Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3d20ae8a01679f733a830d0c8049e66c793c88daa98d07d43b7ab375750d430d
-
Size
3.0MB
-
Sample
231122-lrj2lacb7v
-
MD5
ce2b1d082a164916fd9dc9af920d2a2c
-
SHA1
25c6335f118551d21e9450ed2564f88bc9d71390
-
SHA256
3d20ae8a01679f733a830d0c8049e66c793c88daa98d07d43b7ab375750d430d
-
SHA512
80d769ea4cffb14c71666eae4ec1e939438ba69e17a1faa29a228cd06ce1c9bc1633798d18186894e8c79aabaf3d182a28fb9739f84a4b7e12bea3917334c2d3
-
SSDEEP
49152:LOHm7p1EZKMnkmWg8LX5prviYDyKS5AypQxbRQAo9JnCmpqFr8NOI8pilFmvxHnr:L1HTPJg8z1mKnypSbRxo9JCmg
Behavioral task
behavioral1
Sample
3d20ae8a01679f733a830d0c8049e66c793c88daa98d07d43b7ab375750d430d.exe
Resource
win7-20231025-en
Malware Config
Extracted
orcus
Новый тег
128.59.46.185:1707
sudo_1irav9l2ncocbcypyrghnq6n4zxr8cn3
-
autostart_method
Disable
-
enable_keylogger
false
-
install_path
%appdata%\_externaluploads\cpuupdate.exe
-
reconnect_delay
10000
-
registry_keyname
Sudik
-
taskscheduler_taskname
sudik
-
watchdog_path
AppData\aga.exe
Targets
-
-
Target
3d20ae8a01679f733a830d0c8049e66c793c88daa98d07d43b7ab375750d430d
-
Size
3.0MB
-
MD5
ce2b1d082a164916fd9dc9af920d2a2c
-
SHA1
25c6335f118551d21e9450ed2564f88bc9d71390
-
SHA256
3d20ae8a01679f733a830d0c8049e66c793c88daa98d07d43b7ab375750d430d
-
SHA512
80d769ea4cffb14c71666eae4ec1e939438ba69e17a1faa29a228cd06ce1c9bc1633798d18186894e8c79aabaf3d182a28fb9739f84a4b7e12bea3917334c2d3
-
SSDEEP
49152:LOHm7p1EZKMnkmWg8LX5prviYDyKS5AypQxbRQAo9JnCmpqFr8NOI8pilFmvxHnr:L1HTPJg8z1mKnypSbRxo9JCmg
-
Orcurs Rat Executable
-