orcus | 04c1dc599f21e3a1f36070105d8f55b1f288fd1121eadfb9272f1eb7010aa307 | Triage

Submit
Reports

Overview

overview

Static

static

AutoHotkey.exe

windows7-x64

1

Sharing

Copy URL Twitter E-mail

General

Target

AutoHotkey.exe
Size

919KB
Sample

240220-ksb7psef95
MD5

d74eed515d57b729fc19eeac93c843e9
SHA1

4a4deb4eccba456f644ba0747564cef59b125095
SHA256

04c1dc599f21e3a1f36070105d8f55b1f288fd1121eadfb9272f1eb7010aa307
SHA512

53e03bf72a024c094940c31576fa2f12e6536e55b4d6450a7f3d34747372271f0a4dc3cf4fc194aa3efeb65c9db9313fd840bff1934c8193586ac0b4a898defb
SSDEEP

12288:g87KYIE+qo/EvASh7dG1lFlWcYT70pxnnaaoawhmi9kgWrKrZNrI0AilFEvxHvBJ:sMN4MROxnFO11rZlI0AilFEvxHiKf

Score

10^/10

orcus

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

AutoHotkey.exe

Resource

win7-20231215-en

windows7-x64

1 signatures

600 seconds

Malware Config

Extracted

Family

orcus

C2

centre-shaped.gl.at.ply.gg:30014

Mutex

3e957f83068242aa86f4e39d34d0100f

Attributes

autostart_method
Registry
enable_keylogger
false
install_path
C:\Windows\System32\Winlogon\loader.exe
reconnect_delay
10000
registry_keyname
DriverUpdater
taskscheduler_taskname
CheckUpdate
watchdog_path
AppData\OrcusWatchdog.exe

Targets

- Target
  
  AutoHotkey.exe
- Size
  
  919KB
- MD5
  
  d74eed515d57b729fc19eeac93c843e9
- SHA1
  
  4a4deb4eccba456f644ba0747564cef59b125095
- SHA256
  
  04c1dc599f21e3a1f36070105d8f55b1f288fd1121eadfb9272f1eb7010aa307
- SHA512
  
  53e03bf72a024c094940c31576fa2f12e6536e55b4d6450a7f3d34747372271f0a4dc3cf4fc194aa3efeb65c9db9313fd840bff1934c8193586ac0b4a898defb
- SSDEEP
  
  12288:g87KYIE+qo/EvASh7dG1lFlWcYT70pxnnaaoawhmi9kgWrKrZNrI0AilFEvxHvBJ:sMN4MROxnFO11rZlI0AilFEvxHiKf
Score

1^/10
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy