Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
3Static
static
1COVAULT-19...r).rar
windows10-2004-x64
3COVAULT-19...s.json
windows10-2004-x64
3COVAULT-19...19.exe
windows10-2004-x64
1COVAULT-19...19.exe
windows10-2004-x64
3COVAULT-19...19.pdb
windows10-2004-x64
3COVAULT-19...v.json
windows10-2004-x64
3COVAULT-19...g.json
windows10-2004-x64
3COVAULT-19...ry.dll
windows10-2004-x64
1COVAULT-19...on.dll
windows10-2004-x64
1COVAULT-19...og.dll
windows10-2004-x64
1COVAULT-19...ol.dll
windows10-2004-x64
1COVAULT-19...ws.dll
windows10-2004-x64
1COVAULT-19...er.dll
windows10-2004-x64
1COVAULT-19...er.dll
windows10-2004-x64
1COVAULT-19...ws.dll
windows10-2004-x64
1COVAULT-19...og.dll
windows10-2004-x64
1COVAULT-19...ol.dll
windows10-2004-x64
1COVAULT-19...ws.dll
windows10-2004-x64
1COVAULT-19...ry.dll
windows10-2004-x64
1COVAULT-19...er.dll
windows10-2004-x64
1COVAULT-19...rp.dll
windows10-2004-x64
1General
-
Target
COVAULT-19 (server).rar
-
Size
1.5MB
-
Sample
230418-stn7naeb2w
-
MD5
bfe336594aca010419d239440e786f98
-
SHA1
fd652ad0e90ecb26d6871fd3dadf3d3839d238a4
-
SHA256
441c40dab907570edb0bbd3e3877d337a7656799d8c185831deaad1cd7d5ee26
-
SHA512
de53531e5953dd915c775ef25924443bdf8f9018864e2baf67d35a4b21fad813625f2df07cb82a95c582a665bd41a36589792649c0dc5bcfae30a6268fc69b42
-
SSDEEP
24576:eYQ6Ihwyw+6jIoZKq8Fuv+oBwXxSobSKQaAdYT1cqu6APGLKPuuIFibGuevVEUS7:eK1Fdd8FHruVHyc/G2uBFibu93nrw7
Static task
static1
Behavioral task
behavioral1
Sample
COVAULT-19 (server).rar
Resource
win10v2004-20230220-en
Behavioral task
behavioral2
Sample
COVAULT-19 (server)/COVAULT-19.deps.json
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
COVAULT-19 (server)/COVAULT-19.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral4
Sample
COVAULT-19 (server)/COVAULT-19.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral5
Sample
COVAULT-19 (server)/COVAULT-19.pdb
Resource
win10v2004-20230221-en
Behavioral task
behavioral6
Sample
COVAULT-19 (server)/COVAULT-19.runtimeconfig.dev.json
Resource
win10v2004-20230220-en
Behavioral task
behavioral7
Sample
COVAULT-19 (server)/COVAULT-19.runtimeconfig.json
Resource
win10v2004-20230220-en
Behavioral task
behavioral8
Sample
COVAULT-19 (server)/Microsoft.Win32.Registry.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral9
Sample
COVAULT-19 (server)/Newtonsoft.Json.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral10
Sample
COVAULT-19 (server)/System.Diagnostics.EventLog.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral11
Sample
COVAULT-19 (server)/System.Security.AccessControl.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral12
Sample
COVAULT-19 (server)/System.Security.Principal.Windows.dll
Resource
win10v2004-20230221-en
Behavioral task
behavioral13
Sample
COVAULT-19 (server)/System.ServiceProcess.ServiceController.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral14
Sample
COVAULT-19 (server)/WindowsFirewallHelper.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral15
Sample
COVAULT-19 (server)/runtimes/unix/lib/netcoreapp2.1/System.Security.Principal.Windows.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral16
Sample
COVAULT-19 (server)/runtimes/win/lib/netcoreapp2.0/System.Diagnostics.EventLog.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral17
Sample
COVAULT-19 (server)/runtimes/win/lib/netcoreapp2.0/System.Security.AccessControl.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral18
Sample
COVAULT-19 (server)/runtimes/win/lib/netcoreapp2.1/System.Security.Principal.Windows.dll
Resource
win10v2004-20230221-en
Behavioral task
behavioral19
Sample
COVAULT-19 (server)/runtimes/win/lib/netstandard2.0/Microsoft.Win32.Registry.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral20
Sample
COVAULT-19 (server)/runtimes/win/lib/netstandard2.0/System.ServiceProcess.ServiceController.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral21
Sample
COVAULT-19 (server)/websocket-sharp.dll
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
COVAULT-19 (server).rar
-
Size
1.5MB
-
MD5
bfe336594aca010419d239440e786f98
-
SHA1
fd652ad0e90ecb26d6871fd3dadf3d3839d238a4
-
SHA256
441c40dab907570edb0bbd3e3877d337a7656799d8c185831deaad1cd7d5ee26
-
SHA512
de53531e5953dd915c775ef25924443bdf8f9018864e2baf67d35a4b21fad813625f2df07cb82a95c582a665bd41a36589792649c0dc5bcfae30a6268fc69b42
-
SSDEEP
24576:eYQ6Ihwyw+6jIoZKq8Fuv+oBwXxSobSKQaAdYT1cqu6APGLKPuuIFibGuevVEUS7:eK1Fdd8FHruVHyc/G2uBFibu93nrw7
Score3/10 -
-
-
Target
COVAULT-19 (server)/COVAULT-19.deps.json
-
Size
13KB
-
MD5
77b946036651a45b9a940361b668ff4c
-
SHA1
8e8f9e4ecfbd67c785e26c6a8e148cbe3cc98be3
-
SHA256
738a01d18ef137469d5cb7b9abdfddc4e8eb7ee0d6bb342d95a325f6341caf7f
-
SHA512
2a8eb839c1e1ef13256f0216dd43072b748dc2558fab29f67fb2d3c4d4a748af759a056811b3dded34bd721699cae731bac2869fd6aecfe6d74ed9f44b53cc92
-
SSDEEP
192:Y1DCqRRCcpUytCVqKAKKrRGXV5vfa4X3T7:YYGRCcpUywGbrcFY4P
Score3/10 -
-
-
Target
COVAULT-19 (server)/COVAULT-19.dll
-
Size
487KB
-
MD5
995531160eafcdcf7e1a860ba96abbd3
-
SHA1
b4981b47b374e3d66fae7bc894ab8cfdacc9414e
-
SHA256
6e9d8ac34e819e4e6822ce776fd711c7a61f1fd5c4699f4779cffe64f2818d98
-
SHA512
9f0d2f207c0cd544581288a2cd52fa3971eebf435b87dcbfadf58c1e9165bbc5fed4ebc5facc83e65f7346b67422fb959d38cd3270f8771a7e4157d32fad70a3
-
SSDEEP
12288:eH02rhrrYOQX3P1Xm1Op7/OdogdwiKB6NrfTkvnR/2x:eXrWX3PAm7mdogo6rfTEW
Score1/10 -
-
-
Target
COVAULT-19 (server)/COVAULT-19.exe
-
Size
517KB
-
MD5
6f47cbc498ca869d95a2b98c1958110e
-
SHA1
1b98c2946eb7a130ce03fa3168fac65b1db4ddbf
-
SHA256
569d2dda14d54d9cf6a064138b9ae0f08b44023219eb71c9729ee4397311113d
-
SHA512
771b95f0b16fa15843cd5121e26fb2a1f7b06f4864e2a4a601fae9f7193b32801ab419ff67d00f544814c5d63ab8592b59567f46245d87134bc777118df59b51
-
SSDEEP
12288:MLDnyp4enDbOQX3P1Xm1Op7/OdogdwiKB6NrfTkvnR/2x:MPyp4eDjX3PAm7mdogo6rfTEW
Score3/10 -
-
-
Target
COVAULT-19 (server)/COVAULT-19.pdb
-
Size
44KB
-
MD5
063fd1d52fa5897fe9e148344d4c5f79
-
SHA1
32b3a23a726efb1b603d2e33407f76c54b83fb74
-
SHA256
fe8f065a1964d28b9e6928b456f4bad0d7aaf36adb72a292f9ed58d9d852dee8
-
SHA512
0bd57a2b8ee395fa913930ce641edb59c385cd6c0d619479343370883f676f260d379cfa1a7d5bb89eb27d3e9a53c4622c38a2f71159560abd2df751582b2b63
-
SSDEEP
768:Z6BBrHayRMNecIy0BTtJLoXz1saxXwwwwQFrU:Qr6yRMENBTtJkX+mwwwwQFrU
Score3/10 -
-
-
Target
COVAULT-19 (server)/COVAULT-19.runtimeconfig.dev.json
-
Size
326B
-
MD5
c3e9e8dc7d81f82783046b1ebc69a5a8
-
SHA1
f4a9fabf4fd3c7620e809b47a51c44bfa2d3923c
-
SHA256
e56023444c905bb08648059f8caa12fc93fa0760a226b8f53d2fa3be88f0b89f
-
SHA512
f85e09a7b4f6ed885dc69ae8c7f31653afe558140bd86c36ec328644d4be46150eb36eb572122c1a6d3d5de86083d4ddbb6f022e83da8a5cf370d4bdc1b9a70e
Score3/10 -
-
-
Target
COVAULT-19 (server)/COVAULT-19.runtimeconfig.json
-
Size
260B
-
MD5
8ca3b7795e000c8aeb8da3e7a4ecbeea
-
SHA1
3af08e88a8c7d3b31135ec105105d8ecf1a8af8d
-
SHA256
2c6dd6135c044b210aa1168389205f5c4c2b6d721328f15a69d4dbde3510030b
-
SHA512
3cc0a89c936708ed7c744630ca2e8c734b3cb2356cfb52a7b77779f88d838635f4d5c896ae18964f4c87b1da6b50d416ccbcea7ede5a605350180ed3fda5349d
Score3/10 -
-
-
Target
COVAULT-19 (server)/Microsoft.Win32.Registry.dll
-
Size
40KB
-
MD5
e1d9a5b63a29e0be888ca6952700ab83
-
SHA1
819607a0c5acd057219e22cc1174a2e3078b9d6f
-
SHA256
340933ad6701077ae9b8035e4671803d86074ab32f2de8165acfdb954bd260f6
-
SHA512
5e153bc90195e20e503c8c04b1361598947de3500c8c6f6fd6baf0e245aa5afc7d84bf55787d11914a28c0e8186a29360a94fcc8b816f482045b7032ea8738d3
-
SSDEEP
768:JipxaP/LOgSJzldoB7ViedPHAsmlxPvyyE:AaP/ybu7ViCPHZmlx3yT
Score1/10 -
-
-
Target
COVAULT-19 (server)/Newtonsoft.Json.dll
-
Size
679KB
-
MD5
916d32b899f1bc23b209648d007b99fd
-
SHA1
e3673d05d46f29e68241d4536bddf18cdd0a913d
-
SHA256
72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661
-
SHA512
60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6
-
SSDEEP
12288:1eos/POdGV5jfWrV/9Yeh9eRcyLfLYtT5mWxTZ/B7jW5JMtRRpKzQk:10/POdGV5jfW5VnhFyvOB7jW5JMty
Score1/10 -
-
-
Target
COVAULT-19 (server)/System.Diagnostics.EventLog.dll
-
Size
49KB
-
MD5
14b8ab0f426d52342f2098023b287623
-
SHA1
d79df6f5f70373e70202782aad9edd76db95939e
-
SHA256
c476fbc42f2a4161833020ea65e8a895561f6b64c6f531d52dda4324d27b4d8b
-
SHA512
8237d400336afd2e4faddf139e74935e5a9b530684fdea37843d2aaa73bd8e1505a3acabb7368551c6ec53bd7877ca75f3c6541c1f81d8964772d1d5cf9d7b88
-
SSDEEP
768:etd17d/cc2PK5SUizOAFipsH+MKmL+7NQ1OaY7pykJ:KF/cc26whifMmNP7pykJ
Score1/10 -
-
-
Target
COVAULT-19 (server)/System.Security.AccessControl.dll
-
Size
54KB
-
MD5
2aa3be1a5e32b7fc89ee5460a2c4db18
-
SHA1
ff27582916b77d75df896399ede0b9e8ffe369ef
-
SHA256
93084849c17a21f641c13c9f17545cfe18c1ec097561f3f0ebbbe26f358ba120
-
SHA512
f470fe10e0033a8d96de8a747243eb1f90e07108873270d4ca538a02f46ab20232fd715b05a2f23357c0d58b0c845c4e7ea35f453b90aeda2942f36d57d6d498
-
SSDEEP
768:dfYY2UVC44RvZy5cgPWOUl9QR2OreWBkyNFazSuVN:WYtV+hy7WOUlYbrlAzhVN
Score1/10 -
-
-
Target
COVAULT-19 (server)/System.Security.Principal.Windows.dll
-
Size
36KB
-
MD5
a1f634780387ab0b5219a8741366f4a2
-
SHA1
0cf42e1bd78443ae1d6c16223a7ff463c5105d21
-
SHA256
7828dfd952a9fd49404477baff714849177d9f18c0654adafadbdcafb4b21f47
-
SHA512
77a1a74ed08c746c0de4d523d0128233ebe8af601127bff5a2531a8f062ac83d2e6c792b54ab17ecb0cd4ef4a9ce3216975953ceae8ebaf26374bf809a79bfd0
-
SSDEEP
768:Ur8Jx0w6kYq/fru6/EBiOBGyU3J8R64N3:NYq/fL/EB9BGyMJA649
Score1/10 -
-
-
Target
COVAULT-19 (server)/System.ServiceProcess.ServiceController.dll
-
Size
32KB
-
MD5
81d2db93fd0ac4c7130d49b6d1e16ad8
-
SHA1
e26df3ca56328570d82e5c4464f5be1c7e22f421
-
SHA256
fe8f5811cc2312916402d720bedef088aa277673ddcac9318a790279e77810f4
-
SHA512
010db23754959b5565571ed17baf621493146b0cdbff3d1d4296134e53e6cb5dce138b48aa0a06a8d592871ec1bff20982437a8eabfb7f3ac8872efca5cc52a2
-
SSDEEP
768:C40Smq62df/uxb7aYN92D1NltSvL7iJZE:0h2Nuxb7aYN0pSvL7iJZE
Score1/10 -
-
-
Target
COVAULT-19 (server)/WindowsFirewallHelper.dll
-
Size
199KB
-
MD5
af6bfb45c96b2474bfe8c8fde7728091
-
SHA1
1b94512ac341650a73e5b99c93e36e471a044055
-
SHA256
0aa29831929aca3f7f621563bac395e8b50f9eadd99edf61fd30c8f758c9b189
-
SHA512
97a8ab795b50d58416c061d73a052b7ddc421d789d64252e809662ac9fa2f35aee44ea323f8ea9c9d4b278a72cb64fac61e4a4fbde7c8cb6aca1eafeb21f9579
-
SSDEEP
6144:nxtZOq63JJIBgrf/9HNclgH59x32ZKPu:nxOqfgUgH3F2ZKPu
Score1/10 -
-
-
Target
COVAULT-19 (server)/runtimes/unix/lib/netcoreapp2.1/System.Security.Principal.Windows.dll
-
Size
36KB
-
MD5
0035b12417dfd1d22d43d696968cb54f
-
SHA1
76ae451be0b87ac0a7cd5de80edbe117ae191535
-
SHA256
f470c7ee0f99f5ceaa25f51970988cfbcddbe0f8dd8491ca3e9cf4f9f52fdb75
-
SHA512
600a2ce00f779d0a2f87ca23cf3c6d280067666879a3978923056b094815830aea9caba7a5e32bfc6a0b973c8d2a6d706eea1f73658ead840cc05ae705841f43
-
SSDEEP
768:hr8Jx005YLlU2mM0faosEbTnQD+o3J8RkK4Rw:4YpFosEbTQD+oJAkKIw
Score1/10 -
-
-
Target
COVAULT-19 (server)/runtimes/win/lib/netcoreapp2.0/System.Diagnostics.EventLog.dll
-
Size
127KB
-
MD5
9fb98981ec44d65d5a8fd867d7704dfb
-
SHA1
7558a89c885ebad2fe4fdec28c1eb7235a751c7d
-
SHA256
351f8619c3dafbad38ac8c89349b4c15073a944b2906b42cc7efe6353d21a985
-
SHA512
b0226ad2487ee124953205079f7d13efdd8c4ec92a184a5687607ce78022ce5899bf079aff7a04685b5c44798483642f0996871ceebe094d8965d6ecf1833576
-
SSDEEP
3072:GH/D1R8EYgMivs+qA8fb/+kPbPH5+LKlwnO4S5llBkQ7cEZ7A:GrQLgMivs+qdb/+kPl+4p4Sb7HZ7
Score1/10 -
-
-
Target
COVAULT-19 (server)/runtimes/win/lib/netcoreapp2.0/System.Security.AccessControl.dll
-
Size
99KB
-
MD5
5ca4f84f2270a788fa2beef07a4789b1
-
SHA1
10471c83f8f24880edc09ccfde4464119ca7e9fa
-
SHA256
94d32fbe707c5a162c1f7e37b092f0ec39f5c03152609a140c9f85aa4f8768ec
-
SHA512
e5b7f40396515db845e48967f704438ea06359a4e4ff728fe98e44807a935bf44aa0e1c26d1976a4ee8d587f970cdb40f95f0659910fcda6f8f935968882042a
-
SSDEEP
1536:f8dCzHuriAqBpmBe2mmEdrrrzDhHbVudX0lqxDU:UMzHu+AOmBlmmEdrrrzDh7VudEqB
Score1/10 -
-
-
Target
COVAULT-19 (server)/runtimes/win/lib/netcoreapp2.1/System.Security.Principal.Windows.dll
-
Size
79KB
-
MD5
e9f61f68df63cf7ac8353ca16a4dbd26
-
SHA1
0b94fa28a00c427536cc948e2b0ecd1f6a67a010
-
SHA256
0add93a25fd4e011db55cac9e7c062b807d98447bc8272cf3a24b06b7437c16c
-
SHA512
793a139769f93d74b59f7d46846d3023dc46e129c88a6bace865be9d97806832433248e65886c8d080e241201ad4aa04b4b664db42e612ad5408838afa4af89e
-
SSDEEP
1536:la2wV3WjgCUdS3gDJyUyEy7pZpH1I/GQhaH41D2wlJAw149Tw6:l7wV3YgUCKE6H1d41D2wcK
Score1/10 -
-
-
Target
COVAULT-19 (server)/runtimes/win/lib/netstandard2.0/Microsoft.Win32.Registry.dll
-
Size
52KB
-
MD5
f775a8103a6034d25fbb2934f5e1b979
-
SHA1
e449296d1ae86c6417b3067f6aa5108946c5e15a
-
SHA256
5738f1e014d65979898848781075db25eede1f14d7e38d68cea6a4c49bc2b2c4
-
SHA512
9f52dd9e4cd78ffc240a794752c57158a504071ee45284ee71f93d25b938554c999d60324fdbdbd5b2602429297df4ef6175da44b076a7d6aab1fead5a8a53ab
-
SSDEEP
768:+iyJzkVFn/CEmIF+/x+iJsUYFoNN9B7UwNbhtVi2viXmlxVs/:UJzkGZA+/zJsSrL7HdtViEmmlxVs/
Score1/10 -
-
-
Target
COVAULT-19 (server)/runtimes/win/lib/netstandard2.0/System.ServiceProcess.ServiceController.dll
-
Size
60KB
-
MD5
0d405001dde2c1208985c736cd35d41c
-
SHA1
9f7d50068a0ecb9f105db23e7eccc4dc7f3a363a
-
SHA256
68bb1c7a138878cb3a34f553cd93b3a165779fd59169cad9b95175b673844012
-
SHA512
76a2a4da2fb4d0f6609aede5786c219824c011ed9114563631a492e35d67955715397df1370a84351adbf929235b2ebce64b1b56ad21504c6681a23aee5f8999
-
SSDEEP
768:rrdWBfA9NoaIXvHCTdM9o2b+c+fcil73U/qN92D1Nlt/Nscpzr:rrYBfBaIXvHC2kf5l73UyN0p/NVpzr
Score1/10 -
-
-
Target
COVAULT-19 (server)/websocket-sharp.dll
-
Size
244KB
-
MD5
7379936cac71973885587a3bc6fbb70b
-
SHA1
e72fec39314d7eb75f13c1ff0459515d95dd910c
-
SHA256
fb06ffceb4f8789c893d2f292e5810927dd7266d3bad68df2cedb8775500e8be
-
SHA512
d9da358bcc134232f6418d49fe98c427ad49fe8a212a2f166fcbf1718d0a8f8b0fa055caec30b267c6e4b1b4d687f08394830e3fadbae812c4b255abdf8c7b7a
-
SSDEEP
3072:ZLixO6zz8t4OXDegbQy058MP2pZrCmrrDse0ecdfF7b2gqEiyDvSmqtNlVusC519:Sn8nDenoRXoJF3bqEiyzZ5m1FsgU
Score1/10 -