Overview

overview

7

Static

static

3

tuc4.exe

windows7-x64

7

tuc4.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tuc4.exe

  • Size

    6.9MB

  • Sample

    231211-qhvtysfddp

  • MD5

    b27b4f08f3dd5933c0dee4306efd08f2

  • SHA1

    2066b27fdd59762c8fa5c3852de9f3ef0d7e49bd

  • SHA256

    ec95e50cb2626f62776358764f9378d1a1aad1845c5d30c24315681737c83d75

  • SHA512

    5f67a2ef47e2af15f7656102830f7728cb4a3cee87ba855b1aec2410c2e5a5ae697fc974644eb894344ee6f92ad352972dcebfc4544cf8e79c98aebd8eddfcb1

  • SSDEEP

    196608:aDoG3bFqjpLC0TSMLsn33HR83v9i8l7INzj:aDyNLCWZ2HS9iQ7INzj

Score
7/10
discovery

Malware Config

Targets

    • Target

      tuc4.exe

    • Size

      6.9MB

    • MD5

      b27b4f08f3dd5933c0dee4306efd08f2

    • SHA1

      2066b27fdd59762c8fa5c3852de9f3ef0d7e49bd

    • SHA256

      ec95e50cb2626f62776358764f9378d1a1aad1845c5d30c24315681737c83d75

    • SHA512

      5f67a2ef47e2af15f7656102830f7728cb4a3cee87ba855b1aec2410c2e5a5ae697fc974644eb894344ee6f92ad352972dcebfc4544cf8e79c98aebd8eddfcb1

    • SSDEEP

      196608:aDoG3bFqjpLC0TSMLsn33HR83v9i8l7INzj:aDyNLCWZ2HS9iQ7INzj

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks