Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

oni (1).rar

windows11-21h2-x64

3

Lunar.dll

windows11-21h2-x64

1

Oni.exe

windows11-21h2-x64

1

Oni.exe

windows11-21h2-x64

1

Analysis

  • max time kernel
    209s
  • max time network
    203s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240412-en
  • resource tags

    arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    20/04/2024, 07:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Oni.exe

  • Size

    24KB

  • MD5

    001480e7770bb6a6932b9d0106ece5e6

  • SHA1

    74fe34d4fe4da4ce5ef7d524445bcd2836cff546

  • SHA256

    4bd44b02db5bd81bd3006127c04bb65abbb8ceb6eea483cf1cc8d654841c4468

  • SHA512

    99919962dc5fc471fedf06b2d5d4bb9c3f74312d0840cb4fe08530dbbc01366d21b42657a6fefb37c0a2b2cfcbc0a5ccad87c1f816fac7d8e227ddb271bc7865

  • SSDEEP

    384:aqAe89GVat33kHsjzyE/cQhSmoXm37yiAqe57QARqBKDFdxt0Wp2KcKqVn9Nb1E/:WkI33kHgSmjtAqCFMADFV2KDUXlp0

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Oni.exe
    "C:\Users\Admin\AppData\Local\Temp\Oni.exe"
    1⤵
      PID:2276
    • C:\Program Files\VideoLAN\VLC\vlc.exe
      "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\ExpandDeny.mpeg"
      1⤵
      • Suspicious behavior: AddClipboardFormatListener
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:2948

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2948-0-0x00007FF649410000-0x00007FF649508000-memory.dmp

      Filesize

      992KB

      Download

    • memory/2948-1-0x00007FF8FE9F0000-0x00007FF8FEA24000-memory.dmp

      Filesize

      208KB

      Download

    • memory/2948-2-0x00007FF8F8030000-0x00007FF8F82E6000-memory.dmp

      Filesize

      2.7MB

      Download

    • memory/2948-3-0x00007FF9004D0000-0x00007FF9004E8000-memory.dmp

      Filesize

      96KB

      Download

    • memory/2948-4-0x00007FF900400000-0x00007FF900417000-memory.dmp

      Filesize

      92KB

      Download

    • memory/2948-5-0x00007FF8FBDC0000-0x00007FF8FBDD1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-6-0x00007FF8FB040000-0x00007FF8FB057000-memory.dmp

      Filesize

      92KB

      Download

    • memory/2948-7-0x00007FF8FAFB0000-0x00007FF8FAFC1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-8-0x00007FF8FAF90000-0x00007FF8FAFAD000-memory.dmp

      Filesize

      116KB

      Download

    • memory/2948-9-0x00007FF8E99D0000-0x00007FF8E9BDB000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2948-11-0x00007FF8FAD80000-0x00007FF8FADC1000-memory.dmp

      Filesize

      260KB

      Download

    • memory/2948-12-0x00007FF8FABE0000-0x00007FF8FAC01000-memory.dmp

      Filesize

      132KB

      Download

    • memory/2948-13-0x00007FF8FABC0000-0x00007FF8FABD8000-memory.dmp

      Filesize

      96KB

      Download

    • memory/2948-10-0x00007FF8FAF70000-0x00007FF8FAF81000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-14-0x00007FF8E8920000-0x00007FF8E99D0000-memory.dmp

      Filesize

      16.7MB

      Download

    • memory/2948-15-0x00007FF8FABA0000-0x00007FF8FABB1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-16-0x00007FF8FAAF0000-0x00007FF8FAB01000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-17-0x00007FF8FA650000-0x00007FF8FA661000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-18-0x00007FF8F7DE0000-0x00007FF8F7DFB000-memory.dmp

      Filesize

      108KB

      Download

    • memory/2948-19-0x00007FF8F7DC0000-0x00007FF8F7DD1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-20-0x00007FF8F7DA0000-0x00007FF8F7DB8000-memory.dmp

      Filesize

      96KB

      Download

    • memory/2948-21-0x00007FF8F7D70000-0x00007FF8F7DA0000-memory.dmp

      Filesize

      192KB

      Download

    • memory/2948-22-0x00007FF8F7D00000-0x00007FF8F7D67000-memory.dmp

      Filesize

      412KB

      Download

    • memory/2948-23-0x00007FF8EFF40000-0x00007FF8EFFBC000-memory.dmp

      Filesize

      496KB

      Download

    • memory/2948-24-0x00007FF8F7CE0000-0x00007FF8F7CF1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-25-0x00007FF8F11F0000-0x00007FF8F1247000-memory.dmp

      Filesize

      348KB

      Download

    • memory/2948-26-0x00007FF8F7CB0000-0x00007FF8F7CD8000-memory.dmp

      Filesize

      160KB

      Download

    • memory/2948-27-0x00007FF8F6FA0000-0x00007FF8F6FC4000-memory.dmp

      Filesize

      144KB

      Download

    • memory/2948-28-0x00007FF8F00E0000-0x00007FF8F00F8000-memory.dmp

      Filesize

      96KB

      Download

    • memory/2948-29-0x00007FF8EA480000-0x00007FF8EA4A3000-memory.dmp

      Filesize

      140KB

      Download

    • memory/2948-30-0x00007FF8F00C0000-0x00007FF8F00D1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-31-0x00007FF8E8900000-0x00007FF8E8912000-memory.dmp

      Filesize

      72KB

      Download

    • memory/2948-32-0x00007FF8E88D0000-0x00007FF8E88F1000-memory.dmp

      Filesize

      132KB

      Download

    • memory/2948-33-0x00007FF8E88B0000-0x00007FF8E88C3000-memory.dmp

      Filesize

      76KB

      Download

    • memory/2948-34-0x00007FF8E8890000-0x00007FF8E88A2000-memory.dmp

      Filesize

      72KB

      Download

    • memory/2948-35-0x00007FF8E8750000-0x00007FF8E888B000-memory.dmp

      Filesize

      1.2MB

      Download

    • memory/2948-36-0x00007FF8E8720000-0x00007FF8E874C000-memory.dmp

      Filesize

      176KB

      Download

    • memory/2948-37-0x00007FF8E8560000-0x00007FF8E871A000-memory.dmp

      Filesize

      1.7MB

      Download

    • memory/2948-38-0x00007FF8E8500000-0x00007FF8E855C000-memory.dmp

      Filesize

      368KB

      Download

    • memory/2948-39-0x00007FF8E84E0000-0x00007FF8E84F1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-40-0x00007FF8E8440000-0x00007FF8E84D8000-memory.dmp

      Filesize

      608KB

      Download

    • memory/2948-41-0x00007FF8E8420000-0x00007FF8E8432000-memory.dmp

      Filesize

      72KB

      Download

    • memory/2948-42-0x00007FF8E81C0000-0x00007FF8E8413000-memory.dmp

      Filesize

      2.3MB

      Download

    • memory/2948-44-0x00007FF8E8070000-0x00007FF8E80A5000-memory.dmp

      Filesize

      212KB

      Download

    • memory/2948-45-0x00007FF8E8040000-0x00007FF8E8065000-memory.dmp

      Filesize

      148KB

      Download

    • memory/2948-46-0x00007FF8E8020000-0x00007FF8E8031000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-43-0x00007FF8E80B0000-0x00007FF8E81BE000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/2948-47-0x00007FF8E7F00000-0x00007FF8E8013000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/2948-48-0x00007FF8E7EE0000-0x00007FF8E7EF1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-49-0x00007FF8E7EC0000-0x00007FF8E7ED2000-memory.dmp

      Filesize

      72KB

      Download

    • memory/2948-51-0x00007FF8E7E00000-0x00007FF8E7EA0000-memory.dmp

      Filesize

      640KB

      Download

    • memory/2948-52-0x00007FF8E7DE0000-0x00007FF8E7DF1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-50-0x00007FF8E7EA0000-0x00007FF8E7EB3000-memory.dmp

      Filesize

      76KB

      Download

    • memory/2948-53-0x00007FF8E7CE0000-0x00007FF8E7DDF000-memory.dmp

      Filesize

      1020KB

      Download

    • memory/2948-54-0x00007FF8E7CC0000-0x00007FF8E7CD1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-55-0x00007FF8E7CA0000-0x00007FF8E7CB1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-56-0x00007FF8E7C80000-0x00007FF8E7C91000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-61-0x00007FF8E7BD0000-0x00007FF8E7BE2000-memory.dmp

      Filesize

      72KB

      Download

    • memory/2948-62-0x00007FF8E7BB0000-0x00007FF8E7BC1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-63-0x00007FF8E7B90000-0x00007FF8E7BA1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/2948-60-0x00007FF8E7BF0000-0x00007FF8E7C1A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/2948-59-0x00007FF8E7C20000-0x00007FF8E7C36000-memory.dmp

      Filesize

      88KB

      Download

    • memory/2948-58-0x00007FF8E7C40000-0x00007FF8E7C58000-memory.dmp

      Filesize

      96KB

      Download

    • memory/2948-57-0x00007FF8E7C60000-0x00007FF8E7C72000-memory.dmp

      Filesize

      72KB

      Download