General

  • Target

    55f106bbd70d6c8b9ecac24ca61fdd85499050acf1973af1a74c39751dca86a9

  • Size

    32.2MB

  • MD5

    50cf2b79a37b6c5e2d8648483487dd60

  • SHA1

    d95fec832f5cc5059d19e626c4eb7c9e526a6550

  • SHA256

    55f106bbd70d6c8b9ecac24ca61fdd85499050acf1973af1a74c39751dca86a9

  • SHA512

    655d587159c4753f4b57a2e3be596f54ac58060473a52296c8e226c9e63cdb32ac5b32fedc3a910652b69bc871c3dcb951f86ec448470b7a6cea370c9925717e

  • SSDEEP

    786432:QHw1v9qnHFHK1CMzoyuBzC8N1YSRwouTtRLbyK:QCqnHFHcCyoy4zC01YSRQtR

Score
10/10

Malware Config

Signatures

  • A stealer written in Python and packaged with Pyinstaller 1 IoCs
  • Blankgrabber family
  • Orcurs Rat Executable 1 IoCs
  • Orcus family
  • Orcus main payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 55f106bbd70d6c8b9ecac24ca61fdd85499050acf1973af1a74c39751dca86a9
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • ,�����.pyc