Overview

overview

7

Static

static

3

tuc6.exe

windows7-x64

7

tuc6.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    tuc6.exe

  • Size

    7.5MB

  • Sample

    231211-wx7d7affb9

  • MD5

    99d2b5071d7bdbc5a578c18d33982673

  • SHA1

    aa5e046917f5445eb708b672dac626ba605dfafe

  • SHA256

    6d576c582d9791f4b8f7bfbc26ba34a163e094487c66d7791fcf1441e6c9cc5d

  • SHA512

    ac2d81f195929f5a451e1ace0f99faf4ec17b754353610e6e58315b437359be418a95311ecc31d8b0cd34db32eee5432e0e7631217751311970754e6e57cb59c

  • SSDEEP

    196608:yq/iLRC0OLkYNew6tjCtD2RQVsBp4UAzj:yHC9Lkuew6t2oCO9Azj

Score
7/10
discovery

Malware Config

Targets

    • Target

      tuc6.exe

    • Size

      7.5MB

    • MD5

      99d2b5071d7bdbc5a578c18d33982673

    • SHA1

      aa5e046917f5445eb708b672dac626ba605dfafe

    • SHA256

      6d576c582d9791f4b8f7bfbc26ba34a163e094487c66d7791fcf1441e6c9cc5d

    • SHA512

      ac2d81f195929f5a451e1ace0f99faf4ec17b754353610e6e58315b437359be418a95311ecc31d8b0cd34db32eee5432e0e7631217751311970754e6e57cb59c

    • SSDEEP

      196608:yq/iLRC0OLkYNew6tjCtD2RQVsBp4UAzj:yHC9Lkuew6t2oCO9Azj

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks