258f173916bb22e869510b99a998f0220b1338f8515b29d06aad70bf1533193e

Sharing

Copy URL

Twitter E-mail

General

Target

Taskbar Themes Styles 2024 (1).zip
Size

11.0MB
Sample

240913-dhfzks1ejf
MD5

bbce5af5003b12fd1b7dc5b48d497427
SHA1

aa69add762449bb83640dcbe544d28c12ad47f0c
SHA256

258f173916bb22e869510b99a998f0220b1338f8515b29d06aad70bf1533193e
SHA512

7512eb2b9bd6435ab2139a491ae3fbe9bedd3a5145835304967f228abb0251dcd155f2131d7d815572efae8c828dec6d065395b97586d68d69357b6f1a275c56
SSDEEP

196608:EBPAprfPoITbFFaPmnoOBx76Hl7pVFcjAWGyda6WbelTbnPyaeFXEchYemB:MPW3rnQwBx87tHWGydaLCldo7hYR

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  Taskbar Themes Styles 2024 (1).zip
- Size
  
  11.0MB
- MD5
  
  bbce5af5003b12fd1b7dc5b48d497427
- SHA1
  
  aa69add762449bb83640dcbe544d28c12ad47f0c
- SHA256
  
  258f173916bb22e869510b99a998f0220b1338f8515b29d06aad70bf1533193e
- SHA512
  
  7512eb2b9bd6435ab2139a491ae3fbe9bedd3a5145835304967f228abb0251dcd155f2131d7d815572efae8c828dec6d065395b97586d68d69357b6f1a275c56
- SSDEEP
  
  196608:EBPAprfPoITbFFaPmnoOBx76Hl7pVFcjAWGyda6WbelTbnPyaeFXEchYemB:MPW3rnQwBx87tHWGydaLCldo7hYR
Score

1^/10
behavioral1
- Target
  
  ControlzEx.dll
- Size
  
  181KB
- MD5
  
  2d5035cb5a3678f2c2f5a889bd384813
- SHA1
  
  9c4a669a30a4bf0e27d5b373919c3f6017c8ec4b
- SHA256
  
  424cbe8f24a62c330149dbe0b80e214a984950c3b79b067058671608229fc2ed
- SHA512
  
  fda0592126c9b9835380457e1f55d984cd5fc7649be172a0de17006e60d05687fbd5454a5b3adceb4497f6bc7a780d15dc09b70fd642f2db792571e996c8f56c
- SSDEEP
  
  3072:3E0E4PCRvy5/ixiBU33nC0bZqSSvKKy/f1SV666AjwbbHyH6engMHdFtp04M9Y8e:3E0E4Pyy5/ih3zbZqSGy/fk96e9Ftppn
Score

1^/10
behavioral2
- Target
  
  Hardcodet.Wpf.TaskbarNotification.dll
- Size
  
  66KB
- MD5
  
  d5d708e9e7625ab2c4ac1c1faa099350
- SHA1
  
  9436c35fb72c4fd0ae1420effdbe5a8a14326077
- SHA256
  
  f6fadf0375d22512b2b3f075362433c0de173adfb290b4d8999cdcb7acedb0b2
- SHA512
  
  0321bbdee6a11275fd0f86696e0b244ac0415ca5cb64cdd0230bfee028e550587929c5d03402740307fa7b5370532d2e3c044b85838489a72f29ce1748fc093d
- SSDEEP
  
  1536:KfgDdceepOS3u594ww89rRwjwPxvjLbPxHZ:KfgP59Fw89FwjgxvjLjx5
Score

1^/10
behavioral3
- Target
  
  Languages/Bengali.txt
- Size
  
  2KB
- MD5
  
  42b876b1f17efab82f9c4a4808c3b9d9
- SHA1
  
  c124509ad24f949e123c5d672ab555cd752f2d23
- SHA256
  
  e46ea74cdd5eff143112695a3faa585ba5c319102e5ae57e9aee69a9076fd2c9
- SHA512
  
  1d7356ed8e3647121053a16f19aa6367c3201ce6106681c4237ae8e13e02a3bed11a5c33717518f9081260354b3a1aedf0c0549cf2fc2a861b2ad327aa517b59
Score

3^/10

execution
behavioral4
- Target
  
  Languages/Chinese(Simplified).png
- Size
  
  733B
- MD5
  
  18bd6697bc44bcfaa606aec883fdf1c4
- SHA1
  
  0fed87afe4ef30844fc62219b42571add83e2bce
- SHA256
  
  3705c17e9a6cf982234898d0269b94427fb3b1978bece5cf4f3a6c3bf518da70
- SHA512
  
  7e6e9f738b8a4af79235aaf37019b2ac9baa5fa9fbf0c93c044ef9d07cae7ddae2ebd09046fa4182b394e3086c7cc4b06204b8c58e427158e47e8bc50356b4f3
Score

1^/10
behavioral5
- Target
  
  Languages/Chinese(Simplified).xml
- Size
  
  6KB
- MD5
  
  2ba8908901c62e486dc7d4ce5822acf3
- SHA1
  
  2f28895f0354bacadec40f8aa361b9c140aba70a
- SHA256
  
  bc98db44ebc96b4ba51ad23a7b716584f40b8a1d5a46ae6751aa948ce9fe9f86
- SHA512
  
  a3c06d53044dcc330972e78a2a4f0ca8ec4b40c8e5fa4caf08c4924675e7a2d3e5f15d6248aff1d790e04d4fc35dd06c1afcb0f24d8637fdde73ce125d4a7f70
- SSDEEP
  
  192:BNYziuTNF0174biQw84b4jK6cZFaOKbHLyY:nOiunprvDPRbH
Score

1^/10
behavioral6
- Target
  
  Languages/English.png
- Size
  
  1010B
- MD5
  
  00214d9e4e6155a04e3997d121641c98
- SHA1
  
  b02f98561887eeb0d70acdec5b9fc318c048f068
- SHA256
  
  1037bb804c8da171fb1869872bcd24aa1f0c96ad8ce783861dff91d3174d12a7
- SHA512
  
  ab65fa7076aba222daee2f3439a0a11193080bf7cd477b6d96c3ff974f51107977f4b6a270e3700ad55bb586af0b85f316c173ad48714d9dcd53dad518320b79
Score

3^/10
behavioral7
- Target
  
  Languages/English.xml
- Size
  
  7KB
- MD5
  
  2091e6d656ae235a0e7977b0d5a51ce3
- SHA1
  
  e28edfbf8eb151046040066fedbf5a0ddd7809eb
- SHA256
  
  c3cc0e93f9fff36858ca43188bfd6b67b39ee207b373c8a1601b973b2f07395a
- SHA512
  
  0e228178be827fb6e0ebdfd459d1d391891aa557b2b621a551fcffc109719e37de0d0d60a9ffb55b9af53a68d50c4461c14d2921fc00c99687059c977fff030e
- SSDEEP
  
  192:UHDKvItne2JH9YQMTE/bnqYOktdr4pFOkcasm5ZyItekC63UnrZQEK0:7a8QtU51eDnr210
Score

1^/10
behavioral8
- Target
  
  Languages/Polish.png
- Size
  
  204B
- MD5
  
  464a2897bc125872878d68aef0ef18bf
- SHA1
  
  62377c07d1254641c36848578a7acb8cd6dd4e6a
- SHA256
  
  5400f9d9ff3272227e66a840aeb52a8489393b04e32bd7e03c1bfe6a9a832a6b
- SHA512
  
  ecad63c2eec6058638403d558a360f62209989c9f1ec409fdf4ab47aba756e62f57b696acae65bb8391491abb782b2db7495dcd4d475f1fe913bab5981eec519
Score

3^/10
behavioral9
- Target
  
  Languages/Polish.xml
- Size
  
  7KB
- MD5
  
  90c85da1a793104e89789e7d20356463
- SHA1
  
  78253adb716bcfc980320250dea39d9d41dd37b0
- SHA256
  
  dbbef50b4e01d4dd91a3d846a1882381f1226618d533dd966f3421a314a667dc
- SHA512
  
  a53beb0cea2d555e69db5002d56ac46063576c64352e9742789e454680b3f203e394b805c6664c14dfb08d2cefdb7e72c45ffec10af3e0d67eb9e98507d98594
- SSDEEP
  
  192:3HYbMU59/gB8w+kRzgKaC3N9Ukq3a67smzGi69vl7XU:oQU5906smyF7k
Score

1^/10
behavioral10
- Target
  
  Languages/Portuguese (Brazil).png
- Size
  
  1KB
- MD5
  
  e1e15cebb26738f77b3ef7bf363e158a
- SHA1
  
  ca50136d995517568940d477ea4aeea1bf0fa0d1
- SHA256
  
  b9dfb69ad9869011acf3d3e3e3eaf1f0956d1c5fffdde879ae7d57ce5b083441
- SHA512
  
  d844503757f5e1917c9add49b1c10be2b7607cd8911849a4818ba893679423aeb11565b26ab9352575dac963482d84cb62929a2b90d3cee08babf54de4896fdc
Score

3^/10
behavioral11
- Target
  
  Languages/Portuguese (Brazil).xml
- Size
  
  8KB
- MD5
  
  50873071801aa9149f2995e3baae2006
- SHA1
  
  9028f12387f02dd67d897c1ad27f533df4192782
- SHA256
  
  24579d4503460a3e5111e39522ef48b6da1c45cdb1c1604aa116d3e22e4b7d82
- SHA512
  
  4e27dd255edd7d772a0d24b1f1f8a78dd0b88edc75e5d24e89668b9b48268e94a686fb027ddb8897b146a364dd4f936fc4400aa2a9cd8d7d14db39081a09f6a8
- SSDEEP
  
  192:PPjzGADiS6HbmPVmkFXFjaeBhc6UHkHvCfpzFmaE2q4j:njzGADiAbUBfk2q4j
Score

1^/10
behavioral12
- Target
  
  Languages/Portuguese.txt
- Size
  
  2KB
- MD5
  
  7ad9f0882383b1140401f32ebf1ee60d
- SHA1
  
  16688f0fe6c120b5cf46a05555cbe91f64d1e336
- SHA256
  
  65798fa14176f5d4e39a08cc07da52f356fd572e77e3428e64d7736e97f3de83
- SHA512
  
  44428c87b6352e5c261ee8cd5d610ffe16655e9d07c662858fbb71a12d288292708790428a4a8071f55b1b8e696d96742d59596736ce15a0294f62ff288970ce
Score

3^/10

execution
behavioral13
- Target
  
  Languages/Russian.png
- Size
  
  2KB
- MD5
  
  32407c33f2a8c46d716d78164157e063
- SHA1
  
  e66df35add3b4f3748f71a6c408e8c19f769cbf2
- SHA256
  
  d8456088e8f90a45bf8b3be697ae4a577c8454ee4bcd237bb6aa8562bd9a11d7
- SHA512
  
  4bf74f6edea7b3b8825d5554fb4c7fbe9fd3fa1cc538a5c7ca216f7e1b050feb12c4aaed58c52360bb335603e8c2ba8fe91baeb3c0258515ab4d70bbb0a5b38d
Score

3^/10
behavioral14
- Target
  
  Languages/Russian.xml
- Size
  
  11KB
- MD5
  
  f6fa2e722e5939899a26ccf55b7d857e
- SHA1
  
  0d6c2879e94e2d31aa006b3b7486bc3b84e93224
- SHA256
  
  edc21e39c3cc73f2448c4008e33684e17ea4642af57c8458487e28e562e1b9ba
- SHA512
  
  3aa302babc1d0f2cc03378938e0becb03edb2a516fb7c73eea77bb071a5f06abda101762f71ba5118de70f10fd3bbdf7e2976462306b7e88297eec459f387c7c
- SSDEEP
  
  192:roTM39P2R8Jb2sv34AnGV6qgfoWHNBI2BfLRWjyooKiiMR/O0aZjQIypJMv9vQK+:EoNuRKo1SDLRAYKiO0NzoS
Score

1^/10
behavioral15
- Target
  
  Languages/Turkish.xml
- Size
  
  7KB
- MD5
  
  dce3b57fd8c845cfd7c98bca25271013
- SHA1
  
  54d4b554bb269d82a2216b0135e81e0a9278b49a
- SHA256
  
  7c31177b052208e7a2af4d1107d9a6b1fa6ea415936166bda27bebc47cc59d61
- SHA512
  
  199f72425dadda16daf033066274300493f7b3aa5c8bc7ac848dd3e19fe7005a2af7ce7064b08f7aacee79f3a1fcb7245d1c56d09589b1c87339991660203e74
- SSDEEP
  
  192:JwmTpDvIqb78XB9HUFqssMbZOsOa91UPjVY7nLNrmnUTG3/:dTpDvIqkxkO21UBuLAUi/
Score

1^/10
behavioral16
- Target
  
  MahApps.Metro.dll
- Size
  
  1.1MB
- MD5
  
  f5ebd702f5bcffe11cfbde31aef55a63
- SHA1
  
  27b6400ea008e88b8324b5a08342e314518eca74
- SHA256
  
  234b84d241d26bb5ece1edd14d6a5a21dc6495138761320c2a1449fcb0c2b1b3
- SHA512
  
  8d525b20c9c584bc5f135fdc3a4531357c98f80d9891cc7a0dab53c3b51419565819cb8bc1c7627bf59aa2ec7d0d78de73f1ab47676b6212bf36430b2250049d
- SSDEEP
  
  12288:pwnZcWYvJ30FMsyF19xWKNxV/FZLv4IS7gG2QiH:pEBYCFMsiSQxV/FZLv4IS7gG2QiH
Score

1^/10
behavioral17
- Target
  
  MetroStatic
- Size
  
  9.7MB
- MD5
  
  353785b5b8cd5d364a5ae6078ffe39ea
- SHA1
  
  0cc25caed1f715fcc0673dfdddf0d4895d04a98b
- SHA256
  
  65b784e016afea86f5e84dce35226625585c201469a9b925bf7f391d5e067f91
- SHA512
  
  66bfdeceb6cb24391179f8c750188fbf7cc411e3b1a517b4d7a4dbbb46bc9a5aa4c1e126725e942c9f64546b43aad9c55083cdfc0c25b1eb02e6fadfbf02afc1
- SSDEEP
  
  196608:TNRrj65s5CGhBPO//N/9XwfmAeOp4yWDCF97X9qGuzRka:RhM4hBQNJtAeOp4lOFJO3
Score

3^/10
behavioral18
- Target
  
  Microsoft.WindowsAPICodePack.Shell.dll
- Size
  
  552KB
- MD5
  
  18a46202a1636b985208e2183d756617
- SHA1
  
  7f8d0ca687ac82067d7a79c011a2688336b71b82
- SHA256
  
  513d386fc084ad355d1a8668d8b4e43cc3b21f135ac3eabbc6b96adeb3ee9e84
- SHA512
  
  70420dd03f338201801afb0ea2742bb08cd860192503906734de7306d1349a5524a12fc45c84dfa2e38f1178c3ad62a8656a9bebcb2bb5b9ff02f0f5543ea851
- SSDEEP
  
  6144:vtIgLGv5WBfXkYlsL/Nz++R1yji08n3uzxRQKEPmBm9C5vEx3tcQ8Vub8xPtwZEH:nz81Dn3GQ/9C58x3tWXH9gvHYF9
Score

1^/10
behavioral19
- Target
  
  Microsoft.WindowsAPICodePack.dll
- Size
  
  125KB
- MD5
  
  ace419174e1e0c792d028f25f60d6e5f
- SHA1
  
  5325579a4d960fc09c359c2ec7f2b03a27a9a698
- SHA256
  
  90d56b0a1c7e631e5a12985f9b7cc943a1ebc31e40ec53d56dc9149bba74ba24
- SHA512
  
  53177394027846161c296a25527f266814157430c8620e474ab1c2f6b2b54f7c401a4db087ea26af7e854ed07a006413e99f0384e06b1b4b194acb61981c5542
- SSDEEP
  
  3072:QfBa6TWUNuRhicznzcSZRazyDG43vjyMcnFlizejgxKmjkx7:VUNuZjAI+mvuMOj9mjk
Score

1^/10
behavioral20
- Target
  
  System.Windows.Interactivity.dll
- Size
  
  61KB
- MD5
  
  e991d47605bc04629af29939ac2cc9b5
- SHA1
  
  70dcb9c81d5c8351d19d3a3fbc5530085ca8faff
- SHA256
  
  eda12487c479ff31202a3c60f88f1f0e2bf7392919099315d0d951683f14609c
- SHA512
  
  25355edf41f7e08b1a725a920fcab7c04d4c91c3c015a8a9ab6c7d1224b5f3f83baa81f867167369ae91a8f11f317e9a3a1092348ee4e44f89dd8b086a67f2ca
- SSDEEP
  
  1536:23wBccZdxuB8mQen6JxKjrlMZgR0Eo1jwPxb/JjAPxH:wcHmQPUk1jgxbBjwxH
Score

1^/10
behavioral21
- Target
  
  YLLibs.dll
- Size
  
  36KB
- MD5
  
  3744d4fd7ba093923174696b56d05f9f
- SHA1
  
  f5ce183eae50c86baae034aed1ce11c0ad15fecf
- SHA256
  
  3101a828d70c878e777a15ebb522b6a2f82e30fb2217ce66df0f161a57656301
- SHA512
  
  2269e1b99f2998accb13a23f55806a636edfe374ab14ffbe93eb653868b935b83ab38c998905e8878156f96b4f2c85c18bd61fb374c9079eff5fba7cf6ec9800
- SSDEEP
  
  768:3/ImTZNNBGXjO9hwjLZEJPx4SjL8PxWEY9iYX:pT/u6wjwPxvjoPxm
Score

1^/10
behavioral22
- Target
  
  ZoneList
- Size
  
  56B
- MD5
  
  cd9447ef8116a3103e002dc719b21f7c
- SHA1
  
  55374fb9785cda3d7a226163203d1ebc664c9bd8
- SHA256
  
  1e6db4581f3290e40adac1f4548b82d0a3a961ed01cc137b2bfb38b379e50ac2
- SHA512
  
  35163dc643c2a81678acb59b0e1c8ac08036423cc57d7ad05e341d52bb059827a2270c9bb62996dd28231c2ab4b7267d45b9236c9491c380b2874ad7d6cf5ccf
Score

1^/10
behavioral23
- Target
  
  [Setup] Taskbar Themes Styles 2024.exe
- Size
  
  376KB
- MD5
  
  a8bc7fb55a324f1ba1c7807b7c1c4f29
- SHA1
  
  9286664648e7629ff1cc35ca030e22a45a913c9d
- SHA256
  
  f17b6dc2f1dc25b982d1d3da8601121a1f21e16be3fe406d3cff62100cf7562b
- SHA512
  
  726d8dca09ed5173f17a7c271cfb8faf6e83547390a55c7afcca6213c25da0e5f55599616b65b297ddaf606d0c2194ef98e9df9a45490950f23a0a3c9bb1d534
- SSDEEP
  
  6144:CNwt6ykfy77nrjTPhSVQBFD7sxBUXEe9OmGC0GoOwwmVQBFv6jOjK:CNwz3nrj4QB97sx0d9OmGcwwyQB1OyK
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral24
- Target
  
  wdmode.exe
- Size
  
  574KB
- MD5
  
  42badc1d2f03a8b1e4875740d3d49336
- SHA1
  
  cee178da1fb05f99af7a3547093122893bd1eb46
- SHA256
  
  c136b1467d669a725478a6110ebaaab3cb88a3d389dfa688e06173c066b76fcf
- SHA512
  
  6bc519a7368ee6bd8c8f69f2d634dd18799b4ca31fbc284d2580ba625f3a88b6a52d2bc17bea0e75e63ca11c10356c47ee00c2c500294abcb5141424fc5dc71c
- SSDEEP
  
  12288:myyKdVnyNhXCV4EkP7AIfzNXZ0b5NrnkcAqIV0A1caRI:mKvyNhXCV4E8BXAfrnkcAqU0A
Score

3^/10

discovery
behavioral25

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Command and Scripting Interpreter: PowerShell

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25