Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
7DeskSpaceT...up.exe
windows7-x64
7DeskSpaceT...up.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDIR/UAC.dll
windows7-x64
3$PLUGINSDIR/UAC.dll
windows10-2004-x64
3deskspace.exe
windows7-x64
1deskspace.exe
windows10-2004-x64
7deskspace1554.dll
windows7-x64
1deskspace1554.dll
windows10-2004-x64
1deskspace1554_x64.dll
windows7-x64
1deskspace1554_x64.dll
windows10-2004-x64
1deskspace_x64.exe
windows7-x64
1deskspace_x64.exe
windows10-2004-x64
1help/html/...e.html
windows7-x64
1help/html/...e.html
windows10-2004-x64
1help/html/...d.html
windows7-x64
1help/html/...d.html
windows10-2004-x64
1help/html/...e.html
windows7-x64
1help/html/...e.html
windows10-2004-x64
1help/index.html
windows7-x64
1help/index.html
windows10-2004-x64
1uninstaller.exe
windows7-x64
7uninstaller.exe
windows10-2004-x64
7$PLUGINSDIR/UAC.dll
windows7-x64
3$PLUGINSDIR/UAC.dll
windows10-2004-x64
3新云软件.url
windows7-x64
1新云软件.url
windows10-2004-x64
1Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
12/01/2024, 08:24
Behavioral task
behavioral1
Sample
DeskSpaceTrialSetup.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral2
Sample
DeskSpaceTrialSetup.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
$PLUGINSDIR/UAC.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral6
Sample
$PLUGINSDIR/UAC.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
deskspace.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral8
Sample
deskspace.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
deskspace1554.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral10
Sample
deskspace1554.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
deskspace1554_x64.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral12
Sample
deskspace1554_x64.dll
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
deskspace_x64.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral14
Sample
deskspace_x64.exe
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
help/html/configuring_deskspace.html
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral16
Sample
help/html/configuring_deskspace.html
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
help/html/getting_started.html
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral18
Sample
help/html/getting_started.html
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
help/html/using_deskspace.html
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral20
Sample
help/html/using_deskspace.html
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
help/index.html
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral22
Sample
help/index.html
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
uninstaller.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral24
Sample
uninstaller.exe
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
$PLUGINSDIR/UAC.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral26
Sample
$PLUGINSDIR/UAC.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
新云软件.url
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral28
Sample
新云软件.url
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
deskspace1554.dll
-
Size
64KB
-
MD5
23964738fcb5b1025b1c44bd86acfcd6
-
SHA1
f01b4ae247f7b1277a4cf958912baa9279fbe857
-
SHA256
10bd8e8da82188a1eb5d4ee8bf3ed65c8d736a88ae88d5b3e1fb0ffa1a41b1b3
-
SHA512
3111632756daef482ba31db9d22803589360fb7adb48deab844197179f79ecb3f451f3aaf2877cd0faea20bdfc2def018f7ff4012f6e3457fefb4c703c351ae5
-
SSDEEP
768:IMY9PC/kDH8Xp43g7VeiR8kS8b1FFll0urC5xjcRLfINb:ZJsbr3Ce9kDLl075xI1INb
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1416 rundll32.exe 1416 rundll32.exe 1416 rundll32.exe -
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1972 wrote to memory of 1416 1972 rundll32.exe 28 PID 1972 wrote to memory of 1416 1972 rundll32.exe 28 PID 1972 wrote to memory of 1416 1972 rundll32.exe 28 PID 1972 wrote to memory of 1416 1972 rundll32.exe 28 PID 1972 wrote to memory of 1416 1972 rundll32.exe 28 PID 1972 wrote to memory of 1416 1972 rundll32.exe 28 PID 1972 wrote to memory of 1416 1972 rundll32.exe 28