Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Verse.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Verse.exe

  • Size

    882.0MB

  • Sample

    250324-3n66ds1py6

  • MD5

    4e51331cc4a10449b94b308ee938a117

  • SHA1

    ad75acacf88ede981c8c9b73ad8cb4d8d44c0732

  • SHA256

    5135617fc2faa78ef999e43d4c4b4a5b2ce9b4ae27422b4356623a3fc2c987f4

  • SHA512

    79efcb1561b24bdd63207612f1fa04ad8a836f2c7abd1fdae52650d0b06671f0a1e64b6ebcc8e648b7cc8544f8873d898f7cd9ccda46d3592c78468740d2fdaa

  • SSDEEP

    196608:BWZkV14TAw9vU3lV30g2NB6ylnlPzf+JiJCsmFMvGSEJn6hqgdhx:Uwj73gNBRlnlPSa7mmvz0pgdhx

Score
10/10
blankgrabberdiscoveryexecutionupx

Malware Config

Targets

    • Target

      Verse.exe

    • Size

      882.0MB

    • MD5

      4e51331cc4a10449b94b308ee938a117

    • SHA1

      ad75acacf88ede981c8c9b73ad8cb4d8d44c0732

    • SHA256

      5135617fc2faa78ef999e43d4c4b4a5b2ce9b4ae27422b4356623a3fc2c987f4

    • SHA512

      79efcb1561b24bdd63207612f1fa04ad8a836f2c7abd1fdae52650d0b06671f0a1e64b6ebcc8e648b7cc8544f8873d898f7cd9ccda46d3592c78468740d2fdaa

    • SSDEEP

      196608:BWZkV14TAw9vU3lV30g2NB6ylnlPzf+JiJCsmFMvGSEJn6hqgdhx:Uwj73gNBRlnlPSa7mmvz0pgdhx

    Score
    8/10
    discoveryexecutionupx

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks