Overview

overview

10

Static

static

10

OrcusRAT-main.zip

windows7-x64

1

OrcusRAT-main.zip

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    OrcusRAT-main.zip

  • Size

    25.0MB

  • Sample

    241101-te3xya1jfv

  • MD5

    4ebe8621171038676189cbc5e7053d9f

  • SHA1

    2e3a3b97163d1e8af1e41c36f9495062fb4b1934

  • SHA256

    3786d314f4e3906400b24657ed15fca047576eba9cf17630246db69503fdbea3

  • SHA512

    e0091ae9f3acddc7e8d11b89a60debc3dab57b8af57bde4a3f538b2283eae398a1adec8224bf5fd2d0be61be015fc2a79c49b06cf786945073e1cc87d66be356

  • SSDEEP

    786432:DFrAoo07VJxiSdlBx4IVwXuOHKW3kijZk:hrA+xJBgIEuMUiNk

Score
10/10
orcusdiscoveryratspywarestealer

Malware Config

Targets

    • Target

      OrcusRAT-main.zip

    • Size

      25.0MB

    • MD5

      4ebe8621171038676189cbc5e7053d9f

    • SHA1

      2e3a3b97163d1e8af1e41c36f9495062fb4b1934

    • SHA256

      3786d314f4e3906400b24657ed15fca047576eba9cf17630246db69503fdbea3

    • SHA512

      e0091ae9f3acddc7e8d11b89a60debc3dab57b8af57bde4a3f538b2283eae398a1adec8224bf5fd2d0be61be015fc2a79c49b06cf786945073e1cc87d66be356

    • SSDEEP

      786432:DFrAoo07VJxiSdlBx4IVwXuOHKW3kijZk:hrA+xJBgIEuMUiNk

    Score
    10/10
    orcusdiscoveryratspywarestealer

    • Orcus

      Orcus is a Remote Access Trojan that is being sold on underground forums.

      ratspywarestealerorcus

    • Orcus family

      orcus

    • Orcurs Rat Executable

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks