General

  • Target

    7b79467ed1edd7eb38df643a5dfddbbf

  • Size

    699KB

  • Sample

    240127-2l748sfedp

  • MD5

    7b79467ed1edd7eb38df643a5dfddbbf

  • SHA1

    4946cf964a051cc2b371cefce97c2ad500e5f318

  • SHA256

    125ac100e37cec6a3711966d3dd6a72180c0c98d392c8d9343a2d25d223596a3

  • SHA512

    6b38b37907df2747e8d1ec412b0010be2d4bd28b83c2c6688729201caa4989dd9c26ca236b8d7bc16d569aa749688583953295a27ff7be2fcda85731a9d8bd24

  • SSDEEP

    12288:qCfvIsw85dvYvWfM6tFsyfBb6F/u1bCzI8LEZaHNB8KooSH64Ji3x8/SmD3K:nHIpHO1zsHibqrLEZaHN6o+Ji

Malware Config

Targets

    • Target

      7b79467ed1edd7eb38df643a5dfddbbf

    • Size

      699KB

    • MD5

      7b79467ed1edd7eb38df643a5dfddbbf

    • SHA1

      4946cf964a051cc2b371cefce97c2ad500e5f318

    • SHA256

      125ac100e37cec6a3711966d3dd6a72180c0c98d392c8d9343a2d25d223596a3

    • SHA512

      6b38b37907df2747e8d1ec412b0010be2d4bd28b83c2c6688729201caa4989dd9c26ca236b8d7bc16d569aa749688583953295a27ff7be2fcda85731a9d8bd24

    • SSDEEP

      12288:qCfvIsw85dvYvWfM6tFsyfBb6F/u1bCzI8LEZaHNB8KooSH64Ji3x8/SmD3K:nHIpHO1zsHibqrLEZaHN6o+Ji

    • Orcus

      Orcus is a Remote Access Trojan that is being sold on underground forums.

    • Core1 .NET packer

      Detects packer/loader used by .NET malware.

    • Orcurs Rat Executable

MITRE ATT&CK Matrix

Tasks