Overview

overview

3

Static

static

mmc-cracked-win32.zip

windows10-1703-x64

1

UltimMC/Qt5Core.dll

windows10-1703-x64

3

UltimMC/Qt5Gui.dll

windows10-1703-x64

3

UltimMC/Qt...rk.dll

windows10-1703-x64

3

UltimMC/Qt5Svg.dll

windows10-1703-x64

3

UltimMC/Qt...ts.dll

windows10-1703-x64

3

UltimMC/Qt5Xml.dll

windows10-1703-x64

3

UltimMC/UltimMC.exe

windows10-1703-x64

1

UltimMC/ic...on.dll

windows10-1703-x64

1

UltimMC/im...if.dll

windows10-1703-x64

1

UltimMC/im...ns.dll

windows10-1703-x64

1

UltimMC/im...co.dll

windows10-1703-x64

1

UltimMC/im...eg.dll

windows10-1703-x64

1

UltimMC/im...vg.dll

windows10-1703-x64

1

UltimMC/im...mp.dll

windows10-1703-x64

1

UltimMC/ja...ck.jar

windows10-1703-x64

1

UltimMC/ja...ch.jar

windows10-1703-x64

1

UltimMC/li...ix.dll

windows10-1703-x64

3

UltimMC/li...++.dll

windows10-1703-x64

3

UltimMC/li....dll.a

windows10-1703-x64

3

UltimMC/li...ip.dll

windows10-1703-x64

3

UltimMC/li...ow.dll

windows10-1703-x64

3

UltimMC/libeay32.dll

windows10-1703-x64

1

UltimMC/li...-1.dll

windows10-1703-x64

3

UltimMC/libssp-0.dll

windows10-1703-x64

3

UltimMC/li...-6.dll

windows10-1703-x64

3

UltimMC/li...-1.dll

windows10-1703-x64

1

UltimMC/pl...ws.dll

windows10-1703-x64

1

UltimMC/qt.conf

windows10-1703-x64

3

UltimMC/ssleay32.dll

windows10-1703-x64

1

UltimMC/zlib1.dll

windows10-1703-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    150s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-es
  • resource tags

    arch:x64arch:x86image:win10-20220812-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    30-12-2022 19:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UltimMC/libLauncher_nbt++.dll.a

  • Size

    149KB

  • MD5

    c9c008ca98cdaba11c0794813add3a2f

  • SHA1

    76b3c48257db7e10cbef96686c78da6d263049cb

  • SHA256

    47329fbab79945214198fc19d2e1e2a02b941212a357c947bacf6a6aa5524d5d

  • SHA512

    6c8c1eb209b8c8dcee6367fc11a9b7ef00d3fe7ac9f76c9d7c2031e9fdefa9933a3b9757e2876e158b3a3a3d910198704ca15ca608e51137cedc21b9dc3c2796

  • SSDEEP

    768:PPr973mmeEGWSdp7lO8pW7gIS15Y4/BqYduyNAK9KyDhY197q7lyfYTzTCjIykNC:Hr973mXvnKrgCWoLBs657cYmk

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\UltimMC\libLauncher_nbt++.dll.a
    1⤵
    • Modifies registry class
    PID:3996
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3616

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads