Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Xeno[1].exe

windows11-21h2-x64

10

Restructur...Ad.cda

windows11-21h2-x64

1

Restructur...es.cda

windows11-21h2-x64

1

Restructur...go.cda

windows11-21h2-x64

1

Restructur...ck.cda

windows11-21h2-x64

1

Restructur...nk.cda

windows11-21h2-x64

1

Restructur...ic.cda

windows11-21h2-x64

1

Restructur...ng.cda

windows11-21h2-x64

1

Restructur...lk.cda

windows11-21h2-x64

1

Restructur...ty.cab

windows11-21h2-x64

1

Avenue

windows11-21h2-x64

1

Chi

windows11-21h2-x64

1

Congratulations

windows11-21h2-x64

1

Cw

windows11-21h2-x64

1

Devices

windows11-21h2-x64

1

Drivers

windows11-21h2-x64

1

Emails

windows11-21h2-x64

1

Independently

windows11-21h2-x64

1

Levy

windows11-21h2-x64

1

Moments

windows11-21h2-x64

1

Purchased

windows11-21h2-x64

1

They

windows11-21h2-x64

1

Restructur...st.cda

windows11-21h2-x64

1

Restructur...um.cda

windows11-21h2-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    93s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250217-en
  • resource tags

    arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    13/03/2025, 15:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RestructuringStorage/Zum.cda

  • Size

    41KB

  • MD5

    99ce6bbc27c6d10d30dfe38c9cfc9baf

  • SHA1

    5f2198f49eefcbc78056e03cfe3ff7c1fd0f5f99

  • SHA256

    a1cb3293acf7dd2f9f47644c7b51d1caef34c328ab9debb86b8e22b4f361afe2

  • SHA512

    ccb080846dda9130a44319e7872d92db4a4a80dcc0a110947602047fb49b6ac54d53627bc6756c4db025ecde6f73ded16733f970022dae4678d79028570e9455

  • SSDEEP

    768:F/gQINfpmVuE526zfBz73lNBGGjnqmGsy1+ufddBQJ84SswNblSQy:F/gJmx526zZzkgheRBW7

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\RestructuringStorage\Zum.cda"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:1684

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1684-0-0x00007FF747EC0000-0x00007FF747FB8000-memory.dmp

    Filesize

    992KB

    Download

  • memory/1684-1-0x00007FFA08C10000-0x00007FFA08C44000-memory.dmp

    Filesize

    208KB

    Download

  • memory/1684-6-0x00007FFA09A50000-0x00007FFA09A67000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1684-9-0x00007FFA05C80000-0x00007FFA05C91000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1684-2-0x00007FFA05520000-0x00007FFA057D6000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/1684-8-0x00007FFA05FC0000-0x00007FFA05FDD000-memory.dmp

    Filesize

    116KB

    Download

  • memory/1684-7-0x00007FFA08BF0000-0x00007FFA08C01000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1684-5-0x00007FFA0B170000-0x00007FFA0B181000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1684-4-0x00007FFA0B230000-0x00007FFA0B247000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1684-3-0x00007FFA0F480000-0x00007FFA0F498000-memory.dmp

    Filesize

    96KB

    Download

  • memory/1684-10-0x00007FF9F3F70000-0x00007FF9F417B000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1684-19-0x00007FFA05430000-0x00007FFA05441000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1684-26-0x00007FF9F27D0000-0x00007FF9F2A23000-memory.dmp

    Filesize

    2.3MB

    Download

  • memory/1684-25-0x00007FFA04F50000-0x00007FFA04FA7000-memory.dmp

    Filesize

    348KB

    Download

  • memory/1684-11-0x00007FF9F2EC0000-0x00007FF9F3F70000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/1684-22-0x00007FFA05020000-0x00007FFA05087000-memory.dmp

    Filesize

    412KB

    Download

  • memory/1684-18-0x00007FFA05450000-0x00007FFA0546B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/1684-15-0x00007FFA054B0000-0x00007FFA054C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1684-13-0x00007FFA05C20000-0x00007FFA05C41000-memory.dmp

    Filesize

    132KB

    Download

  • memory/1684-27-0x000001781A110000-0x000001781B97F000-memory.dmp

    Filesize

    24.4MB

    Download

  • memory/1684-24-0x00007FFA053C0000-0x00007FFA053D1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1684-23-0x00007FFA04DF0000-0x00007FFA04E6C000-memory.dmp

    Filesize

    496KB

    Download

  • memory/1684-21-0x00007FFA053E0000-0x00007FFA05410000-memory.dmp

    Filesize

    192KB

    Download

  • memory/1684-20-0x00007FFA05410000-0x00007FFA05428000-memory.dmp

    Filesize

    96KB

    Download

  • memory/1684-17-0x00007FFA05470000-0x00007FFA05481000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1684-16-0x00007FFA05490000-0x00007FFA054A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1684-14-0x00007FFA05A20000-0x00007FFA05A38000-memory.dmp

    Filesize

    96KB

    Download

  • memory/1684-12-0x00007FFA054D0000-0x00007FFA05511000-memory.dmp

    Filesize

    260KB

    Download