General
-
Target
75adc1b60a73e4006a31f578792521dcf9b6f3f6febb46a473cb671b12c2e99a
-
Size
903KB
-
Sample
240211-bmntwaah31
-
MD5
45faff149e3392d2701bb2b4c943fa1e
-
SHA1
e8ccf6e4c0dea19bea2c51e7a4bedfcfc2b4555b
-
SHA256
75adc1b60a73e4006a31f578792521dcf9b6f3f6febb46a473cb671b12c2e99a
-
SHA512
b4268d4bc98bab3a518bd66ab6813a251dc91b24f5a71dcd45afb29f105b39fb2c296fc931f3dc963bb978745dfb0c68226aa490ef356a0304dd69a15f2c2632
-
SSDEEP
12288:8TUZ/Y95eo6L4ce7dG1lFlWcYT70pxnnaaoawZRVcTqSA+9rZNrI0AilFEvxHvB7:yqI4MROxnFMLqrZlI0AilFEvxHiKlB
Behavioral task
behavioral1
Sample
75adc1b60a73e4006a31f578792521dcf9b6f3f6febb46a473cb671b12c2e99a.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
75adc1b60a73e4006a31f578792521dcf9b6f3f6febb46a473cb671b12c2e99a.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
orcus
femboy.serveminecraft.net:4444
1aabc735455a4ed98c426e4eefa7a07f
-
autostart_method
Disable
-
enable_keylogger
false
-
install_path
%programfiles%\Orcus\Orcus.exe
-
reconnect_delay
10000
-
registry_keyname
Orcus
-
taskscheduler_taskname
Orcus
-
watchdog_path
AppData\OrcusWatchdog.exe
Targets
-
-
Target
75adc1b60a73e4006a31f578792521dcf9b6f3f6febb46a473cb671b12c2e99a
-
Size
903KB
-
MD5
45faff149e3392d2701bb2b4c943fa1e
-
SHA1
e8ccf6e4c0dea19bea2c51e7a4bedfcfc2b4555b
-
SHA256
75adc1b60a73e4006a31f578792521dcf9b6f3f6febb46a473cb671b12c2e99a
-
SHA512
b4268d4bc98bab3a518bd66ab6813a251dc91b24f5a71dcd45afb29f105b39fb2c296fc931f3dc963bb978745dfb0c68226aa490ef356a0304dd69a15f2c2632
-
SSDEEP
12288:8TUZ/Y95eo6L4ce7dG1lFlWcYT70pxnnaaoawZRVcTqSA+9rZNrI0AilFEvxHvB7:yqI4MROxnFMLqrZlI0AilFEvxHiKlB
Score6/10-
Drops desktop.ini file(s)
-