Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Xeno[1].exe

windows11-21h2-x64

10

Restructur...Ad.cda

windows11-21h2-x64

1

Restructur...es.cda

windows11-21h2-x64

1

Restructur...go.cda

windows11-21h2-x64

1

Restructur...ck.cda

windows11-21h2-x64

1

Restructur...nk.cda

windows11-21h2-x64

1

Restructur...ic.cda

windows11-21h2-x64

1

Restructur...ng.cda

windows11-21h2-x64

1

Restructur...lk.cda

windows11-21h2-x64

1

Restructur...ty.cab

windows11-21h2-x64

1

Avenue

windows11-21h2-x64

1

Chi

windows11-21h2-x64

1

Congratulations

windows11-21h2-x64

1

Cw

windows11-21h2-x64

1

Devices

windows11-21h2-x64

1

Drivers

windows11-21h2-x64

1

Emails

windows11-21h2-x64

1

Independently

windows11-21h2-x64

1

Levy

windows11-21h2-x64

1

Moments

windows11-21h2-x64

1

Purchased

windows11-21h2-x64

1

They

windows11-21h2-x64

1

Restructur...st.cda

windows11-21h2-x64

1

Restructur...um.cda

windows11-21h2-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    100s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250217-en
  • resource tags

    arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    13/03/2025, 15:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RestructuringStorage/Garlic.cda

  • Size

    53KB

  • MD5

    6da52d95e6fec14420174ee774eff497

  • SHA1

    960d55684db66614560ed129be297ea99669300c

  • SHA256

    122875092db6fb3b79bcf8d5b5cf7cb0651ed96291a0aa7670ba674330dc59d8

  • SHA512

    e89d8634921d369f2d996f007a198358e21503449a14337e82406425e26447c38b666b745e9ab1657d50cf8c961dc0c048ad769a7796fcdd0fcbb01b86154409

  • SSDEEP

    1536:F6XL/HA44HUckEGm86WBJ2a24GPgd1k/utF1FfEc7bJ/ule:FADHB40cd0j2a048mf1dqle

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\RestructuringStorage\Garlic.cda"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:3444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3444-0-0x00007FF63D3C0000-0x00007FF63D4B8000-memory.dmp

    Filesize

    992KB

    Download

  • memory/3444-1-0x00007FFD3A4C0000-0x00007FFD3A4F4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/3444-5-0x00007FFD3A3F0000-0x00007FFD3A401000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3444-9-0x00007FFD367B0000-0x00007FFD367C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3444-8-0x00007FFD36A50000-0x00007FFD36A6D000-memory.dmp

    Filesize

    116KB

    Download

  • memory/3444-7-0x00007FFD37450000-0x00007FFD37461000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3444-6-0x00007FFD37910000-0x00007FFD37927000-memory.dmp

    Filesize

    92KB

    Download

  • memory/3444-4-0x00007FFD3B3F0000-0x00007FFD3B407000-memory.dmp

    Filesize

    92KB

    Download

  • memory/3444-3-0x00007FFD3C6E0000-0x00007FFD3C6F8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/3444-2-0x00007FFD36AA0000-0x00007FFD36D56000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/3444-11-0x00007FFD33180000-0x00007FFD331C1000-memory.dmp

    Filesize

    260KB

    Download

  • memory/3444-10-0x00007FFD25B70000-0x00007FFD25D7B000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3444-23-0x00007FFD24A40000-0x00007FFD24ABC000-memory.dmp

    Filesize

    496KB

    Download

  • memory/3444-25-0x00007FFD249E0000-0x00007FFD24A37000-memory.dmp

    Filesize

    348KB

    Download

  • memory/3444-26-0x00007FFD240C0000-0x00007FFD241CE000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/3444-24-0x00007FFD26090000-0x00007FFD260A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3444-22-0x00007FFD2BB20000-0x00007FFD2BB87000-memory.dmp

    Filesize

    412KB

    Download

  • memory/3444-21-0x00007FFD2BB90000-0x00007FFD2BBC0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/3444-20-0x00007FFD2BBC0000-0x00007FFD2BBD8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/3444-19-0x00007FFD2BBE0000-0x00007FFD2BBF1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3444-18-0x00007FFD2BE70000-0x00007FFD2BE8B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/3444-12-0x00007FFD24AC0000-0x00007FFD25B70000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/3444-17-0x00007FFD2BE90000-0x00007FFD2BEA1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3444-16-0x00007FFD2CDC0000-0x00007FFD2CDD1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3444-15-0x00007FFD2CDE0000-0x00007FFD2CDF1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3444-14-0x00007FFD2CE00000-0x00007FFD2CE18000-memory.dmp

    Filesize

    96KB

    Download

  • memory/3444-13-0x00007FFD36780000-0x00007FFD367A1000-memory.dmp

    Filesize

    132KB

    Download

  • memory/3444-27-0x0000013609DC0000-0x000001360B62F000-memory.dmp

    Filesize

    24.4MB

    Download