Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
07/05/2023, 21:46
230507-1mxjfsfh72 10General
-
Target
hfw0xBaK
-
Size
2KB
-
Sample
230507-1mxjfsfh72
-
MD5
df74ae4f1c9b9e49871bf744653cb29c
-
SHA1
0ab311fb063c1e45bf7c9c638d801aa9d158d4e7
-
SHA256
6a2ef81132e27e538d59e4e49ca1bc79abf88a568c4f1099ee867a8b167962da
-
SHA512
a715e9917244099fc8f1fd7b4f7d4ba0a8021de129a5bcd930b1d21715ae56611522f399fa0321e8ee8ca45e07de20a694edcebcaf59c4d8cc4864e039778af7
Static task
static1
Behavioral task
behavioral1
Sample
hfw0xBaK.html
Resource
win10-20230220-en
Behavioral task
behavioral2
Sample
hfw0xBaK.html
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
hfw0xBaK
-
Size
2KB
-
MD5
df74ae4f1c9b9e49871bf744653cb29c
-
SHA1
0ab311fb063c1e45bf7c9c638d801aa9d158d4e7
-
SHA256
6a2ef81132e27e538d59e4e49ca1bc79abf88a568c4f1099ee867a8b167962da
-
SHA512
a715e9917244099fc8f1fd7b4f7d4ba0a8021de129a5bcd930b1d21715ae56611522f399fa0321e8ee8ca45e07de20a694edcebcaf59c4d8cc4864e039778af7
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Drops Chrome extension
-
Drops desktop.ini file(s)
-
Legitimate hosting services abused for malware hosting/C2
-
Sets desktop wallpaper using registry
-