4.8
中危
30 个模型检测该样本为恶意!
重新分析
更多

4464f3c8ef4829f4be6e5919e4ea80b15544c71c0e83043a4df0437b44079ebb

f1b073001c6490d0628384204ada4223.exe

分析耗时

85s

最近分析

文件大小

1.0MB
静态报毒 动态报毒 AI SCORE=74 ARTEMIS CONFIDENCE DECEPTOR DRIVERUPDATE DRIVERUPDATER ELDORADO FAKEDRIVERUPDATE GRAYWARE MALICIOUS R297598 SCORE SIG1 SLIMWARE SUSGEN UNSAFE 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Artemis!F1B073001C64 20201210 6.0.6.653
Alibaba 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast 20201210 21.1.5827.0
Tencent 20201210 1.0.0.1
Kingsoft 20201210 2017.9.26.565
CrowdStrike win/malicious_confidence_80% (D) 20190702 1.0
静态指标
This executable is signed
This executable has a PDB path (1 个事件)
pdb_path D:\Sources\app-littleinstaller\bin\Release\LittleInstaller.pdb
The file contains an unknown PE resource name possibly indicative of a packer (2 个事件)
resource name AFX_DIALOG_LAYOUT
resource name None
行为判定
动态指标
One or more potentially interesting buffers were extracted, these generally contain injected code, configuration data, etc.
Performs some HTTP requests (6 个事件)
request GET http://apps-api.slimwareutilities.com/install/du/6.1/x64/DriverUpdate-setup.msi.bz2?machineId=A69E74E1-9913-4302-848B-CCE358278AF0
request GET http://trk.slimwareutilities.com/ulc.php?ev=InstallerAccepted&upl=YToxMzp7czo5OiJ1bF9zdHViaWQiO3M6MzY6IjNiYThmZWQ0LTc5ZjMtNDhjYS04MGM3LTc3MjkzZDFhNzlmNSI7czoxMDoidWxfY29icmFuZCI7czozOiJTVzIiO3M6MTE6InVsX2NhbXBhaWduIjtzOjY6InhkbTUwNyI7czo4OiJ1bF9zdWJpZCI7czoyNzoiNDUweDUwX0ltYWdlQWQyX0Fza0hQQ2hyb21lIjtzOjc6InByb2R1Y3QiO3M6MzoiU1cyIjtzOjk6Im1zdGJ0cmFjayI7czo2OiJUVEFCMDMiO3M6MTE6Im1zdGJjb2JyYW5kIjtzOjM6IkJYWiI7czo3OiJtc3RiYWdlIjtzOjE6IjAiO3M6MTE6ImJyb3dzZXJUeXBlIjtzOjI6IklFIjtzOjE0OiJicm93c2VyVmVyc2lvbiI7czozOiI5LjAiO3M6MTU6ImJyb3dzZXJMYW5ndWFnZSI7czowOiIiO3M6MTA6InBsYXRmb3JtT1MiO3M6NzoiV2luZG93cyI7czoxNzoicGxhdGZvcm1PU1ZlcnNpb24iO3M6MzoiOS4wIjt9&machineId=A69E74E1-9913-4302-848B-CCE358278AF0&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.2.28&product=SW2
request GET http://trk.slimwareutilities.com/ulc.php?ev=InstallerInvoked&upl=YToxMzp7czo5OiJ1bF9zdHViaWQiO3M6MzY6IjNiYThmZWQ0LTc5ZjMtNDhjYS04MGM3LTc3MjkzZDFhNzlmNSI7czoxMDoidWxfY29icmFuZCI7czozOiJTVzIiO3M6MTE6InVsX2NhbXBhaWduIjtzOjY6InhkbTUwNyI7czo4OiJ1bF9zdWJpZCI7czoyNzoiNDUweDUwX0ltYWdlQWQyX0Fza0hQQ2hyb21lIjtzOjc6InByb2R1Y3QiO3M6MzoiU1cyIjtzOjk6Im1zdGJ0cmFjayI7czo2OiJUVEFCMDMiO3M6MTE6Im1zdGJjb2JyYW5kIjtzOjM6IkJYWiI7czo3OiJtc3RiYWdlIjtzOjE6IjAiO3M6MTE6ImJyb3dzZXJUeXBlIjtzOjI6IklFIjtzOjE0OiJicm93c2VyVmVyc2lvbiI7czozOiI5LjAiO3M6MTU6ImJyb3dzZXJMYW5ndWFnZSI7czowOiIiO3M6MTA6InBsYXRmb3JtT1MiO3M6NzoiV2luZG93cyI7czoxNzoicGxhdGZvcm1PU1ZlcnNpb24iO3M6MzoiOS4wIjt9&machineId=A69E74E1-9913-4302-848B-CCE358278AF0&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.2.28&product=SW2&msBclVersion=4.0.0
request GET http://x.ss2.us/x.cer
request GET http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
request GET https://download.driverupdate.net/5.8.20/x64/DriverUpdate-setup.msi.bz2
Foreign language identified in PE resource (5 个事件)
name None language LANG_JAPANESE offset 0x000e0c08 filetype Rich Text Format data, version 1, ANSI sublanguage SUBLANG_DEFAULT size 0x0000da7f
name None language LANG_JAPANESE offset 0x000e0c08 filetype Rich Text Format data, version 1, ANSI sublanguage SUBLANG_DEFAULT size 0x0000da7f
name None language LANG_JAPANESE offset 0x000e0c08 filetype Rich Text Format data, version 1, ANSI sublanguage SUBLANG_DEFAULT size 0x0000da7f
name None language LANG_JAPANESE offset 0x000e0c08 filetype Rich Text Format data, version 1, ANSI sublanguage SUBLANG_DEFAULT size 0x0000da7f
name None language LANG_JAPANESE offset 0x000e0c08 filetype Rich Text Format data, version 1, ANSI sublanguage SUBLANG_DEFAULT size 0x0000da7f
Creates executable files on the filesystem (1 个事件)
file C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\swu5ACD.tmp.msi
Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)
Time & API Arguments Status Return Repeated
1620818078.964874
GetAdaptersAddresses
flags: 15
family: 0
failed 111 0
网络通信
Communicates with host for which no DNS query was performed (1 个事件)
host 172.217.24.14
Attempts to create or modify system certificates (2 个事件)
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\Blob
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob
File has been identified by 30 AntiVirus engines on VirusTotal as malicious (30 个事件)
Bkav W32.malware.sig1
MicroWorld-eScan Application.Deceptor.AHE
FireEye Application.Deceptor.AHE
CAT-QuickHeal Trojan.Riskware
McAfee Artemis!F1B073001C64
Cylance Unsafe
SUPERAntiSpyware PUP.DriverUpdate/Variant
K7AntiVirus Riskware ( 0040eff71 )
K7GW Riskware ( 0040eff71 )
Arcabit Application.Deceptor.AHE
Cyren W32/SlimWare.C.gen!Eldorado
BitDefender Application.Deceptor.AHE
Ad-Aware Application.Deceptor.AHE
DrWeb Program.Unwanted.4623
VIPRE Trojan.Win32.Generic!BT
McAfee-GW-Edition BehavesLike.Win32.Slimware.th
Emsisoft Application.Deceptor.AHE (B)
MAX malware (ai score=74)
Antiy-AVL GrayWare/Win32.Slimware.a
Gridinsoft PUP.SlimWare.sd!c
GData Win32.Application.DriverUpdater.D
Cynet Malicious (score: 100)
AhnLab-V3 PUP/Win32.Slimware.R297598
VBA32 Adware.FakeDriverUpdate.gen
Malwarebytes PUP.Optional.DriverUpdate
ESET-NOD32 a variant of Win32/Slimware.A potentially unwanted
eGambit Unsafe.AI_Score_99%
Fortinet Riskware/Slimware
MaxSecure Trojan.Malware.121218.susgen
CrowdStrike win/malicious_confidence_80% (D)
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2019-10-15 01:00:56

Imports

Library PSAPI.DLL:
0x4603dc EnumProcesses
Library KERNEL32.dll:
0x460104 TlsGetValue
0x460108 GlobalReAlloc
0x46010c GlobalHandle
0x460110 TlsAlloc
0x460114 TlsSetValue
0x460118 LocalReAlloc
0x46011c TlsFree
0x460120 SetErrorMode
0x460124 HeapFree
0x460128 HeapAlloc
0x46012c GetProcessHeap
0x460130 GetStartupInfoW
0x460134 HeapReAlloc
0x460138 ExitProcess
0x46013c TerminateProcess
0x460148 IsDebuggerPresent
0x46014c RtlUnwind
0x460150 SetStdHandle
0x460154 GetFileType
0x460158 ExitThread
0x46015c CreateThread
0x460160 HeapSize
0x460164 VirtualAlloc
0x460168 GetStdHandle
0x46016c GetModuleFileNameA
0x460170 GlobalFlags
0x460180 GetCommandLineA
0x460184 GetCommandLineW
0x460188 SetHandleCount
0x46018c GetStartupInfoA
0x460190 HeapDestroy
0x460194 HeapCreate
0x460198 VirtualFree
0x4601a4 GetCPInfo
0x4601a8 GetACP
0x4601ac GetOEMCP
0x4601b0 IsValidCodePage
0x4601b4 GetTimeFormatA
0x4601b8 GetDateFormatA
0x4601c0 LCMapStringA
0x4601c4 LCMapStringW
0x4601c8 GetConsoleCP
0x4601cc GetConsoleMode
0x4601d0 GetStringTypeA
0x4601d4 GetStringTypeW
0x4601d8 GetUserDefaultLCID
0x4601dc GetLocaleInfoA
0x4601e0 EnumSystemLocalesA
0x4601e4 IsValidLocale
0x4601e8 WriteConsoleA
0x4601ec GetConsoleOutputCP
0x4601f0 WriteConsoleW
0x4601f4 CreateFileA
0x460200 ReleaseMutex
0x460204 CreateMutexW
0x460208 GetCurrentThread
0x460210 GetVersion
0x460218 GetLocaleInfoW
0x46021c LoadLibraryExW
0x460220 CompareStringA
0x460224 CreateEventW
0x460228 SuspendThread
0x46022c SetEvent
0x460230 ResumeThread
0x460234 SetThreadPriority
0x460238 lstrcmpA
0x46023c GetFullPathNameW
0x460244 DuplicateHandle
0x460248 SetEndOfFile
0x46024c UnlockFile
0x460250 LockFile
0x460254 WriteFile
0x460258 GetThreadLocale
0x46025c GetFileTime
0x460260 GetFileAttributesW
0x460264 FindFirstFileW
0x460268 FindClose
0x46026c GetModuleHandleA
0x460270 GlobalAddAtomW
0x460274 GlobalFindAtomW
0x460278 GlobalDeleteAtom
0x46027c CompareStringW
0x460280 lstrcmpW
0x460284 GetVersionExA
0x460288 GlobalLock
0x46028c GlobalUnlock
0x460290 FreeResource
0x460294 GlobalAlloc
0x460298 GlobalFree
0x46029c GetFileSizeEx
0x4602a0 FindResourceExW
0x4602a4 GetFileSize
0x4602a8 CreateFileMappingW
0x4602ac MapViewOfFileEx
0x4602b0 UnmapViewOfFile
0x4602b4 LoadLibraryA
0x4602b8 InterlockedExchange
0x4602bc FreeLibrary
0x4602c0 LocalAlloc
0x4602c4 OpenProcess
0x4602dc MoveFileExW
0x4602e8 GetTempPathW
0x4602ec SetDllDirectoryW
0x4602f0 RaiseException
0x4602f4 OutputDebugStringW
0x4602f8 ReadFile
0x4602fc SetFilePointer
0x460300 FlushFileBuffers
0x460304 GetCurrentProcess
0x460308 GetCurrentProcessId
0x46030c GetCurrentThreadId
0x460310 CreateFileW
0x460314 GetTempFileNameW
0x460318 GetSystemDirectoryW
0x46031c VerSetConditionMask
0x460320 VerifyVersionInfoW
0x460324 GetExitCodeProcess
0x460328 lstrlenA
0x46032c DeleteFileW
0x460330 MoveFileW
0x460334 CopyFileW
0x460338 CreateDirectoryW
0x46033c MultiByteToWideChar
0x460340 GetTickCount
0x460344 lstrlenW
0x460348 WaitForSingleObject
0x46034c CloseHandle
0x460350 Sleep
0x460354 CreateProcessW
0x460358 OpenEventW
0x46035c GetVersionExW
0x460360 WideCharToMultiByte
0x460364 MulDiv
0x460374 GetModuleFileNameW
0x460378 GetProcAddress
0x46037c LoadLibraryW
0x460380 SetLastError
0x460384 GetModuleHandleW
0x460388 GetLastError
0x46038c LocalFree
0x460390 FormatMessageW
0x460394 FindResourceW
0x460398 LoadResource
0x46039c LockResource
0x4603a0 SizeofResource
Library USER32.dll:
0x46042c DestroyMenu
0x460430 GetMessageW
0x460434 TranslateMessage
0x460438 ValidateRect
0x46043c CharUpperW
0x460440 EndPaint
0x460444 BeginPaint
0x460448 SetMenuItemBitmaps
0x460450 LoadBitmapW
0x460454 ModifyMenuW
0x460458 GetMenuState
0x46045c CheckMenuItem
0x460464 SendDlgItemMessageA
0x460468 WinHelpW
0x46046c GetCapture
0x460470 SetWindowsHookExW
0x460474 CallNextHookEx
0x460478 GetClassLongW
0x46047c SetPropW
0x460480 GetPropW
0x460484 RemovePropW
0x460488 GetLastActivePopup
0x46048c DispatchMessageW
0x460490 GetTopWindow
0x460494 UnhookWindowsHookEx
0x460498 GetMessageTime
0x46049c GetMessagePos
0x4604a0 PeekMessageW
0x4604a4 MapWindowPoints
0x4604a8 GetKeyState
0x4604ac UpdateWindow
0x4604b0 GetMenu
0x4604b4 GetSubMenu
0x4604b8 GetMenuItemID
0x4604bc GetMenuItemCount
0x4604c0 CreateWindowExW
0x4604c4 GetClassInfoExW
0x4604c8 GetClassInfoW
0x4604cc RegisterClassW
0x4604d0 DefWindowProcW
0x4604d4 CallWindowProcW
0x4604dc GetWindowPlacement
0x4604e4 GetWindowTextW
0x4604e8 GetFocus
0x4604ec SetFocus
0x4604f0 MoveWindow
0x4604f4 IsDialogMessageW
0x4604f8 IsDlgButtonChecked
0x4604fc SetDlgItemTextW
0x460500 SendDlgItemMessageW
0x460504 CheckDlgButton
0x460508 GetDesktopWindow
0x46050c GetActiveWindow
0x460510 SetActiveWindow
0x460514 GetSystemMetrics
0x46051c DestroyWindow
0x460520 GetDlgItem
0x460524 IsWindowEnabled
0x460528 GetNextDlgTabItem
0x46052c EndDialog
0x460530 GetShellWindow
0x460534 EnumThreadWindows
0x460538 WaitForInputIdle
0x46053c ShowWindow
0x460540 ClientToScreen
0x460544 ScreenToClient
0x460548 ReleaseCapture
0x46054c SetCapture
0x460550 InvalidateRect
0x460554 ReleaseDC
0x460558 GetDC
0x46055c PtInRect
0x460560 TrackMouseEvent
0x460564 LoadCursorW
0x460568 SetCursor
0x46056c SetRectEmpty
0x460570 GetDlgCtrlID
0x460574 GetSysColorBrush
0x460578 SetWindowTextW
0x46057c EnumChildWindows
0x460580 FillRect
0x460584 GetClientRect
0x460588 IsWindowVisible
0x46058c MessageBoxW
0x460594 EnumWindows
0x460598 SetForegroundWindow
0x46059c PostQuitMessage
0x4605a4 UnregisterClassW
0x4605a8 SetWindowPos
0x4605ac GetClassNameW
0x4605b0 GetCursorPos
0x4605b8 IsWindow
0x4605bc GetParent
0x4605c0 OffsetRect
0x4605c8 EnableMenuItem
0x4605cc AdjustWindowRectEx
0x4605d4 SetRect
0x4605d8 MessageBeep
0x4605dc MapDialogRect
0x4605e0 GrayStringW
0x4605e4 DrawTextExW
0x4605e8 DrawTextW
0x4605ec TabbedTextOutW
0x4605f0 GetWindowLongW
0x4605f4 SetWindowLongW
0x4605f8 PostMessageW
0x4605fc GetForegroundWindow
0x460600 AppendMenuW
0x460604 GetSystemMenu
0x460608 LoadIconW
0x46060c FindWindowW
0x460610 PostThreadMessageW
0x460614 KillTimer
0x460618 CloseWindow
0x46061c GetWindow
0x460620 SetTimer
0x460624 IsRectEmpty
0x460628 CopyRect
0x46062c GetSysColor
0x460630 RedrawWindow
0x460634 GetWindowRect
0x460638 SendMessageW
0x46063c EnableWindow
0x460640 IsIconic
0x460644 UnregisterClassA
Library GDI32.dll:
0x460058 GetStockObject
0x46005c DeleteDC
0x460060 MoveToEx
0x460064 LineTo
0x460068 ScaleWindowExtEx
0x46006c SetWindowExtEx
0x460070 ScaleViewportExtEx
0x460074 SetViewportExtEx
0x460078 OffsetViewportOrgEx
0x46007c SetViewportOrgEx
0x460080 SelectObject
0x460088 CreateDIBSection
0x46008c DPtoLP
0x460090 DeleteObject
0x460094 SetMapMode
0x460098 SetBkMode
0x46009c RestoreDC
0x4600a0 SaveDC
0x4600a4 CreateBitmap
0x4600a8 SetBkColor
0x4600ac SetTextColor
0x4600b0 GetClipBox
0x4600b4 SelectClipRgn
0x4600c0 BitBlt
0x4600c4 SetBrushOrgEx
0x4600c8 CreateCompatibleDC
0x4600cc CreatePatternBrush
0x4600d0 GetDeviceCaps
0x4600d4 CreatePen
0x4600d8 CreateSolidBrush
0x4600dc GetTextMetricsW
0x4600e0 Rectangle
0x4600e4 Escape
0x4600e8 ExtTextOutW
0x4600ec TextOutW
0x4600f0 RectVisible
0x4600f4 PtVisible
0x4600f8 CreateFontIndirectW
0x4600fc GetObjectW
Library COMDLG32.dll:
0x460050 GetFileTitleW
Library WINSPOOL.DRV:
0x46064c OpenPrinterW
0x460650 DocumentPropertiesW
0x460654 ClosePrinter
Library ADVAPI32.dll:
0x460000 RegDeleteKeyW
0x460004 RegQueryValueW
0x460008 RegEnumKeyW
0x46000c RegOpenKeyW
0x460010 RegDeleteValueW
0x460014 DuplicateTokenEx
0x460020 OpenProcessToken
0x460024 RegCreateKeyExW
0x460028 RegEnumValueW
0x46002c RegEnumKeyExW
0x460030 RegQueryInfoKeyW
0x460034 RegQueryValueExW
0x460038 RegOpenKeyExW
0x46003c RegCloseKey
0x460040 RegSetValueExW
Library SHELL32.dll:
0x4603e4 ShellExecuteW
0x4603e8 SHGetFolderPathW
0x4603ec CommandLineToArgvW
0x4603f0 Shell_NotifyIconW
Library COMCTL32.dll:
Library SHLWAPI.dll:
0x4603f8 UrlEscapeW
0x4603fc PathFileExistsW
0x460400 PathFindFileNameW
0x460408 SHRegGetUSValueW
0x46040c AssocQueryStringW
0x460414 StrStrIW
0x460418 PathStripToRootW
0x46041c PathIsUNCW
0x460420 PathAppendW
0x460424 PathFindExtensionW
Library ole32.dll:
0x460668 CoInitialize
0x46066c CoCreateInstance
0x460670 StringFromGUID2
0x460674 CoCreateGuid
0x460678 CoTaskMemFree
0x46067c StringFromCLSID
0x460680 CoUninitialize
0x460684 CoInitializeEx
0x460688 OleInitialize
0x460690 OleUninitialize
0x460694 CoRevokeClassObject
0x46069c OleFlushClipboard
Library OLEAUT32.dll:
0x4603ac SysAllocStringLen
0x4603b0 VariantChangeType
0x4603b4 SysStringLen
0x4603b8 VarBstrCmp
0x4603bc LoadTypeLib
0x4603c0 LoadRegTypeLib
0x4603c4 VariantClear
0x4603c8 SysAllocString
0x4603cc VariantInit
0x4603d0 SysFreeString
Library WS2_32.dll:
0x46065c WSAStartup

Hosts

No hosts contacted.

TCP

Source Source Port Destination Destination Port
192.168.56.101 49185 27.148.188.35 www.download.windowsupdate.com 80
192.168.56.101 49178 34.194.20.225 trk.slimwareutilities.com 80
192.168.56.101 49176 34.227.55.118 apps-api.slimwareutilities.com 80
192.168.56.101 49177 52.207.195.86 trk.slimwareutilities.com 80
192.168.56.101 49182 52.85.56.131 x.ss2.us 80
192.168.56.101 49179 54.192.147.5 download.driverupdate.net 443
192.168.56.101 49188 54.192.147.5 download.driverupdate.net 443

UDP

Source Source Port Destination Destination Port
192.168.56.101 49713 114.114.114.114 53
192.168.56.101 50002 114.114.114.114 53
192.168.56.101 53210 114.114.114.114 53
192.168.56.101 53380 114.114.114.114 53
192.168.56.101 53657 114.114.114.114 53
192.168.56.101 54260 114.114.114.114 53
192.168.56.101 57236 114.114.114.114 53
192.168.56.101 60384 114.114.114.114 53
192.168.56.101 60911 114.114.114.114 53
192.168.56.101 62318 114.114.114.114 53
192.168.56.101 62912 114.114.114.114 53
192.168.56.101 137 192.168.56.255 137
192.168.56.101 138 192.168.56.255 138
192.168.56.101 123 20.189.79.72 time.windows.com 123
192.168.56.101 49235 224.0.0.252 5355
192.168.56.101 50534 224.0.0.252 5355
192.168.56.101 50849 224.0.0.252 5355
192.168.56.101 51808 224.0.0.252 5355
192.168.56.101 51963 224.0.0.252 5355
192.168.56.101 53500 224.0.0.252 5355

HTTP & HTTPS Requests

URI Data
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab 
GET /msdownload/update/v3/static/trustedr/en/authrootstl.cab HTTP/1.1
Cache-Control: max-age = 3600
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Wed, 03 Mar 2021 06:32:16 GMT
If-None-Match: "0d8f4f3f6fd71:0"
User-Agent: Microsoft-CryptoAPI/6.1
Host: www.download.windowsupdate.com
http://x.ss2.us/x.cer 
GET /x.cer HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: x.ss2.us
http://apps-api.slimwareutilities.com/install/du/6.1/x64/DriverUpdate-setup.msi.bz2?machineId=A69E74E1-9913-4302-848B-CCE358278AF0 
GET /install/du/6.1/x64/DriverUpdate-setup.msi.bz2?machineId=A69E74E1-9913-4302-848B-CCE358278AF0 HTTP/1.1
Connection: Keep-Alive
User-Agent: DriverUpdate Installer/2.24.2.28 (os:windows; ver:6.1; arc:AMD64)
Host: apps-api.slimwareutilities.com
http://apps-api.slimwareutilities.com/install/du/6.1/x64/DriverUpdate-setup.msi.bz2?machineId=A69E74E1-9913-4302-848B-CCE358278AF0 
GET /install/du/6.1/x64/DriverUpdate-setup.msi.bz2?machineId=A69E74E1-9913-4302-848B-CCE358278AF0 HTTP/1.1
Connection: Keep-Alive
User-Agent: DriverUpdate Installer/2.24.2.28 (os:windows; ver:6.1; arc:AMD64)
Host: apps-api.slimwareutilities.com
Cookie: AWSALBCORS=0Y4iIMB35VpCOyHt4YWXgr6S2VOhBoeCuC0L2pqS/N8keIZCn0nCofHQOi642OFulQQSJEVchMGGDhu9utuiksC8+P0gwil9hERL1t1xjRYHLXWI+4KmzzytNbIQ; AWSALB=0Y4iIMB35VpCOyHt4YWXgr6S2VOhBoeCuC0L2pqS/N8keIZCn0nCofHQOi642OFulQQSJEVchMGGDhu9utuiksC8+P0gwil9hERL1t1xjRYHLXWI+4KmzzytNbIQ
http://trk.slimwareutilities.com/ulc.php?ev=InstallerInvoked&upl=YToxMzp7czo5OiJ1bF9zdHViaWQiO3M6MzY6IjNiYThmZWQ0LTc5ZjMtNDhjYS04MGM3LTc3MjkzZDFhNzlmNSI7czoxMDoidWxfY29icmFuZCI7czozOiJTVzIiO3M6MTE6InVsX2NhbXBhaWduIjtzOjY6InhkbTUwNyI7czo4OiJ1bF9zdWJpZCI7czoyNzoiNDUweDUwX0ltYWdlQWQyX0Fza0hQQ2hyb21lIjtzOjc6InByb2R1Y3QiO3M6MzoiU1cyIjtzOjk6Im1zdGJ0cmFjayI7czo2OiJUVEFCMDMiO3M6MTE6Im1zdGJjb2JyYW5kIjtzOjM6IkJYWiI7czo3OiJtc3RiYWdlIjtzOjE6IjAiO3M6MTE6ImJyb3dzZXJUeXBlIjtzOjI6IklFIjtzOjE0OiJicm93c2VyVmVyc2lvbiI7czozOiI5LjAiO3M6MTU6ImJyb3dzZXJMYW5ndWFnZSI7czowOiIiO3M6MTA6InBsYXRmb3JtT1MiO3M6NzoiV2luZG93cyI7czoxNzoicGxhdGZvcm1PU1ZlcnNpb24iO3M6MzoiOS4wIjt9&machineId=A69E74E1-9913-4302-848B-CCE358278AF0&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.2.28&product=SW2&msBclVersion=4.0.0 
GET /ulc.php?ev=InstallerInvoked&upl=YToxMzp7czo5OiJ1bF9zdHViaWQiO3M6MzY6IjNiYThmZWQ0LTc5ZjMtNDhjYS04MGM3LTc3MjkzZDFhNzlmNSI7czoxMDoidWxfY29icmFuZCI7czozOiJTVzIiO3M6MTE6InVsX2NhbXBhaWduIjtzOjY6InhkbTUwNyI7czo4OiJ1bF9zdWJpZCI7czoyNzoiNDUweDUwX0ltYWdlQWQyX0Fza0hQQ2hyb21lIjtzOjc6InByb2R1Y3QiO3M6MzoiU1cyIjtzOjk6Im1zdGJ0cmFjayI7czo2OiJUVEFCMDMiO3M6MTE6Im1zdGJjb2JyYW5kIjtzOjM6IkJYWiI7czo3OiJtc3RiYWdlIjtzOjE6IjAiO3M6MTE6ImJyb3dzZXJUeXBlIjtzOjI6IklFIjtzOjE0OiJicm93c2VyVmVyc2lvbiI7czozOiI5LjAiO3M6MTU6ImJyb3dzZXJMYW5ndWFnZSI7czowOiIiO3M6MTA6InBsYXRmb3JtT1MiO3M6NzoiV2luZG93cyI7czoxNzoicGxhdGZvcm1PU1ZlcnNpb24iO3M6MzoiOS4wIjt9&machineId=A69E74E1-9913-4302-848B-CCE358278AF0&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.2.28&product=SW2&msBclVersion=4.0.0 HTTP/1.1
Connection: Keep-Alive
User-Agent: DriverUpdate Installer/2.24.2.28 (os:windows; ver:6.1; arc:AMD64)
Host: trk.slimwareutilities.com
http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab 
GET /msdownload/update/v3/static/trustedr/en/authrootstl.cab HTTP/1.1
Cache-Control: max-age = 900
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Mon, 19 Apr 2021 20:17:25 GMT
If-None-Match: "80f8835935d71:0"
User-Agent: Microsoft-CryptoAPI/6.1
Host: www.download.windowsupdate.com
http://trk.slimwareutilities.com/ulc.php?ev=InstallerAccepted&upl=YToxMzp7czo5OiJ1bF9zdHViaWQiO3M6MzY6IjNiYThmZWQ0LTc5ZjMtNDhjYS04MGM3LTc3MjkzZDFhNzlmNSI7czoxMDoidWxfY29icmFuZCI7czozOiJTVzIiO3M6MTE6InVsX2NhbXBhaWduIjtzOjY6InhkbTUwNyI7czo4OiJ1bF9zdWJpZCI7czoyNzoiNDUweDUwX0ltYWdlQWQyX0Fza0hQQ2hyb21lIjtzOjc6InByb2R1Y3QiO3M6MzoiU1cyIjtzOjk6Im1zdGJ0cmFjayI7czo2OiJUVEFCMDMiO3M6MTE6Im1zdGJjb2JyYW5kIjtzOjM6IkJYWiI7czo3OiJtc3RiYWdlIjtzOjE6IjAiO3M6MTE6ImJyb3dzZXJUeXBlIjtzOjI6IklFIjtzOjE0OiJicm93c2VyVmVyc2lvbiI7czozOiI5LjAiO3M6MTU6ImJyb3dzZXJMYW5ndWFnZSI7czowOiIiO3M6MTA6InBsYXRmb3JtT1MiO3M6NzoiV2luZG93cyI7czoxNzoicGxhdGZvcm1PU1ZlcnNpb24iO3M6MzoiOS4wIjt9&machineId=A69E74E1-9913-4302-848B-CCE358278AF0&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.2.28&product=SW2 
GET /ulc.php?ev=InstallerAccepted&upl=YToxMzp7czo5OiJ1bF9zdHViaWQiO3M6MzY6IjNiYThmZWQ0LTc5ZjMtNDhjYS04MGM3LTc3MjkzZDFhNzlmNSI7czoxMDoidWxfY29icmFuZCI7czozOiJTVzIiO3M6MTE6InVsX2NhbXBhaWduIjtzOjY6InhkbTUwNyI7czo4OiJ1bF9zdWJpZCI7czoyNzoiNDUweDUwX0ltYWdlQWQyX0Fza0hQQ2hyb21lIjtzOjc6InByb2R1Y3QiO3M6MzoiU1cyIjtzOjk6Im1zdGJ0cmFjayI7czo2OiJUVEFCMDMiO3M6MTE6Im1zdGJjb2JyYW5kIjtzOjM6IkJYWiI7czo3OiJtc3RiYWdlIjtzOjE6IjAiO3M6MTE6ImJyb3dzZXJUeXBlIjtzOjI6IklFIjtzOjE0OiJicm93c2VyVmVyc2lvbiI7czozOiI5LjAiO3M6MTU6ImJyb3dzZXJMYW5ndWFnZSI7czowOiIiO3M6MTA6InBsYXRmb3JtT1MiO3M6NzoiV2luZG93cyI7czoxNzoicGxhdGZvcm1PU1ZlcnNpb24iO3M6MzoiOS4wIjt9&machineId=A69E74E1-9913-4302-848B-CCE358278AF0&platformOS=Windows&platformOSVersion=6.1&installer=LI0&installerVersion=2.24.2.28&product=SW2 HTTP/1.1
Connection: Keep-Alive
User-Agent: DriverUpdate Installer/2.24.2.28 (os:windows; ver:6.1; arc:AMD64)
Host: trk.slimwareutilities.com

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.