
"cmd.exe" wrote 52 bytes to a remote process "C:\Windows\System32\find.exe" (Handle: 104) "cmd.exe" wrote 32 bytes to a remote process "C:\Windows\System32\find.exe" (Handle: 104) "cmd.exe" wrote 4 bytes to a remote process "C:\Windows\System32\PING.EXE" (Handle: 96) "cmd.exe" wrote 52 bytes to a remote process "C:\Windows\System32\PING.EXE" (Handle: 96)

"cmd.exe" wrote 32 bytes to a remote process "C:\Windows\System32\PING.EXE" (Handle: 96) "cmd.exe" wrote 52 bytes to a remote process "C:\Windows\System32\reg.exe" (Handle: 100) "cmd.exe" wrote 32 bytes to a remote process "C:\Windows\System32\reg.exe" (Handle: 100) "cmd.exe" wrote 4 bytes to a remote process "C:\Windows\System32\reg.exe" (Handle: 100)

"cmd.exe" wrote 1500 bytes to a remote process "C:\Windows\System32\reg.exe" (Handle: 100) "DriverPack.exe" wrote 52 bytes to a remote process "C:\Windows\System32\mshta.exe" (Handle: 440) "DriverPack.exe" wrote 32 bytes to a remote process "C:\Windows\System32\mshta.exe" (Handle: 440) "DriverPack.exe" wrote 4 bytes to a remote process "C:\Windows\System32\mshta.exe" (Handle: 440) "DriverPack.exe" wrote 1500 bytes to a remote process "C:\Windows\System32\mshta.exe" (Handle: 440) "wscript.exe" wrote 52 bytes to a remote process "C:\Users\%USERNAME%\AppData\Local\Temp\7ZipSfx.000\DriverPack.exe" (Handle: 804) "wscript.exe" wrote 32 bytes to a remote process "C:\Users\%USERNAME%\AppData\Local\Temp\7ZipSfx.000\DriverPack.exe" (Handle: 804) "wscript.exe" wrote 4 bytes to a remote process "C:\Users\%USERNAME%\AppData\Local\Temp\7ZipSfx.000\DriverPack.exe" (Handle: 804) "wscript.exe" wrote 1500 bytes to a remote process "%TEMP%\7ZipSfx.000\DriverPack.exe" (Handle: 804)

"" wrote 4 bytes to a remote process "C:\Windows\System32\wscript.exe" (Handle: 672) "" wrote 52 bytes to a remote process "C:\Windows\System32\wscript.exe" (Handle: 672) "" wrote 32 bytes to a remote process "C:\Windows\System32\wscript.exe" (Handle: 672)

The analysis spawned a process that was identified as malicious 1/60 Antivirus vendors marked dropped file "init.cmd" as malicious (classified as "DriverPack.B potentially unwanted" with 1% detection rate)ĥ/68 Antivirus vendors marked dropped file "DriverPack.exe" as malicious (classified as "DriverPack.A" with 7% detection rate)ġ/67 Antivirus vendors marked dropped file "dpinst64.exe" as malicious (classified as "Program.Unwanted" with 1% detection rate)ġ/59 Antivirus vendors marked dropped file "run.hta" as malicious (classified as "" with 1% detection rate)ġ5/68 Antivirus vendors marked dropped file "DriverPack-Notifier.exe" as malicious (classified as "DriverPack" with 22% detection rate)Ģ/68 Antivirus vendors marked dropped file "driverpack-wget.exe" as malicious (classified as "Program.Unwanted" with 2% detection rate)ġ/64 Antivirus vendors marked dropped file "dpinst.exe" as malicious (classified as "Program.Unwanted" with 1% detection rate)
