orcus | 26d5dadb8fec5f13b488f0532dbcf4d9cb4331ad1b7e7277ac9331fa39275528 | Triage

Submit
Reports

Overview

overview

Static

static

Orcus.Admi...on.exe

windows7-x64

Orcus.Admi...on.exe

windows10-2004-x64

Sharing

General

Target

Orcus.Administration.exe
Size

16.2MB
Sample

240903-3h37jszflr
MD5

47c82b9e924c42876d6d4e40908888f7
SHA1

b3ef96ff2f1833ffd332c5246e34ebdd47c7e250
SHA256

26d5dadb8fec5f13b488f0532dbcf4d9cb4331ad1b7e7277ac9331fa39275528
SHA512

83f41c85b51df8d80bc2b63f89d497fe979d340607137b7822b80b8da9f5fa3b9e358554ceedb807a29a38828c331a93f1f32569a66065a2b09c5d572764a9c0
SSDEEP

393216:apC4606R60B8vYfZ9DfZ9DSK7SftLaeH+:NJOcPLPte

Score

10^/10

orcus discovery rat spyware stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Orcus.Administration.exe

Resource

win7-20240903-en

orcus discovery rat spyware stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

Orcus.Administration.exe

Resource

win10v2004-20240802-en

orcus discovery rat spyware stealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  Orcus.Administration.exe
- Size
  
  16.2MB
- MD5
  
  47c82b9e924c42876d6d4e40908888f7
- SHA1
  
  b3ef96ff2f1833ffd332c5246e34ebdd47c7e250
- SHA256
  
  26d5dadb8fec5f13b488f0532dbcf4d9cb4331ad1b7e7277ac9331fa39275528
- SHA512
  
  83f41c85b51df8d80bc2b63f89d497fe979d340607137b7822b80b8da9f5fa3b9e358554ceedb807a29a38828c331a93f1f32569a66065a2b09c5d572764a9c0
- SSDEEP
  
  393216:apC4606R60B8vYfZ9DfZ9DSK7SftLaeH+:NJOcPLPte
Score

10^/10

orcus discovery rat spyware stealer
- Orcus
  Orcus is a Remote Access Trojan that is being sold on underground forums.
  rat spyware stealer orcus
- Orcurs Rat Executable
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

orcusdiscoveryratspywarestealer

behavioral2

orcusdiscoveryratspywarestealer

© 2018-2024

Terms | Privacy