orcus | 145ef7d4061512fb35174aa38789a7a4f75da2d858e4255855fa602be1e86ae2 | Triage

Submit
Reports

Overview

overview

Static

static

x.exe

windows11-21h2-x64

6

Sharing

General

Target

x.exe
Size

914KB
Sample

240115-bmgqkaeeen
MD5

4a88c81affbad6c8c8d446d992b008b7
SHA1

b60bca9c2a99ee01eee5f18a28debb4b454dc27e
SHA256

145ef7d4061512fb35174aa38789a7a4f75da2d858e4255855fa602be1e86ae2
SHA512

19d254e427319c328a3e574bf27cc06867e0852ab24310f38551673080da7ce52cafc7326f9220121291341b1da5af6a0365f0ed255ffdcacea0f9ff61699ac3
SSDEEP

24576:ycI4MROxnFD3jEsYxrZlI0AilFEvxHiCX:ycrMiJWrZlI0AilFEvxHi

Score

10^/10

orcus x

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

x.exe

Resource

win11-20231215-en

windows11-21h2-x64

3 signatures

1200 seconds

Malware Config

Extracted

Family

orcus

Botnet

x

C2

147.185.221.17:64220

Mutex

ebe58f4f925844dfbb86d949221d923c

Attributes

autostart_method
Registry
enable_keylogger
false
install_path
%programfiles%\Orcus\Orcus.exe
reconnect_delay
10000
registry_keyname
90734242
taskscheduler_taskname
DLL
watchdog_path
Temp\System.exe

Targets

- Target
  
  x.exe
- Size
  
  914KB
- MD5
  
  4a88c81affbad6c8c8d446d992b008b7
- SHA1
  
  b60bca9c2a99ee01eee5f18a28debb4b454dc27e
- SHA256
  
  145ef7d4061512fb35174aa38789a7a4f75da2d858e4255855fa602be1e86ae2
- SHA512
  
  19d254e427319c328a3e574bf27cc06867e0852ab24310f38551673080da7ce52cafc7326f9220121291341b1da5af6a0365f0ed255ffdcacea0f9ff61699ac3
- SSDEEP
  
  24576:ycI4MROxnFD3jEsYxrZlI0AilFEvxHiCX:ycrMiJWrZlI0AilFEvxHi
Score

6^/10
- Drops desktop.ini file(s)
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy