Overview

overview

7

Static

static

3

tuc4.exe

windows7-x64

7

tuc4.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tuc4.exe

  • Size

    7.5MB

  • Sample

    231211-w8w3laedhk

  • MD5

    e40114940908d8b514685a4c0d27d598

  • SHA1

    f34f177dcacf590687094fb53ac79bbbd63e690d

  • SHA256

    1a7af3f41490b3228c20fcb57f6652a819afc6a8c05f82fee528d00fc4eba0b4

  • SHA512

    489f32a162c034c59d29661c7850cdea80df73fdf0448c77d0709c7b2e3efc7f5c776991280c00884deaffa1f2c70bf8673e229d9d845e7b8a82f10be61d22f6

  • SSDEEP

    196608:MpVDDR8SZqepbLqwjKpDf/NIpEpDqfBrT0/WViLFfzj:MpVBtvpbL/+vVYBrTTefzj

Score
7/10
discovery

Malware Config

Targets

    • Target

      tuc4.exe

    • Size

      7.5MB

    • MD5

      e40114940908d8b514685a4c0d27d598

    • SHA1

      f34f177dcacf590687094fb53ac79bbbd63e690d

    • SHA256

      1a7af3f41490b3228c20fcb57f6652a819afc6a8c05f82fee528d00fc4eba0b4

    • SHA512

      489f32a162c034c59d29661c7850cdea80df73fdf0448c77d0709c7b2e3efc7f5c776991280c00884deaffa1f2c70bf8673e229d9d845e7b8a82f10be61d22f6

    • SSDEEP

      196608:MpVDDR8SZqepbLqwjKpDf/NIpEpDqfBrT0/WViLFfzj:MpVBtvpbL/+vVYBrTTefzj

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks