Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Xeno[1].exe

windows11-21h2-x64

10

Restructur...Ad.cda

windows11-21h2-x64

1

Restructur...es.cda

windows11-21h2-x64

1

Restructur...go.cda

windows11-21h2-x64

1

Restructur...ck.cda

windows11-21h2-x64

1

Restructur...nk.cda

windows11-21h2-x64

1

Restructur...ic.cda

windows11-21h2-x64

1

Restructur...ng.cda

windows11-21h2-x64

1

Restructur...lk.cda

windows11-21h2-x64

1

Restructur...ty.cab

windows11-21h2-x64

1

Avenue

windows11-21h2-x64

1

Chi

windows11-21h2-x64

1

Congratulations

windows11-21h2-x64

1

Cw

windows11-21h2-x64

1

Devices

windows11-21h2-x64

1

Drivers

windows11-21h2-x64

1

Emails

windows11-21h2-x64

1

Independently

windows11-21h2-x64

1

Levy

windows11-21h2-x64

1

Moments

windows11-21h2-x64

1

Purchased

windows11-21h2-x64

1

They

windows11-21h2-x64

1

Restructur...st.cda

windows11-21h2-x64

1

Restructur...um.cda

windows11-21h2-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    94s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250217-en
  • resource tags

    arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    13/03/2025, 15:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RestructuringStorage/Learning.cda

  • Size

    79KB

  • MD5

    2447add9ef7fbc3db9f1f533514a2490

  • SHA1

    ef0886005c946cec8f450c644ddf219f3e292715

  • SHA256

    82f980ac40c070691fa4264277fb089ec87dedff40d889c7ae6cfc5f21ffe051

  • SHA512

    dd84ded149e80fec88f24d7daeb911b4a2e842779ec21405b100d7c1859fa1f3151d4f9413783359a367c990a732a7090070380735022806f27d4d610d6b06cd

  • SSDEEP

    1536:DUMcHVZLEN1pRWvt9OcItgKn7hvCkeraSM2OWWBw:QM8ZLGWVyhKker7M2OWWm

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\RestructuringStorage\Learning.cda"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:4248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4248-0-0x00007FF757950000-0x00007FF757A48000-memory.dmp

    Filesize

    992KB

    Download

  • memory/4248-1-0x00007FFF843D0000-0x00007FFF84404000-memory.dmp

    Filesize

    208KB

    Download

  • memory/4248-2-0x00007FFF7DC10000-0x00007FFF7DEC6000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/4248-9-0x00007FFF7D9C0000-0x00007FFF7D9D1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4248-10-0x00007FFF7B010000-0x00007FFF7B21B000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4248-8-0x00007FFF7E870000-0x00007FFF7E88D000-memory.dmp

    Filesize

    116KB

    Download

  • memory/4248-7-0x00007FFF7E8B0000-0x00007FFF7E8C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4248-6-0x00007FFF82520000-0x00007FFF82537000-memory.dmp

    Filesize

    92KB

    Download

  • memory/4248-5-0x00007FFF82740000-0x00007FFF82751000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4248-4-0x00007FFF87C40000-0x00007FFF87C57000-memory.dmp

    Filesize

    92KB

    Download

  • memory/4248-3-0x00007FFF87C80000-0x00007FFF87C98000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4248-20-0x00007FFF7AFB0000-0x00007FFF7AFC8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4248-26-0x00007FFF728C0000-0x00007FFF728D2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/4248-25-0x00007FFF7AE30000-0x00007FFF7AE87000-memory.dmp

    Filesize

    348KB

    Download

  • memory/4248-24-0x00007FFF7AF60000-0x00007FFF7AF71000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4248-11-0x00007FFF6BC70000-0x00007FFF6CD20000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/4248-23-0x00007FFF76E40000-0x00007FFF76EBC000-memory.dmp

    Filesize

    496KB

    Download

  • memory/4248-22-0x00007FFF76EC0000-0x00007FFF76F27000-memory.dmp

    Filesize

    412KB

    Download

  • memory/4248-21-0x00007FFF7AF80000-0x00007FFF7AFB0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/4248-19-0x00007FFF7AFD0000-0x00007FFF7AFE1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4248-18-0x00007FFF7AFF0000-0x00007FFF7B00B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4248-17-0x00007FFF7D680000-0x00007FFF7D691000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4248-16-0x00007FFF7D6A0000-0x00007FFF7D6B1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4248-15-0x00007FFF7D6C0000-0x00007FFF7D6D1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4248-14-0x00007FFF7D830000-0x00007FFF7D848000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4248-13-0x00007FFF7D990000-0x00007FFF7D9B1000-memory.dmp

    Filesize

    132KB

    Download

  • memory/4248-12-0x00007FFF7D6E0000-0x00007FFF7D721000-memory.dmp

    Filesize

    260KB

    Download

  • memory/4248-27-0x00000260B81D0000-0x00000260B9A3F000-memory.dmp

    Filesize

    24.4MB

    Download