Overview

overview

10

Static

static

10

Furk-Ultra...ss.bat

windows7-x64

7

Furk-Ultra...ss.bat

windows10-2004-x64

8

Furk-Ultra...ra.exe

windows7-x64

6

Furk-Ultra...ra.exe

windows10-2004-x64

6

Furk-Ultra...it.dll

windows7-x64

1

Furk-Ultra...it.dll

windows10-2004-x64

1

Furk-Ultra...on.dll

windows7-x64

1

Furk-Ultra...on.dll

windows10-2004-x64

1

Furk-Ultra... V2.js

windows7-x64

3

Furk-Ultra... V2.js

windows10-2004-x64

3

Furk-Ultra...ock.js

windows7-x64

3

Furk-Ultra...ock.js

windows10-2004-x64

3

Furk-Ultra...der.js

windows7-x64

3

Furk-Ultra...der.js

windows10-2004-x64

3

Furk-Ultra...ipt.js

windows7-x64

3

Furk-Ultra...ipt.js

windows10-2004-x64

3

Furk-Ultra...rer.js

windows7-x64

3

Furk-Ultra...rer.js

windows10-2004-x64

3

Furk-Ultra...Hub.js

windows7-x64

3

Furk-Ultra...Hub.js

windows10-2004-x64

3

Furk-Ultra...ass.js

windows7-x64

3

Furk-Ultra...ass.js

windows10-2004-x64

3

Furk-Ultra...ode.js

windows7-x64

3

Furk-Ultra...ode.js

windows10-2004-x64

3

Furk-Ultra...ce.dll

windows7-x64

1

Furk-Ultra...ce.dll

windows10-2004-x64

1

Furk-Ultra...ss.exe

windows7-x64

7

Furk-Ultra...ss.exe

windows10-2004-x64

8

Furk-Ultra...s1.exe

windows7-x64

7

Furk-Ultra...s1.exe

windows10-2004-x64

7

Furk-Ultra...er.dll

windows7-x64

3

Furk-Ultra...er.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    11s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    05-11-2024 04:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Furk-Ultra-main/bin/Bypass.exe

  • Size

    7.3MB

  • MD5

    b6fc4bbdbae0300b3c1fd00dccbcfe78

  • SHA1

    2e14e298c29b2c79cf78a575a79f4488e85a0dd8

  • SHA256

    99935b77b6c7387bb1d572704dd96e804d0a7655e2197afeab8baacc1ad9d067

  • SHA512

    02bbacd3cd3d23f7eab4a33901eabeac6f706140e98835e916c97fb995cd747ac7c09494fcf9a90d0e92c5bc6a43123bfc32dcf88b7e1b5c713cfc7ff3ec9c15

  • SSDEEP

    196608:VuhYS6qOshoKMuIkhVastRL5Di3uq1D7mo:QYSjOshouIkPftRL54DRN

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Furk-Ultra-main\bin\Bypass.exe
    "C:\Users\Admin\AppData\Local\Temp\Furk-Ultra-main\bin\Bypass.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Users\Admin\AppData\Local\Temp\Furk-Ultra-main\bin\Bypass.exe
      "C:\Users\Admin\AppData\Local\Temp\Furk-Ultra-main\bin\Bypass.exe"
      2⤵
      • Loads dropped DLL
      PID:2868

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI21722\python311.dll
    Filesize

    1.6MB

    MD5

    5f6fd64ec2d7d73ae49c34dd12cedb23

    SHA1

    c6e0385a868f3153a6e8879527749db52dce4125

    SHA256

    ff9f102264d1944fbfae2ba70e7a71435f51a3e8c677fd970b621c4c9ea71967

    SHA512

    c4be2d042c6e4d22e46eacfd550f61b8f55814bfe41d216a4df48382247df70bc63151068513855aa78f9b3d2f10ba6a824312948324c92de6dd0f6af414e8ab

    Download Submit

  • memory/2868-23-0x000007FEF6300000-0x000007FEF68E9000-memory.dmp

    Filesize

    5.9MB

    Download