Overview

overview

10

Static

static

10

RATHLEBA.exe

windows7-x64

10

RATHLEBA.exe

windows10-2004-x64

10

Resubmissions

13/04/2023, 15:17

230413-spga9acc54 10

13/04/2023, 15:14

230413-smkwnade8y 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    RATHLEBA.exe

  • Size

    924KB

  • MD5

    66c7d2babe464477eabdaadecd194275

  • SHA1

    48dd45086241a0ab4aee8de5b2bb52c8c1381b83

  • SHA256

    846da590f683c99557752222a19e1587b3b10d0ddeef8116ad7377e07c1a3c90

  • SHA512

    0ae26bb3745b64ccd82e4e4870a62480be4f37f5d878f61eeaab2aad40e72d11b5604ee1ede90b09c84ba3c9997f3208c6df14dabb9ba1b300561b4229ac717a

  • SSDEEP

    24576:hmHR4MROxnFE3kO3IrrcI0AilFEvxHPIRDoog:4uMiuBIrrcI0AilFEvxHP

Score
10/10
orcus

Malware Config

Extracted

Family

orcus

C2

animals-sewing.at.ply.gg:41503

Mutex

ad39bc5cd5d8407098f11261989bc741

Attributes
  • autostart_method

    Registry

  • enable_keylogger

    false

  • install_path

    %programfiles%\Orcus\Orcus.exe

  • reconnect_delay

    10000

  • registry_keyname

    Orcus

  • taskscheduler_taskname

    Orcus

  • watchdog_path

    AppData\OrcusWatchdog.exe

Signatures

  • Orcurs Rat Executable 1 IoCs
  • Orcus family
    orcus
  • Orcus main payload 1 IoCs

Files

  • RATHLEBA.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections