General
-
Target
9a3ea174e96c66c02382df5e2bb898ab5da8a10dce278e867ed3fb0b65385d35
-
Size
909KB
-
Sample
240209-bd1r3sfb99
-
MD5
b135b19a0a4ea71b98a5848e9c11d68b
-
SHA1
71a41d84d9f2b5ed1a11ee67bc835db55fa2464d
-
SHA256
9a3ea174e96c66c02382df5e2bb898ab5da8a10dce278e867ed3fb0b65385d35
-
SHA512
ff77fe2120d1bb1264e8137be53024fea4a2abd5553b666f064a8eea7f491a49814a2774907c1bfe236ad1ba5bd49b1eedf4672205c5d4c4f67184a7a9478de2
-
SSDEEP
24576:g554MROxnFl3qznrrcI0AilFEvxHPCooz:gQMir4rrcI0AilFEvxHP
Behavioral task
behavioral1
Sample
9a3ea174e96c66c02382df5e2bb898ab5da8a10dce278e867ed3fb0b65385d35.exe
Resource
win7-20231129-en
Malware Config
Extracted
orcus
192.168.0.106:10134
d57d35f2abe14038afdb291e474d55a0
-
autostart_method
Disable
-
enable_keylogger
false
-
install_path
%programfiles%\Orcus\Orcus.exe
-
reconnect_delay
10000
-
registry_keyname
Orcus
-
taskscheduler_taskname
Orcus
-
watchdog_path
AppData\OrcusWatchdog.exe
Targets
-
-
Target
9a3ea174e96c66c02382df5e2bb898ab5da8a10dce278e867ed3fb0b65385d35
-
Size
909KB
-
MD5
b135b19a0a4ea71b98a5848e9c11d68b
-
SHA1
71a41d84d9f2b5ed1a11ee67bc835db55fa2464d
-
SHA256
9a3ea174e96c66c02382df5e2bb898ab5da8a10dce278e867ed3fb0b65385d35
-
SHA512
ff77fe2120d1bb1264e8137be53024fea4a2abd5553b666f064a8eea7f491a49814a2774907c1bfe236ad1ba5bd49b1eedf4672205c5d4c4f67184a7a9478de2
-
SSDEEP
24576:g554MROxnFl3qznrrcI0AilFEvxHPCooz:gQMir4rrcI0AilFEvxHP
-
Orcurs Rat Executable
-