURATOR-3.mp3
| MD5 | 991ab55460152ce376b9bf282d7a2569 |
| SHA1 | 294f940c04d58624aa4099d48e7752dc54f651d1 |
| SHA256 | 78ae68bedd64b4cae4dadcf69c184b62c709756f9e2128bb178311431b4129ee |
| SHA512 | 4b470c1766eeb3a22d125768c0e7691cf81b9eb500f0e910bba2546601419a2a56bda79dc8e7bb7be56e71396ad09b6f3565242934b9f3ad02b31b7cc98f918b |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-CONFIGURATOR-1.mp3
| MD5 | 922abcf8dbba88c31e06d3c359cf44bb |
| SHA1 | 7af83f4c518c37c925193348eb985c0f76468f2c |
| SHA256 | 3aa947528d8e22c95fc3c2c189a223293746f65aa04a034ab7e51f07108b0e63 |
| SHA512 | 4529377aca4503dfcc6a2956f4e9b1fe357b71e7e15c0da6e8214e92d3409b4845bd6e9c66a8f0ec76d225ec5d4fe43f6eda4ebc4fec3304591ae71f999789bf |
memory/2776-1000-0x0000000001FA0000-0x000000000208F000-memory.dmp
memory/2776-1001-0x0000000001FA0000-0x000000000208F000-memory.dmp
memory/2068-1010-0x0000000000400000-0x00000000004EF000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\EXPERT-SETTINGS-1.mp3
| MD5 | c71332f76d4e33dcdb1702b6f65c4b0d |
| SHA1 | df6151eec74f279e30fea571e26e1a37f39a6c4c |
| SHA256 | c924ba594bd39760e0939729a27a0bc201f61f8f2edc5123e4841f13cb7c5ccd |
| SHA512 | f69e2b356e619de01196f8607043294fd143a5bb224beb7e72eba484107e1350dfc0b04df64186bfcb9ba96041ebe01b5566dd6af6ca3d902ef56ed6a3218361 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\START-1[1].mp3
| MD5 | a418fcd9166bd7d125af4c2239cbac01 |
| SHA1 | 4848c54f7f244decb420cb6d5d8a9c3416030afd |
| SHA256 | aa8ddf3226fc79b6c30f0734010be378623fdf22835a8b828bc7f7ff4d74dd10 |
| SHA512 | 61fb80ad45a06432598db24367db7f5e5bf379cf60c286d17d4390fdff931c70e916708aa3a4e78f572c9b861bf5abf0c8e6b8f6fa880c3504e008c65520b76e |
memory/2624-1034-0x0000000000420000-0x000000000050F000-memory.dmp
memory/1648-1033-0x0000000001F80000-0x000000000206F000-memory.dmp
memory/1648-1032-0x0000000001F80000-0x000000000206F000-memory.dmp
memory/964-1037-0x0000000001FD0000-0x00000000020BF000-memory.dmp
memory/1972-1036-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2624-1035-0x0000000000420000-0x000000000050F000-memory.dmp
memory/2116-1038-0x0000000000400000-0x00000000004EF000-memory.dmp
memory/2968-1059-0x0000000076BD0000-0x0000000076CCA000-memory.dmp
memory/2968-1058-0x0000000076CD0000-0x0000000076DEF000-memory.dmp
memory/2376-1063-0x0000000000990000-0x0000000000F45000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7ZipSfx.000\install.cmd
| MD5 | 35364c85c52a67d49d59a010d2588247 |
| SHA1 | 16b5d087a625f86a8906d62943cd109dd461e34a |
| SHA256 | 135bd8395ff08553815ebea4892331e801d36e2c601d1ec82a55ab1bbc6bb0fa |
| SHA512 | 9ab44039bd8e9c4cc748c98329cacc475d241345c4a934ecd875d0023115ede4a1aef7b93d299dbfcdc00ce9a9133691022ca39490744bb84d3388cff78e7c91 |
memory/2040-1369-0x0000000000990000-0x0000000000F45000-memory.dmp
memory/2716-1371-0x0000000000990000-0x0000000000F45000-memory.dmp
memory/2684-1370-0x0000000000990000-0x0000000000F45000-memory.dmp
memory/2580-1372-0x0000000000990000-0x0000000000F45000-memory.dmp
memory/1536-1374-0x0000000000400000-0x00000000004EF000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\COMPILATION-2.mp3
| MD5 | 23729fcb2e9a23176d38d28f15bf66f9 |
| SHA1 | 514b08f62314a23819c58028500a0db307a97089 |
| SHA256 | d25c6a14bf6694641f0237ddeb0aef74112e1cae7acf77f753cbe20bb8bbd203 |
| SHA512 | 1cdc4d9f4c5b5c5b81169b4e9191ca9aeb5bf5ed80abb0af38101df633716f62fff99d234a4b42ac080a3129112a485970b67c3534d21740ca2ce4c4ea5475de |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\COMPILATION-1.mp3
| MD5 | d5800b717dce8df22f91e4fd5d8f9eff |
| SHA1 | f36a1dab13378844b90449f35dd76b7fa962b801 |
| SHA256 | ae70f1cc64550e94420d87adcaad724d1249982742c3bde5febad04eff28f988 |
| SHA512 | 9ad4fc956b30ea4bbe35e8acb6837a9732d0cb43bb885857c5c244a9fb5a50a2826415b6f89631a27c3ed4ffd3eef3be93eb1375200fba7100694a098665f1e2 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105602\audio\en\CONTINUOUS-1.mp3
| MD5 | efa6f5d70c558614f18c17d54c155fe9 |
| SHA1 | 5fcd5fe13f7e8dcb80c8f3f3febf6cdd00c67c9e |
| SHA256 | 571aed8d5306ecfa709dc894f6fe66176bc99380ee42694328b3da237fd6b989 |
| SHA512 | 0e89ef7cb550ed7340b7e7fb612273938c5b0ce61edb8f4aca1782982067fbb51d099ae2fdf27782173ba0182f487c9fc6b11fe67b109f0c510ef8f2dc8f35cd |
Analysis: behavioral7
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20240220-en
Max time kernel
120s
Max time network
125s
Command Line
Signatures
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\mshta.exe | N/A |
Modifies Windows Firewall
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
Reads user/profile data of web browsers
Checks installed software on the system
Enumerates physical storage devices
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2721934792-624042501-2768869379-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SysWOW64\mshta.exe | N/A |
Runs net.exe
Suspicious use of WriteProcessMemory
Processes
C:\Windows\SysWOW64\mshta.exe
C:\Windows\SysWOW64\mshta.exe "C:\Users\Admin\AppData\Local\Temp\Tools\run.hta"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c "netsh advfirewall firewall delete rule name="DriverPack aria2c.exe" || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_43761.txt""
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall delete rule name="DriverPack aria2c.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c "netsh advfirewall firewall add rule name="DriverPack aria2c.exe" dir=in action=allow program="C:\Users\Admin\AppData\Local\Temp\Tools\tools\aria2c.exe" || echo Done & call echo Done %^errorLevel% > "C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_30360.txt""
C:\Windows\SysWOW64\netsh.exe
netsh advfirewall firewall add rule name="DriverPack aria2c.exe" dir=in action=allow program="C:\Users\Admin\AppData\Local\Temp\Tools\tools\aria2c.exe"
C:\Windows\SysWOW64\net.exe
"C:\Windows\System32\net.exe" start wscsvc
C:\Windows\SysWOW64\net1.exe
C:\Windows\system32\net1 start wscsvc
C:\Windows\SysWOW64\rundll32.exe
rundll32 kernel32,Sleep
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | allfont.ru | udp |
| US | 188.114.97.2:80 | allfont.ru | tcp |
| US | 188.114.97.2:443 | allfont.ru | tcp |
| US | 8.8.8.8:53 | auth.drp.su | udp |
| GB | 87.117.235.115:80 | auth.drp.su | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | update.drp.su | udp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| RU | 37.9.8.75:80 | update.drp.su | tcp |
| RU | 37.9.8.75:80 | update.drp.su | tcp |
| GB | 142.250.179.238:80 | www.google-analytics.com | tcp |
| GB | 142.250.179.238:80 | www.google-analytics.com | tcp |
| US | 8.8.8.8:53 | crl.microsoft.com | udp |
| US | 2.18.190.71:80 | crl.microsoft.com | tcp |
| RU | 37.9.8.75:80 | update.drp.su | tcp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
| RU | 87.250.250.119:443 | mc.yandex.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYNL6UIN\allfont[1].htm
| MD5 | 5255b05e221a2ee9e73b8d9ca6eaa4ad |
| SHA1 | 28d5fbabcdcc49246e71721c45d49a0dd025cb0b |
| SHA256 | ed2ae741d3478834f11bdecc1f4a8e179bc295a99e489936befac5ee4eaf4cc5 |
| SHA512 | 59941bf156a18037f99367a8455137ffaad3ca0d2da6b3b604e6d17caa4299789b463908cf812e07477aee07e7a6fd4b7fcbad598ffb48d57a76a018da368e05 |
memory/3040-28-0x0000000005A70000-0x0000000005A90000-memory.dmp
memory/3040-29-0x0000000005A70000-0x0000000005A90000-memory.dmp
memory/3040-34-0x0000000005A70000-0x0000000005A90000-memory.dmp
C:\Users\Admin\AppData\Roaming\DRPSu\temp\run_command_43761.txt
| MD5 | 02466847c63e90c5041b8dd7990dce27 |
| SHA1 | fdcf71f16e2efcb8815730b4cca5f580b185cf5c |
| SHA256 | 195418a93d769a17558aa804568eff487979e62d0731aa8c63d8d0ffc1723321 |
| SHA512 | 86b11957db369afa71831c72848b897aafd155887467a377484d0346dcaeaac88476cad2331e34a24e7f8ac3a07335dd1e639ae27bfa0d4491dcc6a48a7e6ff3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CY2G78MW\collect[1].gif
| MD5 | 28d6814f309ea289f847c69cf91194c6 |
| SHA1 | 0f4e929dd5bb2564f7ab9c76338e04e292a42ace |
| SHA256 | 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 |
| SHA512 | 1d68b92e8d822fe82dc7563edd7b37f3418a02a89f1a9f0454cca664c2fc2565235e0d85540ff9be0b20175be3f5b7b4eae1175067465d5cca13486aab4c582c |
memory/3040-112-0x0000000005A70000-0x0000000005A90000-memory.dmp
Analysis: behavioral8
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240426-en
Max time kernel
141s
Max time network
110s
Command Line
Signatures
Processes
C:\Windows\SysWOW64\mshta.exe
C:\Windows\SysWOW64\mshta.exe "C:\Users\Admin\AppData\Local\Temp\Tools\run.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| BE | 2.17.196.106:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 106.196.17.2.in-addr.arpa | udp |
| BE | 2.17.196.91:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 91.196.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
Files
Analysis: behavioral12
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240426-en
Max time kernel
137s
Max time network
154s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\drp.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| BE | 2.17.196.122:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| BE | 2.17.196.122:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 122.196.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
Files
Analysis: behavioral29
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20240221-en
Max time kernel
117s
Max time network
125s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\de.js
Network
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20240215-en
Max time kernel
118s
Max time network
127s
Command Line
Signatures
Enumerates physical storage devices
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SysWOW64\mshta.exe | N/A |
Processes
C:\Windows\SysWOW64\mshta.exe
C:\Windows\SysWOW64\mshta.exe "C:\Users\Admin\AppData\Local\Temp\Tools\modules\bugreport.hta"
Network
Files
Analysis: behavioral11
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20240508-en
Max time kernel
119s
Max time network
124s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\drp.js
Network
Files
Analysis: behavioral32
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240426-en
Max time kernel
148s
Max time network
160s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\el.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| BE | 2.17.196.96:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.196.17.2.in-addr.arpa | udp |
| BE | 2.17.196.96:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.117.168.52.in-addr.arpa | udp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240508-en
Max time kernel
93s
Max time network
94s
Command Line
Signatures
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\299f2c755b4d230d0d1ed70d9026df3f_JaffaCakes118.exe | N/A |
Enumerates physical storage devices
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Software\Microsoft\Internet Explorer\Styles | C:\Windows\SysWOW64\reg.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Styles\MaxScriptStatements = "4294967295" | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\Styles | C:\Windows\SysWOW64\reg.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Styles\MaxScriptStatements = "4294967295" | C:\Windows\SysWOW64\reg.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 4564 wrote to memory of 3608 | N/A | C:\Users\Admin\AppData\Local\Temp\299f2c755b4d230d0d1ed70d9026df3f_JaffaCakes118.exe | C:\Windows\SysWOW64\reg.exe |
| PID 4564 wrote to memory of 3608 | N/A | C:\Users\Admin\AppData\Local\Temp\299f2c755b4d230d0d1ed70d9026df3f_JaffaCakes118.exe | C:\Windows\SysWOW64\reg.exe |
| PID 4564 wrote to memory of 3608 | N/A | C:\Users\Admin\AppData\Local\Temp\299f2c755b4d230d0d1ed70d9026df3f_JaffaCakes118.exe | C:\Windows\SysWOW64\reg.exe |
| PID 4564 wrote to memory of 4708 | N/A | C:\Users\Admin\AppData\Local\Temp\299f2c755b4d230d0d1ed70d9026df3f_JaffaCakes118.exe | C:\Windows\SysWOW64\mshta.exe |
| PID 4564 wrote to memory of 4708 | N/A | C:\Users\Admin\AppData\Local\Temp\299f2c755b4d230d0d1ed70d9026df3f_JaffaCakes118.exe | C:\Windows\SysWOW64\mshta.exe |
| PID 4564 wrote to memory of 4708 | N/A | C:\Users\Admin\AppData\Local\Temp\299f2c755b4d230d0d1ed70d9026df3f_JaffaCakes118.exe | C:\Windows\SysWOW64\mshta.exe |
Processes
C:\Users\Admin\AppData\Local\Temp\299f2c755b4d230d0d1ed70d9026df3f_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\299f2c755b4d230d0d1ed70d9026df3f_JaffaCakes118.exe"
C:\Windows\SysWOW64\reg.exe
C:\Windows\system32\reg.exe import "C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\Tools\patch.reg"
C:\Windows\SysWOW64\mshta.exe
C:\Windows\system32\mshta.exe "C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\run.hta" --sfx "299f2c755b4d230d0d1ed70d9026df3f_JaffaCakes118.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Temp\nst5083.tmp\System.dll
| MD5 | 8643641707ff1e4a3e1dfda207b2db72 |
| SHA1 | f6d766caa9cafa533a04dd00e34741d276325e13 |
| SHA256 | d1b94797529c414b9d058c17dbd10c989eef59b1fa14eea7f61790d7cfa7fd25 |
| SHA512 | cc8e07395419027914a6d4b3842ac7d4f14e3ec8be319bfe5c81f70bcf757f8c35f0aaeb985c240b6ecc71fc3e71b9f697ccda6e71f84ac4930adf5eac801181 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\img\installation\drivers\Notebook.png
| MD5 | e9c35a488b41ffa9645c0592b13c8c15 |
| SHA1 | f54aefb44fe34cceae28a808c270fe8f670b922f |
| SHA256 | 025e7e8699fd9c246452c6634d4935149baa6a6acadb91b0f9adf52d11a094f9 |
| SHA512 | 33ab1cace6ff121a34d262855219cfaf22c4e3b94eeacabfd3ee290784c261885a270aec9354d639ccd9bbcba3eeb658554ae440373c43cc8cc35313f7867485 |
memory/4564-453-0x0000000000400000-0x0000000000441000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\Tools\patch.reg
| MD5 | d49db2ec30494b46d332d516cead4969 |
| SHA1 | 3d9ce116afe59760c9a1c149ddec92a2f92a0028 |
| SHA256 | c86ef9ed6e111d166818e8e0adb3cf5e2a3a5dfc6edc932abc298141ed6f2208 |
| SHA512 | 1314c6bc4095e445c930c0a0a94a83ff39670081ed916337eed2f74e3453702ae0e0187c0e6c933d52868d80c36e9acbe558faf86f10146d0a825b97c3bc261d |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\run.hta
| MD5 | d20765817cdb05d0805f682ef9193386 |
| SHA1 | 5dcee6bf0aeb0e5ffc9500a5d0bfe93ed1302cdc |
| SHA256 | 6d61529ce3e58354a6476c51aaff4b28e4ddda2433108376ee5f736e78ee1a04 |
| SHA512 | 46a030efe7f87f625bd93f7f6487766b78565f9b1b7004d3afec5072969e5f7d93a46f3b446ffbaf0b3cc1a9d837eba17c3d83b07e40281082a1152a8c08a258 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\DriverPackSolution.html
| MD5 | ef5e55c1187442b6278452429b93ef85 |
| SHA1 | 012bc5f42a31ccb817e12457c50d8ff51450e33b |
| SHA256 | ba9168498ea0e20f95d9c1c67cfb9e4f79e0775db8aac50d2983494316e38281 |
| SHA512 | d8e20e220d156793d2c2da462c36cb9708396c2db08faa876aca7fef63bdcd6b7d31a6fc7d78659f682ba30cf73ab7b565a1f9226e434deaa8f86f7f9341c3b8 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\css\style.css
| MD5 | 20589be5d23018b08a731926fa7a95c1 |
| SHA1 | 45d848e1fe86188529829c32a3197e9adb3076c4 |
| SHA256 | e6fc08a2364fd4797ae92ab58d676f0448ead49c0971a6a4426a93f8ae507629 |
| SHA512 | 704fe9cc99a8f58386fa0981f9b95b3f35e6ed844bab12f0b4a2f2e045c4e707e12eb7e16ce456d6b4ebd45a3c6bb1d674624e6677a3f8747fb9d3ab1bdb7354 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\css\custom-control.css
| MD5 | f7f8703ada2176dc144343a2c2acb1cd |
| SHA1 | 091334a48056a8baafff0cd672232de1c1f6c838 |
| SHA256 | 7d7853e95258a7a3f8eaf41795f7124e7d2dacdeb5f1efe212b3ff7ed0da9e50 |
| SHA512 | 27d46472c06103e0bdd9d40149804c16f469305752c3a6d8473c2f2ab22b2c8fa5d65d61dda7c617a3f12d8526b56a10320b8683f31d210ac2185fd0daed8e97 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\drp.js
| MD5 | 3f79b5293be8c52ddd1ba1fbfd136fd9 |
| SHA1 | 0f6b5e2dd8630d4b38d33b5f3efbddc5c5ce642f |
| SHA256 | c777348d9c87b74a3d6195ebfa60b50ec5dfd19688cc7b61f543d63dbf4b87e7 |
| SHA512 | 70dd47e16ce80764f1ae9ff557bace69cb9c2c4fd3f72292485a0700a2c4fa6d9e54d88c44bfe0b7a65a963dc66a23d7124cd476630089422a7f1f5a23b0b00a |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\config.js
| MD5 | ac11e452f1fdbf0e70902e6f0ba6c170 |
| SHA1 | 9f94c6ccd79b5d3b572566f5c1e49e432d094e87 |
| SHA256 | cde4e4d41ced1e56d245603b9a9b8f891255e3754222576dd2381a41e5a99ccc |
| SHA512 | 84e7c9fd3f9fa0a72a0c75e570c4945376c3ab168dafb1865f453b74a3e453ab3df9f6d84555a52597f1c8f681925a10755ec4df5a77048c8f92c7f8850d13a2 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\drp.css
| MD5 | e211b4aa8fdcd2742d48ad039af46245 |
| SHA1 | b1e5552147066fa116887122f0f89f56b68bc80a |
| SHA256 | 5e3f7784269b62516b470d33ad3c94d7452af24063391e8e0d8e1788cf6cccab |
| SHA512 | e781d7f178ad35bb2da988a527a4c6497081ca7d9bf9e129ef32d75363dfb8297dc110fe562355e741e04e264a5a1c9ee59a3421514321ff417243324d8e08ee |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\css\icons.css
| MD5 | ebae852f3327fdaf3e2fc2bf1cdecb8f |
| SHA1 | f9753fe176069974fc9bce49eae877745282e183 |
| SHA256 | b5f111103f7f090c246a223b1ff497b94c4dd3ac64bf5b3fb2d91555fcfd6f2c |
| SHA512 | bf8e7c5db7a1eacd4344d5facfee1cd66e883389b53bc28e4e387cdb67ea40ee26266ba4282e50eb50a7bc3c810d9fdbb50792a46135761b2e8ce52ddc9e394a |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\css\proximanova.css
| MD5 | cf0c65f6d17307ccd7914e984ac86a6f |
| SHA1 | 4fcef85545731123eb5e3e1886817f8014f22e21 |
| SHA256 | 58a658fd04bb4aa2ff90ff7125ca6e1775b1a9d053e2cfa44b8697990f9f134e |
| SHA512 | 0f171b8839385cd192d10c5c06e1b2284e6f2d7d74b9a9d7559252d1b63b8f94c670aa5225e80a5dce9056e92e0fd1506754c6f94b74703a02b7c4687d4976ae |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\css\open-sans.css
| MD5 | 9ed298542b45ef98492e159f68e89f48 |
| SHA1 | c4521d9a5dff8a71804c40a909378e8eb5bd66c2 |
| SHA256 | b9bd51ae6ccc7df20417e0ef341295b86bf8f74f6e235ee99ddefd675806f47f |
| SHA512 | 1c7d5b378d6c627fbbef864035b157c3e7647b699a50d64f6ebf22faac38bf774e0c025bc8dd4ecc9bde7b377b729bc89bf6fbac4d2409240e2d03753cfe680e |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\css\normalize.min.css
| MD5 | e8908cf9cb9504b285327d240187f53b |
| SHA1 | 20eadf1695eb38bcd92d1706de5335db61b96502 |
| SHA256 | 86235e2c477078adfe1188d07ca1e5d8198443aaf2436de1785a169f3e1d5463 |
| SHA512 | 9c828e8942d40da89f33d1db459a7fc12621660331bef307df8649e89758e76b044bf97a2cd36d656915e19a8b04f571cdb61d7cb6f926a3ba151ee67bbcdc4b |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\css\icons-checkbox.css
| MD5 | 3be98220035017d9b818f3cc94f87587 |
| SHA1 | bc07f11d0a59f942ac942dba02214a7041ad6e3a |
| SHA256 | cb134dcb95a407795c671a512c389894d3525fba3f6a2168fc5b9b7e875e78dc |
| SHA512 | d2e7d57cb7b7e771c82c75a04fbfb86ebecbb409ecf2c5666aeaa99695474a7985e3367f6a5b3d4ac59f775f60fb084efa9bdda99ce3c077df2690a5f0a6b1d1 |
C:\Users\Admin\AppData\Local\Temp\DriverPack-20240509105555\css\roboto.css
| MD5 | f5f5b5e4955262430e7b496247425d2d |
| SHA1 | d4bea186a0d525ce3060e8dd7901311ae4a0735a |
| SHA256 | 2537efe2fb974f58cddbc99abfcd7aed6e9df81992eed3e528b5f1748167b8fa |
| SHA512 | 16a7ec3d95ed773a0a1ce2c2dc4430677106f0d1042e34cb39ed48f4a495f637ec3eefad05a4ebbddbea71a67e933fa0b56e6beef69700c6e3ac9cda9c17e7ca |
Analysis: behavioral20
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240508-en
Max time kernel
148s
Max time network
153s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\be.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 85.177.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| BE | 2.17.196.184:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 184.196.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 52.111.229.43:443 | tcp | |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.253.116.51.in-addr.arpa | udp |
Files
Analysis: behavioral23
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20240221-en
Max time kernel
117s
Max time network
122s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\bn.js
Network
Files
Analysis: behavioral25
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20240508-en
Max time kernel
120s
Max time network
125s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\ca.js
Network
Files
Analysis: behavioral28
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240426-en
Max time kernel
149s
Max time network
156s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\cs.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| BE | 2.17.196.91:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 91.196.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| BE | 2.17.196.184:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.196.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 26.178.89.13.in-addr.arpa | udp |
Files
Analysis: behavioral17
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20240508-en
Max time kernel
119s
Max time network
124s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\az.js
Network
Files
Analysis: behavioral13
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20240221-en
Max time kernel
117s
Max time network
123s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\js\soft.js
Network
Files
Analysis: behavioral31
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20231129-en
Max time kernel
119s
Max time network
124s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\el.js
Network
Files
Analysis: behavioral9
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win7-20240419-en
Max time kernel
120s
Max time network
123s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\config.js
Network
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240226-en
Max time kernel
139s
Max time network
159s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 4820 wrote to memory of 1028 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 4820 wrote to memory of 1028 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 4820 wrote to memory of 1028 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\System.dll,#1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 1028 -ip 1028
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1028 -s 612
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3460 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 205.131.50.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.171.91.138.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 13.107.253.64:443 | tcp | |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| GB | 142.250.178.10:443 | chromewebstore.googleapis.com | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.56.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.65.42.20.in-addr.arpa | udp |
Files
memory/1028-0-0x000000006E5C0000-0x000000006E5CD000-memory.dmp
Analysis: behavioral6
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240508-en
Max time kernel
125s
Max time network
133s
Command Line
Signatures
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\mshta.exe |
Processes
C:\Windows\SysWOW64\mshta.exe
C:\Windows\SysWOW64\mshta.exe "C:\Users\Admin\AppData\Local\Temp\Tools\modules\bugreport.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 4448 -ip 4448
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4448 -s 968
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=996,i,1809100026287847100,9768898026582633513,262144 --variations-seed-version --mojo-platform-channel-handle=1276 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
Files
Analysis: behavioral14
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240508-en
Max time kernel
93s
Max time network
100s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\js\soft.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral16
Detonation Overview
Submitted
2024-05-09 10:55
Reported
2024-05-09 10:58
Platform
win10v2004-20240226-en
Max time kernel
140s
Max time network
159s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\ar.js
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4476 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| GB | 142.250.200.10:443 | chromewebstore.googleapis.com | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.162.46.104.in-addr.arpa | udp |