Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

09/03/2024, 00:10

240309-agetcabb6y 8

09/03/2024, 00:06

240309-adr99sac64 8

General

  • Target

    amass-2-0.zip

  • Size

    181.3MB

  • Sample

    240309-adr99sac64

  • MD5

    a98dbc5c65a573f475c1c1cb6465ab19

  • SHA1

    96529d1d7731cfbceb7b03e0aec0ea15709bde67

  • SHA256

    d314979381670be394531a78835a56e5e5894aa7aa43da36d86fcda97db2567b

  • SHA512

    8f45941b7c469630a6f774fa3c9553a8ec03543f63d70b5313925285ee3b8b5193d01f6169031855c4cfa5991758bb3426794a5ad907aaeb7d0815adcc07dfb0

  • SSDEEP

    3145728:RDPeZ4/wkQt3w4f2L3oI7Nko59nEy5XR9qCVUT+35LLg9cmssXNpDtgX8UZuQdoh:Sc2Df20It59Eyn9LVUT65XgiQNkJ90px

Score
8/10
upx

Malware Config

Targets

    • Target

      AMASS 2.0/AMASS/InstallationNotes.rtf

    • Size

      143KB

    • MD5

      e285f50f5f50c628c78f265ee55882e9

    • SHA1

      ef95ce1fc10fa2323e7deaf79e2989394e86ab72

    • SHA256

      b1c4bfe4dc1f547152e19f5815528ca721beb00a244f4f2e3dd1095c611d2312

    • SHA512

      8a86d3d53d1af12466979c28b14bd008d1a701127ec2a8ccbb036be14f014630791e1286b6dbaa1a8dcf002c3d612bcfaa1792c7cfe7278e2636fac96d71ca5a

    • SSDEEP

      3072:VQNXmAmyFtlZ6yjKp2U9MUXeNnj3ipaKg5V8FU:ymA7lZ699MU5FU

    Score
    4/10
    • Target

      AMASS 2.0/AMASS/ReleaseNotes.rtf

    • Size

      174KB

    • MD5

      276d96b2fe669e30b1483999e9f0c2d1

    • SHA1

      bd3e6ad6616c33884a8f733684299c8174c0ecf8

    • SHA256

      d4631f260ede90faa3b709c7256ac503b603f45bbd1447aea3cc01c62f2d03e2

    • SHA512

      74790b950398fbd3ecb81d44991fe573353b0f22eda6167401cddd873fa73bc5ef2b2fa692a4f7f27646c3cfa033ffcffa9ac3e8c25bc4252b9c58778e98ec5c

    • SSDEEP

      1536:lEtAZdGdioeLroRL1Y24ISBuht9u/1pIg3cCLjc8an/QyG:l7ZdGdioeL52UBulu/znjc8an/Y

    Score
    4/10
    • Target

      AMASS 2.0/AMASS/setup.exe

    • Size

      140.6MB

    • MD5

      0d8889f0d96f1564f8b990a297e48d1b

    • SHA1

      40d540ada5a734c711ddc8e1967816041dcc60d8

    • SHA256

      94c303148b663e9b069a4254d3a5d858bd14f173e0366053a1c0a076b49a1bf9

    • SHA512

      71caa952272355f290293edd571a3cea4d76f7c29efee5c17ceba8f68c30f2540b2b56835859b3856b5affb6f1b9fedf734c86f454c006f0edfda9c72625a123

    • SSDEEP

      3145728:eRFAvw1IEslZM6FCb9ymhlU8JxRiQtppxCAbWxeTbBJyVcAG09vvF34lMsZl:DiSFFCEmVJxcQRxdbWxGb7yakvyxl

    Score
    6/10
    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Target

      AMASS 2.0/LicenseManager/LicenseManagerSetup.exe

    • Size

      40.8MB

    • MD5

      0b8af7b445e5eecf1674e198dcf422c6

    • SHA1

      d8c0025cf41f2e313b6382001a45594e65896cd4

    • SHA256

      c5e754131691a1362d9f28ba77e6ab2aec76b3834796c54a63b44d2a66916774

    • SHA512

      d47617f496a7864260e94aacc7ff0c1b95b3ecb22981e09409da2bc4433a61a3ecb097053589fe58abc66eeb3c07f6f7b8d22f68aed5b2c5a94ecdc4fd1283da

    • SSDEEP

      786432:ZIxZMrefY33o5l6QHaiWdWL22938+uNqMkyH1pK1oHEgBN:YiegHo5psdWx8+uNnH1p2opN

    Score
    8/10
    • Drops file in Drivers directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    • Target

      AMASS 2.0/Virus Scan Declaration.pdf

    • Size

      242KB

    • MD5

      ab4037f271966d157b1c272940ed02ae

    • SHA1

      3646da51690e301eee407ff32bdb5946d85512ef

    • SHA256

      24349720d24448b85b3ce7ccef38dc51c641a4bb51ab08eee0ba77d5399b2e4d

    • SHA512

      5619ecad9cf6723631d3be9ad94a904244aa994b1372e10f0f8fdb4dffa864ee733fc8f2af68cee15dfdaf518d407459fe752ba1f5e40eec9d24b8d83566332e

    • SSDEEP

      6144:ALsF0EAMYcPjMK/PA5iASu++71pQh8YvPMDTit22QGm9t:A4FFDPoIP0nSu++bWv0DWU2K

    Score
    1/10
    • Target

      AMASS 2.0/msvbvm60.dll

    • Size

      1.4MB

    • MD5

      ad7489fa133a4bbc001c2a71c9da35b6

    • SHA1

      39fa3075d9c71fb91bb2636e61bfd86183b5a624

    • SHA256

      9755222ae17995bb3f85c252ec386079716477ee26a2f707951c7131137c38ef

    • SHA512

      b67a0a0b4a8e04abc216d04ca57a58e115821a6d172ddff2a25b9fad702bb9479b5dcb48f8ce6a7c87995495ab47e1b3e6ce928cecf22659b8471dbf65f5d054

    • SSDEEP

      24576:OTWpz0NS6ShiAl2C+pToAxafJ6QhT/3ZJ5tfzkIpL8X+PW3OD/nVG3y6Uv7L7M0:OTWpoI6ShiAglpBGJjRpL8XWW3OD/Vzn

    Score
    1/10
    • Target

      AMASS 2.0/setup.exe

    • Size

      2.6MB

    • MD5

      f60f16734c6032efdb614b1cd8de7a00

    • SHA1

      ec3d0f54233acf3bd583b3d1d89fde62c025bd0b

    • SHA256

      26825915608783e7034d7cf12db64d4c78f70eac44c7351abedf843a8b483d8a

    • SHA512

      5d0a017b7c7855676846b2d8df96445dea8943a3871f5aebea1eaf5028035bdb76cd57c5722739bcc9f79946e57dd0b8a946cad90f35bd472da3f87f9a721ce7

    • SSDEEP

      1536:m1Sr1nt2W6tdC+pkzmzW6kgr8eHvPb5hmmVgZVptECqP6+UqXswm+mZEeD1uqpib:mAOSyJXZrsSGjC

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks