Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

VEX_WARE_ML.exe

windows10-1703-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    VEX_WARE_ML.exe

  • Size

    173.9MB

  • Sample

    240611-brvg8aydja

  • MD5

    da5d0d55a780e993bf6bd33cd9b24329

  • SHA1

    56cc323c5e15881de100185175a0ea56ff7692bc

  • SHA256

    aa494fc90ff252bb29bd80b6593a5cf6c66e6f476832b8ff82d470f44cfa3b3c

  • SHA512

    8cd96d7a6d6ce788dab79b4f7f47149767fe3ec578732ac7d80a6407943c37aa3f612fd41f41a5a7b5bbda0458e3d1d8d9d8b881350b828a4d99163f54e1b0d0

  • SSDEEP

    3145728:d04Hs7TDDcddukP4gwPvP+4tG5YqZSC++Hyd5C4Hjk5uirByE1xM8zYS7T:W4Hs/fcu/gwPXjtGahClyXCYjkoir0ER

Score
9/10
evasionexecutionpyinstallerransomware

Malware Config

Targets

    • Target

      VEX_WARE_ML.exe

    • Size

      173.9MB

    • MD5

      da5d0d55a780e993bf6bd33cd9b24329

    • SHA1

      56cc323c5e15881de100185175a0ea56ff7692bc

    • SHA256

      aa494fc90ff252bb29bd80b6593a5cf6c66e6f476832b8ff82d470f44cfa3b3c

    • SHA512

      8cd96d7a6d6ce788dab79b4f7f47149767fe3ec578732ac7d80a6407943c37aa3f612fd41f41a5a7b5bbda0458e3d1d8d9d8b881350b828a4d99163f54e1b0d0

    • SSDEEP

      3145728:d04Hs7TDDcddukP4gwPvP+4tG5YqZSC++Hyd5C4Hjk5uirByE1xM8zYS7T:W4Hs/fcu/gwPXjtGahClyXCYjkoir0ER

    Score
    9/10
    evasionexecutionransomware

    • Modifies boot configuration data using bcdedit

      ransomwareevasion

    • Stops running service(s)

      evasionexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.