Overview
overview
8Static
static
1CZK PNG V4.1 (1).zip
windows11-21h2-x64
8CZK PNG V4...ch.png
windows11-21h2-x64
3CZK PNG V4...ar.png
windows11-21h2-x64
3CZK PNG V4...OR.png
windows11-21h2-x64
3CZK PNG V4...ub.png
windows11-21h2-x64
3CZK PNG V4...se.png
windows11-21h2-x64
3CZK PNG V4...rd.png
windows11-21h2-x64
3CZK PNG V4...te.png
windows11-21h2-x64
3CZK PNG V4...er.png
windows11-21h2-x64
3CZK PNG V4...er.png
windows11-21h2-x64
3CZK PNG V4...ct.png
windows11-21h2-x64
3CZK PNG V4...ze.png
windows11-21h2-x64
3CZK PNG V4...ad.png
windows11-21h2-x64
3CZK PNG V4...ng.png
windows11-21h2-x64
3CZK PNG V4...ut.png
windows11-21h2-x64
3CZK PNG V4...be.png
windows11-21h2-x64
3CZK PNG V4...IL.png
windows11-21h2-x64
3CZK PNG V4...GO.png
windows11-21h2-x64
3CZK PNG V4...RD.png
windows11-21h2-x64
3CZK PNG V4...ow.png
windows11-21h2-x64
3CZK PNG V4...ow.png
windows11-21h2-x64
3CZK PNG V4...op.ini
windows11-21h2-x64
3General
-
Target
CZK PNG V4.1 (1).zip
-
Size
151KB
-
Sample
250120-zpbjbsymes
-
MD5
2023c9e700ebc8291f6f288265dbd6f0
-
SHA1
286911deb24e979cffeb1d7e7cfdb4e2e47ed69b
-
SHA256
7cb8b47e91775deac874e423a7a5866c53ebfcda925afb1f2aebde50e8296ecf
-
SHA512
e7e7095adcd1b59d80bc55857202fb6a921c7951a5e231f8cb9e85739bfe56cf7d4b83511d23e48c5996e5bf6d438d9cffede2ae826f4b8ef6d140c32f46f7bc
-
SSDEEP
3072:h/4cOxEWEzRTRwDNbMbajoPhi++lUJ58qCN7/6oHU6pe:hAB5E3U5qc++ldQsXpe
Static task
static1
Behavioral task
behavioral1
Sample
CZK PNG V4.1 (1).zip
Resource
win11-20241007-en
Behavioral task
behavioral2
Sample
CZK PNG V4/ExecutorIcon/Attach.png
Resource
win11-20241007-en
Behavioral task
behavioral3
Sample
CZK PNG V4/ExecutorIcon/Clear.png
Resource
win11-20241007-en
Behavioral task
behavioral4
Sample
CZK PNG V4/ExecutorIcon/EDITOR.png
Resource
win11-20241007-en
Behavioral task
behavioral5
Sample
CZK PNG V4/ExecutorIcon/ScriptHub.png
Resource
win11-20241007-en
Behavioral task
behavioral6
Sample
CZK PNG V4/ExecutorIcon/close.png
Resource
win11-20241007-en
Behavioral task
behavioral7
Sample
CZK PNG V4/ExecutorIcon/discord.png
Resource
win11-20241007-en
Behavioral task
behavioral8
Sample
CZK PNG V4/ExecutorIcon/diskette.png
Resource
win11-20241007-en
Behavioral task
behavioral9
Sample
CZK PNG V4/ExecutorIcon/enter.png
Resource
win11-20241007-en
Behavioral task
behavioral10
Sample
CZK PNG V4/ExecutorIcon/folder.png
Resource
win11-20241007-en
Behavioral task
behavioral11
Sample
CZK PNG V4/ExecutorIcon/inject.png
Resource
win11-20241007-en
Behavioral task
behavioral12
Sample
CZK PNG V4/ExecutorIcon/minimize.png
Resource
win11-20241007-en
Behavioral task
behavioral13
Sample
CZK PNG V4/ExecutorIcon/play-button-arrowhead.png
Resource
win11-20241007-en
Behavioral task
behavioral14
Sample
CZK PNG V4/ExecutorIcon/setting.png
Resource
win11-20241007-en
Behavioral task
behavioral15
Sample
CZK PNG V4/ExecutorIcon/sign-out.png
Resource
win11-20241007-en
Behavioral task
behavioral16
Sample
CZK PNG V4/ExecutorIcon/youtube.png
Resource
win11-20241007-en
Behavioral task
behavioral17
Sample
CZK PNG V4/Misc/EMAIL.png
Resource
win11-20241007-en
Behavioral task
behavioral18
Sample
CZK PNG V4/Misc/ERROR LOGO.png
Resource
win11-20241007-en
Behavioral task
behavioral19
Sample
CZK PNG V4/Misc/PASSWORD.png
Resource
win11-20241007-en
Behavioral task
behavioral20
Sample
CZK PNG V4/Misc/left-arrow.png
Resource
win11-20241007-en
Behavioral task
behavioral21
Sample
CZK PNG V4/Misc/right-arrow.png
Resource
win11-20241007-en
Behavioral task
behavioral22
Sample
CZK PNG V4/desktop.ini
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
CZK PNG V4.1 (1).zip
-
Size
151KB
-
MD5
2023c9e700ebc8291f6f288265dbd6f0
-
SHA1
286911deb24e979cffeb1d7e7cfdb4e2e47ed69b
-
SHA256
7cb8b47e91775deac874e423a7a5866c53ebfcda925afb1f2aebde50e8296ecf
-
SHA512
e7e7095adcd1b59d80bc55857202fb6a921c7951a5e231f8cb9e85739bfe56cf7d4b83511d23e48c5996e5bf6d438d9cffede2ae826f4b8ef6d140c32f46f7bc
-
SSDEEP
3072:h/4cOxEWEzRTRwDNbMbajoPhi++lUJ58qCN7/6oHU6pe:hAB5E3U5qc++ldQsXpe
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-
-
-
Target
CZK PNG V4/ExecutorIcon/Attach.png
-
Size
10KB
-
MD5
e26f8f0009140c1ed3f8ec808cc1d232
-
SHA1
e8e2dac5af9356039e7a678a2f19d6631ee56b69
-
SHA256
5213bec921212ec60d586dd75147e26f618289b2bc4f5a162190d79a5c2ed78d
-
SHA512
37b0f6fd54d4d9842443972c7f31e37c2745d66ac0b3001853ef5c07a9f4d753fd3efd4c0beb0084ee26481de29fdafcdd6764667e5bbd17692c1d678c7ac829
-
SSDEEP
192:yDOGyn7uIdPLzZygLqdxA9/a760yJhvKaGyxZ8Xkuq8jyGCq31bD142:yDOXn71zZjwIXJxKaGywXVZ3hD1Z
Score3/10 -
-
-
Target
CZK PNG V4/ExecutorIcon/Clear.png
-
Size
7KB
-
MD5
b2376cbef1fd55501fcb51ac8b778d55
-
SHA1
3ebe7b1854b30176157d80e3e44cb2c1a8190bbf
-
SHA256
2c422126e5498f2af48f8a764b9972cd9763756f0696ebd28f95737d44eb6da8
-
SHA512
a8a8a2240483e4ab9fb2ed69e0bd6b984be621d6026fc9424ea3c460712f336056e1f4da48b475eed36c46c37e13ceeb11f07efc2d8d8cb97d207d865e845ec5
-
SSDEEP
192:6VvMn8te92PneyeduUkG+ygFJnqgzjed7DIeGDp9mmD5tz:N8te98NeXKFz8PGDp9lXz
Score3/10 -
-
-
Target
CZK PNG V4/ExecutorIcon/EDITOR.png
-
Size
12KB
-
MD5
9f841cc3f270a5267e237989a7809f4c
-
SHA1
de233a86414cc58210c5ea4c534c46d5d89df028
-
SHA256
c05c7db4337dc6543de03c0b0fdcfb3b5b0169b2f1ebd8d31c33378613c82344
-
SHA512
cefc3297e710c7d5e0dcc9d1681e7f3ea05a9a73e990e4602fb789936415d3c4783503fc7ff013cfbfcb650a0f7666d2b549d9cd7c8b5de1396c53946817bffe
-
SSDEEP
384:Chsh3dY2zBIex2utipd5bM0Ul9rC/mKkMp:XY2Xs/DULrC/dp
Score3/10 -
-
-
Target
CZK PNG V4/ExecutorIcon/ScriptHub.png
-
Size
7KB
-
MD5
1386cbdf2fb35edf22e24ea15e86b7ab
-
SHA1
93dc1bd173c84c49ca510769ee225660238940f5
-
SHA256
0f6a20838eaac8708a91bdc5046139a2aebe24969162eee2fe69fa9493cc388a
-
SHA512
f54151f6e06fda2737f23e89ef4ddc6559641fff372694156e3e7e7c2a45edb76b5edf9085a1b9cae4f77b7eb3cb757f7de8076c1e8571d9692f64523808d079
-
SSDEEP
192:WGH4WLr0sQPYJ3jB9A9hhtLSJ15Eivjn86Z1:WA4WzQPYJ3N4hHLc15Tjnv
Score3/10 -
-
-
Target
CZK PNG V4/ExecutorIcon/close.png
-
Size
9KB
-
MD5
53c3c410ade7710b84ca42fe28b42923
-
SHA1
a75ffca2b6456e376819ce5c9249914bbfa82beb
-
SHA256
b360d5b957c7306f0152330e32b2607f3722e94ad3df0c768841ef92f888ede0
-
SHA512
f03c2ef8aea5644f4aa1db78c1bba506b029fe4fcb445d19c7ea191230992635c84915cec77bdeee0d3a8ca54e423d399270d7e16282335e8388aee7ecf21e26
-
SSDEEP
192:5//6sF6PRZjmJqlqzpm8/BfH2lKhGyxu7j6TCu1JVUOGZVf0cbpltEVo:5DFSRYJdpmufK8xuv6TC7FZVfXlJ
Score3/10 -
-
-
Target
CZK PNG V4/ExecutorIcon/discord.png
-
Size
13KB
-
MD5
d3a17076b3913ba3afb5abb9305ac9e2
-
SHA1
0efbed74f764bd6998ac00f303c058b4d94b5459
-
SHA256
fe6d2e8252a8c5c43777ff15d63d44e9896789d9f9189cf21fbc9f5144dc338c
-
SHA512
ad82298d2e935f4a44b699060e01a608fc265f440e938a57f77b97506614e0e97a55ef24e02feb5c3e4f694921c249b0088fdc1bd47ef606443e949df5c6be35
-
SSDEEP
384:M5b3tYeDHqPo5xvJHYB/h1XBDrYSFWizxCG:M9JuPmxvtYB/fy0WizxCG
Score3/10 -
-
-
Target
CZK PNG V4/ExecutorIcon/diskette.png
-
Size
6KB
-
MD5
93a4a25dae56c3a04e34748ffcc6533c
-
SHA1
2bc9a1d1671885d62a7372e4b8321912493c772f
-
SHA256
72d29d352236619197801b82decd665e76fcd492b3fd1a54b4bd537374c9997c
-
SHA512
5d3627131f089ebceb21095c3b4f11520e6715aac20244d789cd166f9ba71c0d472b5d651e5868ae12833cbb39942825186749c6366b1ddf9a48ee7811304bad
-
SSDEEP
192:2tpheMFcSHj9Xi7q/sCVeSrqmaVDwVegKy:23etSHBGEeSrqmaVDwVegKy
Score3/10 -
-
-
Target
CZK PNG V4/ExecutorIcon/enter.png
-
Size
1KB
-
MD5
a6968adb16a687bd0831b3400768cb77
-
SHA1
b94d759ca16831412fef952420356c217ea35f11
-
SHA256
fa18aa05ea4ed136480863c7e4c9386b59ce1fa509561156f26e908fb0acfbcb
-
SHA512
564ae1f9788c85b3dd5607962c440372a3fc5fa8cd9693a3aa8b8d542e1a1b57a7ee98e0fddb2ea3926afde6fd19210b227780ad6ff8d39fccf79358319fd9a7
Score3/10 -
-
-
Target
CZK PNG V4/ExecutorIcon/folder.png
-
Size
7KB
-
MD5
28816109fc9764084578584b0c2580d8
-
SHA1
b14161afd805b142518004f9513ad93651a69f55
-
SHA256
7de9d45165cd82958d9f9b97e9431097f6b89ef3182ccd9fff56fa71da354e8b
-
SHA512
b99efc6a7c56821c9fe5644654a24c3e68060c2661a68320b4ca993b30b8d1aaf722ac03554608db13cc6652b859ba004889c973c4a5771da3a20582174b0449
-
SSDEEP
96:qi4rGT3yzDcy2ZhQ2IhkSlbe+jwrSduOTSItu/Old8NYZFf2AEKcAQR2gX1neYrp:7ezF+hOBe+UWuO18qUYv2A9cZpp6Q
Score3/10 -
-
-
Target
CZK PNG V4/ExecutorIcon/inject.png
-
Size
3KB
-
MD5
978c090eb395756fbef4bc65ab90c6a8
-
SHA1
004cb48add9833648406258977768876d3c16311
-
SHA256
7597968e7381ea3ddfc7de519e84072e15eecc155050cb90c7e4736bbae30b99
-
SHA512
8e350bfc118f5c32052d538ec9e4dea4f15e7e306df0527e55e7d041581f400c1dafc6f2b4d6cbc565c46fde49b5e87b6acdcfbbd72322896887e7adb8c88a84
Score3/10 -
-
-
Target
CZK PNG V4/ExecutorIcon/minimize.png
-
Size
6KB
-
MD5
c5047b00b790dae13f727c3b23e7100e
-
SHA1
464fab9e22bc1901e163ae7ea1c2c30c3ef17804
-
SHA256
3cd3f38940cde0c460bedc0722899c4bedc58d0d9c841b0cdae6560c62696cae
-
SHA512
ab0cf11cb475b18e6d2100f53e9d3db09286084764671b99e24291ae22732604a68d6ae12353381c6a196999e86b4957170999dd9115e5fc6536283c0fd1a650
-
SSDEEP
96:C6rDvFgn98biMDgSFZBgwQLWAIzOFLNHYAejeQyueE37O8mpz/QX5hMjDd3zF:C6/vEqNFZkLW1+LN4AIyOIU7MjRJ
Score3/10 -
-
-
Target
CZK PNG V4/ExecutorIcon/play-button-arrowhead.png
-
Size
8KB
-
MD5
2e17116cb41808de55696f89fa6a075c
-
SHA1
0ee9d82f83c85ed836755dd5edf61e5de1aab1e9
-
SHA256
08575fbbd40d3cd9cd835d7dce8d05505de6ec456fc5d939b9cbf9f25ee3f024
-
SHA512
183ff983a70c32eae7780df64d947970c3e869dadbce552bb244cda20d692918f92317445f5aba72e3f46d8c3dd3d3ef2e8d9d75993924899051bf5657824c12
-
SSDEEP
192:SPvH0TVLidz53gpaXFeITFi76iFOBcIHi4mQ/wod/648u9:Sn0TlQJgpaXFeITFiGW4cIC49Aru9
Score3/10 -
-
-
Target
CZK PNG V4/ExecutorIcon/setting.png
-
Size
12KB
-
MD5
a4e09a5952a7c7b7f58a7194b2e5dd76
-
SHA1
aa323e8d66e4b996acaec377238497cc4662d3c1
-
SHA256
5baa59915f40b19b2d1c6f449c194561d4853ea642aa96524fbfe38779c97f8d
-
SHA512
e1e39881fb711661d9b46a97f6834b228edcfa8f2cc699acb91f11bf7d8ad2d28c6e9e4220425c902457f29c75c90287eb8100f0a5c677e864f8f6a5f3167099
-
SSDEEP
384:+cdN/Pz+7F72rRASQ/ecyuFbC9YJ+cBDvROOq2Ger:Bddr+7F72rMcwnpZOOaer
Score3/10 -
-
-
Target
CZK PNG V4/ExecutorIcon/sign-out.png
-
Size
1KB
-
MD5
eb1deda9a13e32eafe471c91afe199b1
-
SHA1
26b2395bda74be3bcdaca365cc73bc88e1bbff21
-
SHA256
fb9b679cfc895a9235f34731e288d663fa894e4bd5c29aa018e6426ae4c5da0e
-
SHA512
f938ae730e7a26395e22f9c198c91dc520852ac9d52a615c7defe763d4c10f837d03e723793d0b5388088feb963fd242229a80b1965d59576dde5e9f5060d734
Score3/10 -
-
-
Target
CZK PNG V4/ExecutorIcon/youtube.png
-
Size
12KB
-
MD5
d47c0da6a2aecf5d7f02097d8786d136
-
SHA1
2a643652b096be690a856c7c39bfaad73024f69b
-
SHA256
9a9f7495f195203445a790599e1a60f74a74721821d37004c67c3ac7cf2d2710
-
SHA512
04f9372d1443cd6eb2e133f27f8df275cf90d7a7e242d5cef063cd1173b1a4f2070ddb3d3e5ef789862b565b4493c04766b102bed6109a0b54379381698b1f6a
-
SSDEEP
384:A9ml995M+nxOUFtxUpgg87gnnRssJpVcsr:A9mv95V3s/87g3JQsr
Score3/10 -
-
-
Target
CZK PNG V4/Misc/EMAIL.png
-
Size
10KB
-
MD5
a932577aae1fbbf688568b6b585298c6
-
SHA1
1d9cbb72cf324a29af481047e0f47d0a082f1a5e
-
SHA256
0005593134c48f78698af025cb140f8c3578417e9ad7af3741e4eb980fe327cc
-
SHA512
27cdd23a9b501e9e38d55cdee3790b5ba9a8c20adff9e990cc6fe9aa0cd01fa04c0edeadb144728fa9b5e4eedd65493af24927dd68394aa9b479c105516c91e3
-
SSDEEP
192:AsgHWqo4Umm/zli36IO7MZz9DWpT6yQIfkBVaAEmVUBsnpcYFOFB2n:AsTdmmb0tXYN/Bsn1OB2n
Score3/10 -
-
-
Target
CZK PNG V4/Misc/ERROR LOGO.png
-
Size
11KB
-
MD5
1f04feb07d1feadc4d3567b9a5d69cd1
-
SHA1
a61d6a179739a803d02f57cf8e115f672074462c
-
SHA256
fc8d4f74811b2961364b37ed618bb3adc3c462519bf399846c06c20aa2efac43
-
SHA512
d2a601e3548436e1b74af2d905530f542221cab964b6521ce57f1408b82d5a0a4ff738b1caadb5a85fa1abd974778a4b674b0a75d8f520add42986335a745d55
-
SSDEEP
192:O7H+fzsTuKyuZbXbTiDPQyMjNfINJDH3PFgtsELkMP7TsuMCl9eDGyr58IaI7:O7++uHkTh5NC322nkTiDh8IaI7
Score3/10 -
-
-
Target
CZK PNG V4/Misc/PASSWORD.png
-
Size
10KB
-
MD5
266bd01d6a02f012518fcd83d1ad460e
-
SHA1
62ac3a4602647fb92735a49af2031b0e8ecb9598
-
SHA256
9ad925e296c1cabf3ef7b9ef4a5757fe2cdc00e31ffeb95ee97cc598dba358f4
-
SHA512
a409651a0e6da166a0d47bf56313da0d4505b095cfbee87b9ca1f97e93a742f674d0359903aba21b6f19f443dfaa24ea795fd89a43992f3b2bcc17c75b93794c
-
SSDEEP
192:xt99JV9W+djJOxyrF+OhOrKA1f7jN8BQV3u:xt/xHMixU2A1f7yQE
Score3/10 -
-
-
Target
CZK PNG V4/Misc/left-arrow.png
-
Size
6KB
-
MD5
44b3def1c180f86513852a070f45a2cf
-
SHA1
250a4111580151d3cc620470f1e690ab31389ba3
-
SHA256
e531773e1bbd91e60ef2a133daae404d67ff5e30b6912227464ccc5b4b3aefb2
-
SHA512
41df92ad60124aa51c811989b8ce8a1d760aaad63b511b18e419efe72b4564762ae8574d1ccca73f29ec9b438fa5664a2c56908a7e8f817f887734c2c4511cf1
-
SSDEEP
192:TUUmbOWMPjgxv/GR12hYW5cN4fUzQFOlTEe:TUUmb+MF/Gf2hYCcefUYIEe
Score3/10 -
-
-
Target
CZK PNG V4/Misc/right-arrow.png
-
Size
6KB
-
MD5
e536513499085df876aac21ecebf54c9
-
SHA1
2b0d32cf20d4e3a0d735336dcac9ba5f47c02115
-
SHA256
158621a14a35385ebd5827f77e703a71431558ecbee42baa84a2ba00eb39f563
-
SHA512
44541eba4dec507a2a80f0a402eab7a284f71f751ad3d10c1cafc97475a5bd32c3e81bd62c5cd4af0824dd4170ff437e529a74843de31e91da4dbe386fa733f7
-
SSDEEP
96:Ab5ldDwVeYSpyBiNJgRZtfMVcm5jXImZlcaNyj1oWByAN5tda+4BAmK1lVkbR2yr:q6YNJWfMVDXV/c1oGLP4W1Xj2v
Score3/10 -
-
-
Target
CZK PNG V4/desktop.ini
-
Size
54B
-
MD5
df164dbc708ca05255b2f86deddddc7e
-
SHA1
2c5a1c402b81087cd11ef0bab2e91dbb9f9ccba7
-
SHA256
0dd430f1aba8913a047f617540ca952c0ae3b25d438de77a8f743fb762fd6fb7
-
SHA512
742a08578c078f0f8229e326d9c32550b7bd56eac5ec9d812427121952d57419fef001b4a7b3d312fc32357136aa85e6db089d15fc063853f248ac5e41af27b0
Score3/10 -
MITRE ATT&CK Enterprise v15
Defense Evasion
Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1SIP and Trust Provider Hijacking
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1