General
-
Target
tuc3.exe
-
Size
7.2MB
-
Sample
231212-vlvetaadg7
-
MD5
6757f0d374fabd4875ec3c38965facfe
-
SHA1
14242428c92baa1698862e4c6ce199b0e446f021
-
SHA256
a9e96d67119abfeb34aff6a851694aae50b1b2f36c60f1b28c60ee51037cf83a
-
SHA512
482bb38a555020e35947f2e27e90dff549a53b539e15a33e0f39add250395105785e57b83636bed6ae31f118e74a527fe9280e9dfee522e401a8321b5fd71067
-
SSDEEP
196608:vxm50EF70ZaWLZ97vnC8LpS7+bI9cpSzj:1Et0Zak7aIA7kSzj
Malware Config
Targets
-
-
Target
tuc3.exe
-
Size
7.2MB
-
MD5
6757f0d374fabd4875ec3c38965facfe
-
SHA1
14242428c92baa1698862e4c6ce199b0e446f021
-
SHA256
a9e96d67119abfeb34aff6a851694aae50b1b2f36c60f1b28c60ee51037cf83a
-
SHA512
482bb38a555020e35947f2e27e90dff549a53b539e15a33e0f39add250395105785e57b83636bed6ae31f118e74a527fe9280e9dfee522e401a8321b5fd71067
-
SSDEEP
196608:vxm50EF70ZaWLZ97vnC8LpS7+bI9cpSzj:1Et0Zak7aIA7kSzj
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-