Malware Analysis Report

2025-04-03 12:56

Sample ID 241109-1z7vyssmet
Target DR1V3R B00ST3R 12 FULL_by_M4ST3RC1T0_YT.rar
SHA256 3eb510694db766b5cfd4fb897d670df4434d4724e9b8e4e06abc2aef27cccf29
Tags
discovery phishing
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

3eb510694db766b5cfd4fb897d670df4434d4724e9b8e4e06abc2aef27cccf29

Threat Level: Likely malicious

The file DR1V3R B00ST3R 12 FULL_by_M4ST3RC1T0_YT.rar was found to be: Likely malicious.

Malicious Activity Summary

discovery phishing

Downloads MZ/PE file

Loads dropped DLL

A potential corporate email address has been identified in the URL: Montserratwght@900

Executes dropped EXE

Checks computer location settings

Checks installed software on the system

Browser Information Discovery

System Location Discovery: System Language Discovery

Enumerates physical storage devices

Modifies data under HKEY_USERS

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Enumerates system info in registry

Suspicious use of AdjustPrivilegeToken

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-09 22:06

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-09 22:06

Reported

2024-11-09 22:09

Platform

win10v2004-20241007-en

Max time kernel

148s

Max time network

151s

Command Line

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\DR1V3R B00ST3R 12 FULL_by_M4ST3RC1T0_YT.rar"

Signatures

Downloads MZ/PE file

A potential corporate email address has been identified in the URL: Montserratwght@900

phishing

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\is-U0U5V.tmp\driver_booster_setup.tmp N/A
Key value queried \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\is-1I1IM.tmp\driver_booster_setup.tmp N/A

Checks installed software on the system

discovery

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zO0475FB98\driver_booster_setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-U0U5V.tmp\driver_booster_setup.tmp N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-ENULQ.tmp-dbinst\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\driver_booster_setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-1I1IM.tmp\driver_booster_setup.tmp N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-87378.tmp-dbinst\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\Wbem\wmic.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\AppData\Local\Temp\is-87378.tmp-dbinst\setup.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Users\Admin\AppData\Local\Temp\is-87378.tmp-dbinst\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133756637097507474" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\is-U0U5V.tmp\driver_booster_setup.tmp N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-87378.tmp-dbinst\setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1856 wrote to memory of 1112 N/A C:\Program Files\7-Zip\7zFM.exe C:\Users\Admin\AppData\Local\Temp\7zO0475FB98\driver_booster_setup.exe
PID 1856 wrote to memory of 1112 N/A C:\Program Files\7-Zip\7zFM.exe C:\Users\Admin\AppData\Local\Temp\7zO0475FB98\driver_booster_setup.exe
PID 1856 wrote to memory of 1112 N/A C:\Program Files\7-Zip\7zFM.exe C:\Users\Admin\AppData\Local\Temp\7zO0475FB98\driver_booster_setup.exe
PID 1112 wrote to memory of 2280 N/A C:\Users\Admin\AppData\Local\Temp\7zO0475FB98\driver_booster_setup.exe C:\Users\Admin\AppData\Local\Temp\is-U0U5V.tmp\driver_booster_setup.tmp
PID 1112 wrote to memory of 2280 N/A C:\Users\Admin\AppData\Local\Temp\7zO0475FB98\driver_booster_setup.exe C:\Users\Admin\AppData\Local\Temp\is-U0U5V.tmp\driver_booster_setup.tmp
PID 1112 wrote to memory of 2280 N/A C:\Users\Admin\AppData\Local\Temp\7zO0475FB98\driver_booster_setup.exe C:\Users\Admin\AppData\Local\Temp\is-U0U5V.tmp\driver_booster_setup.tmp
PID 2280 wrote to memory of 32 N/A C:\Users\Admin\AppData\Local\Temp\is-U0U5V.tmp\driver_booster_setup.tmp C:\Users\Admin\AppData\Local\Temp\is-ENULQ.tmp-dbinst\setup.exe
PID 2280 wrote to memory of 32 N/A C:\Users\Admin\AppData\Local\Temp\is-U0U5V.tmp\driver_booster_setup.tmp C:\Users\Admin\AppData\Local\Temp\is-ENULQ.tmp-dbinst\setup.exe
PID 2280 wrote to memory of 32 N/A C:\Users\Admin\AppData\Local\Temp\is-U0U5V.tmp\driver_booster_setup.tmp C:\Users\Admin\AppData\Local\Temp\is-ENULQ.tmp-dbinst\setup.exe
PID 2316 wrote to memory of 504 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 504 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 2852 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 4908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 4908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2316 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\DR1V3R B00ST3R 12 FULL_by_M4ST3RC1T0_YT.rar"

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\AppData\Local\Temp\7zO0475FB98\driver_booster_setup.exe

"C:\Users\Admin\AppData\Local\Temp\7zO0475FB98\driver_booster_setup.exe"

C:\Users\Admin\AppData\Local\Temp\is-U0U5V.tmp\driver_booster_setup.tmp

"C:\Users\Admin\AppData\Local\Temp\is-U0U5V.tmp\driver_booster_setup.tmp" /SL5="$902A4,31285930,139264,C:\Users\Admin\AppData\Local\Temp\7zO0475FB98\driver_booster_setup.exe"

C:\Users\Admin\AppData\Local\Temp\is-ENULQ.tmp-dbinst\setup.exe

"C:\Users\Admin\AppData\Local\Temp\is-ENULQ.tmp-dbinst\setup.exe" "C:\Users\Admin\AppData\Local\Temp\7zO0475FB98\driver_booster_setup.exe" /title="Driver Booster 12" /dbver=12.0.0.308 /eula="C:\Users\Admin\AppData\Local\Temp\is-ENULQ.tmp-dbinst\EULA.rtf" /showlearnmore /pmtproduct /nochromepmt

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffbb91ecc40,0x7ffbb91ecc4c,0x7ffbb91ecc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1832,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1828 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2164,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2344 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2228,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2652 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3084,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3200 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3380,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3392 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4528,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3740 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4796,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4884 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4752,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4812 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4844,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4936 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4948,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4944 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5136,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4820 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5328,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5140 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5332,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5320 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4952,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5116 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5524,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5288 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5528,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5464 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3424,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3452 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6016,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6044 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=3388,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3372 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5864,i,12569021433319389608,8476914733993778918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5816 /prefetch:8

C:\Users\Admin\Downloads\driver_booster_setup.exe

"C:\Users\Admin\Downloads\driver_booster_setup.exe"

C:\Users\Admin\AppData\Local\Temp\is-1I1IM.tmp\driver_booster_setup.tmp

"C:\Users\Admin\AppData\Local\Temp\is-1I1IM.tmp\driver_booster_setup.tmp" /SL5="$401EC,29901681,139264,C:\Users\Admin\Downloads\driver_booster_setup.exe"

C:\Users\Admin\AppData\Local\Temp\is-87378.tmp-dbinst\setup.exe

"C:\Users\Admin\AppData\Local\Temp\is-87378.tmp-dbinst\setup.exe" "C:\Users\Admin\Downloads\driver_booster_setup.exe" /title="Driver Booster 12" /dbver=12.0.0.356 /eula="C:\Users\Admin\AppData\Local\Temp\is-87378.tmp-dbinst\EULA.rtf" /showlearnmore /pmtproduct /nochromepmt

C:\Windows\SysWOW64\Wbem\wmic.exe

wmic computersystem get model

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 68.209.201.84.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 133.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 197.87.175.4.in-addr.arpa udp
US 8.8.8.8:53 241.42.69.40.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 4.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
GB 216.58.201.110:443 apis.google.com tcp
GB 172.217.169.74:443 ogads-pa.googleapis.com tcp
GB 172.217.169.74:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com tcp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.178.14:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 clients2.googleusercontent.com udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
GB 216.58.213.1:443 clients2.googleusercontent.com tcp
US 8.8.8.8:53 1.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 48.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 8.8.8.8:53 tunnel.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
GB 142.250.187.202:443 ogads-pa.googleapis.com tcp
GB 142.250.187.202:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 157.34.239.216.in-addr.arpa udp
GB 172.217.16.238:443 play.google.com tcp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 consent.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 www.iobit.com udp
US 34.236.105.50:443 www.iobit.com tcp
US 34.236.105.50:443 www.iobit.com tcp
US 34.236.105.50:443 www.iobit.com tcp
US 34.236.105.50:443 www.iobit.com tcp
US 34.236.105.50:443 www.iobit.com tcp
US 34.236.105.50:443 www.iobit.com tcp
US 8.8.8.8:53 www.googleoptimize.com udp
GB 216.58.201.110:443 www.googleoptimize.com tcp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 50.105.236.34.in-addr.arpa udp
US 8.8.8.8:53 bat.bing.com udp
US 150.171.28.10:443 bat.bing.com tcp
GB 216.58.212.202:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 10.28.171.150.in-addr.arpa udp
US 8.8.8.8:53 78.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 200.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 216.239.34.36:443 region1.google-analytics.com udp
GB 216.58.201.110:443 www.googleoptimize.com udp
US 8.8.8.8:53 cdn.iobit.com udp
FR 152.199.20.140:443 cdn.iobit.com tcp
US 8.8.8.8:53 140.20.199.152.in-addr.arpa udp
US 8.8.8.8:53 update.iobit.com udp
FR 152.199.20.140:443 update.iobit.com tcp
FR 152.199.20.140:443 update.iobit.com tcp
FR 152.199.20.140:443 update.iobit.com tcp
FR 152.199.20.140:443 update.iobit.com tcp
FR 152.199.20.140:443 update.iobit.com tcp
US 8.8.8.8:53 stats.iobit.com udp
US 54.198.87.243:443 stats.iobit.com tcp
US 54.198.87.243:443 stats.iobit.com tcp
FR 152.199.20.140:443 update.iobit.com tcp
FR 152.199.20.140:443 update.iobit.com tcp
FR 152.199.20.140:443 update.iobit.com tcp
FR 152.199.20.140:443 update.iobit.com tcp
US 8.8.8.8:53 243.87.198.54.in-addr.arpa udp
US 8.8.8.8:53 15.173.189.20.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Temp\7zO0475FB98\driver_booster_setup.exe

MD5 e6ce743d5b58b5f1c04ed63b6e9139a1
SHA1 f4c2e6b974d80bb045cfe6956634a1d38acdd569
SHA256 6c708deec6e5fba99b6dea92fc604417774b3e6a51aae24fcffe2ba1cd96b6a2
SHA512 a810a16c18815bd535022ffd95b740d3643ff3535d02a51d4da3f8d71256018bc128a3c44106883c5b4ca54fe2f9a101bfc17d6541d73054f96ad9641523d963

memory/1112-12-0x0000000000400000-0x000000000042C000-memory.dmp

memory/1112-14-0x0000000000401000-0x0000000000412000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-U0U5V.tmp\driver_booster_setup.tmp

MD5 048f89f1be0ce17f10350b121c08b6bd
SHA1 d0746f79ab4c1c6712e787d30e7896cf02439d1a
SHA256 8dfc033ff5a1ebac9282f15f14ab048b73fb058fec927a1f5d188a359315c6eb
SHA512 f21b627324fb58f2a585c99df6309e11ae11f895e6f5b6f0d4f9b02368ec9982728e43a3aba5d346d3ca45419fc593293665305f067d9d9f41753d201a9ea90a

C:\Users\Admin\AppData\Local\Temp\is-ENULQ.tmp\EULA.rtf

MD5 b0381f0ba7ead83ea3bd882c1de4cd48
SHA1 c740f811623061595d76fce2ebb4e69d34316f3b
SHA256 44bc9472169403484a0d384f1ca81989ef7e4b07441758e8a0110078933cbcb5
SHA512 6cfb8bc562d22843d043411720db97d0b4cbac96a20983d83d19e59b8428ec202f2532cc5af254438dc34fca4161abbd3f6bac8d397590e41b6d41e60700e78a

C:\Users\Admin\AppData\Local\Temp\is-ENULQ.tmp-dbinst\setup.exe

MD5 520e45d9974779f189291d0af776479e
SHA1 10ec615240bf36a431f3fa4039dc6f7a8c77d2b3
SHA256 961acf1c9c20b1f2d435adf4a0b6277a6d07c4925d6e56863197a401fd3756e1
SHA512 d73b2fdb9745223707ddcfc0aedcb43b124a1df394110e49a47a52b48ded1dfbfb3239c061af8f11ecd13432419d605a5a3be688f057373ede4e106630d8caba

memory/2280-67-0x0000000000400000-0x0000000000532000-memory.dmp

memory/1112-68-0x0000000000400000-0x000000000042C000-memory.dmp

memory/32-69-0x0000000000400000-0x0000000000996000-memory.dmp

\??\pipe\crashpad_2316_CVQSFSFHXYWYWKVK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Temp\f2486a24-8286-45f0-984b-e8f039428f5a.tmp

MD5 da75bb05d10acc967eecaac040d3d733
SHA1 95c08e067df713af8992db113f7e9aec84f17181
SHA256 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2
SHA512 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef

C:\Users\Admin\AppData\Local\Temp\scoped_dir2316_124484925\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 30d0bc3c0f45202ae1e9f7144098958c
SHA1 bf2fdc3aa069f05b51591a37e17ace30ec908607
SHA256 858aa0bfe61bc01d70b0571cdf6345402e0030ebb69fbda24a8c0529e912ba6d
SHA512 70361f45bfa17cc3b4c1e322eda1b9b111246caf7f2fc6fa5cd54f44d4d5b31a4048bf3883ea12bc53315aec56c5da06a4ec6592702ccc06d1b91c9b5e2c3199

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c54cd6c77cc84370778f0eaacebfd182
SHA1 9e80fc1479e1e23b10b8cc6a7cfa1edee6d94df9
SHA256 5774f00b8d3f12455d5f79c7d100abc7260cc9a7d8311b9f26d042c466955dce
SHA512 f4738d2f7180c9ad9521204b575730894837478771ee4a9dafef5abbf4d9a0f2ac5561db98dcdf8db231e06dc4c8e6afc719bc587f1accdb346b21b51ab7b955

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 74fe8d62029415873bdd895f4ffdbb23
SHA1 bf7934dc5ade1c49e1c71a8df1c9000dad7fdb9e
SHA256 f731541b6fcf985ae6d75ec386899dd01a5ec78eb2ae9733f84e6c8b9f057058
SHA512 feb25e62033139055ba17ab00cdb95cb5e3391c61c00dd7cfa6fabb27e6bae6e74f9204df70419b45ef7f57097be9f55cc95dddf9dff8c4e4b87be9415d23d32

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 509a7dab7df5197bcc62dcba4c6e68fe
SHA1 0d1a4971bd30eec221c33fda9ea25764ab8d9780
SHA256 0b35afdceeeb46a706784a7efac57c4fe18530916fbbc0c8441a55c9eb8b097a
SHA512 60c42b723fb172ae2527c3c9c1a481fce9e1f1269c53b22fc10f7ca640681fdde86559b2ffd48ba7a0ea77353eca05fc16e45f5a70fb82fd068461c6a593c9ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 3bd3cb3a218c3ccf756417f99743974e
SHA1 68bfc4cd1b581633974c77c51dcd3ea115c273b0
SHA256 9b0f5ea4445757f0eb4bb5d252cae5f4c2ca7442dd0806e9e5d0ee3938e6bce4
SHA512 fc6af69717307bb4275f0fe2050798d6589c2f697ef198cd0dfe28a9e215d8e6051f36a04c57bf1352533000ff606ce41c0fe8a6bcce9f5a56aaa61eff221224

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e0cf8a41fd00ae2e83368f5f6fae1a0
SHA1 0760fec654a9c51209750389523546d44a948b2a
SHA256 128f3b19a9903de1a657fea90172a40810c992f436358dc79c6018c07653a964
SHA512 4306db216a7806f6aede726ca47402a1cc3552dc9130cec4eb4b165b7186a9650d038b483cd9705fb5805b31442766024ff7ce4c3378ef5d38ceb120d9f21317

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 e43a47f6c5127a84bb6d6b82e2b72e38
SHA1 25dec0859505346715fe99139d59364d810b081e
SHA256 778231e09e30459a640ea6f43cd449cd31b8fe1fc72cc80c918d718e3343509a
SHA512 26b0d22dc2f2f1015aa58f25729841435ce9c4a8c123612299d299d1354bcf0470c141955585fcaaa8d612c3eb1caf38e92d1bcaf19016b3199f6d63454a0a96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce83be95f3c08460ed786df471e5de67
SHA1 61041fa3320c1a051a26e38b4225209cdbb33c4e
SHA256 d892507bc9e15b6e6dad8fc6d706a38cf064803699033d1e496fd55bf4958c27
SHA512 2b304ecc73def0fb5d15337de4d81435a56eb420156a8f2a03eef6844970fdef7f6d4e8f4accc99dc5b55d703654fcaf8547143bb03ed1cb396ba44d6006ba47

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d128e3636c76829722a7804a12a9fd3d
SHA1 a8d9622d74d0dc0694c9247deda9308d7c109a01
SHA256 b1378853a89bc4705a96a5ea851f1beaf5b23f817460a01155f68f8a28df2349
SHA512 79ce1969bb329ac7b6aa5a7fe8a7f7e8c757e30f9edb0fcad0d9a6f358f7fa678b23dbf1ae202a3a3a88560f16bb84fc4bfc7f79fb169a96ea5694d2f1281f86

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c4cbb700047f5fe038c3c689276e3ac9
SHA1 59c0710f4203eba8fbd1d48882217458796433d3
SHA256 5c54019533d2f58a37788c8703b5640b9137989d1c6bc31188713f0af8c9a1d9
SHA512 e44c418176380236ea781857c92efd49330255cab57f0ae3b26f5e72eabb7259f07aa59cef5c3f8b2749545fb2ee091344371f1e1a96e3ad57baba2da989e267

C:\Users\Admin\Downloads\driver_booster_setup.exe

MD5 14d740ecd920da2b1fcb5c1c13220069
SHA1 1ec1194e11b48cbd443b132316af0e6912f0d0e3
SHA256 0d9ba977ebc5aa0324835655026294cf7b3319d38f9549c58d2bc518a7b30054
SHA512 25672b2e3292c24596a080f482e19f90b0efc62903de828a5e3406cdaa1f94b19a8e3b5ba688cf318862f66e5a4caaafc51f5cfc28fcd8f5399e0e639d5fa26c

memory/4800-772-0x0000000000400000-0x000000000042C000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-87378.tmp\libssl-1_1.dll

MD5 beae2f18755207f855bd745a95a0e0df
SHA1 4a97186d28354bebb8879a31a675764da456e272
SHA256 76eb04aa269163a918e09a82717d39f51bfd9934f4671f8b81eb7a71cf1b3ba4
SHA512 b0743b6a7e4f0a334ee753c26b383b521838700438da71ea6a2b4bb2e9019bac53a0982fc76e8eddff4c9a4e99a2f51f8653b12d602e5d91cee152bc6bfaf31f

C:\Users\Admin\AppData\Local\Temp\is-87378.tmp\libcrypto-1_1.dll

MD5 902385503375a1c52787e2c88895e030
SHA1 d3b7fab10695c7c70a611572a7f6593d3a391533
SHA256 078d662af771a3b93c44415447294db364e22710cedc274b685ec639783ac928
SHA512 48cfd677a51691906daddb5034d9098dfe7b09b35507812c6373d17bbec76618b5f914fde2d1b134d89705a03d8135f6d6ac10b87ed5f40e726479c3ed94e89c

C:\Users\Admin\AppData\Local\Temp\is-87378.tmp-dbinst\setup.exe

MD5 f707be8e8ebb2a58a4234b334b7bb483
SHA1 19a04a09c98fd4fdcbb6a46bc46946682e1fb3fb
SHA256 e4d9caaec9652a2456673e05ebd6adf1a38c2009aa88ecdc913bc716ab6758f2
SHA512 478832e124b92160be56a4473a4d5e890bea9cc95b472616f58b8444fef45f0868124a58651c709c89565d4346c25238e42edba56c5e71ff3dc58a8f74695c7e

memory/4064-835-0x0000000000400000-0x0000000000532000-memory.dmp

memory/4800-836-0x0000000000400000-0x000000000042C000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 846a87394837663f8053c10e8ab292c9
SHA1 5a429288dcc8960a554fce2ce5705adc839d572c
SHA256 d1240e37936ae8ce274f1f19dfade0cb5e205c8b9cd6de09fe3f6c4cdd8c0f9d
SHA512 6b172d22554d27d2fd1007a67e6fc064df9f764aea0afd4ba3458bf264b2e551ebedcfb6e50035984504ca609f6a10e58e7b5cb211fff93b8748c82d1ebc96c9

C:\ProgramData\IObit\iobitpromotion.ini

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e432f632146b2338e926e93083bde3e0
SHA1 a7f98f7e1d5ad10c6c49d8cc1073a7eb97dbf91c
SHA256 c2ab68bc1163d6151b07cf67138e2d399edc4f94b8384e7b2af43160a5c9be16
SHA512 46acb0c282047c25268401ad86daf939d3eb4e66bf662c93db501a18a2a7af401d896eaceef37781565d14ad07f594089fe87aaa9801f0d1f2753759c9c5e768

C:\Users\Admin\AppData\Local\Temp\1731190158\ENGLISH.lng

MD5 e1f018c00b7991f518e5c930e58f8e1d
SHA1 e577eb25a365c698c3020051de477ce1be465a6a
SHA256 d3eb1ff5b56d7a91da5e32be1d6957acd3139186b99ad25ddb0609551123ef7b
SHA512 e19caf280f470f35704c3fe2b47e037c59dc57e845427d0e11b9662fe98e13ed0aae469a83b59ff754fc6739b54530d28421db957eb3d130dd05b4c2dd1c1f5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1f31fed4eaa6bdcd5af896fffdabdeb1
SHA1 4cc2859d338f66a6252238218347e9e8b1827d9b
SHA256 db0e3d73af895d69e175f4e0767a8dec28385804fde407d7ca358771d3731277
SHA512 fa9f1b2d9671ed0dd869335072b5f5b3dfcd996765354c40f18c7b778a4c1e85eeab0c53e1b9b577d3bbefab2dadc88a5b9a05e88ea5ab3018ad947baee0cbe4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 834aa57e6bb8dfe30a307379338c5fa0
SHA1 bd1f2d8dc3deccdf13c837f0d4a9a0e92063b724
SHA256 78161ada54c405d6eedcd740e44376435ce2b00cc3151a42d8e519daec3ed545
SHA512 d0b023b85850f2f9839b161843340b9a517d90841e236ed18abdb82388bbc476b46d21a41cceaca39b4930083030c5131e01f7ce90f3dc5d548595a3e3de0722

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

MD5 ee61d3683dca39658e8356be474ac2fe
SHA1 285d4693d595472a4af6e3aa0bdedc4f527e6176
SHA256 6cebe2a1691ffc8ae6b7e43f081e8d8517ff5b6fbeac72da5352bd1233bb02fa
SHA512 eb0613c12224317e623c2193dbfee5404378bf1b66c024a7e07204e6bcb08c409750cfe416eec35ba750f8134e9806d88a3abb1573fa53161b028e18010dbc64

memory/3724-1075-0x0000000000400000-0x00000000009A4000-memory.dmp