Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Xeno[1].exe

windows11-21h2-x64

10

Restructur...Ad.cda

windows11-21h2-x64

1

Restructur...es.cda

windows11-21h2-x64

1

Restructur...go.cda

windows11-21h2-x64

1

Restructur...ck.cda

windows11-21h2-x64

1

Restructur...nk.cda

windows11-21h2-x64

1

Restructur...ic.cda

windows11-21h2-x64

1

Restructur...ng.cda

windows11-21h2-x64

1

Restructur...lk.cda

windows11-21h2-x64

1

Restructur...ty.cab

windows11-21h2-x64

1

Avenue

windows11-21h2-x64

1

Chi

windows11-21h2-x64

1

Congratulations

windows11-21h2-x64

1

Cw

windows11-21h2-x64

1

Devices

windows11-21h2-x64

1

Drivers

windows11-21h2-x64

1

Emails

windows11-21h2-x64

1

Independently

windows11-21h2-x64

1

Levy

windows11-21h2-x64

1

Moments

windows11-21h2-x64

1

Purchased

windows11-21h2-x64

1

They

windows11-21h2-x64

1

Restructur...st.cda

windows11-21h2-x64

1

Restructur...um.cda

windows11-21h2-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    158s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250217-en
  • resource tags

    arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    13/03/2025, 15:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RestructuringStorage/Candles.cda

  • Size

    17KB

  • MD5

    67d288ddfbd64288ee836f85c79bbe3e

  • SHA1

    a4ea361ddefa78271ace60f696a7e7bc06701d73

  • SHA256

    13e15a5cdcc7f7d1d14ff5cd16301affa73806bbc853328944fa5d8cacfd12d9

  • SHA512

    294c8c87ed3ee4b07e98a94e9499333a223c635533d6a9db652bbc9460faf2d6471a80f17ff284eecd59390752f988ff81509739d80b9259e23f95a1f77b8b4f

  • SSDEEP

    384:FMpUJrKJ8yqrMh/7Ipemq1CiURF3jJHn5Rwu4D3+zOb5Z/NMVea:FMptWycMhEdq17aF3VZRZ4T2cQIa

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\RestructuringStorage\Candles.cda"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:4404

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4404-0-0x00007FF69C940000-0x00007FF69CA38000-memory.dmp

    Filesize

    992KB

    Download

  • memory/4404-1-0x00007FFEF1490000-0x00007FFEF14C4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/4404-9-0x00007FFEE8740000-0x00007FFEE8751000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4404-8-0x00007FFEE8760000-0x00007FFEE877D000-memory.dmp

    Filesize

    116KB

    Download

  • memory/4404-7-0x00007FFEE8A60000-0x00007FFEE8A71000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4404-6-0x00007FFEE8C00000-0x00007FFEE8C17000-memory.dmp

    Filesize

    92KB

    Download

  • memory/4404-5-0x00007FFEEB760000-0x00007FFEEB771000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4404-4-0x00007FFEEB8D0000-0x00007FFEEB8E7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/4404-3-0x00007FFEF1420000-0x00007FFEF1438000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4404-2-0x00007FFED6D70000-0x00007FFED7026000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/4404-10-0x00007FFEE8440000-0x00007FFEE864B000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4404-19-0x00007FFEE80B0000-0x00007FFEE80C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4404-18-0x00007FFEE80D0000-0x00007FFEE80EB000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4404-11-0x00007FFED5A90000-0x00007FFED6B40000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/4404-17-0x00007FFEE80F0000-0x00007FFEE8101000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4404-27-0x0000019B42B80000-0x0000019B443EF000-memory.dmp

    Filesize

    24.4MB

    Download

  • memory/4404-16-0x00007FFEE8110000-0x00007FFEE8121000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4404-26-0x00007FFEDCF00000-0x00007FFEDCF12000-memory.dmp

    Filesize

    72KB

    Download

  • memory/4404-25-0x00007FFEE7D40000-0x00007FFEE7D97000-memory.dmp

    Filesize

    348KB

    Download

  • memory/4404-24-0x00007FFEE7FD0000-0x00007FFEE7FE1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4404-23-0x00007FFEE7DA0000-0x00007FFEE7E1C000-memory.dmp

    Filesize

    496KB

    Download

  • memory/4404-13-0x00007FFEE8710000-0x00007FFEE8731000-memory.dmp

    Filesize

    132KB

    Download

  • memory/4404-12-0x00007FFEE8170000-0x00007FFEE81B1000-memory.dmp

    Filesize

    260KB

    Download

  • memory/4404-22-0x00007FFEE7FF0000-0x00007FFEE8057000-memory.dmp

    Filesize

    412KB

    Download

  • memory/4404-21-0x00007FFEE8060000-0x00007FFEE8090000-memory.dmp

    Filesize

    192KB

    Download

  • memory/4404-20-0x00007FFEE8090000-0x00007FFEE80A8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4404-15-0x00007FFEE8130000-0x00007FFEE8141000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4404-14-0x00007FFEE8150000-0x00007FFEE8168000-memory.dmp

    Filesize

    96KB

    Download