General
-
Target
958c4f1f63aa4b0916c3443e86ee5c4b.exe
-
Size
85KB
-
Sample
240610-rxelyszenj
-
MD5
958c4f1f63aa4b0916c3443e86ee5c4b
-
SHA1
94b33d97c41f88a5363688fb753ff21df5dd41e0
-
SHA256
f20585f92942d4406423ebe1257b5eae8a460721e00bea42dc70ec948bd49f2e
-
SHA512
b7d12d0d0ce224dca54f1819c485d1e10c53f0d2ce57f9815f9a829770e3dc21697659e0cad3dae426d352a1892d6c8b2cda7a85bc065b07b6254035a0247d0b
-
SSDEEP
1536:ygLGdUFcYJnl3lU0PY5lZCXS85X2WlDeSdDatDRZl3pZduO+drmM+qckIt33+ld6:ygLGdUFcYJnl3lU0PY5lZCXS85X2WlDA
Static task
static1
Malware Config
Extracted
orcus
154.212.149.59:446
315ff0624fe74021970d128fbc96aa53
-
autostart_method
Disable
-
enable_keylogger
false
-
install_path
%programfiles%\Orcus\Orcus.exe
-
reconnect_delay
10000
-
registry_keyname
Orcus
-
taskscheduler_taskname
Orcus
-
watchdog_path
AppData\OrcusWatchdog.exe
Targets
-
-
Target
958c4f1f63aa4b0916c3443e86ee5c4b.exe
-
Size
85KB
-
MD5
958c4f1f63aa4b0916c3443e86ee5c4b
-
SHA1
94b33d97c41f88a5363688fb753ff21df5dd41e0
-
SHA256
f20585f92942d4406423ebe1257b5eae8a460721e00bea42dc70ec948bd49f2e
-
SHA512
b7d12d0d0ce224dca54f1819c485d1e10c53f0d2ce57f9815f9a829770e3dc21697659e0cad3dae426d352a1892d6c8b2cda7a85bc065b07b6254035a0247d0b
-
SSDEEP
1536:ygLGdUFcYJnl3lU0PY5lZCXS85X2WlDeSdDatDRZl3pZduO+drmM+qckIt33+ld6:ygLGdUFcYJnl3lU0PY5lZCXS85X2WlDA
-
Orcurs Rat Executable
-
Executes dropped EXE
-