Overview

overview

7

Static

static

3

tuc3.exe

windows7-x64

7

tuc3.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    tuc3.exe

  • Size

    6.9MB

  • Sample

    231211-q4b9qsgbhl

  • MD5

    cf2e1ad41746c3305549f947bc1d5974

  • SHA1

    f53f78160c366f093ae9e2b569908933b807cbdc

  • SHA256

    e08c83374b8659d9d93166ece99283c62cb57bbc7c65967b4a39757a19a0bf1b

  • SHA512

    a87b18ad34fcb95a9f5c23c54b93e8d8c95ecfd8dd45809c78d7d8ee84f06f1eb0650a687d28229a13ba6d775bca904a94ed8ff077bfeadef784121d040a210c

  • SSDEEP

    196608:AW0fKLtr95HARqIrmVY8S50UL8Kj8yTwHvWY3Nzj:AtO/hAPmVNyEWeNzj

Score
7/10
discovery

Malware Config

Targets

    • Target

      tuc3.exe

    • Size

      6.9MB

    • MD5

      cf2e1ad41746c3305549f947bc1d5974

    • SHA1

      f53f78160c366f093ae9e2b569908933b807cbdc

    • SHA256

      e08c83374b8659d9d93166ece99283c62cb57bbc7c65967b4a39757a19a0bf1b

    • SHA512

      a87b18ad34fcb95a9f5c23c54b93e8d8c95ecfd8dd45809c78d7d8ee84f06f1eb0650a687d28229a13ba6d775bca904a94ed8ff077bfeadef784121d040a210c

    • SSDEEP

      196608:AW0fKLtr95HARqIrmVY8S50UL8Kj8yTwHvWY3Nzj:AtO/hAPmVNyEWeNzj

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks