Overview

overview

10

Static

static

10

4563fa06b9...8e.exe

windows7_x64

10

4563fa06b9...8e.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4563fa06b9e2a308b48d6e342715b02b494170e4cceafa902d21bd8dd953ff8e

  • Size

    909KB

  • MD5

    0766f3d3a085ff223182010af4678eef

  • SHA1

    3b4c8be4d002121a9e604864fbe1897c598467c0

  • SHA256

    4563fa06b9e2a308b48d6e342715b02b494170e4cceafa902d21bd8dd953ff8e

  • SHA512

    7f4c05d364b4c683f7f7f054099200b21023abfb4ddea7f5f65133f6904d9fea10bfb616ab2a336893d5e31541a551730991f94e1a4610cd422a754022980254

  • SSDEEP

    24576:1z54MROxnFiYRu/rrcI0AilFEvxHjWqaQO:1z2MikrrcI0AilFEvxHj

Score
10/10
orcus

Malware Config

Extracted

Family

orcus

C2

185.209.23.119:10134

Mutex

d4911beaeae0483b888d4daf666bbb74

Attributes
  • autostart_method

    Registry

  • enable_keylogger

    true

  • install_path

    %programfiles%\Orcus\Orcus.exe

  • reconnect_delay

    10000

  • registry_keyname

    Orcus

  • taskscheduler_taskname

    Orcus

  • watchdog_path

    AppData\OrcusWatchdog.exe

Signatures

  • Orcurs Rat Executable 1 IoCs
  • Orcus family
    orcus
  • Orcus main payload 1 IoCs

Files

  • 4563fa06b9e2a308b48d6e342715b02b494170e4cceafa902d21bd8dd953ff8e
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections