6.6
高危
21 个模型检测该样本为恶意!
重新分析
更多

2f488b14e072d51bff465bfbc844f0cbcaf35848644afab17fb7e80837bc0c2e

4bf059f95e966145bb17ad19467a9ef4.exe

分析耗时

90s

最近分析

文件大小

687.5KB
静态报毒 动态报毒 ARTEMIS BUNDLER DRIVERUPDATE DRIVERUPDATER ELDORADO FAKEDRIVERUPDATE GENERIC ML PUA GRAYWARE MALICIOUS SCORE SLIMWARE UNSAFE 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Artemis!4BF059F95E96 20201203 6.0.6.653
Alibaba 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast Win32:PUP-gen [PUP] 20201203 20.10.5736.0
Tencent 20201203 1.0.0.1
Kingsoft 20201203 2017.9.26.565
CrowdStrike 20190702 1.0
静态指标
This executable is signed
This executable has a PDB path (1 个事件)
pdb_path D:\Sources\app-littleinstaller\bin\Release\LittleInstaller.pdb
The file contains an unknown PE resource name possibly indicative of a packer (2 个事件)
resource name AFX_DIALOG_LAYOUT
resource name None
行为判定
动态指标
One or more potentially interesting buffers were extracted, these generally contain injected code, configuration data, etc.
Performs some HTTP requests (8 个事件)
request GET http://trk.slimwareutilities.com/ulc.php?ev=InstallerAccepted&upl=YTo4OntzOjk6InVsX3N0dWJpZCI7czozNjoiZDQxMjMxY2YtZjkwZC00OTViLTk2MjYtZWE2MTE0ZDg4MDExIjtzOjEwOiJ1bF9jb2JyYW5kIjtzOjM6IlNXMiI7czo3OiJwcm9kdWN0IjtzOjM6IlNXMiI7czoxMToiYnJvd3NlclR5cGUiO3M6NDoiRWRnZSI7czoxNDoiYnJvd3NlclZlcnNpb24iO3M6NjoiMTIuMjQ2IjtzOjE1OiJicm93c2VyTGFuZ3VhZ2UiO3M6MDoiIjtzOjEwOiJwbGF0Zm9ybU9TIjtzOjc6IldpbmRvd3MiO3M6MTc6InBsYXRmb3JtT1NWZXJzaW9uIjtzOjQ6IjEwLjAiO30%3D&machineId=DFEE189E-9C00-4D3B-9709-8C999637281D&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.6.37&product=SW2
request GET http://trk.slimwareutilities.com/ulc.php?ev=InstallerInvoked&upl=YTo4OntzOjk6InVsX3N0dWJpZCI7czozNjoiZDQxMjMxY2YtZjkwZC00OTViLTk2MjYtZWE2MTE0ZDg4MDExIjtzOjEwOiJ1bF9jb2JyYW5kIjtzOjM6IlNXMiI7czo3OiJwcm9kdWN0IjtzOjM6IlNXMiI7czoxMToiYnJvd3NlclR5cGUiO3M6NDoiRWRnZSI7czoxNDoiYnJvd3NlclZlcnNpb24iO3M6NjoiMTIuMjQ2IjtzOjE1OiJicm93c2VyTGFuZ3VhZ2UiO3M6MDoiIjtzOjEwOiJwbGF0Zm9ybU9TIjtzOjc6IldpbmRvd3MiO3M6MTc6InBsYXRmb3JtT1NWZXJzaW9uIjtzOjQ6IjEwLjAiO30%3D&machineId=DFEE189E-9C00-4D3B-9709-8C999637281D&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.6.37&product=SW2&msBclVersion=4.0.0
request GET http://apps-api.slimwareutilities.com/install/du/6.1/x64/DriverUpdate-setup.msi.bz2?machineId=DFEE189E-9C00-4D3B-9709-8C999637281D
request GET http://x.ss2.us/x.cer
request GET http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
request GET http://cdn.slimcleaner.com/downloads/silentdownloader/SlimCleanerPlus-Downloader.exe.bz2
request GET http://trk.slimwareutilities.com/ulc.php?ev=Error&upl=YTo4OntzOjk6InVsX3N0dWJpZCI7czozNjoiZDQxMjMxY2YtZjkwZC00OTViLTk2MjYtZWE2MTE0ZDg4MDExIjtzOjEwOiJ1bF9jb2JyYW5kIjtzOjM6IlNXMiI7czo3OiJwcm9kdWN0IjtzOjM6IlNXMiI7czoxMToiYnJvd3NlclR5cGUiO3M6NDoiRWRnZSI7czoxNDoiYnJvd3NlclZlcnNpb24iO3M6NjoiMTIuMjQ2IjtzOjE1OiJicm93c2VyTGFuZ3VhZ2UiO3M6MDoiIjtzOjEwOiJwbGF0Zm9ybU9TIjtzOjc6IldpbmRvd3MiO3M6MTc6InBsYXRmb3JtT1NWZXJzaW9uIjtzOjQ6IjEwLjAiO30%3D&machineId=DFEE189E-9C00-4D3B-9709-8C999637281D&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.6.37&product=SW2&errorType=windowsDesktopError&errorCode=80190194&action=installing
request GET https://download.driverupdate.net/5.8.20/x64/DriverUpdate-setup.msi.bz2
Foreign language identified in PE resource (5 个事件)
name None language LANG_JAPANESE offset 0x00096890 filetype Rich Text Format data, version 1, ANSI sublanguage SUBLANG_DEFAULT size 0x00000c72
name None language LANG_JAPANESE offset 0x00096890 filetype Rich Text Format data, version 1, ANSI sublanguage SUBLANG_DEFAULT size 0x00000c72
name None language LANG_JAPANESE offset 0x00096890 filetype Rich Text Format data, version 1, ANSI sublanguage SUBLANG_DEFAULT size 0x00000c72
name None language LANG_JAPANESE offset 0x00096890 filetype Rich Text Format data, version 1, ANSI sublanguage SUBLANG_DEFAULT size 0x00000c72
name None language LANG_JAPANESE offset 0x00096890 filetype Rich Text Format data, version 1, ANSI sublanguage SUBLANG_DEFAULT size 0x00000c72
Creates executable files on the filesystem (1 个事件)
file C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\swu6740.tmp.msi
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1620959361.407499
GetAdaptersAddresses
flags: 15
family: 0
failed 111 0
网络通信
One or more of the buffers contains an embedded PE file (2 个事件)
buffer Buffer with sha1: 6d1f54051d3049ac073da13d0400d2be095f5927
buffer Buffer with sha1: e90654980cbd2d956d4a4c75c41059daf840adfa
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
Attempts to create or modify system certificates (2 个事件)
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob
File has been identified by 21 AntiVirus engines on VirusTotal as malicious (21 个事件)
McAfee Artemis!4BF059F95E96
SUPERAntiSpyware PUP.Bundler/Variant
K7AntiVirus Adware ( 0051fb711 )
K7GW Adware ( 0051fb711 )
Cyren W32/SlimWare.E.gen!Eldorado
Avast Win32:PUP-gen [PUP]
Cynet Malicious (score: 100)
DrWeb Program.Unwanted.4975
McAfee-GW-Edition BehavesLike.Win32.Slimware.jh
MaxSecure Adware.not-a-virus.WIN32.driverupdater.d_194534
Sophos Generic ML PUA (PUA)
Antiy-AVL GrayWare/Win32.Slimware
Gridinsoft PUP.SlimWare.sd!c
ViRobot Adware.Slimware.703984.J
GData Win32.Application.DriverUpdater.D
VBA32 Adware.FakeDriverUpdate.gen
Malwarebytes PUP.Optional.DriverUpdate
ESET-NOD32 a variant of Win32/Slimware.A potentially unwanted
eGambit Unsafe.AI_Score_98%
Fortinet Riskware/Slimware
AVG Win32:PUP-gen [PUP]
Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) (2 个事件)
dead_host 172.217.24.14:443
dead_host 172.217.160.78:443
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-05-20 03:57:13

Imports

Library PSAPI.DLL:
0x4603dc EnumProcesses
Library KERNEL32.dll:
0x460104 GlobalHandle
0x460108 TlsAlloc
0x46010c TlsSetValue
0x460110 LocalReAlloc
0x460114 TlsFree
0x460118 SetErrorMode
0x46011c HeapFree
0x460120 HeapAlloc
0x460124 GetProcessHeap
0x460128 GetStartupInfoW
0x46012c HeapReAlloc
0x460130 ExitProcess
0x460134 TerminateProcess
0x460140 IsDebuggerPresent
0x460144 RtlUnwind
0x460148 SetStdHandle
0x46014c GetFileType
0x460150 ExitThread
0x460154 CreateThread
0x460158 HeapSize
0x46015c VirtualAlloc
0x460160 GetStdHandle
0x460164 GetModuleFileNameA
0x460168 GlobalReAlloc
0x460178 GetCommandLineA
0x46017c GetCommandLineW
0x460180 SetHandleCount
0x460184 GetStartupInfoA
0x460188 HeapDestroy
0x46018c HeapCreate
0x460190 VirtualFree
0x46019c GetCPInfo
0x4601a0 GetACP
0x4601a4 GetOEMCP
0x4601a8 IsValidCodePage
0x4601ac GetTimeFormatA
0x4601b0 GetDateFormatA
0x4601b8 LCMapStringA
0x4601bc LCMapStringW
0x4601c0 GetConsoleCP
0x4601c4 GetConsoleMode
0x4601c8 GetStringTypeA
0x4601cc GetStringTypeW
0x4601d0 GetUserDefaultLCID
0x4601d4 GetLocaleInfoA
0x4601d8 EnumSystemLocalesA
0x4601dc IsValidLocale
0x4601e0 WriteConsoleA
0x4601e4 GetConsoleOutputCP
0x4601e8 WriteConsoleW
0x4601ec CreateFileA
0x4601f4 TlsGetValue
0x4601f8 GlobalFlags
0x460200 ReleaseMutex
0x460204 CreateMutexW
0x460208 GetCurrentThread
0x460210 GetVersion
0x460218 GetLocaleInfoW
0x46021c LoadLibraryExW
0x460220 CompareStringA
0x460224 CreateEventW
0x460228 SuspendThread
0x46022c SetEvent
0x460230 ResumeThread
0x460234 SetThreadPriority
0x460238 lstrcmpA
0x46023c GetFullPathNameW
0x460244 DuplicateHandle
0x460248 SetEndOfFile
0x46024c UnlockFile
0x460250 LockFile
0x460254 WriteFile
0x460258 GetThreadLocale
0x46025c GetFileTime
0x460260 GetFileAttributesW
0x460264 FindFirstFileW
0x460268 FindClose
0x46026c GetModuleHandleA
0x460270 GlobalAddAtomW
0x460274 GlobalFindAtomW
0x460278 GlobalDeleteAtom
0x46027c CompareStringW
0x460280 lstrcmpW
0x460284 GetVersionExA
0x460288 GlobalLock
0x46028c GlobalUnlock
0x460290 FreeResource
0x460294 GlobalAlloc
0x460298 GlobalFree
0x46029c GetFileSizeEx
0x4602a0 FindResourceExW
0x4602a4 GetFileSize
0x4602a8 CreateFileMappingW
0x4602ac MapViewOfFileEx
0x4602b0 UnmapViewOfFile
0x4602b4 LoadLibraryA
0x4602b8 InterlockedExchange
0x4602bc FreeLibrary
0x4602c0 LocalAlloc
0x4602c4 OpenProcess
0x4602dc MoveFileExW
0x4602e8 SetDllDirectoryW
0x4602ec RaiseException
0x4602f0 OutputDebugStringW
0x4602f4 ReadFile
0x4602f8 SetFilePointer
0x4602fc FlushFileBuffers
0x460300 GetCurrentProcess
0x460304 GetCurrentProcessId
0x460308 GetCurrentThreadId
0x46030c CreateFileW
0x460310 GetTempFileNameW
0x460314 GetSystemDirectoryW
0x460318 GetTempPathW
0x46031c VerSetConditionMask
0x460320 VerifyVersionInfoW
0x460324 GetExitCodeProcess
0x460328 lstrlenA
0x46032c DeleteFileW
0x460330 MoveFileW
0x460334 CopyFileW
0x460338 CreateDirectoryW
0x46033c MultiByteToWideChar
0x460340 lstrlenW
0x460344 WaitForSingleObject
0x460348 CloseHandle
0x46034c Sleep
0x460350 CreateProcessW
0x460354 OpenEventW
0x460358 GetVersionExW
0x46035c WideCharToMultiByte
0x460360 MulDiv
0x460364 GetTickCount
0x460374 GetModuleFileNameW
0x460378 GetProcAddress
0x46037c LoadLibraryW
0x460380 SetLastError
0x460384 GetModuleHandleW
0x460388 GetLastError
0x46038c SizeofResource
0x460390 LocalFree
0x460394 FormatMessageW
0x460398 FindResourceW
0x46039c LoadResource
0x4603a0 LockResource
Library USER32.dll:
0x46042c DestroyMenu
0x460430 GetMessageW
0x460434 TranslateMessage
0x460438 ValidateRect
0x46043c CharUpperW
0x460440 EndPaint
0x460444 BeginPaint
0x460448 SetMenuItemBitmaps
0x460450 LoadBitmapW
0x460454 ModifyMenuW
0x460458 GetMenuState
0x46045c CheckMenuItem
0x460464 SendDlgItemMessageA
0x460468 WinHelpW
0x46046c GetCapture
0x460470 SetWindowsHookExW
0x460474 CallNextHookEx
0x460478 GetClassLongW
0x46047c SetPropW
0x460480 GetPropW
0x460484 RemovePropW
0x460488 GetLastActivePopup
0x46048c DispatchMessageW
0x460490 GetTopWindow
0x460494 UnhookWindowsHookEx
0x460498 GetMessageTime
0x46049c GetMessagePos
0x4604a0 PeekMessageW
0x4604a4 MapWindowPoints
0x4604a8 GetKeyState
0x4604ac UpdateWindow
0x4604b0 GetMenu
0x4604b4 GetSubMenu
0x4604b8 GetMenuItemID
0x4604bc GetMenuItemCount
0x4604c0 CreateWindowExW
0x4604c4 GetClassInfoExW
0x4604c8 GetClassInfoW
0x4604cc RegisterClassW
0x4604d0 DefWindowProcW
0x4604d4 CallWindowProcW
0x4604dc GetWindowPlacement
0x4604e4 GetWindowTextW
0x4604e8 GetFocus
0x4604ec SetFocus
0x4604f0 MoveWindow
0x4604f4 IsDialogMessageW
0x4604f8 IsDlgButtonChecked
0x4604fc SetDlgItemTextW
0x460500 SendDlgItemMessageW
0x460504 CheckDlgButton
0x460508 GetDesktopWindow
0x46050c GetActiveWindow
0x460510 SetActiveWindow
0x460514 GetSystemMetrics
0x46051c DestroyWindow
0x460520 GetDlgItem
0x460524 IsWindowEnabled
0x460528 GetNextDlgTabItem
0x46052c EndDialog
0x460530 GetShellWindow
0x460534 EnumThreadWindows
0x460538 WaitForInputIdle
0x46053c ShowWindow
0x460540 ClientToScreen
0x460544 ScreenToClient
0x460548 ReleaseCapture
0x46054c SetCapture
0x460550 InvalidateRect
0x460554 ReleaseDC
0x460558 GetDC
0x46055c PtInRect
0x460560 TrackMouseEvent
0x460564 LoadCursorW
0x460568 SetCursor
0x46056c SetRectEmpty
0x460570 GetDlgCtrlID
0x460574 GetSysColorBrush
0x460578 SetWindowTextW
0x46057c EnumChildWindows
0x460580 FillRect
0x460584 GetClientRect
0x460588 IsWindowVisible
0x46058c MessageBoxW
0x460594 EnumWindows
0x460598 SetForegroundWindow
0x46059c PostQuitMessage
0x4605a4 UnregisterClassW
0x4605a8 SetWindowPos
0x4605ac GetClassNameW
0x4605b0 GetCursorPos
0x4605b8 IsWindow
0x4605bc GetParent
0x4605c0 OffsetRect
0x4605c8 EnableMenuItem
0x4605cc AdjustWindowRectEx
0x4605d4 SetRect
0x4605d8 MessageBeep
0x4605dc MapDialogRect
0x4605e0 GrayStringW
0x4605e4 DrawTextExW
0x4605e8 DrawTextW
0x4605ec TabbedTextOutW
0x4605f0 PostMessageW
0x4605f4 GetForegroundWindow
0x4605f8 AppendMenuW
0x4605fc GetSystemMenu
0x460600 LoadIconW
0x460604 GetWindowLongW
0x460608 SetWindowLongW
0x46060c FindWindowW
0x460610 PostThreadMessageW
0x460614 KillTimer
0x460618 CloseWindow
0x46061c GetWindow
0x460620 SetTimer
0x460624 GetSysColor
0x460628 IsRectEmpty
0x46062c CopyRect
0x460630 RedrawWindow
0x460634 GetWindowRect
0x460638 SendMessageW
0x46063c EnableWindow
0x460640 IsIconic
0x460644 UnregisterClassA
Library GDI32.dll:
0x460058 GetStockObject
0x46005c DeleteDC
0x460060 MoveToEx
0x460064 LineTo
0x460068 ScaleWindowExtEx
0x46006c SetWindowExtEx
0x460070 ScaleViewportExtEx
0x460074 SetViewportExtEx
0x460078 OffsetViewportOrgEx
0x46007c SetViewportOrgEx
0x460080 SelectObject
0x460088 CreateDIBSection
0x46008c DPtoLP
0x460090 DeleteObject
0x460094 SetMapMode
0x460098 SetBkMode
0x46009c RestoreDC
0x4600a0 SaveDC
0x4600a4 CreateBitmap
0x4600a8 SetBkColor
0x4600ac SetTextColor
0x4600b0 GetClipBox
0x4600b4 SelectClipRgn
0x4600bc CreatePatternBrush
0x4600c4 BitBlt
0x4600c8 SetBrushOrgEx
0x4600cc CreateCompatibleDC
0x4600d0 GetDeviceCaps
0x4600d4 CreatePen
0x4600d8 CreateSolidBrush
0x4600dc GetTextMetricsW
0x4600e0 Rectangle
0x4600e4 ExtTextOutW
0x4600e8 TextOutW
0x4600ec RectVisible
0x4600f0 PtVisible
0x4600f4 Escape
0x4600f8 CreateFontIndirectW
0x4600fc GetObjectW
Library COMDLG32.dll:
0x460050 GetFileTitleW
Library WINSPOOL.DRV:
0x46064c OpenPrinterW
0x460650 DocumentPropertiesW
0x460654 ClosePrinter
Library ADVAPI32.dll:
0x460000 RegDeleteKeyW
0x460004 RegQueryValueW
0x460008 RegEnumKeyW
0x46000c RegOpenKeyW
0x460010 RegDeleteValueW
0x460014 DuplicateTokenEx
0x460020 OpenProcessToken
0x460024 RegOpenKeyExW
0x460028 RegEnumValueW
0x46002c RegEnumKeyExW
0x460030 RegQueryInfoKeyW
0x460034 RegCloseKey
0x460038 RegSetValueExW
0x46003c RegCreateKeyExW
0x460040 RegQueryValueExW
Library SHELL32.dll:
0x4603e4 ShellExecuteW
0x4603e8 SHGetFolderPathW
0x4603ec CommandLineToArgvW
0x4603f0 Shell_NotifyIconW
Library COMCTL32.dll:
Library SHLWAPI.dll:
0x4603f8 UrlEscapeW
0x4603fc PathAppendW
0x460400 PathFindFileNameW
0x460408 SHRegGetUSValueW
0x46040c AssocQueryStringW
0x460414 StrStrIW
0x460418 PathStripToRootW
0x46041c PathIsUNCW
0x460420 PathFileExistsW
0x460424 PathFindExtensionW
Library ole32.dll:
0x460668 CoInitialize
0x46066c CoCreateInstance
0x460670 StringFromGUID2
0x460674 CoCreateGuid
0x460678 StringFromCLSID
0x46067c CoUninitialize
0x460680 CoInitializeEx
0x460684 CoTaskMemFree
0x460688 OleInitialize
0x460690 OleUninitialize
0x460694 CoRevokeClassObject
0x46069c OleFlushClipboard
Library OLEAUT32.dll:
0x4603ac SysAllocStringLen
0x4603b0 LoadRegTypeLib
0x4603b4 VariantChangeType
0x4603b8 SysStringLen
0x4603bc VarBstrCmp
0x4603c0 LoadTypeLib
0x4603c4 VariantClear
0x4603c8 SysAllocString
0x4603cc VariantInit
0x4603d0 SysFreeString
Library WS2_32.dll:
0x46065c WSAStartup

Hosts

No hosts contacted.

TCP

Source Source Port Destination Destination Port
192.168.56.101 49187 119.96.211.1 www.download.windowsupdate.com 80
192.168.56.101 49178 3.215.109.160 trk.slimwareutilities.com 80
192.168.56.101 49179 34.227.55.118 apps-api.slimwareutilities.com 80
192.168.56.101 49177 52.207.195.86 trk.slimwareutilities.com 80
192.168.56.101 49184 52.85.56.163 x.ss2.us 80
192.168.56.101 49181 54.192.147.40 download.driverupdate.net 443
192.168.56.101 49191 54.192.147.40 download.driverupdate.net 443
192.168.56.101 49196 54.192.147.75 cdn.slimcleaner.com 80
192.168.56.101 49197 54.192.147.75 cdn.slimcleaner.com 80
192.168.56.101 49198 54.192.147.75 cdn.slimcleaner.com 80
192.168.56.101 49199 54.192.147.75 cdn.slimcleaner.com 80
192.168.56.101 49200 54.192.147.75 cdn.slimcleaner.com 80

UDP

Source Source Port Destination Destination Port
192.168.56.101 49713 114.114.114.114 53
192.168.56.101 50002 114.114.114.114 53
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 53210 114.114.114.114 53
192.168.56.101 53380 114.114.114.114 53
192.168.56.101 53500 114.114.114.114 53
192.168.56.101 57756 114.114.114.114 53
192.168.56.101 59789 114.114.114.114 53
192.168.56.101 60088 114.114.114.114 53
192.168.56.101 61680 114.114.114.114 53
192.168.56.101 62318 114.114.114.114 53
192.168.56.101 62912 114.114.114.114 53
192.168.56.101 63497 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49710 224.0.0.252 5355
192.168.56.101 50320 224.0.0.252 5355
192.168.56.101 50433 224.0.0.252 5355
192.168.56.101 50568 224.0.0.252 5355

HTTP & HTTPS Requests

URI Data
http://cdn.slimcleaner.com/downloads/silentdownloader/SlimCleanerPlus-Downloader.exe.bz2 
GET /downloads/silentdownloader/SlimCleanerPlus-Downloader.exe.bz2 HTTP/1.1
Connection: Keep-Alive
User-Agent: DriverUpdate Installer/2.24.6.37 (os:windows; ver:6.1; arc:AMD64)
Host: cdn.slimcleaner.com
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab 
GET /msdownload/update/v3/static/trustedr/en/authrootstl.cab HTTP/1.1
Cache-Control: max-age = 3600
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Wed, 03 Mar 2021 06:32:16 GMT
If-None-Match: "0d8f4f3f6fd71:0"
User-Agent: Microsoft-CryptoAPI/6.1
Host: www.download.windowsupdate.com
http://trk.slimwareutilities.com/ulc.php?ev=InstallerInvoked&upl=YTo4OntzOjk6InVsX3N0dWJpZCI7czozNjoiZDQxMjMxY2YtZjkwZC00OTViLTk2MjYtZWE2MTE0ZDg4MDExIjtzOjEwOiJ1bF9jb2JyYW5kIjtzOjM6IlNXMiI7czo3OiJwcm9kdWN0IjtzOjM6IlNXMiI7czoxMToiYnJvd3NlclR5cGUiO3M6NDoiRWRnZSI7czoxNDoiYnJvd3NlclZlcnNpb24iO3M6NjoiMTIuMjQ2IjtzOjE1OiJicm93c2VyTGFuZ3VhZ2UiO3M6MDoiIjtzOjEwOiJwbGF0Zm9ybU9TIjtzOjc6IldpbmRvd3MiO3M6MTc6InBsYXRmb3JtT1NWZXJzaW9uIjtzOjQ6IjEwLjAiO30%3D&machineId=DFEE189E-9C00-4D3B-9709-8C999637281D&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.6.37&product=SW2&msBclVersion=4.0.0 
GET /ulc.php?ev=InstallerInvoked&upl=YTo4OntzOjk6InVsX3N0dWJpZCI7czozNjoiZDQxMjMxY2YtZjkwZC00OTViLTk2MjYtZWE2MTE0ZDg4MDExIjtzOjEwOiJ1bF9jb2JyYW5kIjtzOjM6IlNXMiI7czo3OiJwcm9kdWN0IjtzOjM6IlNXMiI7czoxMToiYnJvd3NlclR5cGUiO3M6NDoiRWRnZSI7czoxNDoiYnJvd3NlclZlcnNpb24iO3M6NjoiMTIuMjQ2IjtzOjE1OiJicm93c2VyTGFuZ3VhZ2UiO3M6MDoiIjtzOjEwOiJwbGF0Zm9ybU9TIjtzOjc6IldpbmRvd3MiO3M6MTc6InBsYXRmb3JtT1NWZXJzaW9uIjtzOjQ6IjEwLjAiO30%3D&machineId=DFEE189E-9C00-4D3B-9709-8C999637281D&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.6.37&product=SW2&msBclVersion=4.0.0 HTTP/1.1
Connection: Keep-Alive
User-Agent: DriverUpdate Installer/2.24.6.37 (os:windows; ver:6.1; arc:AMD64)
Host: trk.slimwareutilities.com
http://trk.slimwareutilities.com/ulc.php?ev=Error&upl=YTo4OntzOjk6InVsX3N0dWJpZCI7czozNjoiZDQxMjMxY2YtZjkwZC00OTViLTk2MjYtZWE2MTE0ZDg4MDExIjtzOjEwOiJ1bF9jb2JyYW5kIjtzOjM6IlNXMiI7czo3OiJwcm9kdWN0IjtzOjM6IlNXMiI7czoxMToiYnJvd3NlclR5cGUiO3M6NDoiRWRnZSI7czoxNDoiYnJvd3NlclZlcnNpb24iO3M6NjoiMTIuMjQ2IjtzOjE1OiJicm93c2VyTGFuZ3VhZ2UiO3M6MDoiIjtzOjEwOiJwbGF0Zm9ybU9TIjtzOjc6IldpbmRvd3MiO3M6MTc6InBsYXRmb3JtT1NWZXJzaW9uIjtzOjQ6IjEwLjAiO30%3D&machineId=DFEE189E-9C00-4D3B-9709-8C999637281D&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.6.37&product=SW2&errorType=windowsDesktopError&errorCode=80190194&action=installing 
GET /ulc.php?ev=Error&upl=YTo4OntzOjk6InVsX3N0dWJpZCI7czozNjoiZDQxMjMxY2YtZjkwZC00OTViLTk2MjYtZWE2MTE0ZDg4MDExIjtzOjEwOiJ1bF9jb2JyYW5kIjtzOjM6IlNXMiI7czo3OiJwcm9kdWN0IjtzOjM6IlNXMiI7czoxMToiYnJvd3NlclR5cGUiO3M6NDoiRWRnZSI7czoxNDoiYnJvd3NlclZlcnNpb24iO3M6NjoiMTIuMjQ2IjtzOjE1OiJicm93c2VyTGFuZ3VhZ2UiO3M6MDoiIjtzOjEwOiJwbGF0Zm9ybU9TIjtzOjc6IldpbmRvd3MiO3M6MTc6InBsYXRmb3JtT1NWZXJzaW9uIjtzOjQ6IjEwLjAiO30%3D&machineId=DFEE189E-9C00-4D3B-9709-8C999637281D&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.6.37&product=SW2&errorType=windowsDesktopError&errorCode=80190194&action=installing HTTP/1.1
Connection: Keep-Alive
User-Agent: DriverUpdate Installer/2.24.6.37 (os:windows; ver:6.1; arc:AMD64)
Host: trk.slimwareutilities.com
http://x.ss2.us/x.cer 
GET /x.cer HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: x.ss2.us
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab 
GET /msdownload/update/v3/static/trustedr/en/authrootstl.cab HTTP/1.1
Cache-Control: max-age = 900
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Mon, 19 Apr 2021 20:17:25 GMT
If-None-Match: "80f8835935d71:0"
User-Agent: Microsoft-CryptoAPI/6.1
Host: www.download.windowsupdate.com
http://apps-api.slimwareutilities.com/install/du/6.1/x64/DriverUpdate-setup.msi.bz2?machineId=DFEE189E-9C00-4D3B-9709-8C999637281D 
GET /install/du/6.1/x64/DriverUpdate-setup.msi.bz2?machineId=DFEE189E-9C00-4D3B-9709-8C999637281D HTTP/1.1
Connection: Keep-Alive
User-Agent: DriverUpdate Installer/2.24.6.37 (os:windows; ver:6.1; arc:AMD64)
Host: apps-api.slimwareutilities.com
http://trk.slimwareutilities.com/ulc.php?ev=InstallerAccepted&upl=YTo4OntzOjk6InVsX3N0dWJpZCI7czozNjoiZDQxMjMxY2YtZjkwZC00OTViLTk2MjYtZWE2MTE0ZDg4MDExIjtzOjEwOiJ1bF9jb2JyYW5kIjtzOjM6IlNXMiI7czo3OiJwcm9kdWN0IjtzOjM6IlNXMiI7czoxMToiYnJvd3NlclR5cGUiO3M6NDoiRWRnZSI7czoxNDoiYnJvd3NlclZlcnNpb24iO3M6NjoiMTIuMjQ2IjtzOjE1OiJicm93c2VyTGFuZ3VhZ2UiO3M6MDoiIjtzOjEwOiJwbGF0Zm9ybU9TIjtzOjc6IldpbmRvd3MiO3M6MTc6InBsYXRmb3JtT1NWZXJzaW9uIjtzOjQ6IjEwLjAiO30%3D&machineId=DFEE189E-9C00-4D3B-9709-8C999637281D&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.6.37&product=SW2 
GET /ulc.php?ev=InstallerAccepted&upl=YTo4OntzOjk6InVsX3N0dWJpZCI7czozNjoiZDQxMjMxY2YtZjkwZC00OTViLTk2MjYtZWE2MTE0ZDg4MDExIjtzOjEwOiJ1bF9jb2JyYW5kIjtzOjM6IlNXMiI7czo3OiJwcm9kdWN0IjtzOjM6IlNXMiI7czoxMToiYnJvd3NlclR5cGUiO3M6NDoiRWRnZSI7czoxNDoiYnJvd3NlclZlcnNpb24iO3M6NjoiMTIuMjQ2IjtzOjE1OiJicm93c2VyTGFuZ3VhZ2UiO3M6MDoiIjtzOjEwOiJwbGF0Zm9ybU9TIjtzOjc6IldpbmRvd3MiO3M6MTc6InBsYXRmb3JtT1NWZXJzaW9uIjtzOjQ6IjEwLjAiO30%3D&machineId=DFEE189E-9C00-4D3B-9709-8C999637281D&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.6.37&product=SW2 HTTP/1.1
Connection: Keep-Alive
User-Agent: DriverUpdate Installer/2.24.6.37 (os:windows; ver:6.1; arc:AMD64)
Host: trk.slimwareutilities.com
http://apps-api.slimwareutilities.com/install/du/6.1/x64/DriverUpdate-setup.msi.bz2?machineId=DFEE189E-9C00-4D3B-9709-8C999637281D 
GET /install/du/6.1/x64/DriverUpdate-setup.msi.bz2?machineId=DFEE189E-9C00-4D3B-9709-8C999637281D HTTP/1.1
Connection: Keep-Alive
User-Agent: DriverUpdate Installer/2.24.6.37 (os:windows; ver:6.1; arc:AMD64)
Host: apps-api.slimwareutilities.com
Cookie: AWSALBCORS=s0lV02OKMaqOOQgBmsqoJmjz6o0kAIKw2DxSXLgfD6lb9/0ZT74aoYozGGaRnL2Pl8GIzumDRqEM1BOmEIcio8IXN6tn3f197lGJm38I9fmOPCo1qkaEp5E2+hDI; AWSALB=s0lV02OKMaqOOQgBmsqoJmjz6o0kAIKw2DxSXLgfD6lb9/0ZT74aoYozGGaRnL2Pl8GIzumDRqEM1BOmEIcio8IXN6tn3f197lGJm38I9fmOPCo1qkaEp5E2+hDI

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.