1f1660d24e972308e913eb370633bfb83c2738237f193f501b0d05b09d065878

Resubmissions

08-07-2023 05:53

230708-gla5aach75 3

08-07-2023 05:48

230708-ghvdrach74 3

08-07-2023 05:35

230708-gab77sch66 8

08-07-2023 05:22

230708-f2qdgach59 8

Sharing

Copy URL

Twitter E-mail

General

Target

mmc-cracked-win32.zip
Size

13.5MB
Sample

230708-f2qdgach59
MD5

44a178cff729c0416dde1cab2cd60fa1
SHA1

aa56eb685443d992aca4d830b039a8963fad20ba
SHA256

1f1660d24e972308e913eb370633bfb83c2738237f193f501b0d05b09d065878
SHA512

99f5fee63264a3c567bca3b06480ce412d87fe55320981d8e62b38cc92245056423c8513771a952fa8a98133b2571aef55e5fd8945fa4e65a690578a50fd7fad
SSDEEP

393216:G56gzFRQ3Nm3b/EUT4mlnftABcD4w1lPfm7f8:fsRQ9wbjtuM4cpm7f8

Score

8^/10

Malware Config

Targets

- Target
  
  mmc-cracked-win32.zip
- Size
  
  13.5MB
- MD5
  
  44a178cff729c0416dde1cab2cd60fa1
- SHA1
  
  aa56eb685443d992aca4d830b039a8963fad20ba
- SHA256
  
  1f1660d24e972308e913eb370633bfb83c2738237f193f501b0d05b09d065878
- SHA512
  
  99f5fee63264a3c567bca3b06480ce412d87fe55320981d8e62b38cc92245056423c8513771a952fa8a98133b2571aef55e5fd8945fa4e65a690578a50fd7fad
- SSDEEP
  
  393216:G56gzFRQ3Nm3b/EUT4mlnftABcD4w1lPfm7f8:fsRQ9wbjtuM4cpm7f8
Score

1^/10
behavioral1
- Target
  
  UltimMC/Qt5Core.dll
- Size
  
  5.1MB
- MD5
  
  db2f4ec716747a5ddecb146cfd124a90
- SHA1
  
  dcc4e2efa1af32ed55c3b1d004eff6eaa2b6a02b
- SHA256
  
  ffed386cbbe2363331632d9f12be8eb00cf654d95b4c2b0d287da57e93813f80
- SHA512
  
  5db0356ff3dc3ef28e6a46dedb212c87ab791a61b8de682d0dbf22dda6630ca795e8aa89d4b8226f876440e47d5584e66dbeda481d8499c9f24f79506cf04005
- SSDEEP
  
  98304:paO5O7s0XerbbAJIaKSA31cCvErDsNYWZSgkvDFIJsv6tWKFdu9CQlld0:BOoZX8O1cBdUSg8DiJsv6tWKFdu9CQZ
Score

3^/10
behavioral2
- Target
  
  UltimMC/Qt5Gui.dll
- Size
  
  5.4MB
- MD5
  
  03e5f50d7848d9cc2d8d00127ea6e706
- SHA1
  
  30a5fd241e9db476f11235d7a7d650ec23ac97e2
- SHA256
  
  047811d5fecb88e19c6e70aeabac7848599142cfe8aba1a01c0d130dd4f72452
- SHA512
  
  d41c80f85cfbe9779cccb3ad3825917044075b126c866aece157c6b85b418382394cb6a58cd5b2ea386659c042fcebe963131fb2d37ee80c684c1c9154eb9e31
- SSDEEP
  
  98304:TKTu1y8DX4YFi3UIK5f77kyB1ophScU22BhrwRD7e+1X+Q86o:TPTFbFdYhd86
Score

3^/10
behavioral3
- Target
  
  UltimMC/Qt5Network.dll
- Size
  
  1.5MB
- MD5
  
  a72dfd36b9b8c51de93f3c7cca5945ce
- SHA1
  
  1bb6dfcb892b74968f5b8ef26e0027842df20fbf
- SHA256
  
  41fafdcea112cb01edadc0b2c14995d4cf05e4b5fd101a6e196baaa614b228e8
- SHA512
  
  5a38b11928f1319dac7b75cfd8304610f75e0464f26bc44810458e14cc79ca9d1396f55c1c6405baf95e176755a50c8076bcf6b30d05e4fc95607f479b9f9dec
- SSDEEP
  
  49152:ZrURZC+3uELYy60bMcDrGBj3IfTt3yLorAnjhm:FK0+3uEUy6YMcDrGBz
Score

3^/10
behavioral4
- Target
  
  UltimMC/Qt5Svg.dll
- Size
  
  349KB
- MD5
  
  96934c8f93716fb4c5ab7433c3fcf660
- SHA1
  
  e411016b245b77813f8ea5ed9dc8dcf9403ac831
- SHA256
  
  adb44de5a537f5fadb9288e3852189f799ba7b95cef847f2198a8864ab6f063b
- SHA512
  
  bcd231289cf4900886a4a5c55c0584073da36d5dd823ebf6a59986932fdb1cf70ead079fcdc7e9cfd4837e6212eb7037a7b5b7b0704e073b06c6fc4f5dbbc97d
- SSDEEP
  
  6144:GCJ8N/2aVIOLZS5Qyk2MIwe8x1TB3JJ+Wd5J/LCW2V:GCJQ2arZS2yAG8x1TRjDL
Score

3^/10
behavioral5
- Target
  
  UltimMC/Qt5Widgets.dll
- Size
  
  6.2MB
- MD5
  
  501d23a2e5e2f8bb1564ac627f674bc0
- SHA1
  
  84934fea79b0e4c39afc325b48a3dbc64e6d98ef
- SHA256
  
  5c16112f7f7454e2e802f4a18e0b9a9a0086b9ae29bae35892d7d32f3fa81c94
- SHA512
  
  9282c422b289309f74c5af8a5b102791057607ea0e35f0bde41a64c4240cae3f1fac921c3271d55fd22e56a9934db6b535c114244a79debcf8185fc4c094163c
- SSDEEP
  
  98304:wNL3373gY4y8fcLwtFc94OLHa2QmqfbTI7N6WidvtjPvAsSo+AyNBVmcBNx2hXL/:a+yG+yFisM46BJqgxUVs3Xcu6
Score

3^/10
behavioral6
- Target
  
  UltimMC/Qt5Xml.dll
- Size
  
  221KB
- MD5
  
  f09bf12746b7821c7ab1e16ce41e9119
- SHA1
  
  f70368238133e02957e465ae1196f064da69680b
- SHA256
  
  dbdd63614097767943c585c09f08d346500683e308861f583b2589618d491d6a
- SHA512
  
  ff3dfbec1efb9dae085da3b38f1f7b3d59c289137bc18c8330a6ae95471eded0569669dbf9eb83ffb3be03803c6eb248f2999b963614c40719bc953138fe85d5
- SSDEEP
  
  3072:nn7BwPZm8TEGjKh+NPmuWFaDA1w1Bn6PJQD+B6TQtiPVSe00FUAuDl3DF+bDXW2b:uPdjKhY+uWFaDA1jeu6TQtiPWuPW2
Score

3^/10
behavioral7
- Target
  
  UltimMC/UltimMC.exe
- Size
  
  8.8MB
- MD5
  
  dec33b921534bfefd0f06aee6af7291b
- SHA1
  
  0b6cfa43c79071272a865471f2927f62f6cc3d30
- SHA256
  
  499422dc9e9e33c685b93fb9bf5c90e03d7aa75af31fd1c05f152259a7bd8774
- SHA512
  
  b377aef7dfbab0aff7e706ada839dc4fb95a70024e98455c20a810de6bc872fc4a72c138b650e3f5ebc3dce23cc18ca771206f9e1af15f5882786c0c32af3bdc
- SSDEEP
  
  196608:1vEsCQdpPhdnaJjgDLEjixC9IDe4OHlnwd+PXHdiVzVsVKV4113VTVVxAVUVgVC2:QAO5gDhVA/YVsVKV4113VTVVxAVUVgV9
Score

8^/10

adware persistence stealer
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral8
- Target
  
  UltimMC/iconengines/qsvgicon.dll
- Size
  
  44KB
- MD5
  
  cbb708acdbcfd89e1de38e2c4aa9192a
- SHA1
  
  c9f658b429391876bbfdf8081b3e90d725bb2307
- SHA256
  
  8cb93b212c02fd6d222e985e629df698227323c43b7f0b71be3649aa8cb3cc2f
- SHA512
  
  2bd5a12c236ef1da3e8e002850595c101255e519b66a3a75e6f3a12bdebdd67b54b47b08028695eb8c571bc257f7241cce6351d3cf4d3fd4ed1176965eb02e0f
- SSDEEP
  
  768:xjf6bXA7t029ZxcVeA69Pz47e8J8J80IHN6n61/KWqYTfbiWS:EM5Oc41WW9ghWxbib
Score

1^/10
behavioral9
- Target
  
  UltimMC/imageformats/qgif.dll
- Size
  
  32KB
- MD5
  
  67598fc68a992f106bfad56b22cac886
- SHA1
  
  9285cea038e0f8f10125ca4b724c264b041f4da6
- SHA256
  
  000bbacc0fa451c61413e50b3ef63d3461da422b3425404d8952a52182121b6d
- SHA512
  
  04af56c60969090c4d09fc27fbb8c1d794ab4b6dc9ba3eadc842edca7f68788f7880ec0e533b63dde284511a456dee10814824795915ff492ca01e64e7b86429
- SSDEEP
  
  384:afrulhh3V/N8pXxdQLwfUOWcE7kX80HBFZuTRpIWvTCCz:yMR8ZE4u7qBEIW2Cz
Score

1^/10
behavioral10
- Target
  
  UltimMC/imageformats/qicns.dll
- Size
  
  45KB
- MD5
  
  3b48f732f811ea6ea4fcc18808a7df1e
- SHA1
  
  f924dbd2a760e8b259582a43a0797bda29b3d06f
- SHA256
  
  5da98ac16c329354b1b709b20fcf797f3fbdb8d3e834054568d2ff68e897851d
- SHA512
  
  a1c1eff1357be31172bc340c339ccd31dde7285db3fcbd5c10989af743a8936596b8252ffea1b52c6be6ea06f11b3845268f76e52289dc28896dd26ebf9d1c30
- SSDEEP
  
  768:naEh/izNdGh+UNit6OT80EyJ4kCsIusIGEWBNdk9:aEhfg/8KJjPmQWBNdk
Score

1^/10
behavioral11
- Target
  
  UltimMC/imageformats/qico.dll
- Size
  
  35KB
- MD5
  
  2c32188d9388b06ec91170e4461913ab
- SHA1
  
  082689789ff54cacf94b0f171c762df512c8a786
- SHA256
  
  63f7f73d9bd956ca55b80ce29d24c0a1da1a126885d45473e5779ca78a709dcb
- SHA512
  
  57286e87e9a013229db863c152d41b7af821b8afa7f84259f58f7089a947ca3771d526aada88212fcbb235209b6b504a489a5c43c4ba0b2a77e1f31e882e9262
- SSDEEP
  
  384:JUev3snLkJqIN1v5dqY3M1lNRa16NQkgcPkRu7xR3xr+i1AxwWTTVqI5SEwZY1:l2XqL0IexWkg0k0dR31fWdqqSEwZY1
Score

1^/10
behavioral12
- Target
  
  UltimMC/imageformats/qjpeg.dll
- Size
  
  246KB
- MD5
  
  c228c1486e203d48d9c7d84d0b631e15
- SHA1
  
  1ccdd75d6cd473d00aa17686ec98f509b1e8e360
- SHA256
  
  a55cb801a07932d263c980b14abdb464acd8150b9258260efdf535634bfe9811
- SHA512
  
  a649078738e69572276a37431c495582f933b04701deded8b5f6dd5b3c6d5b9d338ddb242b71659038d324ca74c2a8f2b229c7beba6f16ddea238f2bcbfae870
- SSDEEP
  
  6144:jutAUtpjvlyaX8XZ99bkBRSMArBPkfB917Wu:jutAavlqJMArBPkf
Score

1^/10
behavioral13
- Target
  
  UltimMC/imageformats/qsvg.dll
- Size
  
  28KB
- MD5
  
  7eb5b428de2fd5ce7f361bbf3d6aada4
- SHA1
  
  318acc5132492347727bde7ed70516150144b140
- SHA256
  
  c818b37d77c84e3a9963a761bae3eefc73cccd3485ee6cb1c085c670041e9c59
- SHA512
  
  681fb8a700aee5f44cf1f328c2fea157a98dab12e287f686d408584b5096ac262cb5cd2b2ff1f3c1b6e55d374ade2236118f41ec9c14fbec7014aae0683c1e5d
- SSDEEP
  
  384:0F2Z2Eg8ESscKYkiluz0RdysDv2IWsTmqK5J5:SqESTnDRbWH1J
Score

1^/10
behavioral14
- Target
  
  UltimMC/imageformats/qwbmp.dll
- Size
  
  26KB
- MD5
  
  8e1eb9386572d0c7e62e0230a67ff987
- SHA1
  
  0c26b03c95cacf4ee63aaff2e52e6d732b0aadbe
- SHA256
  
  e7bdd9c34a62b3b46d8e7d224be3f5f7607a27634a8a6fd4f85549869f2d1145
- SHA512
  
  370b990e8cb3652c87190dabbff8440a1fb58282d860ed25b9fb2aac7c1809df176c8d6a4f685ac843fddf52f08cc07c832382eb6ae55ef5c4f3da74adf7a9f9
- SSDEEP
  
  384:Ntm9jnAo9hvpbVDTs16ZHGg3FEE2IWgTrODw9:ejnAoHQzEWOOD
Score

1^/10
behavioral15
- Target
  
  UltimMC/jars/JavaCheck.jar
- Size
  
  1KB
- MD5
  
  c9faebf8ceb49b8ad29ee21b5e4143ff
- SHA1
  
  d86fe7359e7a24b8a5b06b3cbfc9a2921e6cdee6
- SHA256
  
  6c8e0d855316aebf3a9532a893b752fe5372db065262e4c36678522a19535680
- SHA512
  
  ce9f43cf569db81ed406b0216661c7ab3e302e60dd2498ec18aacbf6ad4f9b260b0cbd651a24e7492f198f7476074b5535ab20fcf8582b89cc283fa5128f446c
Score

1^/10
behavioral16
- Target
  
  UltimMC/jars/NewLaunch.jar
- Size
  
  14KB
- MD5
  
  45b11127a98382508d7bfba671f083c1
- SHA1
  
  36e42e0c5d1191b70658b4428f2fb1299ee995d7
- SHA256
  
  dde9496959c7d4e868e15fd0e0579b05b44f29aca9d994b8eecbbb573f408a8e
- SHA512
  
  f82792ff2c1d81d8b24df151b156870b15e6240895852b020affd3ef7c1bf24f5517cfda3aa0eec0e80c1c05b5d39681bdb3728ccf9691545ea3225d015701fe
- SSDEEP
  
  384:5CoBnP80e7GtjeGjbveweAoIKsG75XbAQ+QazBW+EdT/aY+:cAPloybm6dKZ7FbVvYk5Fe
Score

1^/10
behavioral17
- Target
  
  UltimMC/libLauncher_iconfix.dll
- Size
  
  127KB
- MD5
  
  b16e2a99c4e545090ec3ef2c2124f78c
- SHA1
  
  0b58f102fde3fd65f6d7497fa4be70f3665ad6c4
- SHA256
  
  6940e02dd5c8b32c5782f3eb22ce39835eebf3ded1a39e0661385dc11e79cd15
- SHA512
  
  c6361ce29ad8242db7b5d4bb282b4bf2eefcbc83cb9c863819958ba48f9de7f41f56f6fe8f8e8feea3c6bf96b734e439121b7f8ea355bfb3ad6d3d1b200e5310
- SSDEEP
  
  3072:DUhA8S8fo6OjGyy1dWmC00TEUmIKOpS8aNx5tnzgp:AhA8S8fo6OjGJ1dWLTEUmIKOpS8aNx5Q
Score

3^/10
behavioral18
- Target
  
  UltimMC/libLauncher_nbt++.dll
- Size
  
  342KB
- MD5
  
  5ea906b27a9e186c7a5fefe731345c5e
- SHA1
  
  40a70c4660d6fa3ac4456eed4470d922b37be984
- SHA256
  
  ee4b7a2b6a0f16e1a0f2c7d43d805638bc3f59a9f6ced2cb6a15c2ae3e891833
- SHA512
  
  8d392926576ff3aef2a1e8c8cdac6287c9b80a5d01563824f2dfc1b905930ad8405b701db34d818d9e455057b6739e913ccc24574642c5e00b05ee88f8d3828c
- SSDEEP
  
  6144:UIUgcH0hzjJ8UOxWbc5sCDPB/Qll7a56FBTYb4Y7pHhW6dJjgGoo5Nheff1ByLca:UIUgcH0h4V/Qll7W
Score

5^/10
- Drops file in System32 directory
behavioral19
- Target
  
  UltimMC/libLauncher_nbt++.dll.a
- Size
  
  149KB
- MD5
  
  8d84ffb8b2b83a6dbf624f32f742c006
- SHA1
  
  1c2d5bdd169bcebbe2ccb53a1c38100c28766eda
- SHA256
  
  f8e63853de074bcc157188d6130d54ed941aa70950b1a3973d6fafb7e5ffd280
- SHA512
  
  1e9af50190915cc713d15704efb49ffbabdc8df2694e125c61fef584843d73ddced729a6abb0d9201f9b8848d306e99bdd864722063f788e2a068cd33f598adb
- SSDEEP
  
  768:SPr973mhAAku4Z6nDyCFUfO0Pd7gyLz2SJRi38KfKCDTAPpqWpxMzqr17FHWqmlZ:Wr973mXGqKrYEo0lN1s57cYm6
Score

3^/10
behavioral20
- Target
  
  UltimMC/libLauncher_quazip.dll
- Size
  
  313KB
- MD5
  
  1fe2bedef136d374c4394e872d095a63
- SHA1
  
  d3fd9349f5c5b152517cbbe3b8b6c746ca855192
- SHA256
  
  5913e054a73017d62fdb5f9e938085414a0864275496a5a7b10a8b1beeabe19a
- SHA512
  
  98fc587b7f287c9e9aedd0d101c6b4ce34ca924e5eff0182e1ce119cc600bdbdb7708662980a294d6ee925ac85ec6dd8658047309e99c25c2fd49981af09e99a
- SSDEEP
  
  6144:w2GqFejo44ffwqGOIq/2aPWt8RJhywVapRwT5yM:QqFBF0Oh9T
Score

3^/10
behavioral21
- Target
  
  UltimMC/libLauncher_rainbow.dll
- Size
  
  67KB
- MD5
  
  f4191bc0ee62ef9c6e11e880b78cf29c
- SHA1
  
  623b78c642c43a8395f65fc99a90663f4f446758
- SHA256
  
  93a219e380a4995940924d5c6acb779057f58d3a7189e60a1384963414fde4bf
- SHA512
  
  742ad3e54c5059a3626889051558d69d638e4d22a10b50ddbe5fb75f45283a360dc5d6ae989ca1df4433cafdb243fbf4dce6d24d3f1c155b99cc9efa49ebc7c3
- SSDEEP
  
  768:pEg24DKoyYH150BEexXfz2xGppy/a2MaOtRd9P9mg8rO71:pFVD11ij1oDM5hP7x
Score

3^/10
behavioral22
- Target
  
  UltimMC/libeay32.dll
- Size
  
  2.0MB
- MD5
  
  cbf108307adf8bd4bab6b128d07b9dfd
- SHA1
  
  69a2faf90356c46a19a2062e388217f94c195d47
- SHA256
  
  2f20c026052e5fa19cef41ffe0efcf24d8a0b72b111836b752c5a5233a3bba24
- SHA512
  
  aa4ce9a4a2fbba5c6d79b21c659319ce88b9fae853ab5192e48cbd384bb9211ce52de003bf784aaff0133740bc130675044ca72a1713607554558ead8162b8f0
- SSDEEP
  
  49152:ITREYq/BXaITiJ3AI9r5O55DPy5oEHTcdcFKFRMKMn/0Nq6D/V41G:ITREYq/BXtTiJ3AI9r5O55DPy5oEHXKP
Score

1^/10
behavioral23
- Target
  
  UltimMC/libgcc_s_dw2-1.dll
- Size
  
  117KB
- MD5
  
  fadde43c97607e4445a6f924d851f04e
- SHA1
  
  36c1aa0e1b6d4a322c350f5e502c10c64c203041
- SHA256
  
  f0614835136413217ed3baec9ba22aaac4c37956afcb0209f1f89b7676ae86bc
- SHA512
  
  66f5637419f88070838ed522defad9aa1b46dd4fd8cb045e0292742831520740d152795b6e99770f34061db596019ef3a342a956b541180e78d1c48b2703f42c
- SSDEEP
  
  1536:CxINSJvU82V9dUT4PsXQ+2Q4p2VtjByBzEj6zu3PEhOKeLTxaek:CzmpUkPsXQ+2zsBy9IPEh6Zaek
Score

3^/10
behavioral24
- Target
  
  UltimMC/libssp-0.dll
- Size
  
  18KB
- MD5
  
  d6859975aaf6d3aa92f2d50f6e9876a0
- SHA1
  
  d3cf8dd3f1ab9712e819a33b3827fe02e7732aa8
- SHA256
  
  17329c4c19e8f23cde9c99155eb3f8759f8d2383ad856c32a51b3b9fa2846811
- SHA512
  
  75acc3c020cd7138f5f5e3aac30c6d659a20c6f1bfe3635a6cebae13c4ea0a549994ca65b51f96b8f6042b0e2696e68762ec5a683fd25133729631cf6b43ad15
- SSDEEP
  
  192:dp7WMmYHrucAtBZgcVJRi15SDTiDLbjIq1W8WQjfHTjXtUxmj:/aM5aNMcV30VLbj9sJQ7HXQg
Score

3^/10
behavioral25
- Target
  
  UltimMC/libstdc++-6.dll
- Size
  
  1002KB
- MD5
  
  c283d446b34e75019b81d0981cb11f0d
- SHA1
  
  a6e146975dfc55b0659d09e25b9a69f7cff993dc
- SHA256
  
  f6530962659d0641236a42517a30dc55c4fcb7d30e942c3e820af343798a770d
- SHA512
  
  eb51969a79ee4501c955a81cec9f07e9a39007c1ea69c5021e03ebf3b640d949e19f6e0cd7af969e80ec60ea6b8477804fb76deec2704db503e72906103fea63
- SSDEEP
  
  24576:KSNHTild8LMw2g8XiGkMAZ0dP5Bd+1DT50v4H:7dLM8GkMAQBdih
Score

3^/10
behavioral26
- Target
  
  UltimMC/libwinpthread-1.dll
- Size
  
  48KB
- MD5
  
  d128ae39a79e5d196fc001907b5ec3d1
- SHA1
  
  71de74d0aa93903e0a169c88fd21e0c617f0660a
- SHA256
  
  4195ac1e3a4a8056de42c31d511e0e595772439adba96180b8953ef5f135f7a5
- SHA512
  
  5b32eb7e2f01fb17ed0c4434a525ae3056acddde75c32c5036c18b6f2ffa4cf80cfee9bab4c824ca313e6e33114ea0e761dc8f75db3bbbbe4319c079848a3c06
- SSDEEP
  
  768:NdOT5wjxqOfH36THnf/GcTuI4bOBxZXmVwDI7dTBhkSoFrg22222222222A26wiB:rE5wtqOfX6T/uDIm4xZ2WI7jhkSoFHij
Score

1^/10
behavioral27
- Target
  
  UltimMC/platforms/qwindows.dll
- Size
  
  1.4MB
- MD5
  
  56954e18add3156caba4489616e892dd
- SHA1
  
  36cc60e7da33ac88f4c3bb61f2ddf01d384a73ca
- SHA256
  
  8745fcf14809fccd3acb3e579993cad589a1203d0bd3cb1acd5d3a9bb0e92583
- SHA512
  
  2e72776f03af37bdbd280d475709e0d4f7c1d4f98ff6222b77f26e10c848732d1a2578482c3d51633477c7dbe77e2aed25c117744a958893fc048bb15ee574fc
- SSDEEP
  
  24576:aiKxMPHVBhiCphvSPkcnQXTHr31zvut7Z+rXOA7WIZETX3klg89Ypay:20p/JvutPjTX3klg89Ypay
Score

1^/10
behavioral28
- Target
  
  UltimMC/qt.conf
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10
behavioral29
- Target
  
  UltimMC/ssleay32.dll
- Size
  
  435KB
- MD5
  
  2a9639d9287113b49a9bddb878c2938e
- SHA1
  
  c8a60c7d228c0d45640bc9b243281e32e37d3ca0
- SHA256
  
  0f4bb89e47492f2f6c43d851b0ec94f5d60738921efdcec0fb1a0b386904a126
- SHA512
  
  35e9231b4fc9f7841e764953d224e5b550de6d9e09758cafb7b92261fafdb6bec4e10aadd28d65ce0a87632eaa43c544be0c40731123dac695fc76c7dcd2ebb4
- SSDEEP
  
  6144:5qrg0lIeOMz+nhhNH72O8limm1bB/0Ya8QQZiHjDvzHXOi53EZL5hijSdg:B8lfm1bBzhZiHjzK9/IjCg
Score

1^/10
behavioral30
- Target
  
  UltimMC/zlib1.dll
- Size
  
  73KB
- MD5
  
  c7d4d685a0af2a09cbc21cb474358595
- SHA1
  
  b784599c82bb90d5267fd70aaa42acc0c614b5d2
- SHA256
  
  e96b397b499d9eaa3f52eaf496ca8941e80c0ad1544879ccadf02bf2c6a1ecfc
- SHA512
  
  fed2c126a499fae6215e0ef7d76aeec45b60417ed11c7732379d1e92c87e27355fe8753efed86af4f58d52ea695494ef674538192fac1e8a2a114467061a108b
- SSDEEP
  
  1536:+4nToIf2W/nkQRZHaamLQHoIOah7Vryh7IO4cZlIXw6Epb:bTBfHdRZH9mLQHuaBVGn4FXw6E1
Score

3^/10
behavioral31

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

T1176

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Blocklisted process makes network request

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

Registers COM server for autorun

Adds Run key to start application

Enumerates connected drives

Installs/modifies Browser Helper Object

Drops file in System32 directory

Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31