Overview

overview

10

Static

static

10

864d1b8fe8...4c.zip

windows7-x64

1

864d1b8fe8...4c.zip

windows10-2004-x64

1

fc35a0e041...f4.exe

windows7-x64

10

fc35a0e041...f4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    864d1b8fe8c2caa11fabd19025c6af4c.bin

  • Size

    645KB

  • MD5

    6a59b21500e9bae795240f4ade2f710d

  • SHA1

    ec8f8a2fa43e7c91f8717966d850cf6f1da4795a

  • SHA256

    8e2608e1cdedaf4f3495676b50fdab81cfa9b1018bb29c52b15358e747bce39b

  • SHA512

    19986a30fc0b3d67165aae456a1d92d773a5850535b00c5a8d2b6537b1a00c7a854790ad1e8550bf56f74aa1b181d30e86b6d37b8027766112aa9b48bf47df9c

  • SSDEEP

    12288:c7z8/BrBADPwVBrSYu71uP5KpcfkD04WjdcPNEPdUfwoOVMoP5De3yyjmMIileR4:c7Y/B6wVBrSYu7oP5K/D0ndeE1cwoihm

Score
10/10
orcus

Malware Config

Signatures

  • Orcurs Rat Executable 1 IoCs
  • Orcus family
    orcus
  • Orcus main payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 864d1b8fe8c2caa11fabd19025c6af4c.bin
    .zip .ps1

    Password: infected

  • fc35a0e0418cefe500b02b81241fbb0338e7040db20934ed9abf3e6d55f879f4.exe
    .exe windows x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections