Overview

overview

7

Static

static

3

tuc3.exe

windows7-x64

7

tuc3.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    tuc3.exe

  • Size

    7.2MB

  • Sample

    231212-t9darsgedl

  • MD5

    f63cf1ea135b2c538962afeb753cd765

  • SHA1

    a882e51f7f5d1c7e3ae4ff175158769be68a280c

  • SHA256

    7655628d4cf34b89b3eda96f7cb4ba31489401ca2bf09d60fc5dbf83a30384d0

  • SHA512

    690d5c46d99be0fdd969026eeaabb4f58058cd4675cdac6fd8a2d1995ff3161c95bb9e93a8c3a2047b76426eeae629a8a0064e0aeee421d8e4a479c987276576

  • SSDEEP

    196608:Dxm50EF70ZaWLZ97vnC8LpS7+bI9cpSzj:JEt0Zak7aIA7kSzj

Score
7/10
discovery

Malware Config

Targets

    • Target

      tuc3.exe

    • Size

      7.2MB

    • MD5

      f63cf1ea135b2c538962afeb753cd765

    • SHA1

      a882e51f7f5d1c7e3ae4ff175158769be68a280c

    • SHA256

      7655628d4cf34b89b3eda96f7cb4ba31489401ca2bf09d60fc5dbf83a30384d0

    • SHA512

      690d5c46d99be0fdd969026eeaabb4f58058cd4675cdac6fd8a2d1995ff3161c95bb9e93a8c3a2047b76426eeae629a8a0064e0aeee421d8e4a479c987276576

    • SSDEEP

      196608:Dxm50EF70ZaWLZ97vnC8LpS7+bI9cpSzj:JEt0Zak7aIA7kSzj

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks