Overview

overview

10

Static

static

10

madara.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    madara.exe

  • Size

    904KB

  • MD5

    1c5074f92366a713800a79d619a46858

  • SHA1

    dfee3cb771537065354806b3aceab239bcad7226

  • SHA256

    2e9ff6d0a4be51016b4636fe4869b3af64fc9496fc69c2be02dede6962ffdcc2

  • SHA512

    3e3fce87ba6818e14e1966a9eee1833532f59ee777a4533967204cffd10e38a6bcc4bc27a59a78e9ce7e1f32b94c2f8f9da1ef39cff749653566b635f8a205fe

  • SSDEEP

    12288:ZQPOEIY6uYjI3kuZ7dG1lFlWcYT70pxnnaaoawP7ueuRAorZNrI0AilFEvxHvBMk:/wV4MROxnFn9/rZlI0AilFEvxHi+N

Score
10/10
orcus

Malware Config

Extracted

Family

orcus

C2

127.0.0.1:10134

Mutex

0ae446808344459aa13c5eb373ecf6fd

Attributes
  • autostart_method

    Disable

  • enable_keylogger

    true

  • install_path

    %programfiles%\Orcus\Orcus.exe

  • reconnect_delay

    10000

  • registry_keyname

    Orcus

  • taskscheduler_taskname

    Orcus

  • watchdog_path

    AppData\OrcusWatchdog.exe

Signatures

  • Orcurs Rat Executable 1 IoCs
  • Orcus family
    orcus
  • Orcus main payload 1 IoCs

Files

  • madara.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections