Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

09/03/2024, 00:10

240309-agetcabb6y 8

09/03/2024, 00:06

240309-adr99sac64 8

General

  • Target

    amass-2-0.zip

  • Size

    181.3MB

  • Sample

    240309-agetcabb6y

  • MD5

    a98dbc5c65a573f475c1c1cb6465ab19

  • SHA1

    96529d1d7731cfbceb7b03e0aec0ea15709bde67

  • SHA256

    d314979381670be394531a78835a56e5e5894aa7aa43da36d86fcda97db2567b

  • SHA512

    8f45941b7c469630a6f774fa3c9553a8ec03543f63d70b5313925285ee3b8b5193d01f6169031855c4cfa5991758bb3426794a5ad907aaeb7d0815adcc07dfb0

  • SSDEEP

    3145728:RDPeZ4/wkQt3w4f2L3oI7Nko59nEy5XR9qCVUT+35LLg9cmssXNpDtgX8UZuQdoh:Sc2Df20It59Eyn9LVUT65XgiQNkJ90px

Score
8/10
upx

Malware Config

Targets

    • Target

      AMASS 2.0/AMASS/setup.exe

    • Size

      140.6MB

    • MD5

      0d8889f0d96f1564f8b990a297e48d1b

    • SHA1

      40d540ada5a734c711ddc8e1967816041dcc60d8

    • SHA256

      94c303148b663e9b069a4254d3a5d858bd14f173e0366053a1c0a076b49a1bf9

    • SHA512

      71caa952272355f290293edd571a3cea4d76f7c29efee5c17ceba8f68c30f2540b2b56835859b3856b5affb6f1b9fedf734c86f454c006f0edfda9c72625a123

    • SSDEEP

      3145728:eRFAvw1IEslZM6FCb9ymhlU8JxRiQtppxCAbWxeTbBJyVcAG09vvF34lMsZl:DiSFFCEmVJxcQRxdbWxGb7yakvyxl

    Score
    6/10
    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Target

      AMASS 2.0/LicenseManager/LicenseManagerSetup.exe

    • Size

      40.8MB

    • MD5

      0b8af7b445e5eecf1674e198dcf422c6

    • SHA1

      d8c0025cf41f2e313b6382001a45594e65896cd4

    • SHA256

      c5e754131691a1362d9f28ba77e6ab2aec76b3834796c54a63b44d2a66916774

    • SHA512

      d47617f496a7864260e94aacc7ff0c1b95b3ecb22981e09409da2bc4433a61a3ecb097053589fe58abc66eeb3c07f6f7b8d22f68aed5b2c5a94ecdc4fd1283da

    • SSDEEP

      786432:ZIxZMrefY33o5l6QHaiWdWL22938+uNqMkyH1pK1oHEgBN:YiegHo5psdWx8+uNnH1p2opN

    Score
    8/10
    • Drops file in Drivers directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    • Target

      AMASS 2.0/setup.exe

    • Size

      2.6MB

    • MD5

      f60f16734c6032efdb614b1cd8de7a00

    • SHA1

      ec3d0f54233acf3bd583b3d1d89fde62c025bd0b

    • SHA256

      26825915608783e7034d7cf12db64d4c78f70eac44c7351abedf843a8b483d8a

    • SHA512

      5d0a017b7c7855676846b2d8df96445dea8943a3871f5aebea1eaf5028035bdb76cd57c5722739bcc9f79946e57dd0b8a946cad90f35bd472da3f87f9a721ce7

    • SSDEEP

      1536:m1Sr1nt2W6tdC+pkzmzW6kgr8eHvPb5hmmVgZVptECqP6+UqXswm+mZEeD1uqpib:mAOSyJXZrsSGjC

    Score
    6/10
    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks