25430d785981230d8755af585dd7f5d42ad601bc1fe0a41da02fed05e50ead43 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Partition Manager 9.5 Professional Portable.exe
Size

112.5MB
Sample

230215-tpk5wacf83
MD5

9b6efd75d4e3108f0972c9811fe6d913
SHA1

c43d555cc95053c150472ece242d12b6fa2afeff
SHA256

25430d785981230d8755af585dd7f5d42ad601bc1fe0a41da02fed05e50ead43
SHA512

b08ef6e90e16bced14e184476e1549b98715135aec2868bac17312d92b0606cbd14606b4eb783a26a9da3ba442b503f571fbd538b23ebfaa9a90c02119192486
SSDEEP

3145728:46eT+41D0wPVsYPg2koDgjXRzZnMnrkd5nalC:LeSYPaYY2kZj/nMnrkd5nalC

Score

7^/10

Malware Config

Targets

- Target
  
  Partition Manager 9.5 Professional Portable.exe
- Size
  
  112.5MB
- MD5
  
  9b6efd75d4e3108f0972c9811fe6d913
- SHA1
  
  c43d555cc95053c150472ece242d12b6fa2afeff
- SHA256
  
  25430d785981230d8755af585dd7f5d42ad601bc1fe0a41da02fed05e50ead43
- SHA512
  
  b08ef6e90e16bced14e184476e1549b98715135aec2868bac17312d92b0606cbd14606b4eb783a26a9da3ba442b503f571fbd538b23ebfaa9a90c02119192486
- SSDEEP
  
  3145728:46eT+41D0wPVsYPg2koDgjXRzZnMnrkd5nalC:LeSYPaYY2kZj/nMnrkd5nalC
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1