4.0
中危
17 个模型检测该样本为恶意!
重新分析
更多

a9416e1404cd979f056b131fc0c07a1ed5fafb7a07e9756b6c1bd72897e13597

c7ceddb82238c7a4dc49ccabf6f2d4d8.exe

分析耗时

80s

最近分析

文件大小

1.0MB
静态报毒 动态报毒 CONFIDENCE DRIVERUPDATE DRIVERUPDATER DRIVERUPDATRE ELDORADO FAKEDRIVERUPDATE GRAYWARE MALICIOUS SCORE SIG1 SLIMWARE STATIC AI SUSPICIOUS PE UHMAUVEQN1M UNSAFE 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee 20201212 6.0.6.653
Alibaba 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast 20201211 21.1.5827.0
Kingsoft 20201212 2017.9.26.565
Tencent 20201212 1.0.0.1
CrowdStrike win/malicious_confidence_80% (D) 20190702 1.0
静态指标
This executable is signed
This executable has a PDB path (1 个事件)
pdb_path D:\Sources\app-littleinstaller\bin\Release\LittleInstaller.pdb
The file contains an unknown PE resource name possibly indicative of a packer (2 个事件)
resource name AFX_DIALOG_LAYOUT
resource name None
行为判定
动态指标
One or more potentially interesting buffers were extracted, these generally contain injected code, configuration data, etc.
Performs some HTTP requests (6 个事件)
request GET http://trk.slimwareutilities.com/ulc.php?ev=InstallerAccepted&upl=YTo4OntzOjk6InVsX3N0dWJpZCI7czozNjoiNjFlZTAwZWItNDc3NC00MmIyLWJhZDgtMTM1MTY4YjViZWQwIjtzOjEwOiJ1bF9jb2JyYW5kIjtzOjM6IlNXMiI7czo3OiJwcm9kdWN0IjtzOjM6IlNXMiI7czoxMToiYnJvd3NlclR5cGUiO3M6MjoiSUUiO3M6MTQ6ImJyb3dzZXJWZXJzaW9uIjtzOjM6IjkuMCI7czoxNToiYnJvd3Nlckxhbmd1YWdlIjtzOjA6IiI7czoxMDoicGxhdGZvcm1PUyI7czo3OiJXaW5kb3dzIjtzOjE3OiJwbGF0Zm9ybU9TVmVyc2lvbiI7czozOiI5LjAiO30%3D&machineId=D7119C57-28D6-4270-B2DD-6EAF9B674957&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.0.22&product=SW2
request GET http://trk.slimwareutilities.com/ulc.php?ev=InstallerInvoked&upl=YTo4OntzOjk6InVsX3N0dWJpZCI7czozNjoiNjFlZTAwZWItNDc3NC00MmIyLWJhZDgtMTM1MTY4YjViZWQwIjtzOjEwOiJ1bF9jb2JyYW5kIjtzOjM6IlNXMiI7czo3OiJwcm9kdWN0IjtzOjM6IlNXMiI7czoxMToiYnJvd3NlclR5cGUiO3M6MjoiSUUiO3M6MTQ6ImJyb3dzZXJWZXJzaW9uIjtzOjM6IjkuMCI7czoxNToiYnJvd3Nlckxhbmd1YWdlIjtzOjA6IiI7czoxMDoicGxhdGZvcm1PUyI7czo3OiJXaW5kb3dzIjtzOjE3OiJwbGF0Zm9ybU9TVmVyc2lvbiI7czozOiI5LjAiO30%3D&machineId=D7119C57-28D6-4270-B2DD-6EAF9B674957&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.0.22&product=SW2&msBclVersion=4.0.0
request GET http://apps-api.slimwareutilities.com/install/du/6.1/x64/DriverUpdate-setup.msi.bz2?machineId=D7119C57-28D6-4270-B2DD-6EAF9B674957
request GET http://x.ss2.us/x.cer
request GET http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
request GET https://download.driverupdate.net/5.8.20/x64/DriverUpdate-setup.msi.bz2
Foreign language identified in PE resource (5 个事件)
name None language LANG_JAPANESE offset 0x000df4e0 filetype Rich Text Format data, version 1, ANSI sublanguage SUBLANG_DEFAULT size 0x0000da7f
name None language LANG_JAPANESE offset 0x000df4e0 filetype Rich Text Format data, version 1, ANSI sublanguage SUBLANG_DEFAULT size 0x0000da7f
name None language LANG_JAPANESE offset 0x000df4e0 filetype Rich Text Format data, version 1, ANSI sublanguage SUBLANG_DEFAULT size 0x0000da7f
name None language LANG_JAPANESE offset 0x000df4e0 filetype Rich Text Format data, version 1, ANSI sublanguage SUBLANG_DEFAULT size 0x0000da7f
name None language LANG_JAPANESE offset 0x000df4e0 filetype Rich Text Format data, version 1, ANSI sublanguage SUBLANG_DEFAULT size 0x0000da7f
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1620985513.834269
GetAdaptersAddresses
flags: 15
family: 0
failed 111 0
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
File has been identified by 17 AntiVirus engines on VirusTotal as malicious (17 个事件)
Bkav W32.malware.sig1
SUPERAntiSpyware PUP.DriverUpdatre/Variant
Cyren W32/SlimWare.C.gen!Eldorado
DrWeb Program.Unwanted.4182
McAfee-GW-Edition BehavesLike.Win32.Slimware.th
Antiy-AVL GrayWare/Win32.Slimware.a
Gridinsoft PUP.SlimWare.sd!c
GData Win32.Application.DriverUpdater.D
Cynet Malicious (score: 100)
VBA32 Adware.FakeDriverUpdate.gen
Malwarebytes PUP.Optional.DriverUpdate
ESET-NOD32 a variant of Win32/Slimware.A potentially unwanted
Yandex Riskware.Agent!UHMAuveQn1M
SentinelOne Static AI - Suspicious PE
eGambit Unsafe.AI_Score_99%
Fortinet Riskware/Slimware
CrowdStrike win/malicious_confidence_80% (D)
Attempts to create or modify system certificates (2 个事件)
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2019-03-12 21:02:56

Imports

Library PSAPI.DLL:
0x45f3dc EnumProcesses
Library KERNEL32.dll:
0x45f104 TlsGetValue
0x45f108 GlobalReAlloc
0x45f10c GlobalHandle
0x45f110 TlsAlloc
0x45f114 TlsSetValue
0x45f118 LocalReAlloc
0x45f11c TlsFree
0x45f120 SetErrorMode
0x45f124 HeapFree
0x45f128 HeapAlloc
0x45f12c GetProcessHeap
0x45f130 GetStartupInfoW
0x45f134 HeapReAlloc
0x45f138 ExitProcess
0x45f13c TerminateProcess
0x45f148 IsDebuggerPresent
0x45f14c RtlUnwind
0x45f150 SetStdHandle
0x45f154 GetFileType
0x45f158 ExitThread
0x45f15c CreateThread
0x45f160 HeapSize
0x45f164 VirtualAlloc
0x45f168 GetStdHandle
0x45f16c GetModuleFileNameA
0x45f170 GlobalFlags
0x45f180 GetCommandLineA
0x45f184 GetCommandLineW
0x45f188 SetHandleCount
0x45f18c GetStartupInfoA
0x45f190 HeapDestroy
0x45f194 HeapCreate
0x45f198 VirtualFree
0x45f1a4 GetCPInfo
0x45f1a8 GetACP
0x45f1ac GetOEMCP
0x45f1b0 IsValidCodePage
0x45f1b4 GetTimeFormatA
0x45f1b8 GetDateFormatA
0x45f1c0 LCMapStringA
0x45f1c4 LCMapStringW
0x45f1c8 GetConsoleCP
0x45f1cc GetConsoleMode
0x45f1d0 GetStringTypeA
0x45f1d4 GetStringTypeW
0x45f1d8 GetUserDefaultLCID
0x45f1dc GetLocaleInfoA
0x45f1e0 EnumSystemLocalesA
0x45f1e4 IsValidLocale
0x45f1e8 WriteConsoleA
0x45f1ec GetConsoleOutputCP
0x45f1f0 WriteConsoleW
0x45f1f4 CreateFileA
0x45f200 ReleaseMutex
0x45f204 CreateMutexW
0x45f208 GetCurrentThread
0x45f210 GetVersion
0x45f218 GetLocaleInfoW
0x45f21c LoadLibraryExW
0x45f220 CompareStringA
0x45f224 CreateEventW
0x45f228 SuspendThread
0x45f22c SetEvent
0x45f230 ResumeThread
0x45f234 SetThreadPriority
0x45f238 lstrcmpA
0x45f23c GetFullPathNameW
0x45f244 DuplicateHandle
0x45f248 SetEndOfFile
0x45f24c UnlockFile
0x45f250 LockFile
0x45f254 WriteFile
0x45f258 GetThreadLocale
0x45f25c GetFileTime
0x45f260 GetFileAttributesW
0x45f264 FindFirstFileW
0x45f268 FindClose
0x45f26c GetModuleHandleA
0x45f270 GlobalAddAtomW
0x45f274 GlobalFindAtomW
0x45f278 GlobalDeleteAtom
0x45f27c CompareStringW
0x45f280 lstrcmpW
0x45f284 GetVersionExA
0x45f288 GlobalLock
0x45f28c GlobalUnlock
0x45f290 FreeResource
0x45f294 GlobalAlloc
0x45f298 GlobalFree
0x45f29c GetFileSize
0x45f2a0 CreateFileMappingW
0x45f2a4 MapViewOfFileEx
0x45f2a8 UnmapViewOfFile
0x45f2ac GetFileSizeEx
0x45f2b0 FindResourceExW
0x45f2b4 LoadLibraryA
0x45f2b8 InterlockedExchange
0x45f2bc FreeLibrary
0x45f2c0 LocalAlloc
0x45f2c8 OpenProcess
0x45f2d8 MoveFileExW
0x45f2e8 SetFilePointer
0x45f2ec FlushFileBuffers
0x45f2f0 GetCurrentProcess
0x45f2f4 GetCurrentProcessId
0x45f2f8 GetCurrentThreadId
0x45f2fc CreateFileW
0x45f300 GetTempFileNameW
0x45f304 GetSystemDirectoryW
0x45f308 GetTempPathW
0x45f30c SetDllDirectoryW
0x45f310 RaiseException
0x45f314 OutputDebugStringW
0x45f318 ReadFile
0x45f31c VerSetConditionMask
0x45f320 VerifyVersionInfoW
0x45f324 lstrlenA
0x45f328 GetExitCodeProcess
0x45f32c DeleteFileW
0x45f330 MoveFileW
0x45f334 CopyFileW
0x45f338 CreateDirectoryW
0x45f33c MultiByteToWideChar
0x45f340 WaitForSingleObject
0x45f344 CloseHandle
0x45f348 CreateProcessW
0x45f34c Sleep
0x45f350 OpenEventW
0x45f354 GetVersionExW
0x45f358 WideCharToMultiByte
0x45f35c MulDiv
0x45f360 GetTickCount
0x45f364 lstrlenW
0x45f374 GetModuleFileNameW
0x45f378 GetProcAddress
0x45f37c LoadLibraryW
0x45f380 SetLastError
0x45f384 GetModuleHandleW
0x45f388 GetLastError
0x45f38c LoadResource
0x45f390 LockResource
0x45f394 SizeofResource
0x45f398 LocalFree
0x45f39c FormatMessageW
0x45f3a0 FindResourceW
Library USER32.dll:
0x45f42c DestroyMenu
0x45f430 GetMessageW
0x45f434 TranslateMessage
0x45f438 ValidateRect
0x45f43c CharUpperW
0x45f440 EndPaint
0x45f444 BeginPaint
0x45f448 SetMenuItemBitmaps
0x45f450 LoadBitmapW
0x45f454 ModifyMenuW
0x45f458 GetMenuState
0x45f45c CheckMenuItem
0x45f464 SendDlgItemMessageA
0x45f468 WinHelpW
0x45f46c GetCapture
0x45f470 SetWindowsHookExW
0x45f474 CallNextHookEx
0x45f478 GetClassLongW
0x45f47c SetPropW
0x45f480 GetPropW
0x45f484 RemovePropW
0x45f488 GetLastActivePopup
0x45f48c DispatchMessageW
0x45f490 GetTopWindow
0x45f494 UnhookWindowsHookEx
0x45f498 GetMessageTime
0x45f49c GetMessagePos
0x45f4a0 PeekMessageW
0x45f4a4 MapWindowPoints
0x45f4a8 GetKeyState
0x45f4ac UpdateWindow
0x45f4b0 GetMenu
0x45f4b4 GetSubMenu
0x45f4b8 GetMenuItemID
0x45f4bc GetMenuItemCount
0x45f4c0 CreateWindowExW
0x45f4c4 GetClassInfoExW
0x45f4c8 GetClassInfoW
0x45f4cc RegisterClassW
0x45f4d0 DefWindowProcW
0x45f4d4 CallWindowProcW
0x45f4dc GetWindowPlacement
0x45f4e4 GetWindowTextW
0x45f4e8 GetFocus
0x45f4ec SetFocus
0x45f4f0 MoveWindow
0x45f4f4 IsDialogMessageW
0x45f4f8 IsDlgButtonChecked
0x45f4fc SetDlgItemTextW
0x45f500 SendDlgItemMessageW
0x45f504 CheckDlgButton
0x45f508 GetDesktopWindow
0x45f50c GetActiveWindow
0x45f510 SetActiveWindow
0x45f514 GetSystemMetrics
0x45f51c DestroyWindow
0x45f520 GetDlgItem
0x45f524 IsWindowEnabled
0x45f528 GetNextDlgTabItem
0x45f52c EndDialog
0x45f530 EnumThreadWindows
0x45f534 WaitForInputIdle
0x45f538 ShowWindow
0x45f53c GetShellWindow
0x45f540 InvalidateRect
0x45f544 ReleaseDC
0x45f548 GetDC
0x45f54c ClientToScreen
0x45f550 ScreenToClient
0x45f554 ReleaseCapture
0x45f558 SetCapture
0x45f55c PtInRect
0x45f560 TrackMouseEvent
0x45f564 LoadCursorW
0x45f568 SetCursor
0x45f56c SetRectEmpty
0x45f570 GetSysColorBrush
0x45f574 SetWindowTextW
0x45f578 EnumChildWindows
0x45f57c GetDlgCtrlID
0x45f580 FillRect
0x45f584 GetClientRect
0x45f588 IsWindowVisible
0x45f590 MessageBoxW
0x45f594 EnumWindows
0x45f598 SetForegroundWindow
0x45f59c PostQuitMessage
0x45f5a4 UnregisterClassW
0x45f5a8 SetWindowPos
0x45f5ac GetClassNameW
0x45f5b0 OffsetRect
0x45f5b8 EnableMenuItem
0x45f5bc AdjustWindowRectEx
0x45f5c4 SetRect
0x45f5c8 MessageBeep
0x45f5cc MapDialogRect
0x45f5d0 GetCursorPos
0x45f5d8 IsWindow
0x45f5dc GetParent
0x45f5e0 TabbedTextOutW
0x45f5e4 GrayStringW
0x45f5e8 DrawTextExW
0x45f5ec DrawTextW
0x45f5f0 PostMessageW
0x45f5f4 GetForegroundWindow
0x45f5f8 AppendMenuW
0x45f5fc GetSystemMenu
0x45f600 LoadIconW
0x45f604 GetWindowLongW
0x45f608 SetWindowLongW
0x45f60c FindWindowW
0x45f610 PostThreadMessageW
0x45f614 KillTimer
0x45f618 CloseWindow
0x45f61c GetWindow
0x45f620 SetTimer
0x45f624 IsRectEmpty
0x45f628 CopyRect
0x45f62c GetSysColor
0x45f630 RedrawWindow
0x45f634 GetWindowRect
0x45f638 SendMessageW
0x45f63c EnableWindow
0x45f640 IsIconic
0x45f644 UnregisterClassA
Library GDI32.dll:
0x45f058 GetStockObject
0x45f05c DeleteDC
0x45f060 MoveToEx
0x45f064 LineTo
0x45f068 ScaleWindowExtEx
0x45f06c SetWindowExtEx
0x45f070 ScaleViewportExtEx
0x45f074 SetViewportExtEx
0x45f078 OffsetViewportOrgEx
0x45f07c SetViewportOrgEx
0x45f080 SelectObject
0x45f088 CreateDIBSection
0x45f08c DPtoLP
0x45f090 DeleteObject
0x45f094 SetMapMode
0x45f098 SetBkMode
0x45f09c RestoreDC
0x45f0a0 SaveDC
0x45f0a4 CreateBitmap
0x45f0a8 SetBkColor
0x45f0ac SetTextColor
0x45f0b0 GetClipBox
0x45f0b4 SelectClipRgn
0x45f0c0 BitBlt
0x45f0c4 SetBrushOrgEx
0x45f0c8 CreateCompatibleDC
0x45f0cc CreatePatternBrush
0x45f0d0 GetDeviceCaps
0x45f0d4 GetTextMetricsW
0x45f0d8 Rectangle
0x45f0dc CreatePen
0x45f0e0 CreateSolidBrush
0x45f0e4 ExtTextOutW
0x45f0e8 TextOutW
0x45f0ec RectVisible
0x45f0f0 PtVisible
0x45f0f4 Escape
0x45f0f8 CreateFontIndirectW
0x45f0fc GetObjectW
Library COMDLG32.dll:
0x45f050 GetFileTitleW
Library WINSPOOL.DRV:
0x45f64c OpenPrinterW
0x45f650 DocumentPropertiesW
0x45f654 ClosePrinter
Library ADVAPI32.dll:
0x45f000 RegDeleteKeyW
0x45f004 RegQueryValueW
0x45f008 RegEnumKeyW
0x45f00c RegOpenKeyW
0x45f010 RegDeleteValueW
0x45f014 DuplicateTokenEx
0x45f020 OpenProcessToken
0x45f024 RegEnumValueW
0x45f028 RegEnumKeyExW
0x45f02c RegQueryInfoKeyW
0x45f030 RegSetValueExW
0x45f034 RegCreateKeyExW
0x45f038 RegQueryValueExW
0x45f03c RegOpenKeyExW
0x45f040 RegCloseKey
Library SHELL32.dll:
0x45f3e4 ShellExecuteW
0x45f3e8 CommandLineToArgvW
0x45f3ec SHGetFolderPathW
0x45f3f0 Shell_NotifyIconW
Library COMCTL32.dll:
Library SHLWAPI.dll:
0x45f3f8 UrlEscapeW
0x45f3fc PathFileExistsW
0x45f400 PathFindFileNameW
0x45f408 SHRegGetUSValueW
0x45f40c AssocQueryStringW
0x45f414 StrStrIW
0x45f418 PathStripToRootW
0x45f41c PathIsUNCW
0x45f420 PathAppendW
0x45f424 PathFindExtensionW
Library ole32.dll:
0x45f66c CoInitialize
0x45f670 StringFromGUID2
0x45f674 CoCreateGuid
0x45f678 CoUninitialize
0x45f67c CoInitializeEx
0x45f680 CoTaskMemFree
0x45f684 StringFromCLSID
0x45f688 OleInitialize
0x45f68c CoCreateInstance
0x45f690 OleUninitialize
0x45f694 CoRevokeClassObject
0x45f69c OleFlushClipboard
Library OLEAUT32.dll:
0x45f3ac SysAllocStringLen
0x45f3b0 VariantChangeType
0x45f3b4 SysStringLen
0x45f3b8 VarBstrCmp
0x45f3bc LoadTypeLib
0x45f3c0 LoadRegTypeLib
0x45f3c4 VariantClear
0x45f3c8 SysAllocString
0x45f3cc VariantInit
0x45f3d0 SysFreeString
Library WS2_32.dll:
0x45f65c WSAStartup

Hosts

No hosts contacted.

TCP

Source Source Port Destination Destination Port
192.168.56.101 49189 124.225.105.97 www.download.windowsupdate.com 80
192.168.56.101 49181 13.227.228.18 download.driverupdate.net 443
192.168.56.101 49194 13.227.228.18 download.driverupdate.net 443
192.168.56.101 49185 13.227.250.143 x.ss2.us 80
192.168.56.101 49178 34.194.20.225 trk.slimwareutilities.com 80
192.168.56.101 49179 34.194.20.225 trk.slimwareutilities.com 80
192.168.56.101 49180 52.44.44.47 apps-api.slimwareutilities.com 80

UDP

Source Source Port Destination Destination Port
192.168.56.101 50534 114.114.114.114 53
192.168.56.101 51808 114.114.114.114 53
192.168.56.101 53237 114.114.114.114 53
192.168.56.101 57756 114.114.114.114 53
192.168.56.101 57874 114.114.114.114 53
192.168.56.101 58367 114.114.114.114 53
192.168.56.101 60123 114.114.114.114 53
192.168.56.101 60221 114.114.114.114 53
192.168.56.101 61680 114.114.114.114 53
192.168.56.101 62318 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 49713 224.0.0.252 5355
192.168.56.101 50433 224.0.0.252 5355
192.168.56.101 50568 224.0.0.252 5355
192.168.56.101 51378 224.0.0.252 5355
192.168.56.101 53380 224.0.0.252 5355
192.168.56.101 53500 224.0.0.252 5355
192.168.56.101 54260 224.0.0.252 5355
192.168.56.101 55169 224.0.0.252 5355

HTTP & HTTPS Requests

URI Data
http://apps-api.slimwareutilities.com/install/du/6.1/x64/DriverUpdate-setup.msi.bz2?machineId=D7119C57-28D6-4270-B2DD-6EAF9B674957 
GET /install/du/6.1/x64/DriverUpdate-setup.msi.bz2?machineId=D7119C57-28D6-4270-B2DD-6EAF9B674957 HTTP/1.1
Connection: Keep-Alive
User-Agent: DriverUpdate Installer/2.24.0.22 (os:windows; ver:6.1; arc:AMD64)
Host: apps-api.slimwareutilities.com
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab 
GET /msdownload/update/v3/static/trustedr/en/authrootstl.cab HTTP/1.1
Cache-Control: max-age = 3600
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Wed, 03 Mar 2021 06:32:16 GMT
If-None-Match: "0d8f4f3f6fd71:0"
User-Agent: Microsoft-CryptoAPI/6.1
Host: www.download.windowsupdate.com
http://apps-api.slimwareutilities.com/install/du/6.1/x64/DriverUpdate-setup.msi.bz2?machineId=D7119C57-28D6-4270-B2DD-6EAF9B674957 
GET /install/du/6.1/x64/DriverUpdate-setup.msi.bz2?machineId=D7119C57-28D6-4270-B2DD-6EAF9B674957 HTTP/1.1
Connection: Keep-Alive
User-Agent: DriverUpdate Installer/2.24.0.22 (os:windows; ver:6.1; arc:AMD64)
Host: apps-api.slimwareutilities.com
Cookie: AWSALBCORS=Ny1aKQYBqrxJPX82Smko96aaudkO+aZBV8kyZhHYTew1yHkRY/mVccfyyNvC4bhv7oUTj9HaPQ480DX9jZpCcFn96VrIU3pFRwug37deSIGcsFYnESf9qSTmu332; AWSALB=Ny1aKQYBqrxJPX82Smko96aaudkO+aZBV8kyZhHYTew1yHkRY/mVccfyyNvC4bhv7oUTj9HaPQ480DX9jZpCcFn96VrIU3pFRwug37deSIGcsFYnESf9qSTmu332
http://trk.slimwareutilities.com/ulc.php?ev=InstallerAccepted&upl=YTo4OntzOjk6InVsX3N0dWJpZCI7czozNjoiNjFlZTAwZWItNDc3NC00MmIyLWJhZDgtMTM1MTY4YjViZWQwIjtzOjEwOiJ1bF9jb2JyYW5kIjtzOjM6IlNXMiI7czo3OiJwcm9kdWN0IjtzOjM6IlNXMiI7czoxMToiYnJvd3NlclR5cGUiO3M6MjoiSUUiO3M6MTQ6ImJyb3dzZXJWZXJzaW9uIjtzOjM6IjkuMCI7czoxNToiYnJvd3Nlckxhbmd1YWdlIjtzOjA6IiI7czoxMDoicGxhdGZvcm1PUyI7czo3OiJXaW5kb3dzIjtzOjE3OiJwbGF0Zm9ybU9TVmVyc2lvbiI7czozOiI5LjAiO30%3D&machineId=D7119C57-28D6-4270-B2DD-6EAF9B674957&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.0.22&product=SW2 
GET /ulc.php?ev=InstallerAccepted&upl=YTo4OntzOjk6InVsX3N0dWJpZCI7czozNjoiNjFlZTAwZWItNDc3NC00MmIyLWJhZDgtMTM1MTY4YjViZWQwIjtzOjEwOiJ1bF9jb2JyYW5kIjtzOjM6IlNXMiI7czo3OiJwcm9kdWN0IjtzOjM6IlNXMiI7czoxMToiYnJvd3NlclR5cGUiO3M6MjoiSUUiO3M6MTQ6ImJyb3dzZXJWZXJzaW9uIjtzOjM6IjkuMCI7czoxNToiYnJvd3Nlckxhbmd1YWdlIjtzOjA6IiI7czoxMDoicGxhdGZvcm1PUyI7czo3OiJXaW5kb3dzIjtzOjE3OiJwbGF0Zm9ybU9TVmVyc2lvbiI7czozOiI5LjAiO30%3D&machineId=D7119C57-28D6-4270-B2DD-6EAF9B674957&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.0.22&product=SW2 HTTP/1.1
Connection: Keep-Alive
User-Agent: DriverUpdate Installer/2.24.0.22 (os:windows; ver:6.1; arc:AMD64)
Host: trk.slimwareutilities.com
http://x.ss2.us/x.cer 
GET /x.cer HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: x.ss2.us
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab 
GET /msdownload/update/v3/static/trustedr/en/authrootstl.cab HTTP/1.1
Cache-Control: max-age = 900
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Mon, 19 Apr 2021 20:17:25 GMT
If-None-Match: "80f8835935d71:0"
User-Agent: Microsoft-CryptoAPI/6.1
Host: www.download.windowsupdate.com
http://trk.slimwareutilities.com/ulc.php?ev=InstallerInvoked&upl=YTo4OntzOjk6InVsX3N0dWJpZCI7czozNjoiNjFlZTAwZWItNDc3NC00MmIyLWJhZDgtMTM1MTY4YjViZWQwIjtzOjEwOiJ1bF9jb2JyYW5kIjtzOjM6IlNXMiI7czo3OiJwcm9kdWN0IjtzOjM6IlNXMiI7czoxMToiYnJvd3NlclR5cGUiO3M6MjoiSUUiO3M6MTQ6ImJyb3dzZXJWZXJzaW9uIjtzOjM6IjkuMCI7czoxNToiYnJvd3Nlckxhbmd1YWdlIjtzOjA6IiI7czoxMDoicGxhdGZvcm1PUyI7czo3OiJXaW5kb3dzIjtzOjE3OiJwbGF0Zm9ybU9TVmVyc2lvbiI7czozOiI5LjAiO30%3D&machineId=D7119C57-28D6-4270-B2DD-6EAF9B674957&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.0.22&product=SW2&msBclVersion=4.0.0 
GET /ulc.php?ev=InstallerInvoked&upl=YTo4OntzOjk6InVsX3N0dWJpZCI7czozNjoiNjFlZTAwZWItNDc3NC00MmIyLWJhZDgtMTM1MTY4YjViZWQwIjtzOjEwOiJ1bF9jb2JyYW5kIjtzOjM6IlNXMiI7czo3OiJwcm9kdWN0IjtzOjM6IlNXMiI7czoxMToiYnJvd3NlclR5cGUiO3M6MjoiSUUiO3M6MTQ6ImJyb3dzZXJWZXJzaW9uIjtzOjM6IjkuMCI7czoxNToiYnJvd3Nlckxhbmd1YWdlIjtzOjA6IiI7czoxMDoicGxhdGZvcm1PUyI7czo3OiJXaW5kb3dzIjtzOjE3OiJwbGF0Zm9ybU9TVmVyc2lvbiI7czozOiI5LjAiO30%3D&machineId=D7119C57-28D6-4270-B2DD-6EAF9B674957&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.0.22&product=SW2&msBclVersion=4.0.0 HTTP/1.1
Connection: Keep-Alive
User-Agent: DriverUpdate Installer/2.24.0.22 (os:windows; ver:6.1; arc:AMD64)
Host: trk.slimwareutilities.com

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.