Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

DepraviA-SARIEL.exe

windows7-x64

7

DepraviA-SARIEL.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    78s
  • max time network
    21s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    28/01/2024, 10:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DepraviA-SARIEL.exe

  • Size

    849.4MB

  • MD5

    6bb7ddbcea2561950d2dbff42fca0f57

  • SHA1

    ac8456842ae9654c96317602caf2f966d493b60a

  • SHA256

    1d5748a491556e4e530b927c9dc4f933ac7cf0ea29febd0f82380876e27e10c0

  • SHA512

    2d23c8fe438a066a36451125e044b02146a8391672fe5a59dc156d86e5de4ba0b9350fd3df447452ed9612ab7707873282ccafb5798b54d82ab9b4d3fb209bbe

  • SSDEEP

    12582912:FJJKAji1TGHXtGmlA/vmFNbl/83DltYYSabGOR+Cs+ltwyCOKgq:F1jihG9GQA/eFNblwpRbGOR+Cs/y/e

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 22 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DepraviA-SARIEL.exe
    "C:\Users\Admin\AppData\Local\Temp\DepraviA-SARIEL.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:940

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\360Movement.mfx
    Filesize

    18KB

    MD5

    bf027104686625d77e45dfdee10a1634

    SHA1

    ac37495df6e14f4f6281ed0b4dc28e1ce0fe835a

    SHA256

    1fd41ebce06d941626e9159fbdcdbd4e28656e5a8b35ffbe11c42c97da962017

    SHA512

    0b0645836f97e572e3f1f8c057f179389bef99f2a168107ab5b1b368bdaf4834aaa5df6f1513aeee6539c9722241262d629b5ba1a1785a9f48499ff7badaac01

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\AdvDir.mfx
    Filesize

    12KB

    MD5

    cd827d3d88759afbcdaa300062e3cbb6

    SHA1

    d2e4b9275ee046d1420fe69791941c002c66d3e4

    SHA256

    00c1bca2512b0d6278afd9bde4693348497238a233950621502962fd4b5df8ea

    SHA512

    30569c2cd796ab336d7feb7abef53bcb7dc95d98628946aced4ccc00e505aacae641ccda5a4ae7e4bbd32e5aa28402b4863d3f03b9d30ae57d16db768a46d5fb

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\BanIME.mfx
    Filesize

    80KB

    MD5

    b574c2082e3966561073cad7a6df7654

    SHA1

    42315c271dfcd676c4ba583173987b76006751a6

    SHA256

    b3231ee835cbaf3606bba10f91746dd45c6161dbe3d18559be5ba0c97bc84fde

    SHA512

    e82dcd88ca93b916a170bba9f02c4faaadf5831c6730f85303fcfc448cae955a51ccd8e1afe4869a6d655af15dae66f3efaae65085f535b8ce3d6fc94413028c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Box2DBase.mfx
    Filesize

    189KB

    MD5

    179efd74ed30f048deeff844a971e916

    SHA1

    7f63001a0984a2b025efce7aef05e7e8b991df2b

    SHA256

    c8920bf04f637abb1b0b884e10eb1536e3408ed7c39ab86719b97c50fbe44d78

    SHA512

    a7e8096d9a21b1a1bfd6495ef9e9e96ecab466c54aae759207c6dfc289fb0767114b9502dc09652dc9ace4351f1a6df3c8d470e660e42cd4bf534b2eb34b457d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Box2DRopeAndChain.mfx
    Filesize

    121KB

    MD5

    c19a3d7899cb8fcd96b2db95f1256190

    SHA1

    ef3c44aba9e60353411f491dae5907053c2fe9ff

    SHA256

    24820f5232ee15683bcc4c6d88153ca3ceabf28d410f1e3b306531e58dd8d4e5

    SHA512

    b7fde626772d305320f6ac16bccfda30653526c68b16396525ca1fbb93d985f75da6e847febb2c6c50ecca39dcf51b340a3741165e704b80776582e77d2df310

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\DlgBox.mfx
    Filesize

    64KB

    MD5

    ec030d17acc68a37b7c7ae6c8e0785c0

    SHA1

    30cad56d3f76ae5d8ef9e79f8765af53df08b456

    SHA256

    9ab3d761062c33964b202cfe0a56ebafdecd7a10a6016c257f4618fc6974c354

    SHA512

    36538d8e8281a22a7deec5176bb7b2237b0435fedada9047c7fc42fdd2b32145e258fc434dd786d1c863f9d2069eb9150f2a869715c19ddf679e17a3a3da83a1

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Easing.mfx
    Filesize

    168KB

    MD5

    052d1c7eed7b50a18eddc10dfad3ae22

    SHA1

    6f88687f930e73106d2b8af00f5317eca74e0c61

    SHA256

    1b5e79e999c4cff19fe0260bdeaeeaea0fcda6057bf6d17bf0f121e9797d20ef

    SHA512

    ef89c692a47d2ad66d6f4e722e9b330a85cca0faea2f022abfc3da3c1d32fc7c0cf01d6a6e36fddd0b82c97eebc707c9e00e2431792d551b7178fb8d50452966

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Joystick2.mfx
    Filesize

    170KB

    MD5

    08260414d68acd15d002047678cf4f78

    SHA1

    3151c50a0a22f3f57c30d626f53a04476fce6d8f

    SHA256

    e057b85bbb0064e4ccfe17be3f2700d1f5d675290c57c4bc0adfc7da7e9d7c26

    SHA512

    65e77241119601484705e5ac917d2b2e83c1def01564e6255789d663979f2c02fb5897083cf8caa5d86b618de53161aef189b736b0a929d45c4fea60da27a76a

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Layer.mfx
    Filesize

    129KB

    MD5

    798ab051b0755030efecfc34eec4a5dc

    SHA1

    4ee11c0985032da07e6a0f566f96486f84144d3d

    SHA256

    ac21bb860584fcf0fb4d2a1b58800c7dc55466ed04e25931c6f2ccbe94b8431e

    SHA512

    fcc01a71e28df2efb0218ed60e466f5fc69244b761071bc36535e7039cf992933084a3ea1bb7615650ecc55580dab7bcaecd4eb44906bc6eedcaa8a6a1d7cd18

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Platform.mfx
    Filesize

    21KB

    MD5

    f028a9790936f628964ffb256405aebb

    SHA1

    2dbecca5034f39a78e88cdf962208f742ff43302

    SHA256

    722e0aeb4d6424e95df58c01e5b787a7bcc0b1e1f1c0cf86b18388c42980cfcd

    SHA512

    f0d3d204e8ec563092d4dbb60dce0370acda92fe39b07e8f021dbc28f56041dc8ddc382b1326cfa8fb694a16a57ebdc56f0824cbf5c9abbe47498e973bff3b32

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\TextSprite.mfx
    Filesize

    244KB

    MD5

    b2b13b93f4200671d54ef2768e91e865

    SHA1

    7f05dda987deef85be57f8af41f2c6c10bdda0aa

    SHA256

    150595dace97fa4be705df2e40a0e1af7beb16f9cdb1189879540f9d6f6af2f4

    SHA512

    0f846484a0b901903e1ca9cee50deddbb490401b7f818082642d528e055225d214b71d77a98039c8aba246177ac92f462279fd32dc00662c45def18ef8d2d2f4

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\XBOXGamepad.mfx
    Filesize

    82KB

    MD5

    46636f8ff04b7dbc2df8a2c11a373744

    SHA1

    80e9ca14771d7cb41d0c43e17dfebe4cf11b2487

    SHA256

    e6b50d6404c767d937d5020c3c373635d233efb26af66984072f6abee22294a6

    SHA512

    e417e731f6628e12cc8b061a02c8d3b536cabf76105da45ddd9c3221b770e5eae5849c528b36a29400b2cb6ab1e96adefecefb55b1c243fc7197345521ee9364

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\clickteam-movement-controller.mfx
    Filesize

    31KB

    MD5

    166d3ace4f930b01bc02203e520d7623

    SHA1

    fcc8dc63428f8bc52b0648b7d304a1ec65ffa069

    SHA256

    b5123471a87b24df82bd77bec0ea3ad435e34b6052d1fc63aa79dac07faab593

    SHA512

    4c748dcdf7a6154bd40078e1058e5ee9c3f258f796ac88b38f00fc185f28a1699d9b4f774b9db419f91568a70d2c3b0aa4bfc90f0027b443b8c6828bdb0b579a

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\ctrlx.mfx
    Filesize

    44KB

    MD5

    ceb8b2e522d0aaaecdf69b3bcc89a530

    SHA1

    c1cf769a96a9612f7fd0c1965413f4a57e4907e1

    SHA256

    3407eb12f6bacec5ebd4df96ff3fd34741a3919fd46c2ec527364c5f1e753a65

    SHA512

    3c46743c635eb96351e6a82490cececb24e6a104433c962f263ec01cf78fa9747d4f56d05c3085c0a18eff7c180b145df5e8e74bc008fe2f617f7f4c24be0331

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\d3dx9d_43.dll
    Filesize

    326KB

    MD5

    b3c1c2539a072736f4a273c721714529

    SHA1

    6157cc6982185cb294f16cf4e6fa356102e45f15

    SHA256

    391084c725c5a09220fe8a1afe0f8ab2cee31d509d6fe5ba90fbfab37e153813

    SHA512

    e80e78929f1efec80ee17d30ee491b65c70d6d0a725eaec9d63637e8995494d30c2d3645db05c6c38d9863e0868b9c1d287947647ca68db200d9b755e3d9bf5d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\d3dx9d_43.dll
    Filesize

    309KB

    MD5

    b3c6933ea852bfe5b0bb4cfd8b11d0be

    SHA1

    55e0cd4e624935ed8774672d9dc9b423a9cf9d10

    SHA256

    c3ae6ea17660a8e2a2320ed93e97cf16251f58254267607a78c9221c4072eac6

    SHA512

    9588d352cead960c86086b46a4f5feeb53f39317db3a186a6297678d4ea2e29e602ab60ce380e3a1e299d72b608e874713fa579c61f736d622af5f306bd9de99

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\kcini.mfx
    Filesize

    114KB

    MD5

    9b470f29fb1d571b63e517d822d295a0

    SHA1

    3a95c36f7ed741988a55d728c9f2df8343f32b43

    SHA256

    c98a74e5b67fb292bba29ada9d9a9693b327046ef4aaa5f0ace86908cd77c67f

    SHA512

    536d123e851e2a962b5a6a5b1ea1078db50cc0b5798a170b44960145df282db7bbb93a74568ab019f7b12e9c45d49f3093e2bb9d29f80018135e9d9fb526670a

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\kcwctrl.mfx
    Filesize

    79KB

    MD5

    425ae02cf4dcca251d82cda80661e520

    SHA1

    d4377993d8fd7740584ff077c7c61a0e9bd54431

    SHA256

    a48287f514771f44411f154606643645f25dfde5e4f21e1dbda0c520387100a4

    SHA512

    edbdbd7a8b025174623b5a7b5115a9052bc82f76fc3fc84e3e60816e7428e8e5122c8fa3d1091691090133792393faab127df31e8db937d708096876441530ae

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\mmfs2.dll
    Filesize

    500KB

    MD5

    43c1c87566e3fefa2dc78ffbe4cf8e98

    SHA1

    80fc88bece37368bf733c402ef13362d6e0217bb

    SHA256

    f6f59c5dca211e93b4001a063fdb51021116322bdf27aceeb25c32395cdb9e02

    SHA512

    ef561cb182b2fa7b4efae55081558c8bd3685bf3e7e179202db5b573ac257f62337440eecadf6d22ce5c1b51600334d5284211b9fb34b882bc4ac37bbe81e436

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\spine.mfx
    Filesize

    445KB

    MD5

    8806a64928a5176e5c41aab1efeee338

    SHA1

    816e67c7237e67e3ac0bf4eed8f5c9cecef9e98e

    SHA256

    8ca93a0b8ab0471aea17a58861249b7512b10dec2f3e4097be284a3d0f5d45d1

    SHA512

    19fb08656b7adf107ba7ccfc86af526912fdd6c0624ee48db9dbf4c19f38e8588a760e73c292308b3f2642294cbe575a56d3f3968e78a555326f4bf605c766b0

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\spine.mfx
    Filesize

    352KB

    MD5

    c3726bea0871367b257f017f6df67feb

    SHA1

    ba1aacab8db6cd56f12d740671992c65b760d54c

    SHA256

    09339050c149850487b2ec37ec8a781ebca2a7059a01daef9c3f890424feeed5

    SHA512

    0a0fc76a892737c512978973f51f0361a9ba7a11cffc5795e9c12c8b96802f63c05b8ea71b097a3dbdb4827a90d932ebd8e0088a7f4597058b5b40f27f1bebb2

    Download Submit

  • \Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\ultimatefullscreen.mfx
    Filesize

    73KB

    MD5

    96059dbec69c3904e4d7ce734a4b38d0

    SHA1

    5169934f8d89b0dba963861dcbae55e78fc21dfc

    SHA256

    fd179783ff6e6eb0959185087f33ed4a1b256e58762d9817bcb16888e20f7058

    SHA512

    82977b2c249e47ca37d6fd62f416ed995b4b5f953bc5c18c84bfbdacc2c5b17fdc50c1e736fafcac242a3f8921b5000e0ec84302bc4e0077d6eeee3aa43cc520

    Download Submit

  • memory/940-79-0x0000000000610000-0x0000000000658000-memory.dmp

    Filesize

    288KB

    Download

  • memory/940-65-0x00000000005C0000-0x00000000005F0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/940-53-0x00000000002B0000-0x00000000002DF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/940-75-0x00000000005F0000-0x0000000000609000-memory.dmp

    Filesize

    100KB

    Download