Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c4be652b27f0c5a2f056f13a9cec1fe7acaa49051f6e9606cd2317f5016262eb
-
Size
913KB
-
Sample
231122-l4wk6abf65
-
MD5
791ab01e463c443cb53034766b603dc2
-
SHA1
e5570d106a65737bb8cbeb5021009ad228e2672d
-
SHA256
c4be652b27f0c5a2f056f13a9cec1fe7acaa49051f6e9606cd2317f5016262eb
-
SHA512
87879cdb7e93a8166a74b17c9964f123848ebd4bb75b439b71d94c25017e2e6fe6bf0a9485b5927dc0eacb67acf65add5a6631cba77514b72b1b1c8fd0057fcd
-
SSDEEP
24576:MGOd4MROxnFV5bHKTlQRrZlI0AilFEvxHicS:MGdMi9RrZlI0AilFEvxHi
Behavioral task
behavioral1
Sample
c4be652b27f0c5a2f056f13a9cec1fe7acaa49051f6e9606cd2317f5016262eb.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
c4be652b27f0c5a2f056f13a9cec1fe7acaa49051f6e9606cd2317f5016262eb.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
orcus
192.168.43.45:2253
f67cbddc7ee342b6a9ff1e50f0dcf606
-
autostart_method
Disable
-
enable_keylogger
false
-
install_path
%programfiles%\Orcus\Orcus.exe
-
reconnect_delay
10000
-
registry_keyname
Orcus
-
taskscheduler_taskname
Orcus
-
watchdog_path
AppData\OrcusWatchdog.exe
Targets
-
-
Target
c4be652b27f0c5a2f056f13a9cec1fe7acaa49051f6e9606cd2317f5016262eb
-
Size
913KB
-
MD5
791ab01e463c443cb53034766b603dc2
-
SHA1
e5570d106a65737bb8cbeb5021009ad228e2672d
-
SHA256
c4be652b27f0c5a2f056f13a9cec1fe7acaa49051f6e9606cd2317f5016262eb
-
SHA512
87879cdb7e93a8166a74b17c9964f123848ebd4bb75b439b71d94c25017e2e6fe6bf0a9485b5927dc0eacb67acf65add5a6631cba77514b72b1b1c8fd0057fcd
-
SSDEEP
24576:MGOd4MROxnFV5bHKTlQRrZlI0AilFEvxHicS:MGdMi9RrZlI0AilFEvxHi
Score6/10-
Drops desktop.ini file(s)
-