762495d6b19eb09588adbfcef71a70b11d07c2e73a9538e93dcaf81a2a4f8486 | Triage

Sharing

General

Target

Paragon HFS+ for Windows 11.0.0.175 + Crack.zip
Size

16.7MB
Sample

240822-ywtstavhlf
MD5

c53e77b754dfd1a99e81581abd825cee
SHA1

d1c1f0b9db322a215db2286c3619e728fb2035a7
SHA256

762495d6b19eb09588adbfcef71a70b11d07c2e73a9538e93dcaf81a2a4f8486
SHA512

fe10ae6338ecc8f9a6bb88d2b1b5cec64c7058d087ef533ab7000561c4f839020c952fdef1c64e393bea9fdee81cd31941f77e13ab7dccc5f52626f626645cb3
SSDEEP

393216:377sp+hnZiQm+gS8YsqI0GVbI7OXqbYx4jhkBKW5D6+MUzOJV63iWez:rAp+vm+gz13lPx4jhkAWRVbzOT63iWc

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  Paragon HFS+ for Windows 11.0.0.175 + Crack.zip
- Size
  
  16.7MB
- MD5
  
  c53e77b754dfd1a99e81581abd825cee
- SHA1
  
  d1c1f0b9db322a215db2286c3619e728fb2035a7
- SHA256
  
  762495d6b19eb09588adbfcef71a70b11d07c2e73a9538e93dcaf81a2a4f8486
- SHA512
  
  fe10ae6338ecc8f9a6bb88d2b1b5cec64c7058d087ef533ab7000561c4f839020c952fdef1c64e393bea9fdee81cd31941f77e13ab7dccc5f52626f626645cb3
- SSDEEP
  
  393216:377sp+hnZiQm+gS8YsqI0GVbI7OXqbYx4jhkBKW5D6+MUzOJV63iWez:rAp+vm+gz13lPx4jhkAWRVbzOT63iWc
Score

1^/10
behavioral1 behavioral2
- Target
  
  Paragon HFS+ for Windows 11.0.0.175 + Crack/Crack/OnlineActivator.exe
- Size
  
  4.7MB
- MD5
  
  f75b716d7aa0b71727e38164f064364c
- SHA1
  
  de98d5f20d83ccbf8727fa72726ec8b9699f3215
- SHA256
  
  57727daf941a6d11e8d7a006ac22b99252b978b87f6bfc6f8f64fd4cf5334ae3
- SHA512
  
  4f2107cbe604af005742f9ff98fd8db983f460696bec1e3b607de8f48fecf7e0171632f2fb224e71dabec4997f315e268dc07f3b3eba9aae707d0f8cf6344457
- SSDEEP
  
  98304:3MC19pDzcYI+H8PNM1Sl0mr3HdRpetnlswKt:3719pPcYIxVnCedt
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  Paragon HFS+ for Windows 11.0.0.175 + Crack/Crack/apmwinsrv.exe
- Size
  
  1.3MB
- MD5
  
  dbd342c4f96eec453bfaee8b7358fdc2
- SHA1
  
  26e3dc6545006c0dc8549e7e4fb6fc0360c66afa
- SHA256
  
  c7f9722988f17b3385eb2385075e95311125c8506cf88e8c9f91ad26ca41fb3d
- SHA512
  
  20c2ba55be02917d902d0f9362ac31c06231ef77fd65c9abe736e052ebf3abc65055bfa38c489f50568a0a386cfba4721b8d2273452ad8a5f29c2a29ff19d9c4
- SSDEEP
  
  24576:Zla/GkE9dKMjS0Tnz4nGtlqGn4XXW76XcVIH06iylL96eO7LLm:Xa/PE9PjS0H4nGtlqG88IU6iKLuO
Score

1^/10
behavioral5 behavioral6
- Target
  
  Paragon HFS+ for Windows 11.0.0.175 + Crack/Instructions !!!.txt
- Size
  
  1KB
- MD5
  
  17a93ff1ac846f494f9bacfe40e084ed
- SHA1
  
  c1bd070bc191ccdd6b6b7cfcb7d2cc6f6d0e3acb
- SHA256
  
  df4649100961692a439efe7a7a7c9864ab6e5565043e2d3d05a84c4b392df1d8
- SHA512
  
  cfebca7efc9b401b58dff22075b9d643757b897fe7f323943ecf455c5cd54171d0b3ff395243feae724f86af77feebb1ce7af6dbd7de91782f493e9d806d33cf
Score

1^/10
behavioral7 behavioral8
- Target
  
  Paragon HFS+ for Windows 11.0.0.175 + Crack/Setup.msi
- Size
  
  20.0MB
- MD5
  
  e6db65b0dfdb2d617a81bb029cac80af
- SHA1
  
  d78d7f4cb8f667a9f591c563a8d1ee755fcfbb9b
- SHA256
  
  623fe3396a0d2164f6628d96da5c77ed5f672c7fd58b8e6fc9435b785c52e2de
- SHA512
  
  206f69bde5a485a4afb24db8a46d46073b99d11654117540a0f731b9611fabb6f2beb9d5b06df44354650d45bc9e2d8f4203db18ea2ac710c52e6acdcaca91ea
- SSDEEP
  
  393216:uw7BmwiSMoUtV8dvW2autet7bn0GH6wYEM0vhfCpPQ:378dTlatet7b0GEJ
Score

8^/10

discovery
- Drops file in Drivers directory
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10