Overview

overview

7

Static

static

3

tuc3.exe

windows7-x64

7

tuc3.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    tuc3.exe

  • Size

    7.6MB

  • Sample

    231211-vyp1vsefb5

  • MD5

    a7e9b6af956da8a6db3e31ba7a9137ed

  • SHA1

    f754962a5c252579f7e6987ee9b2b1356e4737c4

  • SHA256

    825049c70593359ad774b00b69d1748c385b7a34794b9129b74f7762094ed173

  • SHA512

    f5c35d996066e81bd5c476c70b13ee6d62e28d4c0629abf28e0138f4421cc69640834e3448625f8a41aa844eea167b5d8394bf3d646cb0f40c2f9a60bbb42a21

  • SSDEEP

    196608:dnnY8NWvGpWTTlm0OxwW+nFnfZsMUdFt30Dzj:dnnY8NELTIrxwlxQWDzj

Score
7/10
discovery

Malware Config

Targets

    • Target

      tuc3.exe

    • Size

      7.6MB

    • MD5

      a7e9b6af956da8a6db3e31ba7a9137ed

    • SHA1

      f754962a5c252579f7e6987ee9b2b1356e4737c4

    • SHA256

      825049c70593359ad774b00b69d1748c385b7a34794b9129b74f7762094ed173

    • SHA512

      f5c35d996066e81bd5c476c70b13ee6d62e28d4c0629abf28e0138f4421cc69640834e3448625f8a41aa844eea167b5d8394bf3d646cb0f40c2f9a60bbb42a21

    • SSDEEP

      196608:dnnY8NWvGpWTTlm0OxwW+nFnfZsMUdFt30Dzj:dnnY8NELTIrxwlxQWDzj

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks