General
-
Target
e26ab65bc3853ab2a4553881a55c0ef98651e44d8259bfcc5ad7d59dc010217b
-
Size
952KB
-
Sample
240128-bgb8wshggq
-
MD5
0283ccc0f55ae951f964cca67e213325
-
SHA1
fa4c51b6fb4c3b12739b6b76813b748892fdb528
-
SHA256
e26ab65bc3853ab2a4553881a55c0ef98651e44d8259bfcc5ad7d59dc010217b
-
SHA512
99dc187a05e18f5e1efe377eb6121e1426977909d323f3ae91eb46a1af5a58d1ce2cdc23bb652ab185c69b2ccf14f0a3c53afd310afdf81d58c4d784f283b01c
-
SSDEEP
12288:h0XCGPSX0zbyD+ndg+QCImGYUl9qyzlkE2kUNC2ExqY9mHtuteprx3Q7dG1lFlWp:5t74MROxnFWrrcI0AilFEvxHPUooop
Behavioral task
behavioral1
Sample
e26ab65bc3853ab2a4553881a55c0ef98651e44d8259bfcc5ad7d59dc010217b.exe
Resource
win7-20231129-en
Malware Config
Extracted
orcus
127.0.0.1:10134
db524e9a712943888cd90b0731362d6d
-
autostart_method
Registry
-
enable_keylogger
true
-
install_path
%programfiles%\Orcus\Orcus.exe
-
reconnect_delay
9973
-
registry_keyname
Orcus
-
taskscheduler_taskname
Orcus
-
watchdog_path
AppData\OrcusWatchdog.exe
Targets
-
-
Target
e26ab65bc3853ab2a4553881a55c0ef98651e44d8259bfcc5ad7d59dc010217b
-
Size
952KB
-
MD5
0283ccc0f55ae951f964cca67e213325
-
SHA1
fa4c51b6fb4c3b12739b6b76813b748892fdb528
-
SHA256
e26ab65bc3853ab2a4553881a55c0ef98651e44d8259bfcc5ad7d59dc010217b
-
SHA512
99dc187a05e18f5e1efe377eb6121e1426977909d323f3ae91eb46a1af5a58d1ce2cdc23bb652ab185c69b2ccf14f0a3c53afd310afdf81d58c4d784f283b01c
-
SSDEEP
12288:h0XCGPSX0zbyD+ndg+QCImGYUl9qyzlkE2kUNC2ExqY9mHtuteprx3Q7dG1lFlWp:5t74MROxnFWrrcI0AilFEvxHPUooop
-
Orcurs Rat Executable
-