Overview

overview

7

Static

static

3

tuc4.exe

windows7-x64

7

tuc4.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tuc4.exe

  • Size

    7.5MB

  • Sample

    231211-zw8gmsafh4

  • MD5

    bbe1ee8a457fa833d69ca267b26b040f

  • SHA1

    0f3a0fd4620c34b343c2adb027ff7e62ecc8201b

  • SHA256

    cabe0acfaa6a3ebd1b981abe05ca1e6657fa9e270b98175859e63457e7c497ef

  • SHA512

    5d52e86d63527723e474a353159579e533e5407ce643da2aa0446a23eb97586eeca1959e3c052276271d088b398d126d18e282c91938f6953f2b8fff4757c9e8

  • SSDEEP

    196608:qpVDDR8SZqepbLqwjKpDf/NIpEpDqfBrT0/WViLFfzj:qpVBtvpbL/+vVYBrTTefzj

Score
7/10
discovery

Malware Config

Targets

    • Target

      tuc4.exe

    • Size

      7.5MB

    • MD5

      bbe1ee8a457fa833d69ca267b26b040f

    • SHA1

      0f3a0fd4620c34b343c2adb027ff7e62ecc8201b

    • SHA256

      cabe0acfaa6a3ebd1b981abe05ca1e6657fa9e270b98175859e63457e7c497ef

    • SHA512

      5d52e86d63527723e474a353159579e533e5407ce643da2aa0446a23eb97586eeca1959e3c052276271d088b398d126d18e282c91938f6953f2b8fff4757c9e8

    • SSDEEP

      196608:qpVDDR8SZqepbLqwjKpDf/NIpEpDqfBrT0/WViLFfzj:qpVBtvpbL/+vVYBrTTefzj

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks