Overview

overview

7

Static

static

7

ORIONCHECKER.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    5s
  • max time network
    4s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-de
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-delocale:de-deos:windows10-2004-x64systemwindows
  • submitted
    30-04-2024 13:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ORIONCHECKER.exe

  • Size

    29.6MB

  • MD5

    4c3503d31ee7fb0b3e71a667b955f05d

  • SHA1

    dea82141b206e47b821b128158bd3f3999d02359

  • SHA256

    b6832394c8bac34dedb0ce7a4a44ca4af1e83b8550b67ea19696e475b44c939f

  • SHA512

    c7d96852dd1e6ba82636ad8046a7abc4fe129379cb7c19c25a9bf3e0a1a98d1e24339c4e43c984bdc200c81484e0ea374bb5e467d71cd6bd42c068e9d1e1dc48

  • SSDEEP

    196608:VrcTQYYv6ORTAYX52zjuQlatk0nfySLF4PfyXg8U2Dy80740s8gB0yVR/cCxtKrS:eTQXv6ORTAEHdQCpyuTQQg/g

Score
1/10

Malware Config

Signatures

  • Modifies registry class 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ORIONCHECKER.exe
    "C:\Users\Admin\AppData\Local\Temp\ORIONCHECKER.exe"
    1⤵
      PID:2088
    • C:\Windows\system32\OpenWith.exe
      C:\Windows\system32\OpenWith.exe -Embedding
      1⤵
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:860

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads