General
-
Target
a35553e5dc9c348ebca6b2553055f0d291697f8fd7d4706f2fd0d04fc10c06c0
-
Size
1.1MB
-
MD5
6eb2f8547792eddb8370fad585a891d2
-
SHA1
a629a13596e00876b867a0a58254fa50a5e34922
-
SHA256
a35553e5dc9c348ebca6b2553055f0d291697f8fd7d4706f2fd0d04fc10c06c0
-
SHA512
632c2a56ef6b8d741d589b0231d834f445f301c66bbb243690a06b7df629408f908075f6972e971c7b798595d522f1892886a6f7c201e9892e7fbe38414a1344
-
SSDEEP
24576:sUA4MROxnFw5bHKTlQ5rZlI0AilFEvxHiKV:sUjMiG5rZlI0AilFEvxHi
Score
10/10
Malware Config
Extracted
Family
orcus
C2
26.65.233.242:10135
Mutex
436815d745b549a18fadaea7c4bea111
Attributes
-
autostart_method
Disable
-
enable_keylogger
false
-
install_path
%programfiles%\Orcus\Orcus.exe
-
reconnect_delay
10000
-
registry_keyname
Orcus
-
taskscheduler_taskname
Orcus
-
watchdog_path
AppData\OrcusWatchdog.exe
Signatures
-
Orcurs Rat Executable 1 IoCs
-
Orcus family
-
Orcus main payload 1 IoCs
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
a35553e5dc9c348ebca6b2553055f0d291697f8fd7d4706f2fd0d04fc10c06c0
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections