Overview

overview

3

Static

static

3

ULTRAKILL....er.dll

windows7-x64

3

ULTRAKILL....er.dll

windows10-2004-x64

3

ULTRAKILL....gc.dll

windows7-x64

1

ULTRAKILL....gc.dll

windows10-2004-x64

1

ULTRAKILL....tor.js

windows7-x64

1

ULTRAKILL....tor.js

windows10-2004-x64

1

ULTRAKILL....ne.xml

windows7-x64

1

ULTRAKILL....ne.xml

windows10-2004-x64

3

ULTRAKILL....gs.xml

windows7-x64

1

ULTRAKILL....gs.xml

windows10-2004-x64

3

ULTRAKILL....eb.xml

windows7-x64

1

ULTRAKILL....eb.xml

windows10-2004-x64

3

ULTRAKILL....tor.js

windows7-x64

1

ULTRAKILL....tor.js

windows10-2004-x64

1

ULTRAKILL....ne.xml

windows7-x64

1

ULTRAKILL....ne.xml

windows10-2004-x64

3

ULTRAKILL....gs.xml

windows7-x64

1

ULTRAKILL....gs.xml

windows10-2004-x64

3

ULTRAKILL....eb.xml

windows7-x64

1

ULTRAKILL....eb.xml

windows10-2004-x64

3

ULTRAKILL....tor.js

windows7-x64

1

ULTRAKILL....tor.js

windows10-2004-x64

1

ULTRAKILL....ne.xml

windows7-x64

1

ULTRAKILL....ne.xml

windows10-2004-x64

3

ULTRAKILL....gs.xml

windows7-x64

1

ULTRAKILL....gs.xml

windows10-2004-x64

3

ULTRAKILL....eb.xml

windows7-x64

1

ULTRAKILL....eb.xml

windows10-2004-x64

3

ULTRAKILL....LL.exe

windows7-x64

1

ULTRAKILL....LL.exe

windows10-2004-x64

1

ULTRAKILL....rp.dll

windows7-x64

1

ULTRAKILL....rp.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ULTR44K10LL.rar

  • Size

    835.3MB

  • Sample

    230901-c48q2scb73

  • MD5

    cc9c9b61d03ffd393446475836ed9aea

  • SHA1

    3790a99ad3feaf989e8840114af7fc30c912807b

  • SHA256

    9f4aa71a0e564af882ee2afa5070e786884efa2af977ed9f67100211a0c6d8cf

  • SHA512

    5acc8b88c2219a0b094fb762828fb18e003b3ba26c3b221f7860c19745e951b488595232cf5021585280d12bd69962425688dd61cd63431303f00e00943fad8c

  • SSDEEP

    25165824:zRjJFRFis7yIvfz0k+XpiTlEtoGdkguUP8FtAkTFojbyiyuVBqIh:zR9F17yInzgXpiarqU6FTFojuiysBqIh

Score
3/10

Malware Config

Targets

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/MonoBleedingEdge/EmbedRuntime/MonoPosixHelper.dll

    • Size

      762KB

    • MD5

      71dfa7950ff7ea5840f97225095b8c86

    • SHA1

      8737d337ebd78793a680fadb92c8086c88656d2b

    • SHA256

      90c2f89fd0f92038685cdce8d3a900453c1b60ff5a6d9308361d5edcc39c51ea

    • SHA512

      8061edc03e504b125e840904e620e500ea1e30d7d7b4ccd439762f241295b5de7ad9381ee03d2eb7977783fc56d06661fe7a21129dec823141f3bb2f9b1eb651

    • SSDEEP

      12288:gDO9tW5xZpTCJvEFvN9TH+m36rm+QFk0Po1TnmfqXTymL:RILZpTCJvEFvN9Tp2DQFk0Po1TIqDL

    Score
    3/10
    behavioral1behavioral2

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/MonoBleedingEdge/EmbedRuntime/mono-2.0-bdwgc.dll

    • Size

      4.7MB

    • MD5

      de4a4bc28f9b0c8a045bcc4a67f80e60

    • SHA1

      126ff76f71775b02b4d1ff5b1af693321d62e33f

    • SHA256

      053a51d9865420e30ba0b9a33743b53b96aeab46143a0a728a008296177348f2

    • SHA512

      7272afb3ebb6831121b56630469a3dc5477a743813bd9073a5e782606a57b9f6cbf0f9750a0da263f5291b424d9e840c94bce3e4d44df6c1fb61f66254ce13b5

    • SSDEEP

      49152:Y07USdrGFxZUs3doHWfd1hTAhmnSK7lmsyVrXoOtwglFQ3XiDedOpxW5//4xd+CI:+DBjd1hAmzIrX7i04cd+CwVgnuZ

    Score
    1/10
    behavioral3behavioral4

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/MonoBleedingEdge/etc/mono/2.0/DefaultWsdlHelpGenerator.aspx

    • Size

      59KB

    • MD5

      f7be9f1841ff92f9d4040aed832e0c79

    • SHA1

      b3e4b508aab3cf201c06892713b43ddb0c43b7ae

    • SHA256

      751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a

    • SHA512

      380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5

    • SSDEEP

      768:6CEPutHjvpMgMwP9h5Ij7khsp/6JtEZwMXVtkUI3t3CXyEyk3VbNbqDvJ4oT1y:/r6CdsCOZwMX3k5dWyklh+Dvbw

    Score
    1/10
    behavioral5behavioral6

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/MonoBleedingEdge/etc/mono/2.0/machine.config

    • Size

      28KB

    • MD5

      cad24142abba464dd90777c3d347ef88

    • SHA1

      d8db7111fce5a08d8b7c9a6e1e0ad2fbf34cfe12

    • SHA256

      edc5bcf685d930a607bc097927260a3f9ac7f52dd809db68158298bfd934b7ce

    • SHA512

      5d3ee2ee7921c95cc30790ae670fcadcf091d4fa1b9b5e1b9c7500c67230abe25467236ed160c51aa662e764ccea10e4955887359a65b09432b727abf27f8454

    • SSDEEP

      384:PbBtBtWR5RwRqrR2RN3RPfRaRvRyRaRIKbX/y4RpQXWBE43g:DuY

    Score
    3/10
    behavioral7behavioral8

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/MonoBleedingEdge/etc/mono/2.0/settings.map

    • Size

      2KB

    • MD5

      22c818a23169e12bd3c8587b6394c731

    • SHA1

      dd2be2dbccd34736719301aee92429d4258ea5a0

    • SHA256

      49c6160f9d54af4270a3b4e997fc4a8301f79b9e2070118fa46ddbcbbc44f9a2

    • SHA512

      c1352e817e01277413a1790a94a4f979dc1b8333874fef28d735441c034c97bf8ce501fd9cd04c47d25541a0c1d54fcd4dd3bee9ac3e8fbde83ada9a1d2662d7

    Score
    3/10
    behavioral10behavioral9

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/MonoBleedingEdge/etc/mono/2.0/web.config

    • Size

      11KB

    • MD5

      2b6303c4f12762b71051db6e947f90a4

    • SHA1

      a4d7e05516f63d6ab67327b299d4fb2852cb840b

    • SHA256

      3c1a76a5849074b437d297656a208a3bef6d84b982153542b9c797046c601dfc

    • SHA512

      80f5da60654e1851ef21526e434b32d94e18883a08bacbbaa0e1f85b80469c46510b6ddb9b429f16cc4be89c6f2bb2627bbae9cb1d0c7e45b665efb7721c6d86

    • SSDEEP

      192:wcedeaZ0sEMYaWN5bs6yyzEVkEYEG/Z1f5v6CuCCrtQzPwkP/waeKjy:wj5YaWPs6/1zwya

    Score
    3/10
    behavioral11behavioral12

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/MonoBleedingEdge/etc/mono/4.0/DefaultWsdlHelpGenerator.aspx

    • Size

      59KB

    • MD5

      f7be9f1841ff92f9d4040aed832e0c79

    • SHA1

      b3e4b508aab3cf201c06892713b43ddb0c43b7ae

    • SHA256

      751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a

    • SHA512

      380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5

    • SSDEEP

      768:6CEPutHjvpMgMwP9h5Ij7khsp/6JtEZwMXVtkUI3t3CXyEyk3VbNbqDvJ4oT1y:/r6CdsCOZwMX3k5dWyklh+Dvbw

    Score
    1/10
    behavioral13behavioral14

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/MonoBleedingEdge/etc/mono/4.0/machine.config

    • Size

      32KB

    • MD5

      24c866ce8037fcdca2287234eddff637

    • SHA1

      9245befcd116458e9619694f1a785c50fa61b58e

    • SHA256

      6919d5af506aae0d93e91bd83418a81895a5554b9f54cf94aad20d025a4db664

    • SHA512

      f9960b5d5e7db35fe4a492dbba1f90cd0f0f0c4d84349baf33de3a941de57cffdec670b5be9862306503f7b5d57a697208921e7099cea13d4daf3310840ff4d2

    • SSDEEP

      384:PbtltttttSRtNRtcRtGrRtSRtBDRp5Rt70gRt2RtTf1RDRty6ugyunHMSeuWuGR0:7Kn

    Score
    3/10
    behavioral15behavioral16

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/MonoBleedingEdge/etc/mono/4.0/settings.map

    • Size

      2KB

    • MD5

      ba17ade8a8e3ee221377534c8136f617

    • SHA1

      8e17e2aec423a8e6fb43e8cbe6215040217bb8a3

    • SHA256

      ce1db1ad8a9512073164e3eccdc193f7eda036e1a9733caec4635de21b2865c8

    • SHA512

      c18bcbcbd4b9a20a72b1a934d70db1eafef047f34f3ba2c6357d8e3afed07ecaab861e5571ceb58c22d4d3e5ebb34b51e366a0553c3153fbc263d1d80472e297

    Score
    3/10
    behavioral17behavioral18

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/MonoBleedingEdge/etc/mono/4.0/web.config

    • Size

      18KB

    • MD5

      b127480ee9f0b8dab6a3f73ad79dd332

    • SHA1

      7d776d730cbd253564713f36573dd8366782788c

    • SHA256

      f1a6416eeedd9d040387fd85dcf7d6e074b6644c6829d08be220ff9fc32efb31

    • SHA512

      00ddca43ad38127cf71477810c46617fc2ccdc33f197e26ba761151107eff701fec2caa51e43575fb5b4fbc11f640f525ba70b6b3e97811cecabc63773492401

    • SSDEEP

      384:lJJuAr8F1mJ1ayCk5+HK5YaW41DBWTwahst/tlLvSqwwU4FVXaS7L3nHIXYFXc//:jbpJX91Xbi

    Score
    3/10
    behavioral19behavioral20

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/MonoBleedingEdge/etc/mono/4.5/DefaultWsdlHelpGenerator.aspx

    • Size

      59KB

    • MD5

      f7be9f1841ff92f9d4040aed832e0c79

    • SHA1

      b3e4b508aab3cf201c06892713b43ddb0c43b7ae

    • SHA256

      751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a

    • SHA512

      380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5

    • SSDEEP

      768:6CEPutHjvpMgMwP9h5Ij7khsp/6JtEZwMXVtkUI3t3CXyEyk3VbNbqDvJ4oT1y:/r6CdsCOZwMX3k5dWyklh+Dvbw

    Score
    1/10
    behavioral21behavioral22

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/MonoBleedingEdge/etc/mono/4.5/machine.config

    • Size

      33KB

    • MD5

      0869544722561f5aff0eefc83fc7b001

    • SHA1

      1e118f4b5c1c6a7b1858e3fccb1b1d1095561976

    • SHA256

      ef9b9387168fd1dd6c996f96c134d9c44f8eb06f9587004bf997252a520182d6

    • SHA512

      ced7c9a5363cabdb87b01ed6b4ca190a690640dddf5cbcc0438acdc611a8ee942cb6cd73c78d3fc2d59f70171f22ac832a10b1e23758dc92599ee24acd978ac2

    • SSDEEP

      384:PbtltttttSRtNRtcRtGrRtSRtTf5Rt70zDgRt2Rtuj4f1RDRty6ugyunHMSeuWuh:dkn

    Score
    3/10
    behavioral23behavioral24

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/MonoBleedingEdge/etc/mono/4.5/settings.map

    • Size

      2KB

    • MD5

      ba17ade8a8e3ee221377534c8136f617

    • SHA1

      8e17e2aec423a8e6fb43e8cbe6215040217bb8a3

    • SHA256

      ce1db1ad8a9512073164e3eccdc193f7eda036e1a9733caec4635de21b2865c8

    • SHA512

      c18bcbcbd4b9a20a72b1a934d70db1eafef047f34f3ba2c6357d8e3afed07ecaab861e5571ceb58c22d4d3e5ebb34b51e366a0553c3153fbc263d1d80472e297

    Score
    3/10
    behavioral25behavioral26

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/MonoBleedingEdge/etc/mono/4.5/web.config

    • Size

      18KB

    • MD5

      08101241b15b53ef0ab908f6d388881f

    • SHA1

      ea3e2ad6d71d483c54b12852dcbdcd0baa569988

    • SHA256

      15a2c7a9242bf54d3ccb3e07fa6d8f84ba8b303d8877243787a1103009941bdb

    • SHA512

      a1ee7f17bb069ac42483d1f98ca839ff1bd06f3fc15cd379dff4aca3732a5dac24dc17e15acc8f8fa39e60e186219f4fd70664f9ea284002274a4ff8609791ed

    • SSDEEP

      384:lJJuAr8F1mJ1ayCk5+HK5YaW41DBWTwa6st/tlLvSqwwU4FVXaS7L3nHIXYFXc//:jbpJi91Xbi

    Score
    3/10
    behavioral27behavioral28

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/ULTRAKILL.exe

    • Size

      635KB

    • MD5

      01b736e145d8e25fb25d2dac2faf06e8

    • SHA1

      95f20307a5e523d4bbce953cc36cc41032618b87

    • SHA256

      1b5c2ba23e37c14c4b05d594d4dc7e507e6bc6b9bec2e9dd2e432ad13b578b72

    • SHA512

      8dae850c8a4322c54fa70324bf110fca5e839e56714f6a87b6cfc53bf06a7a62453ded797e23020720b1dd868f6f019fc6166684fcc37594f603a41ebc9e8ace

    • SSDEEP

      6144:x/7oYfSHQPWTUg4xyBEevumoLTh+6+2Bqty:N7qTUByBEevumoB+6+Nty

    Score
    1/10
    behavioral29behavioral30

    • Target

      ULTRAKILL.v24.12.2020-PiviGames.blog/ULTRAKILL/ULTRAKILL_Data/Managed/Assembly-CSharp.dll

    • Size

      701KB

    • MD5

      53008bcc8da86dbdb04dcbddccf70d17

    • SHA1

      f5d7721d89c9688adfc352d27d8daca9ce66bad0

    • SHA256

      3ac808525ab7f78a7438659a52be1aecf9fe2ee8aab7b293326b6c3d418ee88b

    • SHA512

      7f3e4a36396ba511c50c7f1b89a314c3bbe6e6b39a53d2a092cf199d3150550739fc197da988e4110a590f9a651600bab6dafcf62fb1b16cb31a3c3942115818

    • SSDEEP

      12288:Lr7yX0TDpL36oDtKMHsYxfhpk8V7Nwn/pPE:TVXHHsazk8V7+/pPE

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks