Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

Orbit Unkn...ts.exe

windows11-21h2-x64

8

Orbit/Driv...er.exe

windows11-21h2-x64

1

Orbit/Win10_22H2.dll

windows11-21h2-x64

1

Orbit/Win11_22H2.dll

windows11-21h2-x64

1

Orbit/cs2-dumper.exe

windows11-21h2-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Orbit.zip

  • Size

    3.0MB

  • Sample

    241002-wpvenataqe

  • MD5

    18cdecdb7689f56b90e162bc986fed91

  • SHA1

    ea9ddfc153bbbe80a9dca5bb79fc6735e87f3523

  • SHA256

    8b13d40ffb470f984837155e90b8dc17457a4c1153967fa9b0e9ed119dbfcfc0

  • SHA512

    bf40ca65fe4fd1e839abfdbfc6a779de91b3d61fd28618c5e13c681431ec712a03e396f1c1c2491775fbd670d138bb17f6a6d7871554959e5f31f47390a0d2a1

  • SSDEEP

    98304:5DKTKFRU73um1CZLSYjupxQ4tnvG4q2Y9KuP:8KFRU73j1CZmYjuY4VGFcuP

Score
8/10
defense_evasion

Malware Config

Targets

    • Target

      Orbit Unknowncheats.exe

    • Size

      1.9MB

    • MD5

      83b7b051a986977e209078ef4e569df3

    • SHA1

      a8d4175591ad2ecffc3bc42dcfa968ae9ada0449

    • SHA256

      500695942bc3c61fa8478e9c48a6155f7ff87c9cb544ac61baeb4ca913ec6774

    • SHA512

      222ad16a76ddb87e1219e64a52f0abdca8030dfecbd3b359d07bf87ba8f4b1cc600e5d2e3abaacd22c409159441c5e477fdf9c4a9dbb04734611cbc46c123036

    • SSDEEP

      49152:L3eUCQm+Hr5W3JtgiDqMs0+iFKR3YBYQneL:bezEQ3DgiDqMs0+iFY3w

    Score
    8/10
    defense_evasion

    • Modify Registry: Disable Windows Driver Blocklist

      Disable Windows Driver Blocklist via Registry.

      defense_evasion
    behavioral1

    • Target

      Orbit/DriverMapper.exe

    • Size

      141KB

    • MD5

      8bf69edda1e10f0e935038d8299b3eae

    • SHA1

      8b45de6bf04e717ab40e54474ba269362cfe6517

    • SHA256

      e7a503f0a7bc1acf71034abc36329b1733f0b67aa6e07bd06688bfd9e333e871

    • SHA512

      2cf04f99f323b4b72038e328fd3868d5ad444d243fdae97a12eb553bcc263b0dff8b43406ad4619938890670aae19a7640605c04ba2b8612fe1cf0637a1a0223

    • SSDEEP

      3072:bWN6o/h7LjD4doNPjUhGu9rrmJTQSaMm5/6NnCI5u3HjJu:bWNd/h7UdHgWlqtIF

    Score
    1/10
    behavioral2

    • Target

      Orbit/Win10_22H2.sys

    • Size

      6KB

    • MD5

      35c2bfb631018c528652d00211b8ccd5

    • SHA1

      864d6b54c2fc77283b90586eb1f96d211ecc5f90

    • SHA256

      ae27ae08fbfd42db893013a14e7353da5dd966eb69b04342e5f5b5ebde8f9a81

    • SHA512

      1aca30bd0192a4a9e2bdfbf76264367f9c32efa8e196d08418570aba4e7bfda61aa757ba8d9bc1c2172a9cbc8ed29c6fa7eb751ec5f6a7fb5dc32273dcd5e6df

    • SSDEEP

      96:ZfAS8BjGcN5mwatzKaaHDaya+x6G2LTj6de+tA1eDzQG7UR7P5cQ1S1J:ZfAjBj1ratWfHOHaefj0seDzmP9q

    Score
    1/10
    behavioral3

    • Target

      Orbit/Win11_22H2.sys

    • Size

      6KB

    • MD5

      b9a03b9fc83a7d20a3bb8a2368d5d59e

    • SHA1

      030efee2cf6e020c1a1513e37e2deb2b5d6201b3

    • SHA256

      19d9ea571aef985c3d356a6a50d8dcead4669ef359c1957e4f0f9557b18f6919

    • SHA512

      09e84adef1255fa5689e2184409989937fd167a85eb9a6326cd933318dc0ed56a7fc9bed9ace5601d2f86dd89f85512b49d5f20a4fac07844e2a0479a2e3c97a

    • SSDEEP

      96:ZfA38BjGcN5mwatzKaaHDaya+x6G2LTj6de+td1eDzQG7UBKP5cQ1S1J:ZfAMBj1ratWfHOHaefj0neDzvP9q

    Score
    1/10
    behavioral4

    • Target

      Orbit/cs2-dumper.exe

    • Size

      1.8MB

    • MD5

      5990b58f0f39446914bb6efe78c6d87d

    • SHA1

      8cd1a0bf74920232c8e2044eef432dfc54bcda95

    • SHA256

      eb794988a35cd238029b8523360d6232e9712dfae449f84d84c629c98c84ec6f

    • SHA512

      52a2a50c42f859873f37e3121c42e3d63f8700278a27bead62af2dd2bd5a57541ba914f5fadf2836ceb7c3793bd0a2ef5f9d828c77874029a85d33d9629bfdb5

    • SSDEEP

      49152:RiYL0D6PCP3bK7LzdMZEYeq8KEHaAdSVga+:RiI0Dq0gh

    Score
    1/10
    behavioral5

MITRE ATT&CK Enterprise v15

Tasks