Overview

overview

10

Static

static

10

e15c3ff9de...cc.exe

windows7-x64

1

e15c3ff9de...cc.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e15c3ff9de2290626cc24301d496ff18a89adb9832a93c3d17cd9e4a1484e8cc

  • Size

    903KB

  • Sample

    241105-bvbvaa1fqh

  • MD5

    50b929d34d4b8d8a1403372fa7c608cb

  • SHA1

    a1edb9952c197496edc5455e5be1d8af886bf3ce

  • SHA256

    e15c3ff9de2290626cc24301d496ff18a89adb9832a93c3d17cd9e4a1484e8cc

  • SHA512

    825a59aabe859826d43f60785d6592948cfbb971a669f10ffe51439ef23c301c06ab63e0929a30b8abb4be558410de7e7a3feac894a108d410472a18da6af39d

  • SSDEEP

    12288:48shHAVBuQBBed37dG1lFlWcYT70pxnnaaoawMRVcTqSA+9rZNrI0AilFEvxHvB1:J3s4MROxnF9LqrZlI0AilFEvxHiXo

Score
10/10
orcus

Malware Config

Extracted

Family

orcus

C2

venerra.ddns.net:1604

Mutex

004182be16184746aa39d249aa1c91af

Attributes
  • autostart_method

    Disable

  • enable_keylogger

    false

  • install_path

    %programfiles%\Orcus\Orcus.exe

  • reconnect_delay

    10000

  • registry_keyname

    Orcus

  • taskscheduler_taskname

    Orcus

  • watchdog_path

    AppData\OrcusWatchdog.exe

Targets

    • Target

      e15c3ff9de2290626cc24301d496ff18a89adb9832a93c3d17cd9e4a1484e8cc

    • Size

      903KB

    • MD5

      50b929d34d4b8d8a1403372fa7c608cb

    • SHA1

      a1edb9952c197496edc5455e5be1d8af886bf3ce

    • SHA256

      e15c3ff9de2290626cc24301d496ff18a89adb9832a93c3d17cd9e4a1484e8cc

    • SHA512

      825a59aabe859826d43f60785d6592948cfbb971a669f10ffe51439ef23c301c06ab63e0929a30b8abb4be558410de7e7a3feac894a108d410472a18da6af39d

    • SSDEEP

      12288:48shHAVBuQBBed37dG1lFlWcYT70pxnnaaoawMRVcTqSA+9rZNrI0AilFEvxHvB1:J3s4MROxnF9LqrZlI0AilFEvxHiXo

    Score
    6/10

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks