General
-
Target
3E40414D3D75B88373027C33BBE22E90A6EF7FDF7C98B.exe
-
Size
2.0MB
-
MD5
1827c3deb2f17ab048cbfd62e3bbd861
-
SHA1
89f978070089ef8b477dfa653724150f2e7f7417
-
SHA256
3e40414d3d75b88373027c33bbe22e90a6ef7fdf7c98b8b6e8a8e51b4b781a56
-
SHA512
fef79fff23736f404b8a38895f1f729deae7341b9e8ad7266f5ed761250ab3afa1f8e8485086417367cb6a81179a2e80cca7e279f3082722f7f96b00ef0f0e2a
Score
10/10
Malware Config
Extracted
Family
orcus
C2
3.143.239.116:10134
Mutex
e39a4bc6c5f84fd588c4a3159c804f42
Attributes
-
autostart_method
Registry
-
enable_keylogger
true
-
install_path
%programfiles%\Orcus\Orcus.exe
-
reconnect_delay
10000
-
registry_keyname
Chrome
-
taskscheduler_taskname
Orcus
-
watchdog_path
Temp\OrcusWatchdog.exe
Signatures
-
Orcurs Rat Executable 1 IoCs
-
Orcus Main Payload 1 IoCs
-
Orcus family
Files
-
3E40414D3D75B88373027C33BBE22E90A6EF7FDF7C98B.exe