General
-
Target
1e0ffae5da870acc85c8be93b44aee8d07c1fe1811d03d608225aff9816b5d3d.exe
-
Size
1.0MB
-
Sample
240724-n4lgasxhka
-
MD5
3cbe692d9a0c395dabd70e96986d53b5
-
SHA1
cf495ae9f11d7cbe1cfb8051684fe3c95e9615b8
-
SHA256
1e0ffae5da870acc85c8be93b44aee8d07c1fe1811d03d608225aff9816b5d3d
-
SHA512
ef82faa953f3ebff013841954a65b40e726692f0798ca84767e20354e344e40a0ba82723248364aafab91f839200c7bd20863c9e81e1134c43158144420c2485
-
SSDEEP
24576:/3veFbXAD9zWi4MxO6m6b/fYLGACf9Dtc2PykywO+://etqzXOu1Ff9DtTyM9
Static task
static1
Behavioral task
behavioral1
Sample
1e0ffae5da870acc85c8be93b44aee8d07c1fe1811d03d608225aff9816b5d3d.exe
Resource
win7-20240705-en
Malware Config
Extracted
orcus
45.157.69.156:443
3b453ed253424c82a94898f42bb6a1be
-
autostart_method
Disable
-
enable_keylogger
false
-
install_path
%programfiles%\Orcus\Orcus.exe
-
reconnect_delay
10000
-
registry_keyname
Orcus
-
taskscheduler_taskname
Orcus
-
watchdog_path
AppData\OrcusWatchdog.exe
Targets
-
-
Target
1e0ffae5da870acc85c8be93b44aee8d07c1fe1811d03d608225aff9816b5d3d.exe
-
Size
1.0MB
-
MD5
3cbe692d9a0c395dabd70e96986d53b5
-
SHA1
cf495ae9f11d7cbe1cfb8051684fe3c95e9615b8
-
SHA256
1e0ffae5da870acc85c8be93b44aee8d07c1fe1811d03d608225aff9816b5d3d
-
SHA512
ef82faa953f3ebff013841954a65b40e726692f0798ca84767e20354e344e40a0ba82723248364aafab91f839200c7bd20863c9e81e1134c43158144420c2485
-
SSDEEP
24576:/3veFbXAD9zWi4MxO6m6b/fYLGACf9Dtc2PykywO+://etqzXOu1Ff9DtTyM9
-
Orcurs Rat Executable
-