General
-
Target
8e41124a566881b1b268b3a2bd44eef13e75b83d6b543522f1465b30582fa1f4
-
Size
903KB
-
Sample
240130-cj7cgsfdb4
-
MD5
3915d473fc7548a1190a5ccad10d475d
-
SHA1
a4f7a64718909b06c3af06e512088c167ef1763e
-
SHA256
8e41124a566881b1b268b3a2bd44eef13e75b83d6b543522f1465b30582fa1f4
-
SHA512
9e5deea82dc133a15ebe666014541f53da7fd5071af6a69080186ec50108e502ce74620557d963449c764dce7ac1214891fa3674a05e1a1ebe5c1e1bc5994b45
-
SSDEEP
24576:yam4MROxnF4OVrrcI0AilFEvxHPcqoo2:yOMia8rrcI0AilFEvxHPc
Behavioral task
behavioral1
Sample
8e41124a566881b1b268b3a2bd44eef13e75b83d6b543522f1465b30582fa1f4.exe
Resource
win7-20231215-en
Malware Config
Extracted
orcus
yarrabbi
91.151.89.167:1208
93f1a21cba814bcfa5a05ddfadf3c727
-
autostart_method
Disable
-
enable_keylogger
false
-
install_path
%programfiles%\Orcus\Orcus.exe
-
reconnect_delay
10000
-
registry_keyname
Orcus
-
taskscheduler_taskname
Orcus
-
watchdog_path
AppData\OrcusWatchdog.exe
Targets
-
-
Target
8e41124a566881b1b268b3a2bd44eef13e75b83d6b543522f1465b30582fa1f4
-
Size
903KB
-
MD5
3915d473fc7548a1190a5ccad10d475d
-
SHA1
a4f7a64718909b06c3af06e512088c167ef1763e
-
SHA256
8e41124a566881b1b268b3a2bd44eef13e75b83d6b543522f1465b30582fa1f4
-
SHA512
9e5deea82dc133a15ebe666014541f53da7fd5071af6a69080186ec50108e502ce74620557d963449c764dce7ac1214891fa3674a05e1a1ebe5c1e1bc5994b45
-
SSDEEP
24576:yam4MROxnF4OVrrcI0AilFEvxHPcqoo2:yOMia8rrcI0AilFEvxHPc
-
Orcurs Rat Executable
-