Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bf8985856466b55ca4a223d84fbaaee1
-
Size
4.0MB
-
Sample
240311-cc1w5ahd84
-
MD5
bf8985856466b55ca4a223d84fbaaee1
-
SHA1
1f8d5a842a3bb3b7797e04dfc29dba9dba7c8c19
-
SHA256
4cdb5a1fbe2b961c6ee7aa63411a44eee1d86671053ba877c2a5d4e3fcb673eb
-
SHA512
4bb0277a6cc1eb9825f82877862dcbf4ec6abe954190010e2f59391b7a927f8e07e1af71b2381b3383325fa62a7bab173fde0bec217fbaac4da7835aab34658d
-
SSDEEP
98304:jmWUsvbxlmdA8gBrRdcPeVH53ddYYlApslb:jmWDXmdC9d8oHJ9lApI
Malware Config
Targets
-
-
Target
workwinScreen/WorkWinǽƤ.doc
-
Size
2.1MB
-
MD5
52919595b9a9199b85bf8ac08bd602eb
-
SHA1
58f3ed98a84922926fc5b619234151d3599d6d9b
-
SHA256
38f0c9d556860476d7033367086aa371f97054ba01b0fc96acc057b4728798c6
-
SHA512
f94758d4963165853bd448723298d2e56964aafdd3f9c1f8a324d512c3d598acfb2a3c876fc3f1526551e60093e77c2be2ba70fe793c43df6440020d12eb5310
-
SSDEEP
49152:EmbZKIwBXDu9fvRP7UqpBN8JeLEc370sNZGie77:bwVpDu9f5zZpl7b
Score4/10 -
-
-
Target
workwinScreen/Ӷ(Ա)/Ϊװ/Msvbvm60.dll
-
Size
1.3MB
-
MD5
351bc7471a9874acacf7d386fa8be227
-
SHA1
ce82d1ccf593088d09694ef90e44c4ea2761be92
-
SHA256
20cbf8835f6fd3878acacbb7868f7b95a7aae6c2c9d5d0a926337ed31378fa7a
-
SHA512
650efe6986a8e4dadd5fe8f95812052e047421c728fb61eafaa4512b12a41bab074171a9e7ab56d37c34fe284491d5cd4d60931a004d40115ced80c4cb56bbc5
-
SSDEEP
24576:u5gYLuvjckzS11wIJYbvsv9NZHa2kaV7UhH+CJ+oo8lsVhpRZpyi8F3qp/:uOQuvxzS11FjNkaV7UQCJ+oo8SVYFa/
Score1/10 -
-
-
Target
workwinScreen/Ӷ(Ա)/Ϊװ/Setup.exe
-
Size
132KB
-
MD5
1f58af75c11c6aacc500dc9c1625958c
-
SHA1
8cd92514384574d5d6f920604a96dce3d25b7a67
-
SHA256
9a0509b4af9523ffbef2e58bdf7f80e90668bf6ded452c5f751d0e39f3729fea
-
SHA512
db2b699cfbad7fa958a52c90cc66c01c20fd2b10f9d64d1895958108f4e5124612708918d31517e498532020f8e0b94abeb3d71820b331f82fb65bc0de4ae5da
-
SSDEEP
384:ZYDNGSC4qYsL3OHnID0t+SL8h8U9rvndp7n1UmKaxC02yWypNDJbTS:00SC4ujOHnZ+WgmmDxCDyTlb
Score4/10 -
-
-
Target
workwinScreen/Ӷ(Ա)/Ϊװ/Vb6chs.dll
-
Size
99KB
-
MD5
4eb560ad85cc7924f507fbe5a901577a
-
SHA1
574f6a47a809d91dd122f68bd5cc14d9d66aad37
-
SHA256
e6b4aec131b5dd42342d57f0fd9075873527569631e8ce5f411811202103aec3
-
SHA512
3a736fadf1b962b0c39e1215bf3279ef75cc14e37f9923e2380577b030dd45c150a684158dbc3e542bcabfaf9d4636f343dfe0bb9b6a10e6eb02cfaecfd24f54
-
SSDEEP
768:8+0pMmmRv2IKP857UdtzuJRkfYzvL3IW:8+MS2BP854d5TYz
Score1/10 -
-
-
Target
workwinScreen/Ӷ(Ա)/Ϊװ/WorkWintv.dat
-
Size
308KB
-
MD5
c1fc8c1681f87a3534a36ecae5da85dd
-
SHA1
9e97bd91c97deb0a2e958911c8941482458032b4
-
SHA256
587ad15bb2ff490aff122b27114cd0a50d89c54c3c4bdb75c1007bc618a739e5
-
SHA512
bc6522467b5240bddf2bb879ecec458fae8ab107016c47e5ea75bc46bd474c672f9ac01181627109261aae470dc814876b69e8141c6e7f0a56bc4e9e740347e7
-
SSDEEP
6144:wGPWPDwoEPePaPNOGCft2oSj3AO9dqj0AKrlIFHAuP6:w9D82CDQooSX9owAKrgH
Score8/10-
Disables Task Manager via registry modification
-
Adds Run key to start application
-
-
-
Target
workwinScreen/Ӷ(Ա)/Ϊװ/wintvwork.dll
-
Size
24KB
-
MD5
a81cc030872d8c622dd0171084560efb
-
SHA1
8c64f96975ae5e382ef63c8086d9ae84902c2414
-
SHA256
322d23d6e98fc02149905055a8e8498122c234962e9a7a1b5c1d86ad8940a79d
-
SHA512
61fee6298201e066235f464dd313508e5950c43293ec45afb840649252605ee5dd3c3379ce43120671965b771e235f15e9eb8044048ecd3d3191654e0d8ea1db
-
SSDEEP
96:bRqr12rJa0OgotX34Xx9w+2kSKMxbC31CHRvCNGb5kBZzCRsY:bRqBJ0Olt4Xxd2wFIC8+BZORs
Score1/10 -
-
-
Target
workwinScreen/Ӷ(Ա)/Ϊװ/Setup.exe
-
Size
48KB
-
MD5
83a60e0c65738bb3b755e19ea19ad07d
-
SHA1
dcf985e0f994d92240e28141055c3b3f22901283
-
SHA256
60524ee2c2af7800c9749f6f2e6842402f27df638367a7ee4054e89e449b686b
-
SHA512
e25c12bbc4c82de0563adabd010e65834413ee50fb56e5feab990e046a65437f8c9e82a6788c3754e4f3b57ed28a1b7f57ba05c83bdedcec796cf8126622a82c
-
SSDEEP
384:4LKMStpTTylV0BGH+trfER3CK2ha4xGTaKMFIYi6WlEqkrq23WykP:42PTycoIER3PsGTBCW+qmBJE
Score1/10 -
-
-
Target
workwinScreen/Ӷ(Ա)/Ϊװ/WorkWintv.dat
-
Size
308KB
-
MD5
c1fc8c1681f87a3534a36ecae5da85dd
-
SHA1
9e97bd91c97deb0a2e958911c8941482458032b4
-
SHA256
587ad15bb2ff490aff122b27114cd0a50d89c54c3c4bdb75c1007bc618a739e5
-
SHA512
bc6522467b5240bddf2bb879ecec458fae8ab107016c47e5ea75bc46bd474c672f9ac01181627109261aae470dc814876b69e8141c6e7f0a56bc4e9e740347e7
-
SSDEEP
6144:wGPWPDwoEPePaPNOGCft2oSj3AO9dqj0AKrlIFHAuP6:w9D82CDQooSX9owAKrgH
Score8/10-
Disables Task Manager via registry modification
-
Adds Run key to start application
-
-
-
Target
workwinScreen/Ӷ(Ա)/Ϊװ/wintvwork.dll
-
Size
24KB
-
MD5
a81cc030872d8c622dd0171084560efb
-
SHA1
8c64f96975ae5e382ef63c8086d9ae84902c2414
-
SHA256
322d23d6e98fc02149905055a8e8498122c234962e9a7a1b5c1d86ad8940a79d
-
SHA512
61fee6298201e066235f464dd313508e5950c43293ec45afb840649252605ee5dd3c3379ce43120671965b771e235f15e9eb8044048ecd3d3191654e0d8ea1db
-
SSDEEP
96:bRqr12rJa0OgotX34Xx9w+2kSKMxbC31CHRvCNGb5kBZzCRsY:bRqBJ0Olt4Xxd2wFIC8+BZORs
Score1/10 -
-
-
Target
workwinScreen/Ӷ(Ա)/ⰲװɫ/WorkWintv.exe
-
Size
308KB
-
MD5
c1fc8c1681f87a3534a36ecae5da85dd
-
SHA1
9e97bd91c97deb0a2e958911c8941482458032b4
-
SHA256
587ad15bb2ff490aff122b27114cd0a50d89c54c3c4bdb75c1007bc618a739e5
-
SHA512
bc6522467b5240bddf2bb879ecec458fae8ab107016c47e5ea75bc46bd474c672f9ac01181627109261aae470dc814876b69e8141c6e7f0a56bc4e9e740347e7
-
SSDEEP
6144:wGPWPDwoEPePaPNOGCft2oSj3AO9dqj0AKrlIFHAuP6:w9D82CDQooSX9owAKrgH
Score8/10-
Disables Task Manager via registry modification
-
Adds Run key to start application
-
-
-
Target
workwinScreen/Ӷ(Ա)/ⰲװɫ/wintvwork.dll
-
Size
24KB
-
MD5
a81cc030872d8c622dd0171084560efb
-
SHA1
8c64f96975ae5e382ef63c8086d9ae84902c2414
-
SHA256
322d23d6e98fc02149905055a8e8498122c234962e9a7a1b5c1d86ad8940a79d
-
SHA512
61fee6298201e066235f464dd313508e5950c43293ec45afb840649252605ee5dd3c3379ce43120671965b771e235f15e9eb8044048ecd3d3191654e0d8ea1db
-
SSDEEP
96:bRqr12rJa0OgotX34Xx9w+2kSKMxbC31CHRvCNGb5kBZzCRsY:bRqBJ0Olt4Xxd2wFIC8+BZORs
Score1/10 -
-
-
Target
workwinScreen//MSCOMCTL.OCX
-
Size
1.0MB
-
MD5
ecc7d7f0d3446de36045d1d9e964fafe
-
SHA1
da6b0ec081d628c33b150327f3bd16d3b7fa4729
-
SHA256
bc58d624ceea02ab086f1cce809c992bf5a7105e88931853317a2f5aa5afd6e4
-
SHA512
443de697be9886cd97235e6468f3a7f6bf11612711e54dba31431b0d9418672e1434e839ed50cacf28107f692f0c9d9d2f57d90e3a843d81015d459c180db632
-
SSDEEP
24576:s0LiK1d6dxOehwsj5dC33M/jYVRDSfaF0gg1CVGO7oVtNKG:n6dAehwaY19G1u7+Ln
Score1/10 -
-
-
Target
workwinScreen//MSWINSCK.OCX
-
Size
121KB
-
MD5
e8a2190a9e8ee5e5d2e0b599bbf9dda6
-
SHA1
4e97bf9519c83835da9db309e61ec87ddf165167
-
SHA256
80ab0b86de58a657956b2a293bd9957f78e37e7383c86d6cd142208c153b6311
-
SHA512
57f8473eedaf7e8aad3b5bcbb16d373fd6aaec290c3230033fc50b5ec220e93520b8915c936e758bb19107429a49965516425350e012f8db0de6d4f6226b42ee
-
SSDEEP
3072:9PdIuG8UvahsdcYX3UI2EuJ3im/ZCdady+RlTp/VYq63+sB:9PBUyhsdEI2++M+RlTHYL
Score1/10 -
-
-
Target
workwinScreen//WorkWinTvServer.exe
-
Size
1.0MB
-
MD5
3754e27389a076f207aa7f3b0f392272
-
SHA1
bc54b96b0814c36c81915b7b86331a381e82fa17
-
SHA256
77590d7c8a2780112f95b477e50625fcaddd9b542210598b0e25017f3a13ae8e
-
SHA512
6277319494753d4df20a2b6712943987c865b8fbfdc04acbf5adcbf132d7e27f40388aec1b30549676d5ffeff6a8e350743c0bb3e51c4cd7eba56562c6bacc65
-
SSDEEP
24576:+jUhL0/iC14xL/JtiJxMiHMymcOLxr60MxW1JSBByDXc83rA57U:HRRdgOyfWxriQABoXN7I
Score8/10-
Drops file in Drivers directory
-
-
-
Target
workwinScreen//eaagle.dll
-
Size
44KB
-
MD5
e11ce40a82860c0d5e07193af8af7f25
-
SHA1
9028ea14893e9ecc39a2a24e610b6b543b4a66d8
-
SHA256
0fe499940e63d7b91915517c39837e683197d941cdabb649327c6c219e269af8
-
SHA512
68de07e47b134251b096dcef125dca154575b8deeff0c74dfa32e7473b16264037cb595138341b38d3f7f591eb099910f1c2a31ff5184208d76309c4a01773ed
-
SSDEEP
768:aawHR1m+BiTbSQ+Fojy/hJGhOkdWItAes:aawjiTbf+FMyZgDJtj
Score1/10 -
-
-
Target
workwinScreen//бʧܵ.exe
-
Size
20KB
-
MD5
ea493ff9133ff531501c1f7ef5ebe61b
-
SHA1
cd88dec8a94cb1fab3671c76a4ba5843ae7a4ba5
-
SHA256
ec7c7e311c39147e309b4154ea0528fc8d19712e3125680b1dede3cd1d5737eb
-
SHA512
106bc13c927a99bc423401ed5632cc14d723538bdee23de696e30683abf9d3dfa1616a08e96dc22342c7801dd2fe84b2cf679abdd77bbe864e037ce249c7822b
-
SSDEEP
96:A0jAvXtoIu6vvgjXC6PNMcZtr7XbP4kRw0U2ewF304Wabo5VNMc:B86Iu6HgjXDN1hXFzdB304VbGVN
Score1/10 -