Overview

overview

7

Static

static

7

orion_purple.exe

windows7-x64

7

orion_purple.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d7595bd6137a6f6a278e7bf93bc53967

  • Size

    11.7MB

  • MD5

    d7595bd6137a6f6a278e7bf93bc53967

  • SHA1

    d2bbde85d834ff68ee38273c26344352839eb675

  • SHA256

    6dcfaa32ce2c9d8cf20e76c49dc402b443f438447d9597b11fea7d2581607348

  • SHA512

    6fee7592845ab1d4eb8b61e92fb8ba6039971ac6e37a24556e03f40e0cb71cc6e4ac6b8f10aa88f2b60025e6d92c5a93df68154fd8880439bcad751980dcfa78

  • SSDEEP

    196608:IOcrO1pBznFMGF+lAw2CeCpdgFIq3H/ktyxy9YYtgMtcA2S9rULfy0dVc:IOUcrbF/mq3fkebYBtcA/9ou

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d7595bd6137a6f6a278e7bf93bc53967
    .zip
  • arf!.nfo
  • file_id.diz
  • orion_purple.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • orion_purple.nfo
  • purple.pak
  • scene.org