Skip navigation.


Hello guys!

I have found malwares that download Partizan.exe. I can't determine if Partizan is clean or not, and why its used by some bankers.

In this page Partizan is described like an antirootkit, part of UnHackMe:

This is the malware that use Partizan.

Sandbox running and reg entrance:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager "" = [REG_MULTI_SZ, value: "autocheck autochk *,Partizan", size: 29 bytes]

Can anyone provide me more information about this file?

Thanks in advance