Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
142s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20231127-en -
resource tags
arch:x64arch:x86image:win10v2004-20231127-enlocale:en-usos:windows10-2004-x64system -
submitted
02/12/2023, 02:08
Behavioral task
behavioral1
Sample
5de27d41560716e77970ad4a0818aaa3af2bcfaf84278d9ccdbcb78bf41a8010.exe
Resource
win7-20231130-en
General
-
Target
5de27d41560716e77970ad4a0818aaa3af2bcfaf84278d9ccdbcb78bf41a8010.exe
-
Size
914KB
-
MD5
235c483d27fabab5d2b6acdb0cc95d9a
-
SHA1
783de4b8139fdc19d22fe60ec03e1f26f51f2342
-
SHA256
5de27d41560716e77970ad4a0818aaa3af2bcfaf84278d9ccdbcb78bf41a8010
-
SHA512
bca1ace766f987ea0ec92dc9586d180bae2585712634ff2d59f3123ab7c7f2f957603916701345043db03d339f5aeced1ec1901695196ec47b72a12d20db76b9
-
SSDEEP
24576:Z554MROxnFTH/rrcI0AilFEvxHPlCooU:ZQMiVrrcI0AilFEvxHPl
Malware Config
Extracted
orcus
192.168.0.104:10134
074f3e9137354e019a8839122c4f7df6
-
autostart_method
TaskScheduler
-
enable_keylogger
true
-
install_path
%programfiles%\microsoft\microsoft.exe
-
reconnect_delay
10000
-
registry_keyname
uyer
-
taskscheduler_taskname
uyer
-
watchdog_path
AppData\OrcusWatchdog.exe