Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
47b2801d94a390dacbb3e203c92ca77d5147658198077632e94db3b3f00dcfc8
-
Size
924KB
-
Sample
231129-bgx6csdf43
-
MD5
e207643071c309c5cc054b6fe255b56d
-
SHA1
949f99d4920b1cc1d0459bfe705bd2e0aa9065e5
-
SHA256
47b2801d94a390dacbb3e203c92ca77d5147658198077632e94db3b3f00dcfc8
-
SHA512
a81d0c95478397441c55d0ab8b8e86fa5db416650a83b2b3b436b9ea726d98e0aeb27132c8182eb3ef5e260dc3b6ef8bc70d47b8ea80455e727e06fb72e8d8ce
-
SSDEEP
24576:oCC4MROxnFE3mierrcI0AilFEvxHPnAooM:oKMiuperrcI0AilFEvxHP
Behavioral task
behavioral1
Sample
47b2801d94a390dacbb3e203c92ca77d5147658198077632e94db3b3f00dcfc8.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
47b2801d94a390dacbb3e203c92ca77d5147658198077632e94db3b3f00dcfc8.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
orcus
Vladimir Konovalov
192.168.43.78:6969
f4d83399629340b38d6c7bdecf066480
-
autostart_method
TaskScheduler
-
enable_keylogger
true
-
install_path
%programfiles%\Orcus\Orcus.exe
-
reconnect_delay
10000
-
registry_keyname
Orcus
-
taskscheduler_taskname
Orcus
-
watchdog_path
AppData\OrcusWatchdog.exe
Targets
-
-
Target
47b2801d94a390dacbb3e203c92ca77d5147658198077632e94db3b3f00dcfc8
-
Size
924KB
-
MD5
e207643071c309c5cc054b6fe255b56d
-
SHA1
949f99d4920b1cc1d0459bfe705bd2e0aa9065e5
-
SHA256
47b2801d94a390dacbb3e203c92ca77d5147658198077632e94db3b3f00dcfc8
-
SHA512
a81d0c95478397441c55d0ab8b8e86fa5db416650a83b2b3b436b9ea726d98e0aeb27132c8182eb3ef5e260dc3b6ef8bc70d47b8ea80455e727e06fb72e8d8ce
-
SSDEEP
24576:oCC4MROxnFE3mierrcI0AilFEvxHPnAooM:oKMiuperrcI0AilFEvxHP
Score10/10-
Orcurs Rat Executable
-