Overview

overview

7

Static

static

3

tuc3.exe

windows7-x64

7

tuc3.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    tuc3.exe

  • Size

    7.6MB

  • Sample

    231211-v4ahcsegc4

  • MD5

    8a2016701ad95e7730b3c21f7d69758f

  • SHA1

    9269633e9526daf06e6625015d46ac6f6c354b3b

  • SHA256

    19b43b1eca6537838330bdcb25f96d65e64bde287b3968d480c51cb410e460ce

  • SHA512

    0ee279bcdbf8a9b8736a0b16908fd4bd70cd5270fda710e56c0922367eae5760377213288a3cfb7439387df5999f1c0e544a318fe3bc6f70c208855d2304446a

  • SSDEEP

    196608:4nnY8NWvGpWTTlm0OxwW+nFnfZsMUdFt30Dzj:4nnY8NELTIrxwlxQWDzj

Score
7/10
discovery

Malware Config

Targets

    • Target

      tuc3.exe

    • Size

      7.6MB

    • MD5

      8a2016701ad95e7730b3c21f7d69758f

    • SHA1

      9269633e9526daf06e6625015d46ac6f6c354b3b

    • SHA256

      19b43b1eca6537838330bdcb25f96d65e64bde287b3968d480c51cb410e460ce

    • SHA512

      0ee279bcdbf8a9b8736a0b16908fd4bd70cd5270fda710e56c0922367eae5760377213288a3cfb7439387df5999f1c0e544a318fe3bc6f70c208855d2304446a

    • SSDEEP

      196608:4nnY8NWvGpWTTlm0OxwW+nFnfZsMUdFt30Dzj:4nnY8NELTIrxwlxQWDzj

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks