Overview

overview

7

Static

static

3

tuc3.exe

windows7-x64

7

tuc3.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    tuc3.exe

  • Size

    7.6MB

  • Sample

    231211-trrqfadcc7

  • MD5

    511cd2302f0fe5d87619126aa3de8ef6

  • SHA1

    efb34b47412a277a0bb898ee036b2830d66dd102

  • SHA256

    db2df2578d7d2c15e5c1696c6dbe2ebc4426beff743c724afb99f0d5b28ed56e

  • SHA512

    98b0c36bc3cdc4b08af59c704f3333be99ef405201062c5158b5f36892e5451fe51a475975cf9745fcea77c73b6d13ed5a567559b1eb2a73e640c846d9c472c1

  • SSDEEP

    196608:KnnY8NWvGpWTTlm0OxwW+nFnfZsMUdFt30Dzj:KnnY8NELTIrxwlxQWDzj

Score
7/10
discovery

Malware Config

Targets

    • Target

      tuc3.exe

    • Size

      7.6MB

    • MD5

      511cd2302f0fe5d87619126aa3de8ef6

    • SHA1

      efb34b47412a277a0bb898ee036b2830d66dd102

    • SHA256

      db2df2578d7d2c15e5c1696c6dbe2ebc4426beff743c724afb99f0d5b28ed56e

    • SHA512

      98b0c36bc3cdc4b08af59c704f3333be99ef405201062c5158b5f36892e5451fe51a475975cf9745fcea77c73b6d13ed5a567559b1eb2a73e640c846d9c472c1

    • SSDEEP

      196608:KnnY8NWvGpWTTlm0OxwW+nFnfZsMUdFt30Dzj:KnnY8NELTIrxwlxQWDzj

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks