Overview

overview

7

Static

static

3

tuc4.exe

windows7-x64

7

tuc4.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    tuc4.exe

  • Size

    6.9MB

  • Sample

    231211-rcndcsaab6

  • MD5

    f9f561dc2153e16897b25025b169418d

  • SHA1

    cdcebb9aa30450343ac851a206c07ea96abb0869

  • SHA256

    df44a30e416d103b13f250200863a866d5dc16a24160287c136b9fb3cc8ad512

  • SHA512

    11f153abefdf19a3b1724b267b9cd9be4d6a50fc0fae904e51439ff9a8d115c00b79782408655e45f53393a0cf3d72ec801d796bbdb6ee43184056208ecc10fc

  • SSDEEP

    196608:wDoG3bFqjpLC0TSMLsn33HR83v9i8l7INzj:wDyNLCWZ2HS9iQ7INzj

Score
7/10
discovery

Malware Config

Targets

    • Target

      tuc4.exe

    • Size

      6.9MB

    • MD5

      f9f561dc2153e16897b25025b169418d

    • SHA1

      cdcebb9aa30450343ac851a206c07ea96abb0869

    • SHA256

      df44a30e416d103b13f250200863a866d5dc16a24160287c136b9fb3cc8ad512

    • SHA512

      11f153abefdf19a3b1724b267b9cd9be4d6a50fc0fae904e51439ff9a8d115c00b79782408655e45f53393a0cf3d72ec801d796bbdb6ee43184056208ecc10fc

    • SSDEEP

      196608:wDoG3bFqjpLC0TSMLsn33HR83v9i8l7INzj:wDyNLCWZ2HS9iQ7INzj

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks