C:\Users\Admin\Desktop\RAT-Orcus-1.9.1-src-main\Orcus.Server\obj\Release\Orcus.Server.pdb
Static task
static1
1 signatures
General
-
Target
Orcus.Server.exe
-
Size
2.8MB
-
MD5
e2a69f75471dbfcb8fec3cd5ca23e06e
-
SHA1
767b1478fe7f74bca8a982b92a707f1f676f8a5e
-
SHA256
9969fee1d7c3a7c15c2a16eb0b9c6760d833a22cb6210728032d23595b4b47c1
-
SHA512
251d221d413866c38fe6c57936ab7644e16064f923e55b11d8c4db548c66b02996ef25ec399c396606aeaa9a516c0683a8b8598088a5468783cc18251aa97814
-
SSDEEP
49152:oB+4yPRRGCvw2/986nZGeE9gwvoAdlDCS+E5sur8BF0xXIHnqww5VCkkhQIGENL:oB+4mRF42/986wgAoslG3E5+OxXIKZEH
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Orcus.Server.exe
Files
-
Orcus.Server.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 2.8MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 43KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ