Overview

overview

7

Static

static

3

DepraviA-SARIEL.exe

windows7-x64

7

DepraviA-SARIEL.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    78s
  • max time network
    21s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    28/01/2024, 10:35

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    DepraviA-SARIEL.exe

  • Size

    849.4MB

  • MD5

    6bb7ddbcea2561950d2dbff42fca0f57

  • SHA1

    ac8456842ae9654c96317602caf2f966d493b60a

  • SHA256

    1d5748a491556e4e530b927c9dc4f933ac7cf0ea29febd0f82380876e27e10c0

  • SHA512

    2d23c8fe438a066a36451125e044b02146a8391672fe5a59dc156d86e5de4ba0b9350fd3df447452ed9612ab7707873282ccafb5798b54d82ab9b4d3fb209bbe

  • SSDEEP

    12582912:FJJKAji1TGHXtGmlA/vmFNbl/83DltYYSabGOR+Cs+ltwyCOKgq:F1jihG9GQA/eFNblwpRbGOR+Cs/y/e

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 22 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DepraviA-SARIEL.exe
    "C:\Users\Admin\AppData\Local\Temp\DepraviA-SARIEL.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:940

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\360Movement.mfx
          Filesize

          18KB

          MD5

          bf027104686625d77e45dfdee10a1634

          SHA1

          ac37495df6e14f4f6281ed0b4dc28e1ce0fe835a

          SHA256

          1fd41ebce06d941626e9159fbdcdbd4e28656e5a8b35ffbe11c42c97da962017

          SHA512

          0b0645836f97e572e3f1f8c057f179389bef99f2a168107ab5b1b368bdaf4834aaa5df6f1513aeee6539c9722241262d629b5ba1a1785a9f48499ff7badaac01

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\AdvDir.mfx
          Filesize

          12KB

          MD5

          cd827d3d88759afbcdaa300062e3cbb6

          SHA1

          d2e4b9275ee046d1420fe69791941c002c66d3e4

          SHA256

          00c1bca2512b0d6278afd9bde4693348497238a233950621502962fd4b5df8ea

          SHA512

          30569c2cd796ab336d7feb7abef53bcb7dc95d98628946aced4ccc00e505aacae641ccda5a4ae7e4bbd32e5aa28402b4863d3f03b9d30ae57d16db768a46d5fb

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\BanIME.mfx
          Filesize

          80KB

          MD5

          b574c2082e3966561073cad7a6df7654

          SHA1

          42315c271dfcd676c4ba583173987b76006751a6

          SHA256

          b3231ee835cbaf3606bba10f91746dd45c6161dbe3d18559be5ba0c97bc84fde

          SHA512

          e82dcd88ca93b916a170bba9f02c4faaadf5831c6730f85303fcfc448cae955a51ccd8e1afe4869a6d655af15dae66f3efaae65085f535b8ce3d6fc94413028c

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Box2DBase.mfx
          Filesize

          189KB

          MD5

          179efd74ed30f048deeff844a971e916

          SHA1

          7f63001a0984a2b025efce7aef05e7e8b991df2b

          SHA256

          c8920bf04f637abb1b0b884e10eb1536e3408ed7c39ab86719b97c50fbe44d78

          SHA512

          a7e8096d9a21b1a1bfd6495ef9e9e96ecab466c54aae759207c6dfc289fb0767114b9502dc09652dc9ace4351f1a6df3c8d470e660e42cd4bf534b2eb34b457d

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Box2DRopeAndChain.mfx
          Filesize

          121KB

          MD5

          c19a3d7899cb8fcd96b2db95f1256190

          SHA1

          ef3c44aba9e60353411f491dae5907053c2fe9ff

          SHA256

          24820f5232ee15683bcc4c6d88153ca3ceabf28d410f1e3b306531e58dd8d4e5

          SHA512

          b7fde626772d305320f6ac16bccfda30653526c68b16396525ca1fbb93d985f75da6e847febb2c6c50ecca39dcf51b340a3741165e704b80776582e77d2df310

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\DlgBox.mfx
          Filesize

          64KB

          MD5

          ec030d17acc68a37b7c7ae6c8e0785c0

          SHA1

          30cad56d3f76ae5d8ef9e79f8765af53df08b456

          SHA256

          9ab3d761062c33964b202cfe0a56ebafdecd7a10a6016c257f4618fc6974c354

          SHA512

          36538d8e8281a22a7deec5176bb7b2237b0435fedada9047c7fc42fdd2b32145e258fc434dd786d1c863f9d2069eb9150f2a869715c19ddf679e17a3a3da83a1

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Easing.mfx
          Filesize

          168KB

          MD5

          052d1c7eed7b50a18eddc10dfad3ae22

          SHA1

          6f88687f930e73106d2b8af00f5317eca74e0c61

          SHA256

          1b5e79e999c4cff19fe0260bdeaeeaea0fcda6057bf6d17bf0f121e9797d20ef

          SHA512

          ef89c692a47d2ad66d6f4e722e9b330a85cca0faea2f022abfc3da3c1d32fc7c0cf01d6a6e36fddd0b82c97eebc707c9e00e2431792d551b7178fb8d50452966

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Joystick2.mfx
          Filesize

          170KB

          MD5

          08260414d68acd15d002047678cf4f78

          SHA1

          3151c50a0a22f3f57c30d626f53a04476fce6d8f

          SHA256

          e057b85bbb0064e4ccfe17be3f2700d1f5d675290c57c4bc0adfc7da7e9d7c26

          SHA512

          65e77241119601484705e5ac917d2b2e83c1def01564e6255789d663979f2c02fb5897083cf8caa5d86b618de53161aef189b736b0a929d45c4fea60da27a76a

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Layer.mfx
          Filesize

          129KB

          MD5

          798ab051b0755030efecfc34eec4a5dc

          SHA1

          4ee11c0985032da07e6a0f566f96486f84144d3d

          SHA256

          ac21bb860584fcf0fb4d2a1b58800c7dc55466ed04e25931c6f2ccbe94b8431e

          SHA512

          fcc01a71e28df2efb0218ed60e466f5fc69244b761071bc36535e7039cf992933084a3ea1bb7615650ecc55580dab7bcaecd4eb44906bc6eedcaa8a6a1d7cd18

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Platform.mfx
          Filesize

          21KB

          MD5

          f028a9790936f628964ffb256405aebb

          SHA1

          2dbecca5034f39a78e88cdf962208f742ff43302

          SHA256

          722e0aeb4d6424e95df58c01e5b787a7bcc0b1e1f1c0cf86b18388c42980cfcd

          SHA512

          f0d3d204e8ec563092d4dbb60dce0370acda92fe39b07e8f021dbc28f56041dc8ddc382b1326cfa8fb694a16a57ebdc56f0824cbf5c9abbe47498e973bff3b32

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\TextSprite.mfx
          Filesize

          244KB

          MD5

          b2b13b93f4200671d54ef2768e91e865

          SHA1

          7f05dda987deef85be57f8af41f2c6c10bdda0aa

          SHA256

          150595dace97fa4be705df2e40a0e1af7beb16f9cdb1189879540f9d6f6af2f4

          SHA512

          0f846484a0b901903e1ca9cee50deddbb490401b7f818082642d528e055225d214b71d77a98039c8aba246177ac92f462279fd32dc00662c45def18ef8d2d2f4

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\XBOXGamepad.mfx
          Filesize

          82KB

          MD5

          46636f8ff04b7dbc2df8a2c11a373744

          SHA1

          80e9ca14771d7cb41d0c43e17dfebe4cf11b2487

          SHA256

          e6b50d6404c767d937d5020c3c373635d233efb26af66984072f6abee22294a6

          SHA512

          e417e731f6628e12cc8b061a02c8d3b536cabf76105da45ddd9c3221b770e5eae5849c528b36a29400b2cb6ab1e96adefecefb55b1c243fc7197345521ee9364

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\clickteam-movement-controller.mfx
          Filesize

          31KB

          MD5

          166d3ace4f930b01bc02203e520d7623

          SHA1

          fcc8dc63428f8bc52b0648b7d304a1ec65ffa069

          SHA256

          b5123471a87b24df82bd77bec0ea3ad435e34b6052d1fc63aa79dac07faab593

          SHA512

          4c748dcdf7a6154bd40078e1058e5ee9c3f258f796ac88b38f00fc185f28a1699d9b4f774b9db419f91568a70d2c3b0aa4bfc90f0027b443b8c6828bdb0b579a

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\ctrlx.mfx
          Filesize

          44KB

          MD5

          ceb8b2e522d0aaaecdf69b3bcc89a530

          SHA1

          c1cf769a96a9612f7fd0c1965413f4a57e4907e1

          SHA256

          3407eb12f6bacec5ebd4df96ff3fd34741a3919fd46c2ec527364c5f1e753a65

          SHA512

          3c46743c635eb96351e6a82490cececb24e6a104433c962f263ec01cf78fa9747d4f56d05c3085c0a18eff7c180b145df5e8e74bc008fe2f617f7f4c24be0331

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\d3dx9d_43.dll
          Filesize

          326KB

          MD5

          b3c1c2539a072736f4a273c721714529

          SHA1

          6157cc6982185cb294f16cf4e6fa356102e45f15

          SHA256

          391084c725c5a09220fe8a1afe0f8ab2cee31d509d6fe5ba90fbfab37e153813

          SHA512

          e80e78929f1efec80ee17d30ee491b65c70d6d0a725eaec9d63637e8995494d30c2d3645db05c6c38d9863e0868b9c1d287947647ca68db200d9b755e3d9bf5d

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\d3dx9d_43.dll
          Filesize

          309KB

          MD5

          b3c6933ea852bfe5b0bb4cfd8b11d0be

          SHA1

          55e0cd4e624935ed8774672d9dc9b423a9cf9d10

          SHA256

          c3ae6ea17660a8e2a2320ed93e97cf16251f58254267607a78c9221c4072eac6

          SHA512

          9588d352cead960c86086b46a4f5feeb53f39317db3a186a6297678d4ea2e29e602ab60ce380e3a1e299d72b608e874713fa579c61f736d622af5f306bd9de99

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\kcini.mfx
          Filesize

          114KB

          MD5

          9b470f29fb1d571b63e517d822d295a0

          SHA1

          3a95c36f7ed741988a55d728c9f2df8343f32b43

          SHA256

          c98a74e5b67fb292bba29ada9d9a9693b327046ef4aaa5f0ace86908cd77c67f

          SHA512

          536d123e851e2a962b5a6a5b1ea1078db50cc0b5798a170b44960145df282db7bbb93a74568ab019f7b12e9c45d49f3093e2bb9d29f80018135e9d9fb526670a

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\kcwctrl.mfx
          Filesize

          79KB

          MD5

          425ae02cf4dcca251d82cda80661e520

          SHA1

          d4377993d8fd7740584ff077c7c61a0e9bd54431

          SHA256

          a48287f514771f44411f154606643645f25dfde5e4f21e1dbda0c520387100a4

          SHA512

          edbdbd7a8b025174623b5a7b5115a9052bc82f76fc3fc84e3e60816e7428e8e5122c8fa3d1091691090133792393faab127df31e8db937d708096876441530ae

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\mmfs2.dll
          Filesize

          500KB

          MD5

          43c1c87566e3fefa2dc78ffbe4cf8e98

          SHA1

          80fc88bece37368bf733c402ef13362d6e0217bb

          SHA256

          f6f59c5dca211e93b4001a063fdb51021116322bdf27aceeb25c32395cdb9e02

          SHA512

          ef561cb182b2fa7b4efae55081558c8bd3685bf3e7e179202db5b573ac257f62337440eecadf6d22ce5c1b51600334d5284211b9fb34b882bc4ac37bbe81e436

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\spine.mfx
          Filesize

          445KB

          MD5

          8806a64928a5176e5c41aab1efeee338

          SHA1

          816e67c7237e67e3ac0bf4eed8f5c9cecef9e98e

          SHA256

          8ca93a0b8ab0471aea17a58861249b7512b10dec2f3e4097be284a3d0f5d45d1

          SHA512

          19fb08656b7adf107ba7ccfc86af526912fdd6c0624ee48db9dbf4c19f38e8588a760e73c292308b3f2642294cbe575a56d3f3968e78a555326f4bf605c766b0

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\spine.mfx
          Filesize

          352KB

          MD5

          c3726bea0871367b257f017f6df67feb

          SHA1

          ba1aacab8db6cd56f12d740671992c65b760d54c

          SHA256

          09339050c149850487b2ec37ec8a781ebca2a7059a01daef9c3f890424feeed5

          SHA512

          0a0fc76a892737c512978973f51f0361a9ba7a11cffc5795e9c12c8b96802f63c05b8ea71b097a3dbdb4827a90d932ebd8e0088a7f4597058b5b40f27f1bebb2

          Download Submit

        • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\ultimatefullscreen.mfx
          Filesize

          73KB

          MD5

          96059dbec69c3904e4d7ce734a4b38d0

          SHA1

          5169934f8d89b0dba963861dcbae55e78fc21dfc

          SHA256

          fd179783ff6e6eb0959185087f33ed4a1b256e58762d9817bcb16888e20f7058

          SHA512

          82977b2c249e47ca37d6fd62f416ed995b4b5f953bc5c18c84bfbdacc2c5b17fdc50c1e736fafcac242a3f8921b5000e0ec84302bc4e0077d6eeee3aa43cc520

          Download Submit

        • memory/940-79-0x0000000000610000-0x0000000000658000-memory.dmp

          Filesize

          288KB

          Download

        • memory/940-65-0x00000000005C0000-0x00000000005F0000-memory.dmp

          Filesize

          192KB

          Download

        • memory/940-53-0x00000000002B0000-0x00000000002DF000-memory.dmp

          Filesize

          188KB

          Download

        • memory/940-75-0x00000000005F0000-0x0000000000609000-memory.dmp

          Filesize

          100KB

          Download