Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

mmc-cracked-win32.zip

windows7-x64

1

mmc-cracked-win32.zip

windows10-2004-x64

1

UltimMC/Qt5Core.dll

windows7-x64

3

UltimMC/Qt5Core.dll

windows10-2004-x64

3

UltimMC/Qt5Gui.dll

windows7-x64

3

UltimMC/Qt5Gui.dll

windows10-2004-x64

3

UltimMC/Qt...rk.dll

windows7-x64

3

UltimMC/Qt...rk.dll

windows10-2004-x64

3

UltimMC/Qt5Svg.dll

windows7-x64

1

UltimMC/Qt5Svg.dll

windows10-2004-x64

3

UltimMC/Qt...ts.dll

windows7-x64

1

UltimMC/Qt...ts.dll

windows10-2004-x64

3

UltimMC/Qt5Xml.dll

windows7-x64

3

UltimMC/Qt5Xml.dll

windows10-2004-x64

3

UltimMC/UltimMC.exe

windows7-x64

1

UltimMC/UltimMC.exe

windows10-2004-x64

1

UltimMC/ic...on.dll

windows7-x64

1

UltimMC/ic...on.dll

windows10-2004-x64

1

UltimMC/im...if.dll

windows7-x64

1

UltimMC/im...if.dll

windows10-2004-x64

1

UltimMC/im...ns.dll

windows7-x64

1

UltimMC/im...ns.dll

windows10-2004-x64

1

UltimMC/im...co.dll

windows7-x64

1

UltimMC/im...co.dll

windows10-2004-x64

1

UltimMC/im...eg.dll

windows7-x64

1

UltimMC/im...eg.dll

windows10-2004-x64

1

UltimMC/im...vg.dll

windows7-x64

1

UltimMC/im...vg.dll

windows10-2004-x64

1

UltimMC/im...mp.dll

windows7-x64

1

UltimMC/im...mp.dll

windows10-2004-x64

1

UltimMC/ja...ck.jar

windows7-x64

1

UltimMC/ja...ck.jar

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    278s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/02/2024, 23:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UltimMC/jars/JavaCheck.jar

  • Size

    1KB

  • MD5

    c137ee1d43b03e8e3ad8bd6d00551b7d

  • SHA1

    eb15abd37ce9ea00e0d6f4d0e132b0de05bd7bf9

  • SHA256

    a8ecabf907272af28af418ce8b964ed9ffba1363ba63c6cb8f33f707548d27ab

  • SHA512

    4721136c60e85e81e3613b2efec9fd0f8b56736bb01053f6b439f2e585bd8078d0179bf5f2d652eba096a2d62b45ff4faf1faeb5ff50a24b74b64fe08c3a2cab

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\UltimMC\jars\JavaCheck.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:824
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:4048

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    5b553a200f8699bcfeedbf629974e63d

    SHA1

    42a7269e48b6aed224c15bda4c9e47095cb01279

    SHA256

    19ed4eb784a82f855280e737a7688d24a196983ad32125049fb72d76af34dd9e

    SHA512

    9b9261bd7d59cb7ae8f08a24ceb559a84c187f2dfe457733184692141f275ef8a84a3aa95649f555e58e66821ac3dc4dcc9653c074a550008b01cb5b0f0e8eec

    Download Submit

  • memory/824-4-0x0000014E56BA0000-0x0000014E57BA0000-memory.dmp

    Filesize

    16.0MB

    Download

  • memory/824-11-0x0000014E55320000-0x0000014E55321000-memory.dmp

    Filesize

    4KB

    Download