Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

DepraviA-SARIEL.exe

windows7-x64

7

DepraviA-SARIEL.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    78s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/01/2024, 10:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DepraviA-SARIEL.exe

  • Size

    849.4MB

  • MD5

    6bb7ddbcea2561950d2dbff42fca0f57

  • SHA1

    ac8456842ae9654c96317602caf2f966d493b60a

  • SHA256

    1d5748a491556e4e530b927c9dc4f933ac7cf0ea29febd0f82380876e27e10c0

  • SHA512

    2d23c8fe438a066a36451125e044b02146a8391672fe5a59dc156d86e5de4ba0b9350fd3df447452ed9612ab7707873282ccafb5798b54d82ab9b4d3fb209bbe

  • SSDEEP

    12582912:FJJKAji1TGHXtGmlA/vmFNbl/83DltYYSabGOR+Cs+ltwyCOKgq:F1jihG9GQA/eFNblwpRbGOR+Cs/y/e

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 30 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DepraviA-SARIEL.exe
    "C:\Users\Admin\AppData\Local\Temp\DepraviA-SARIEL.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2812

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\360Movement.mfx
    Filesize

    18KB

    MD5

    bf027104686625d77e45dfdee10a1634

    SHA1

    ac37495df6e14f4f6281ed0b4dc28e1ce0fe835a

    SHA256

    1fd41ebce06d941626e9159fbdcdbd4e28656e5a8b35ffbe11c42c97da962017

    SHA512

    0b0645836f97e572e3f1f8c057f179389bef99f2a168107ab5b1b368bdaf4834aaa5df6f1513aeee6539c9722241262d629b5ba1a1785a9f48499ff7badaac01

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\AdvDir.mfx
    Filesize

    12KB

    MD5

    cd827d3d88759afbcdaa300062e3cbb6

    SHA1

    d2e4b9275ee046d1420fe69791941c002c66d3e4

    SHA256

    00c1bca2512b0d6278afd9bde4693348497238a233950621502962fd4b5df8ea

    SHA512

    30569c2cd796ab336d7feb7abef53bcb7dc95d98628946aced4ccc00e505aacae641ccda5a4ae7e4bbd32e5aa28402b4863d3f03b9d30ae57d16db768a46d5fb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\BanIME.mfx
    Filesize

    80KB

    MD5

    b574c2082e3966561073cad7a6df7654

    SHA1

    42315c271dfcd676c4ba583173987b76006751a6

    SHA256

    b3231ee835cbaf3606bba10f91746dd45c6161dbe3d18559be5ba0c97bc84fde

    SHA512

    e82dcd88ca93b916a170bba9f02c4faaadf5831c6730f85303fcfc448cae955a51ccd8e1afe4869a6d655af15dae66f3efaae65085f535b8ce3d6fc94413028c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Box2DBase.mfx
    Filesize

    277KB

    MD5

    abb5f9e9c8a9fb001709d1ddd8618441

    SHA1

    51c19dc3c37123a01aeec1d4def6c3cafb966156

    SHA256

    5f07aad4661ec1cabb9c71f9f32c8df575d592713516834dc814b10f97c5d56e

    SHA512

    db8b5b46766da15c708c80dd7c54990137d180bb031bdbf57c290a25355be72e769fc03e928ddf854d24b8170d0aab675870819cc0f82a2e4d4598463fc2cfec

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Box2DRopeAndChain.mfx
    Filesize

    121KB

    MD5

    c19a3d7899cb8fcd96b2db95f1256190

    SHA1

    ef3c44aba9e60353411f491dae5907053c2fe9ff

    SHA256

    24820f5232ee15683bcc4c6d88153ca3ceabf28d410f1e3b306531e58dd8d4e5

    SHA512

    b7fde626772d305320f6ac16bccfda30653526c68b16396525ca1fbb93d985f75da6e847febb2c6c50ecca39dcf51b340a3741165e704b80776582e77d2df310

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\DlgBox.mfx
    Filesize

    64KB

    MD5

    ec030d17acc68a37b7c7ae6c8e0785c0

    SHA1

    30cad56d3f76ae5d8ef9e79f8765af53df08b456

    SHA256

    9ab3d761062c33964b202cfe0a56ebafdecd7a10a6016c257f4618fc6974c354

    SHA512

    36538d8e8281a22a7deec5176bb7b2237b0435fedada9047c7fc42fdd2b32145e258fc434dd786d1c863f9d2069eb9150f2a869715c19ddf679e17a3a3da83a1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Easing.mfx
    Filesize

    168KB

    MD5

    052d1c7eed7b50a18eddc10dfad3ae22

    SHA1

    6f88687f930e73106d2b8af00f5317eca74e0c61

    SHA256

    1b5e79e999c4cff19fe0260bdeaeeaea0fcda6057bf6d17bf0f121e9797d20ef

    SHA512

    ef89c692a47d2ad66d6f4e722e9b330a85cca0faea2f022abfc3da3c1d32fc7c0cf01d6a6e36fddd0b82c97eebc707c9e00e2431792d551b7178fb8d50452966

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Joystick2.mfx
    Filesize

    170KB

    MD5

    08260414d68acd15d002047678cf4f78

    SHA1

    3151c50a0a22f3f57c30d626f53a04476fce6d8f

    SHA256

    e057b85bbb0064e4ccfe17be3f2700d1f5d675290c57c4bc0adfc7da7e9d7c26

    SHA512

    65e77241119601484705e5ac917d2b2e83c1def01564e6255789d663979f2c02fb5897083cf8caa5d86b618de53161aef189b736b0a929d45c4fea60da27a76a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Layer.mfx
    Filesize

    129KB

    MD5

    798ab051b0755030efecfc34eec4a5dc

    SHA1

    4ee11c0985032da07e6a0f566f96486f84144d3d

    SHA256

    ac21bb860584fcf0fb4d2a1b58800c7dc55466ed04e25931c6f2ccbe94b8431e

    SHA512

    fcc01a71e28df2efb0218ed60e466f5fc69244b761071bc36535e7039cf992933084a3ea1bb7615650ecc55580dab7bcaecd4eb44906bc6eedcaa8a6a1d7cd18

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\Platform.mfx
    Filesize

    21KB

    MD5

    f028a9790936f628964ffb256405aebb

    SHA1

    2dbecca5034f39a78e88cdf962208f742ff43302

    SHA256

    722e0aeb4d6424e95df58c01e5b787a7bcc0b1e1f1c0cf86b18388c42980cfcd

    SHA512

    f0d3d204e8ec563092d4dbb60dce0370acda92fe39b07e8f021dbc28f56041dc8ddc382b1326cfa8fb694a16a57ebdc56f0824cbf5c9abbe47498e973bff3b32

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\TextSprite.mfx
    Filesize

    394KB

    MD5

    912db861e30931eb290c027fa4d2ac4a

    SHA1

    403b5239c1a498bdd81bc7f5aa64d6bdeb56a0a7

    SHA256

    b40f77e5a88fa54f4b3b4ce1bdb4a90fb6af84b1e66741565daec668f95d0984

    SHA512

    1669b0beee3f540352ad81f0be926b74e336386fda92bf8b12d49d586485411e58aa5ebbc3133cd1b8d8872d14cf16dfae1f7ab95dcc224984aefde38872f187

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\XBOXGamepad.mfx
    Filesize

    82KB

    MD5

    46636f8ff04b7dbc2df8a2c11a373744

    SHA1

    80e9ca14771d7cb41d0c43e17dfebe4cf11b2487

    SHA256

    e6b50d6404c767d937d5020c3c373635d233efb26af66984072f6abee22294a6

    SHA512

    e417e731f6628e12cc8b061a02c8d3b536cabf76105da45ddd9c3221b770e5eae5849c528b36a29400b2cb6ab1e96adefecefb55b1c243fc7197345521ee9364

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\clickteam-movement-controller.mfx
    Filesize

    31KB

    MD5

    166d3ace4f930b01bc02203e520d7623

    SHA1

    fcc8dc63428f8bc52b0648b7d304a1ec65ffa069

    SHA256

    b5123471a87b24df82bd77bec0ea3ad435e34b6052d1fc63aa79dac07faab593

    SHA512

    4c748dcdf7a6154bd40078e1058e5ee9c3f258f796ac88b38f00fc185f28a1699d9b4f774b9db419f91568a70d2c3b0aa4bfc90f0027b443b8c6828bdb0b579a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\ctrlx.mfx
    Filesize

    44KB

    MD5

    ceb8b2e522d0aaaecdf69b3bcc89a530

    SHA1

    c1cf769a96a9612f7fd0c1965413f4a57e4907e1

    SHA256

    3407eb12f6bacec5ebd4df96ff3fd34741a3919fd46c2ec527364c5f1e753a65

    SHA512

    3c46743c635eb96351e6a82490cececb24e6a104433c962f263ec01cf78fa9747d4f56d05c3085c0a18eff7c180b145df5e8e74bc008fe2f617f7f4c24be0331

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\d3dx9d_43.dll
    Filesize

    2.2MB

    MD5

    a76be22593bceaee2d99e3a0bcc71693

    SHA1

    0c39630cea667f0e87b577f556b8ef62f02f4c83

    SHA256

    8d866e7c6c998539a4451a7dd8aa97519fbc865deeb6b6b917b8f78e2ea2a80c

    SHA512

    f8ccd386d3e56ebe5d5451f018544915c539ae62f51fd26f633b64ded1bb895838d1616c227553aa399eb5810e46c66f8e54c2a4f79d05f99830e760018c1e93

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\kcini.mfx
    Filesize

    114KB

    MD5

    9b470f29fb1d571b63e517d822d295a0

    SHA1

    3a95c36f7ed741988a55d728c9f2df8343f32b43

    SHA256

    c98a74e5b67fb292bba29ada9d9a9693b327046ef4aaa5f0ace86908cd77c67f

    SHA512

    536d123e851e2a962b5a6a5b1ea1078db50cc0b5798a170b44960145df282db7bbb93a74568ab019f7b12e9c45d49f3093e2bb9d29f80018135e9d9fb526670a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\kcwctrl.mfx
    Filesize

    79KB

    MD5

    425ae02cf4dcca251d82cda80661e520

    SHA1

    d4377993d8fd7740584ff077c7c61a0e9bd54431

    SHA256

    a48287f514771f44411f154606643645f25dfde5e4f21e1dbda0c520387100a4

    SHA512

    edbdbd7a8b025174623b5a7b5115a9052bc82f76fc3fc84e3e60816e7428e8e5122c8fa3d1091691090133792393faab127df31e8db937d708096876441530ae

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\mmfs2.dll
    Filesize

    500KB

    MD5

    43c1c87566e3fefa2dc78ffbe4cf8e98

    SHA1

    80fc88bece37368bf733c402ef13362d6e0217bb

    SHA256

    f6f59c5dca211e93b4001a063fdb51021116322bdf27aceeb25c32395cdb9e02

    SHA512

    ef561cb182b2fa7b4efae55081558c8bd3685bf3e7e179202db5b573ac257f62337440eecadf6d22ce5c1b51600334d5284211b9fb34b882bc4ac37bbe81e436

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\spine.mfx
    Filesize

    744KB

    MD5

    6a6ce58084fea8f91824d33a11d6ce90

    SHA1

    af66aefbd9a6321d3868515725c9245838cce70c

    SHA256

    a2bdc2c2e2fb0e4e8f7bf821eb647720f09bb5c39a2bde4092d6eb030ef8132e

    SHA512

    4b59208e3a1b6da0fb5a4e1e38a830fe1319a529c62adb7f73b110fd863e31e95aaa53a9701d531ed30521cbc5c5dea2b2e89f89a19ea77e4402297e990080f6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\65871fea-7212-4762-952a-0d5be9067abd.FusionApp\ultimatefullscreen.mfx
    Filesize

    73KB

    MD5

    96059dbec69c3904e4d7ce734a4b38d0

    SHA1

    5169934f8d89b0dba963861dcbae55e78fc21dfc

    SHA256

    fd179783ff6e6eb0959185087f33ed4a1b256e58762d9817bcb16888e20f7058

    SHA512

    82977b2c249e47ca37d6fd62f416ed995b4b5f953bc5c18c84bfbdacc2c5b17fdc50c1e736fafcac242a3f8921b5000e0ec84302bc4e0077d6eeee3aa43cc520

    Download Submit

  • memory/2812-71-0x00000000032D0000-0x0000000003300000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2812-85-0x0000000003310000-0x0000000003329000-memory.dmp

    Filesize

    100KB

    Download

  • memory/2812-55-0x0000000002780000-0x00000000027AF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2812-91-0x0000000003330000-0x0000000003378000-memory.dmp

    Filesize

    288KB

    Download