General
-
Target
tuc3.exe
-
Size
7.2MB
-
Sample
231212-sa124sgeg2
-
MD5
4c617c2e8cec061e2ead42ef928f0eef
-
SHA1
ad7578978f6dc9bffcb1c6ace227b2ae9d71202b
-
SHA256
a232c6af1ae8d06d3e0c203baef715415c8c967debc74c3ec165f8c04632ea6d
-
SHA512
8231bf46db1eb22a31d672a4ac8bfc89b1558c9792030ae351fa88b6bc0ac2cb9b2d59709d8d7a6936debab5a9f5ff6170c629a34afc4792e0422087c007eda7
-
SSDEEP
196608:Qxm50EF70ZaWLZ97vnC8LpS7+bI9cpSzj:qEt0Zak7aIA7kSzj
Malware Config
Targets
-
-
Target
tuc3.exe
-
Size
7.2MB
-
MD5
4c617c2e8cec061e2ead42ef928f0eef
-
SHA1
ad7578978f6dc9bffcb1c6ace227b2ae9d71202b
-
SHA256
a232c6af1ae8d06d3e0c203baef715415c8c967debc74c3ec165f8c04632ea6d
-
SHA512
8231bf46db1eb22a31d672a4ac8bfc89b1558c9792030ae351fa88b6bc0ac2cb9b2d59709d8d7a6936debab5a9f5ff6170c629a34afc4792e0422087c007eda7
-
SSDEEP
196608:Qxm50EF70ZaWLZ97vnC8LpS7+bI9cpSzj:qEt0Zak7aIA7kSzj
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-