orcus | 0a88237fc722de2c8a00645bda3854cc3dfa65da8f449fce53530d3d3dfbf770 | Triage

Submit
Reports

Overview

overview

Static

static

3

f7a67237fc...18.exe

windows7-x64

f7a67237fc...18.exe

windows10-2004-x64

Sharing

General

Target

f7a67237fc01de67afa6a9d3ce79c42a_JaffaCakes118
Size

2.9MB
Sample

240418-klzpesgc86
MD5

f7a67237fc01de67afa6a9d3ce79c42a
SHA1

00270872b9dffbdd507274594e06bc0fa06370f0
SHA256

0a88237fc722de2c8a00645bda3854cc3dfa65da8f449fce53530d3d3dfbf770
SHA512

356c63cec97baf55f4df61558f690d2fa119b77a2d31f69a39c9179559b97428894e224dd833f3b34b0ec43a662bc24ecf339dbef8f424f38ff9373b11927ced
SSDEEP

49152:LeDDVIGjBZ9stXyzqP5mm6TLOwIabUaC59mMDOO+j7iwEMMA9dDOpo6LPPzHVD:LeVIG/UPE/TLO+w9DO97tEnAfDvkP5D

Score

10^/10

orcus rat spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f7a67237fc01de67afa6a9d3ce79c42a_JaffaCakes118.exe

Resource

win7-20240221-en

orcus rat spyware stealer

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

f7a67237fc01de67afa6a9d3ce79c42a_JaffaCakes118.exe

Resource

win10v2004-20240226-en

orcus rat spyware stealer

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  f7a67237fc01de67afa6a9d3ce79c42a_JaffaCakes118
- Size
  
  2.9MB
- MD5
  
  f7a67237fc01de67afa6a9d3ce79c42a
- SHA1
  
  00270872b9dffbdd507274594e06bc0fa06370f0
- SHA256
  
  0a88237fc722de2c8a00645bda3854cc3dfa65da8f449fce53530d3d3dfbf770
- SHA512
  
  356c63cec97baf55f4df61558f690d2fa119b77a2d31f69a39c9179559b97428894e224dd833f3b34b0ec43a662bc24ecf339dbef8f424f38ff9373b11927ced
- SSDEEP
  
  49152:LeDDVIGjBZ9stXyzqP5mm6TLOwIabUaC59mMDOO+j7iwEMMA9dDOpo6LPPzHVD:LeVIG/UPE/TLO+w9DO97tEnAfDvkP5D
Score

10^/10

orcus rat spyware stealer
- Orcus
  Orcus is a Remote Access Trojan that is being sold on underground forums.
  rat spyware stealer orcus
- Core1 .NET packer
  Detects packer/loader used by .NET malware.
- Orcurs Rat Executable
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

orcusratspywarestealer

behavioral2

orcusratspywarestealer

© 2018-2025

Terms | Privacy