.. /.Desktopthemepackfile

Phishing
Exploit
Native
Double Click

Author:

mr.d0x

Description:

DESKTOPTHEMEPACKFILE files are used by Windows machines to customize desktop themes. They have been previously used by attackers to steal credentials because they often bypass antivirus detection.

OS:

Windows

Recommendation:

Block the download and execution of DESKTOPTHEMEPACKFILE files.

Resources:

https://www.bleepingcomputer.com/news/microsoft/windows-10-themes-can-be-abused-to-steal-windows-passwords/

File Samples:

Contributions: