Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Xeno[1].exe

windows11-21h2-x64

10

Restructur...Ad.cda

windows11-21h2-x64

1

Restructur...es.cda

windows11-21h2-x64

1

Restructur...go.cda

windows11-21h2-x64

1

Restructur...ck.cda

windows11-21h2-x64

1

Restructur...nk.cda

windows11-21h2-x64

1

Restructur...ic.cda

windows11-21h2-x64

1

Restructur...ng.cda

windows11-21h2-x64

1

Restructur...lk.cda

windows11-21h2-x64

1

Restructur...ty.cab

windows11-21h2-x64

1

Avenue

windows11-21h2-x64

1

Chi

windows11-21h2-x64

1

Congratulations

windows11-21h2-x64

1

Cw

windows11-21h2-x64

1

Devices

windows11-21h2-x64

1

Drivers

windows11-21h2-x64

1

Emails

windows11-21h2-x64

1

Independently

windows11-21h2-x64

1

Levy

windows11-21h2-x64

1

Moments

windows11-21h2-x64

1

Purchased

windows11-21h2-x64

1

They

windows11-21h2-x64

1

Restructur...st.cda

windows11-21h2-x64

1

Restructur...um.cda

windows11-21h2-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    151s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250217-en
  • resource tags

    arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    13/03/2025, 15:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RestructuringStorage/Drunk.cda

  • Size

    81KB

  • MD5

    b53b44452048d1f79aab4187bd7741dd

  • SHA1

    b6033b3915594c07fd48bdac2054b266e9ff9ae4

  • SHA256

    496f9fd798ca8aa06c9304fd5d73ca371ee7497908bd74d839b37d95b07d81c1

  • SHA512

    cf69597c03d01c8a6811fe98cc683d8f962ecc9972cf7251108779d32254258774509d0ff57231fba9b78f428456a0f55e0fe4280469c9a63ee75b1f1799e0eb

  • SSDEEP

    1536:AFTu6/x/6PHKUMNAZjN9aJ1b238ICgAocUBsBUrmZaDk9VQQ3frBrwx8/3n1wbP1:oHBkM+Zxk23VzAaDIJ1rPeh57PoL5C

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 8 IoCs
  • Suspicious use of SendNotifyMessage 7 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\RestructuringStorage\Drunk.cda"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:4452

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4452-5-0x00007FF761220000-0x00007FF761318000-memory.dmp

    Filesize

    992KB

    Download

  • memory/4452-6-0x00007FFE350C0000-0x00007FFE350F4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/4452-14-0x00007FFE31270000-0x00007FFE31281000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4452-16-0x00007FFE30590000-0x00007FFE305D1000-memory.dmp

    Filesize

    260KB

    Download

  • memory/4452-13-0x00007FFE31290000-0x00007FFE312AD000-memory.dmp

    Filesize

    116KB

    Download

  • memory/4452-10-0x00007FFE35400000-0x00007FFE35411000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4452-27-0x00007FFE2BFC0000-0x00007FFE2C027000-memory.dmp

    Filesize

    412KB

    Download

  • memory/4452-31-0x00007FFE1DF40000-0x00007FFE1DF65000-memory.dmp

    Filesize

    148KB

    Download

  • memory/4452-25-0x00007FFE2C060000-0x00007FFE2C078000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4452-24-0x00007FFE2C080000-0x00007FFE2C091000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4452-23-0x00007FFE2F800000-0x00007FFE2F81B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4452-17-0x00007FFE1E970000-0x00007FFE1FA20000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/4452-30-0x00007FFE2BDC0000-0x00007FFE2BE17000-memory.dmp

    Filesize

    348KB

    Download

  • memory/4452-29-0x00007FFE2BE20000-0x00007FFE2BE31000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4452-28-0x00007FFE2BE40000-0x00007FFE2BEBC000-memory.dmp

    Filesize

    496KB

    Download

  • memory/4452-26-0x00007FFE2C030000-0x00007FFE2C060000-memory.dmp

    Filesize

    192KB

    Download

  • memory/4452-21-0x00007FFE30100000-0x00007FFE30111000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4452-20-0x00007FFE30120000-0x00007FFE30131000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4452-19-0x00007FFE30140000-0x00007FFE30158000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4452-22-0x00007FFE2FF00000-0x00007FFE2FF11000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4452-18-0x00007FFE306C0000-0x00007FFE306E1000-memory.dmp

    Filesize

    132KB

    Download

  • memory/4452-15-0x00007FFE2C0A0000-0x00007FFE2C2AB000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4452-12-0x00007FFE312B0000-0x00007FFE312C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4452-11-0x00007FFE35360000-0x00007FFE35377000-memory.dmp

    Filesize

    92KB

    Download

  • memory/4452-7-0x00007FFE30920000-0x00007FFE30BD6000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/4452-8-0x00007FFE36450000-0x00007FFE36468000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4452-9-0x00007FFE362F0000-0x00007FFE36307000-memory.dmp

    Filesize

    92KB

    Download

  • memory/4452-32-0x0000023CE04C0000-0x0000023CE1D2F000-memory.dmp

    Filesize

    24.4MB

    Download