Overview

overview

10

Static

static

10

Orcus 1.9....on.exe

windows10-2004-x64

3

Orcus 1.9....ed.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Orcus 1.9.1 Anti-Takedown Mod.7z

  • Size

    21.5MB

  • Sample

    240914-sfgweszdlm

  • MD5

    6a281f5b19c198b9b3a90b504ceb62e3

  • SHA1

    beb3c591ba97f5195baa462f368110b7983502cd

  • SHA256

    c57286a7db82264844714682f943fdd9f816eaa27ca1a500514cea13466e85e4

  • SHA512

    60e0653e1f08eb2492c4f5350f4fa78b50266d5e6712ad1248eeb5c8f64cf7a90d3419127c8ea15f22185b62e9d1acac5e9d91e0cb9b10b889e81d9c78a77fc3

  • SSDEEP

    393216:5IiEfq37WxfnRYAnYrmyO4oVATLSyPpK2alqYMnIO75Rsqh+CWgttD2q:5Ii2y72fRYzOhV5gKtenImjHWXq

Score
10/10
orcusdiscovery

Malware Config

Targets

    • Target

      Orcus 1.9.1 Anti-Takedown/Modded Client/Orcus.Administration.exe

    • Size

      3.9MB

    • MD5

      89b5a894e1be53180ce0140c297243d1

    • SHA1

      994a922f740aceeadc131d46a3222175dcabb34d

    • SHA256

      3769da1b19b76f2add402efa5d30aff0e3244b9b7ff279737a0d5b374b19bdce

    • SHA512

      61af82c3563224c98f84f3e316216f565a103f9b1e8ff52094f988ed3207dddcde0eb6ec7faf55a08317695f11dd6874cecf05d0fb080d0f86b9a0e65ae06d90

    • SSDEEP

      49152:g1jDkV7F/Al4gU97zCvyRtQ5SH1veaEXitFQL6tAl4:g1jDk7/Al4gU97zCvyRC5SBemAl4

    Score
    3/10
    discovery
    behavioral1

    • Target

      Orcus 1.9.1 Anti-Takedown/Modded Server/Orcus.Server.Patched.exe

    • Size

      3.2MB

    • MD5

      0f6f91ea2cc96cf248a9bdc8edfc4c9a

    • SHA1

      00141b816f76bf4d39ae3397bcbf3582ee45aacf

    • SHA256

      0fb5d4dcc4dbf4d1dd045680e26edb76224c868556c99c5e25d103c5cf72d3b4

    • SHA512

      968d81c3d6b4f4048b5d295b96ec75cdc855fa9b2f9f45ccd49e537e355cb472f580f72a6ad6fb407dc54a70fda9b3018f7e3338b57b165e8690f4ea33492d28

    • SSDEEP

      98304:Qv+4mRF42/986+g3MgI7+OxXIKZExCvy:OmfZ986+AE+fxC

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral2

MITRE ATT&CK Enterprise v15

Tasks