Overview

overview

10

Static

static

10

1efa0f315b...83.exe

windows7-x64

10

1efa0f315b...83.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1efa0f315bd7205d8856c9bedf5a95c3ae0bddc09995a4cfc792e63deaa66283

  • Size

    1.7MB

  • MD5

    3e95e7842eb6e21c184e8df98b354dc5

  • SHA1

    e90e735c6ac94c419c0534a3f8fd812aaf7fa377

  • SHA256

    1efa0f315bd7205d8856c9bedf5a95c3ae0bddc09995a4cfc792e63deaa66283

  • SHA512

    0d862a255dda394d64c9be14c2d05a6d6fb854c53a323b50c097edfe52457fdada0a0fe0576ca3223e613dce30f5af2a50fd39ea53ef8cb453a5ea27844f6de7

  • SSDEEP

    49152:w7X3f/7Iflsm9BQGIt1G3LhGMiuvjzQNgQILFSth2pQ:wD/qsuQGItE3dGo

Score
10/10
vmprotectorcus

Malware Config

Signatures

  • Orcurs Rat Executable 1 IoCs
  • Orcus family
    orcus
  • Orcus main payload 1 IoCs
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1efa0f315bd7205d8856c9bedf5a95c3ae0bddc09995a4cfc792e63deaa66283
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections