Overview

overview

7

Static

static

3

tuc6.exe

windows7-x64

7

tuc6.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    tuc6.exe

  • Size

    7.2MB

  • Sample

    231212-reeh8sebar

  • MD5

    fb2c214d6b896feb0b4c3703e57119cb

  • SHA1

    45e41993b9bdbfd172d09e72061fa738e3b353a3

  • SHA256

    0a86a03eb33ca09a55c10959585ba22b57d7b6c5d773f3fb3aa7185a621a6931

  • SHA512

    ba1139d3247a7fe12f744dfb370ceddb21db13d2123b0c11f114c2ddc938bb64e6545b1343f031022c40c836e0eb1ff484df0871b997e91e6a696f699e7fbdcd

  • SSDEEP

    196608:Pxm56Uu8mvAF2l3qqRHw/djqMJueNbMvn+pXnhH5RCLK5Ehezj:Qul8A3nHwljqMksY/4p5RC25qezj

Score
7/10
discovery

Malware Config

Targets

    • Target

      tuc6.exe

    • Size

      7.2MB

    • MD5

      fb2c214d6b896feb0b4c3703e57119cb

    • SHA1

      45e41993b9bdbfd172d09e72061fa738e3b353a3

    • SHA256

      0a86a03eb33ca09a55c10959585ba22b57d7b6c5d773f3fb3aa7185a621a6931

    • SHA512

      ba1139d3247a7fe12f744dfb370ceddb21db13d2123b0c11f114c2ddc938bb64e6545b1343f031022c40c836e0eb1ff484df0871b997e91e6a696f699e7fbdcd

    • SSDEEP

      196608:Pxm56Uu8mvAF2l3qqRHw/djqMJueNbMvn+pXnhH5RCLK5Ehezj:Qul8A3nHwljqMksY/4p5RC25qezj

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks