Overview

overview

7

Static

static

3

tuc5.exe

windows7-x64

7

tuc5.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tuc5.exe

  • Size

    6.9MB

  • Sample

    231210-yhjexscdb9

  • MD5

    f62bac49de652189bbbe840c23d55b2e

  • SHA1

    e8828efd2e1184cd10d0db93501b824bd5cb2a60

  • SHA256

    7629ee3fd879aaa8fdc2eb6220047657dea4d4559e677c9245a86ebcd97fc3ef

  • SHA512

    39ffa487e01947d0830627f93db000e0b5484f5b147a492a6b124ee2379d2154f967ea27dd8ea9695f2c8fa2c28c8aac16dcbf926bf1a5d16a5907c89c10b1df

  • SSDEEP

    196608:YxnTNzjsOzc7TGHscDgcXbIdslX38dgFYJzj:QNztzQlcDPXus98d9Jzj

Score
7/10
discovery

Malware Config

Targets

    • Target

      tuc5.exe

    • Size

      6.9MB

    • MD5

      f62bac49de652189bbbe840c23d55b2e

    • SHA1

      e8828efd2e1184cd10d0db93501b824bd5cb2a60

    • SHA256

      7629ee3fd879aaa8fdc2eb6220047657dea4d4559e677c9245a86ebcd97fc3ef

    • SHA512

      39ffa487e01947d0830627f93db000e0b5484f5b147a492a6b124ee2379d2154f967ea27dd8ea9695f2c8fa2c28c8aac16dcbf926bf1a5d16a5907c89c10b1df

    • SSDEEP

      196608:YxnTNzjsOzc7TGHscDgcXbIdslX38dgFYJzj:QNztzQlcDPXus98d9Jzj

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks