Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f92ecd2f6bffba875cff2acaece52947310a9f64f04df85c39d81af2b5a7b02c
-
Size
903KB
-
Sample
240108-bkg9bahebm
-
MD5
bf396bf6dd657837ce952e40f4e030f4
-
SHA1
2b0b36c6a1e12d403ab7bae5b70140c2872a0708
-
SHA256
f92ecd2f6bffba875cff2acaece52947310a9f64f04df85c39d81af2b5a7b02c
-
SHA512
2b7a05c1b1faf40ef1999e2357a2e4f7435dcb54a1565641db57ef8afb6a27aa704e6bc4c71ba657de7f0ee69198bf6e5099199350cf26f9196655d354c8bb90
-
SSDEEP
12288:P0XCGPSX0zbyD+ndg+QCImGYUl9qyzlkE2kUNCBfm9rR6W7BaepBwzo7dG1lFlWn:8am4MROxnF4OVrrcI0AilFEvxHPUooh
Behavioral task
behavioral1
Sample
f92ecd2f6bffba875cff2acaece52947310a9f64f04df85c39d81af2b5a7b02c.exe
Resource
win7-20231215-en
Malware Config
Extracted
orcus
192.168.219.110:10134
7721b8ea063b4ed197de8e8ffe0ccbc0
-
autostart_method
Disable
-
enable_keylogger
false
-
install_path
%programfiles%\Orcus\Orcus.exe
-
reconnect_delay
10000
-
registry_keyname
Orcus
-
taskscheduler_taskname
Orcus
-
watchdog_path
AppData\OrcusWatchdog.exe
Targets
-
-
Target
f92ecd2f6bffba875cff2acaece52947310a9f64f04df85c39d81af2b5a7b02c
-
Size
903KB
-
MD5
bf396bf6dd657837ce952e40f4e030f4
-
SHA1
2b0b36c6a1e12d403ab7bae5b70140c2872a0708
-
SHA256
f92ecd2f6bffba875cff2acaece52947310a9f64f04df85c39d81af2b5a7b02c
-
SHA512
2b7a05c1b1faf40ef1999e2357a2e4f7435dcb54a1565641db57ef8afb6a27aa704e6bc4c71ba657de7f0ee69198bf6e5099199350cf26f9196655d354c8bb90
-
SSDEEP
12288:P0XCGPSX0zbyD+ndg+QCImGYUl9qyzlkE2kUNCBfm9rR6W7BaepBwzo7dG1lFlWn:8am4MROxnF4OVrrcI0AilFEvxHPUooh
-
Orcurs Rat Executable
-