Overview

overview

8

Static

static

1

UltraMon_3...64.msi

windows7-x64

8

UltraMon_3...64.msi

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    UltraMon_3.4.1_en_x64.msi

  • Size

    3.2MB

  • Sample

    230610-sd7dasfh5t

  • MD5

    bffe29c2df6da34e3d283a8a424aaac8

  • SHA1

    c9dbd92a157ee1fed8fd0065599d1b004c564697

  • SHA256

    c950c739883802137b650c4be9eda050affa9bdd08f6d138a0d58b698d105a17

  • SHA512

    7dda62c8925fcf961df6959c05d3b96da251a0b89e5571d23255d1557ed20dd6908fa9fda047f6a6bba9ac5b2b941c7f752410a0bfe4966dee6dd63b866104a1

  • SSDEEP

    98304:2hjmE480PZg/GTdoWRDZi6gXNxS8SEoe1M:2l4tiydoWju+BEo+M

Score
8/10
persistence

Malware Config

Targets

    • Target

      UltraMon_3.4.1_en_x64.msi

    • Size

      3.2MB

    • MD5

      bffe29c2df6da34e3d283a8a424aaac8

    • SHA1

      c9dbd92a157ee1fed8fd0065599d1b004c564697

    • SHA256

      c950c739883802137b650c4be9eda050affa9bdd08f6d138a0d58b698d105a17

    • SHA512

      7dda62c8925fcf961df6959c05d3b96da251a0b89e5571d23255d1557ed20dd6908fa9fda047f6a6bba9ac5b2b941c7f752410a0bfe4966dee6dd63b866104a1

    • SSDEEP

      98304:2hjmE480PZg/GTdoWRDZi6gXNxS8SEoe1M:2l4tiydoWju+BEo+M

    Score
    8/10
    persistence

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Registers COM server for autorun

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks