Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Xeno[1].exe

windows11-21h2-x64

10

Restructur...Ad.cda

windows11-21h2-x64

1

Restructur...es.cda

windows11-21h2-x64

1

Restructur...go.cda

windows11-21h2-x64

1

Restructur...ck.cda

windows11-21h2-x64

1

Restructur...nk.cda

windows11-21h2-x64

1

Restructur...ic.cda

windows11-21h2-x64

1

Restructur...ng.cda

windows11-21h2-x64

1

Restructur...lk.cda

windows11-21h2-x64

1

Restructur...ty.cab

windows11-21h2-x64

1

Avenue

windows11-21h2-x64

1

Chi

windows11-21h2-x64

1

Congratulations

windows11-21h2-x64

1

Cw

windows11-21h2-x64

1

Devices

windows11-21h2-x64

1

Drivers

windows11-21h2-x64

1

Emails

windows11-21h2-x64

1

Independently

windows11-21h2-x64

1

Levy

windows11-21h2-x64

1

Moments

windows11-21h2-x64

1

Purchased

windows11-21h2-x64

1

They

windows11-21h2-x64

1

Restructur...st.cda

windows11-21h2-x64

1

Restructur...um.cda

windows11-21h2-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    94s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250217-en
  • resource tags

    arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    13/03/2025, 15:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RestructuringStorage/Click.cda

  • Size

    77KB

  • MD5

    2cc4d93a13a0947770bf71809db7a6ea

  • SHA1

    d460140e3acc6207655c7585001bd5b88cc748e6

  • SHA256

    55a7561c01b246e6a769bb64b3e306bbb3b12e190afbe1fd020dc91f0bbf58c6

  • SHA512

    b67155b3f4f1171ceb9dca650d5f01576cc2418ebc697182fe16f1580a9f964ed27f5b1c4902a53854956add2a52a02ec27ebdf000d174a6a555ecb070b7e847

  • SSDEEP

    1536:Lm6NmzwO+/1PfDHsWcFG+xej4JlDzWYWfHk62hN1eW4Yn15rNLVA8s/f6sE3U:akvXLsWcE+xFJlefHt2DTn15BVA36hU

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\RestructuringStorage\Click.cda"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:4800

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4800-6-0x00007FFE170C0000-0x00007FFE170F4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/4800-5-0x00007FF696520000-0x00007FF696618000-memory.dmp

    Filesize

    992KB

    Download

  • memory/4800-9-0x00007FFE16FC0000-0x00007FFE16FD7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/4800-14-0x00007FFE11150000-0x00007FFE11161000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4800-13-0x00007FFE11170000-0x00007FFE1118D000-memory.dmp

    Filesize

    116KB

    Download

  • memory/4800-12-0x00007FFE11190000-0x00007FFE111A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4800-15-0x00007FFE0D230000-0x00007FFE0D43B000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4800-11-0x00007FFE12870000-0x00007FFE12887000-memory.dmp

    Filesize

    92KB

    Download

  • memory/4800-10-0x00007FFE12D00000-0x00007FFE12D11000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4800-7-0x00007FFE0D670000-0x00007FFE0D926000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/4800-8-0x00007FFE170A0000-0x00007FFE170B8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4800-21-0x00007FFE0DD30000-0x00007FFE0DD41000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4800-31-0x00007FFE093F0000-0x00007FFE09643000-memory.dmp

    Filesize

    2.3MB

    Download

  • memory/4800-16-0x00007FFDFB290000-0x00007FFDFC340000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/4800-30-0x00007FFE0DA10000-0x00007FFE0DA67000-memory.dmp

    Filesize

    348KB

    Download

  • memory/4800-29-0x00007FFE0DA70000-0x00007FFE0DA81000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4800-28-0x00007FFE0DA90000-0x00007FFE0DB0C000-memory.dmp

    Filesize

    496KB

    Download

  • memory/4800-27-0x00007FFE0DB10000-0x00007FFE0DB77000-memory.dmp

    Filesize

    412KB

    Download

  • memory/4800-26-0x00007FFE0DB80000-0x00007FFE0DBB0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/4800-25-0x00007FFE0DBB0000-0x00007FFE0DBC8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4800-19-0x00007FFE110B0000-0x00007FFE110C8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4800-24-0x00007FFE0DCD0000-0x00007FFE0DCE1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4800-23-0x00007FFE0DCF0000-0x00007FFE0DD0B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4800-22-0x00007FFE0DD10000-0x00007FFE0DD21000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4800-20-0x00007FFE0DD50000-0x00007FFE0DD61000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4800-18-0x00007FFE110D0000-0x00007FFE110F1000-memory.dmp

    Filesize

    132KB

    Download

  • memory/4800-17-0x00007FFE11100000-0x00007FFE11141000-memory.dmp

    Filesize

    260KB

    Download