General

  • Target

    d049c4777de2f4ec329bb33bd126c55e7bd3e2145005291e47794a34ce276c01

  • Size

    903KB

  • Sample

    240211-bmpfeada27

  • MD5

    2afa0d0db502976dc63e3cd6ff7d3ecd

  • SHA1

    bb0563f877f00ae829f95da13d36726c6546c5fe

  • SHA256

    d049c4777de2f4ec329bb33bd126c55e7bd3e2145005291e47794a34ce276c01

  • SHA512

    e677fc198a00e9495807af701659559d39158f0279129df926ce08e1f545f7201d1c13dcf14205e0e161d479db2647b54584a2a2416e0b59af3cb32c561426cc

  • SSDEEP

    12288:48shHAVBuQBBed37dG1lFlWcYT70pxnnaaoawMRVcTqSA+9rZNrI0AilFEvxHvB0:J3s4MROxnF9LqrZlI0AilFEvxHi2o

Score
10/10

Malware Config

Extracted

Family

orcus

C2

1.1.1.1:4444

Mutex

a7b64585b3674d8f94d7e04468b7b29c

Attributes
  • autostart_method

    Disable

  • enable_keylogger

    false

  • install_path

    %programfiles%\Orcus\Orcus.exe

  • reconnect_delay

    10000

  • registry_keyname

    Orcus

  • taskscheduler_taskname

    Orcus

  • watchdog_path

    AppData\OrcusWatchdog.exe

Targets

    • Target

      d049c4777de2f4ec329bb33bd126c55e7bd3e2145005291e47794a34ce276c01

    • Size

      903KB

    • MD5

      2afa0d0db502976dc63e3cd6ff7d3ecd

    • SHA1

      bb0563f877f00ae829f95da13d36726c6546c5fe

    • SHA256

      d049c4777de2f4ec329bb33bd126c55e7bd3e2145005291e47794a34ce276c01

    • SHA512

      e677fc198a00e9495807af701659559d39158f0279129df926ce08e1f545f7201d1c13dcf14205e0e161d479db2647b54584a2a2416e0b59af3cb32c561426cc

    • SSDEEP

      12288:48shHAVBuQBBed37dG1lFlWcYT70pxnnaaoawMRVcTqSA+9rZNrI0AilFEvxHvB0:J3s4MROxnF9LqrZlI0AilFEvxHi2o

    Score
    6/10
    • Drops desktop.ini file(s)

MITRE ATT&CK Matrix

Tasks