Overview

overview

10

Static

static

7

INSTRUCTIONS.txt

windows10-2004-x64

1

KeyAuthBypass.bat

windows10-2004-x64

10

ORBIT_LOADER.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ORBIT_LOADER.rar_1

  • Size

    351KB

  • MD5

    d498e0674ead62bd2d465d2c74085bff

  • SHA1

    ad62469af5bdb660b272d0696f0a730b48f5307e

  • SHA256

    4fcc32496885b57253012e973fa87008f9dd31b65764812a2b436f310e02776a

  • SHA512

    7d6d67ab69b3b94ec335d0ae46505c2d50db01658c67826f021ff196623720cf58a9ae611ee509e9f52ec0b97503badd3ac57423212a357831834f31a6036f21

  • SSDEEP

    6144:OVf06RISvE5q+5KQ935GMoV9YuFDHtKWJ6hqe++w4sEMnX73XchCxjdZPkksbd7L:Wv28E55KQ9JKVaulU3c+w4sEMLcYjdZi

Score
7/10

Malware Config

Signatures

  • .NET Reactor proctector 1 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ORBIT_LOADER.rar_1
    .rar
  • INSTRUCTIONS.txt
  • KeyAuthBypass.bat
  • ORBIT_LOADER.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections