Analysis

  • max time kernel
    16s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    20-07-2024 15:55

General

  • Target

    Orcus RAT 1.9.1/Orcus.Administration/libraries/Be.Windows.Forms.HexBox.dll

  • Size

    84KB

  • MD5

    1abb997d4e809b9d7f9016617dc01294

  • SHA1

    b249037720e408128e6559d02a7a8772db6d4438

  • SHA256

    4938a4dbb51fd8d35dfdf2c5d42e9a127b9365d495461864e6bb9ec7fc9a3cb7

  • SHA512

    c943a9ad6cfde82fb3e30bffd96006b4524e3c9348da66fd461be44e8e093afbe58d9da121494d9e557b1fd052413e651e5d1c549f8508e5061640818d895b1a

  • SSDEEP

    1536:vOo386x64hWu/19AQhZRxZJhn1fHJ1Y4eXrEBKsC5FfCf3vb7kn7kTXkF5Gj5qRQ:z38BEzAh5Cf/4t/0hoWp

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Orcus RAT 1.9.1\Orcus.Administration\libraries\Be.Windows.Forms.HexBox.dll",#1
    1⤵
      PID:2508

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads