Overview

overview

7

Static

static

3

mmc-cracked-win32.zip

windows11-21h2-x64

1

UltimMC/Qt5Core.dll

windows11-21h2-x64

3

UltimMC/Qt5Gui.dll

windows11-21h2-x64

3

UltimMC/Qt...rk.dll

windows11-21h2-x64

3

UltimMC/Qt5Svg.dll

windows11-21h2-x64

3

UltimMC/Qt...ts.dll

windows11-21h2-x64

3

UltimMC/Qt5Xml.dll

windows11-21h2-x64

3

UltimMC/UltimMC.exe

windows11-21h2-x64

1

UltimMC/ic...on.dll

windows11-21h2-x64

1

UltimMC/im...if.dll

windows11-21h2-x64

1

UltimMC/im...ns.dll

windows11-21h2-x64

1

UltimMC/im...co.dll

windows11-21h2-x64

1

UltimMC/im...eg.dll

windows11-21h2-x64

1

UltimMC/im...vg.dll

windows11-21h2-x64

1

UltimMC/im...mp.dll

windows11-21h2-x64

1

UltimMC/ja...ck.jar

windows11-21h2-x64

7

UltimMC/ja...ch.jar

windows11-21h2-x64

7

UltimMC/li...ix.dll

windows11-21h2-x64

3

UltimMC/li...++.dll

windows11-21h2-x64

3

UltimMC/li....dll.a

windows11-21h2-x64

3

UltimMC/li...ip.dll

windows11-21h2-x64

3

UltimMC/li...ow.dll

windows11-21h2-x64

3

UltimMC/libeay32.dll

windows11-21h2-x64

1

UltimMC/li...-1.dll

windows11-21h2-x64

3

UltimMC/libssp-0.dll

windows11-21h2-x64

3

UltimMC/li...-6.dll

windows11-21h2-x64

3

UltimMC/li...-1.dll

windows11-21h2-x64

1

UltimMC/pl...ws.dll

windows11-21h2-x64

1

UltimMC/qt.conf

windows11-21h2-x64

3

UltimMC/ssleay32.dll

windows11-21h2-x64

1

UltimMC/zlib1.dll

windows11-21h2-x64

3

Analysis

  • max time kernel
    84s
  • max time network
    99s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240214-en
  • resource tags

    arch:x64arch:x86image:win11-20240214-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    17-02-2024 05:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UltimMC/jars/JavaCheck.jar

  • Size

    1KB

  • MD5

    c137ee1d43b03e8e3ad8bd6d00551b7d

  • SHA1

    eb15abd37ce9ea00e0d6f4d0e132b0de05bd7bf9

  • SHA256

    a8ecabf907272af28af418ce8b964ed9ffba1363ba63c6cb8f33f707548d27ab

  • SHA512

    4721136c60e85e81e3613b2efec9fd0f8b56736bb01053f6b439f2e585bd8078d0179bf5f2d652eba096a2d62b45ff4faf1faeb5ff50a24b74b64fe08c3a2cab

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\UltimMC\jars\JavaCheck.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2156
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:2904

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    a3a8590d3e507f551b32f4fa8ed4476a

    SHA1

    9bf1d3e73fb2aaf4f5f62bdd5a12a2df94211b55

    SHA256

    81d1e8afd6c577010dfc83f7615a8727ea3dde5c62b95515d780753fa5b9836e

    SHA512

    e056abdd9beac25119063edb8e6c46ba8be654c5d831916ce593e3945de0da4c0d162a10495018188b9a17e446f60dae54295a343d417661aad1c795be50ef57

    Download Submit

  • memory/2156-4-0x00000162AE5B0000-0x00000162AF5B0000-memory.dmp

    Filesize

    16.0MB

    Download

  • memory/2156-12-0x00000162ACD80000-0x00000162ACD81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2156-13-0x00000162AE5B0000-0x00000162AF5B0000-memory.dmp

    Filesize

    16.0MB

    Download