Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    tuc3.exe

  • Size

    6.9MB

  • Sample

    231211-ptcl3sgag8

  • MD5

    197a367835c8c035f402dffcf377c32c

  • SHA1

    d4f78eeb4583df1a56b367adf5cb443d3b8a6441

  • SHA256

    382696478fca3505f35fa47324b10b5ff9e4ed5b1f2b7f38395cf4c1430a70d1

  • SHA512

    42a91db9031a8171525ec535518a6ee34acef55153f425b12d50b3e5b849ff6a5e021d0e53a64540fc7bccb7e2e0f3889f8351246b701cd61ada4b01a64dbcff

  • SSDEEP

    196608:6W0fKLtr95HARqIrmVY8S50UL8Kj8yTwHvWY3Nzj:6tO/hAPmVNyEWeNzj

Score
7/10

Malware Config

Targets

    • Target

      tuc3.exe

    • Size

      6.9MB

    • MD5

      197a367835c8c035f402dffcf377c32c

    • SHA1

      d4f78eeb4583df1a56b367adf5cb443d3b8a6441

    • SHA256

      382696478fca3505f35fa47324b10b5ff9e4ed5b1f2b7f38395cf4c1430a70d1

    • SHA512

      42a91db9031a8171525ec535518a6ee34acef55153f425b12d50b3e5b849ff6a5e021d0e53a64540fc7bccb7e2e0f3889f8351246b701cd61ada4b01a64dbcff

    • SSDEEP

      196608:6W0fKLtr95HARqIrmVY8S50UL8Kj8yTwHvWY3Nzj:6tO/hAPmVNyEWeNzj

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks