General

  • Target

    Orcus.Administration.exe

  • Size

    16.2MB

  • Sample

    240705-tzdhsa1gll

  • MD5

    a6347e4e194adb6d2a3fae52598d8cdd

  • SHA1

    aa06c496c20d6e04142d4a5205a032680a452a0d

  • SHA256

    911e3e95efddbae9d1c2f4b04027567c76823116755097b5868b7241c7e30cbc

  • SHA512

    2ee24604c0edbc09096e2344ca6c1f74b1067b9aff7f077d0b4e42cd8f51dd1116e98016e34f0a1d951fcdbc8bfed33b1709a9692ba95b3ea3cd84d9ce080922

  • SSDEEP

    393216:3pC4606R60B8vYfZ9DfZ9DSK7SftLaeH+:sJOcPLPte

Malware Config

Targets

    • Target

      Orcus.Administration.exe

    • Size

      16.2MB

    • MD5

      a6347e4e194adb6d2a3fae52598d8cdd

    • SHA1

      aa06c496c20d6e04142d4a5205a032680a452a0d

    • SHA256

      911e3e95efddbae9d1c2f4b04027567c76823116755097b5868b7241c7e30cbc

    • SHA512

      2ee24604c0edbc09096e2344ca6c1f74b1067b9aff7f077d0b4e42cd8f51dd1116e98016e34f0a1d951fcdbc8bfed33b1709a9692ba95b3ea3cd84d9ce080922

    • SSDEEP

      393216:3pC4606R60B8vYfZ9DfZ9DSK7SftLaeH+:sJOcPLPte

    • Orcus

      Orcus is a Remote Access Trojan that is being sold on underground forums.

    • Orcurs Rat Executable

MITRE ATT&CK Enterprise v15

Tasks