Overview

overview

10

Static

static

10

Orcus Admi...on.exe

windows11-21h2-x64

10

Orcus Admi...ew.vbs

windows11-21h2-x64

1

Orcus Admi...er.vbs

windows11-21h2-x64

1

Orcus Admi...es.vbs

windows11-21h2-x64

1

Orcus Admi...ons.js

windows11-21h2-x64

3

Orcus Admi...er.dll

windows11-21h2-x64

1

Orcus Admi...il.dll

windows11-21h2-x64

1

Orcus Admi...ns.dll

windows11-21h2-x64

1

Orcus Admi...ns.dll

windows11-21h2-x64

1

Orcus Admi...ed.dll

windows11-21h2-x64

1

Orcus Admi...it.dll

windows11-21h2-x64

1

Orcus Admi...es.dll

windows11-21h2-x64

1

Orcus Admi...er.dll

windows11-21h2-x64

1

Orcus Admi...ent.js

windows11-21h2-x64

3

Orcus Admi...del.js

windows11-21h2-x64

3

Orcus Admi...gin.js

windows11-21h2-x64

3

Orcus Admi...er.vbs

windows11-21h2-x64

1

Orcus Admi...es.vbs

windows11-21h2-x64

1

Orcus Admi...ro.dll

windows11-21h2-x64

1

Orcus Admi...st.dll

windows11-21h2-x64

1

Orcus Admi...it.dll

windows11-21h2-x64

1

Orcus Admi...ty.dll

windows11-21h2-x64

1

Orcus Admi...es.dll

windows11-21h2-x64

1

Orcus Admi...il.dll

windows11-21h2-x64

1

Orcus Admi...ns.dll

windows11-21h2-x64

1

Orcus Admi...ns.dll

windows11-21h2-x64

1

Orcus Admi...ed.dll

windows11-21h2-x64

1

Orcus Admi...st.dll

windows11-21h2-x64

1

Orcus Admi...it.dll

windows11-21h2-x64

1

Orcus Admi...ty.dll

windows11-21h2-x64

1

Orcus Admi...es.dll

windows11-21h2-x64

1

Orcus Admi...cs.dll

windows11-21h2-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Orcus Administartion all.rar

  • Size

    66.3MB

  • Sample

    241110-w9k2qasglh

  • MD5

    5febe9d99f40709ade703667f0b5d0c1

  • SHA1

    6811e8c984d13828423a8aa7087a3be0add6e980

  • SHA256

    463842e56e3ae95d1fe8feaee541dc88a31f4f1f48330c6c78df9661e3181949

  • SHA512

    597d9478d4bb4ee594e64ace7bcf6bf288f681100efaaf66be4901c66f410f0863d515f5739c8a96ba36e740ccd9ae4319a966919c75f2cf5e51558322120fee

  • SSDEEP

    1572864:gfOkRyC1yejOEF0IS2o/HKCHGk06zknHOBJ9EsfFId0RFfh:gfLRygOmSLHKCHBz0uXasfFrbh

Score
10/10
orcusdiscoveryexecution

Malware Config

Targets

    • Target

      Orcus Administartion/Orcus.Administration.exe

    • Size

      4.5MB

    • MD5

      0ba76b40f0aab5ed75feb24c5119874e

    • SHA1

      515bd47fe5d4dd4e3a9d9cfdb5003101923c936c

    • SHA256

      f3b78d3d11e6f223dd2ddddc55acfc33eaed900b74f274baea2c682716f0d55d

    • SHA512

      8e34e600016ad23cfd1924f1eaa4b64d13617a6a82220d6ad2857a07e8292c1533900169f8d40384359a111f712c85554d8948b797c8d762fae057e375439d0b

    • SSDEEP

      49152:OGZeMQLKNBJAl40NVANW8cyTAiE99TIWttF5UoFtAl4:OGVBJAl40NG48cyTOkWttF5UoFtAl4

    Score
    10/10
    discovery

    • Contains code to disable Windows Defender

      A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

    behavioral1

    • Target

      Orcus Administartion/Orcus.Plugins.ExtensionSpoofer-master/Source/ExtensionSpooferBuilderPropertyView.cs

    • Size

      4KB

    • MD5

      4d92133790415c9a6c8ed5767b74ecc1

    • SHA1

      7f695a07dded8f85db884dd4099b0faeaa69901e

    • SHA256

      a84c4726b377811cf0bae53d143d1747ec1c026153c02c82d5639751b31831eb

    • SHA512

      5674f411be8e4306ff8975b1435c3d9cad1b7340accbf227e4c77739e48e68c296acf935294ed668f27ab9bd500432ea91279b52f180ab3517c107f028a4a591

    • SSDEEP

      96:Jo414h4DOzP8gkIee3GJfk7ZscW3Bs1Dtc+j6rtskBrNlraUr2iDI:9GK3gKX9k7ZscW3Bs1Dtc+GRvBBluUS7

    Score
    1/10
    behavioral2

    • Target

      Orcus Administartion/Orcus.Plugins.ExtensionSpoofer-master/Source/Properties/Resources.Designer.cs

    • Size

      2KB

    • MD5

      e502fdf87d08437fd533eb41e79c805d

    • SHA1

      d054477c17c9940232960f8931ba6c54065f43d5

    • SHA256

      6ec369b865eb8dbc1eaa626df405906ce880606e177994c1af8dcc152a6b16a0

    • SHA512

      30ea182c831eeed0b2529d3bb09526bdd7274c9c7f85cc5a32a3010a35cf75db34d1e256d0b9050903e1d76f1a83d627567bce8f786b53bfea38e7737c8732fb

    Score
    1/10
    behavioral3

    • Target

      Orcus Administartion/Orcus.Plugins.ExtensionSpoofer-master/Source/Properties/Resources.resx

    • Size

      5KB

    • MD5

      c07716633f086d91759ae32a18996a1a

    • SHA1

      bf3383c20acf6e64ce49f120938456161e5f6cb9

    • SHA256

      4e124f5a7694ffe813c60601b1b73c53e47536b1f1c0e798d4d55bfc2ca3774f

    • SHA512

      c6ad0ec603ff69d2d1b787db9426f29d44ea1ba45cf1d2b7ec41cc2bd6d5c93af8d2299139cc1c5d10d56718f36daa37d544f8d5411fad91a72efc2e70454cdf

    • SSDEEP

      96:ECf+lbD5X5LPXCazYV5Lv6K6uOidfaxwsxuUPFE3qxdRMvDTursrbLAy202W:Zf+tLPfYnLvFVOiFQaUR6

    Score
    1/10
    behavioral4

    • Target

      Orcus Administartion/Orcus.Plugins.ExtensionSpoofer-master/Source/StringExtensions.cs

    • Size

      300B

    • MD5

      7714d00fcce40c87829ba58f73160c03

    • SHA1

      a0f3fcc20213b248f77c7c9ce3af93f242479939

    • SHA256

      1942d1b4e01d6e0c5fb579f1eb4f4a4ee0cef560a15df473bf3c752c181371a5

    • SHA512

      6977b1d36f295682c3220e8577fb2dd6948da1cad99f65bce248ba9206046dbd5f8825155c4522e3c63cf6545407ce8f21a36c2f3ca5f724eae1fe56d040c050

    Score
    3/10
    execution
    behavioral5

    • Target

      Orcus Administartion/Orcus.Plugins.ExtensionSpoofer-master/Source/bin/Debug/ExtensionSpoofer.dll

    • Size

      17KB

    • MD5

      6cb9836af0f12ab3456bd81664916d78

    • SHA1

      d35f1584734ce5189046c0c32b78bd17ba2328da

    • SHA256

      c996a530375793b80464a8eafccceed894632eedc1dc020db50e1ff07e580705

    • SHA512

      4d00b093f15e5a594dc665caffeb31ec8e780f43cf51424bf9e9fd125aa89757e6f2ce5218769b74f68c1a0474122b08b0a5e5a0314aac94547247e6c7a79d3d

    • SSDEEP

      384:EnXnW81qsTO4WSEDSB3ZApHDMY7NYBkgHS0EhB:EXnWKqPmGDhYqtr

    Score
    1/10
    behavioral6

    • Target

      Orcus Administartion/Orcus.Plugins.ExtensionSpoofer-master/Source/bin/Debug/Mono.Cecil.dll

    • Size

      263KB

    • MD5

      cc0bc97cb18ac4e7c6f4decf0218a127

    • SHA1

      8901c4a54995aed5e786dda0928905bcb98242e2

    • SHA256

      ea592e7ba43cb057966778b0027c0d6e7ce9672741b5d3c8c927d48918366183

    • SHA512

      e5865188de26c7e8d71c000224626d7dd0b26a5542acc9bf8f7974f5cb595386fd25e6e425ecaf57550e12600c6f37670a19a3a361381c10b97f9a26d1cfd856

    • SSDEEP

      3072:Ko8MptdteyB+kknlDeYJgM67aBsPvVIoPbAFhA+9+qk7o++++9+OddQIZ9c1nquO:Ko8Icybkl6YJgMHgdnqujDbDW4i8XS

    Score
    1/10
    behavioral7

    • Target

      Orcus Administartion/Orcus.Plugins.ExtensionSpoofer-master/Source/bin/Debug/Orcus.Administration.Plugins.dll

    • Size

      37KB

    • MD5

      4cf28fc963d03cfce340a018850b2f95

    • SHA1

      d4cde3b66b5666a8a99ae4c8a62c6412c932b823

    • SHA256

      a70662914de7fc43763b855f0deafd5fb14d4075fa6d4f6e646967b44ac2d286

    • SHA512

      780aa4e8d401e1b82bf56bdfd578915bebc6110280b0e9f5cfc59a447a7bd8d6853f9ed252fc873d18d6a5acac278519e685230063d7d8250f019413320943a2

    • SSDEEP

      384:TmADDkhwlc8RPqZEh7w3haYLqNKy6oj+47nWprxrpzZ7G13sD1l5GS8KfoH1BPv:TmAfkSlFJqZE1w3siHyHUht7TixdVw

    Score
    1/10
    behavioral8

    • Target

      Orcus Administartion/Orcus.Plugins.ExtensionSpoofer-master/Source/bin/Debug/Orcus.Plugins.dll

    • Size

      32KB

    • MD5

      b6c772932d5afdede7c7e1bdbe472404

    • SHA1

      3efc9797e72ecf3a2a21c68cd2012bc267b64e84

    • SHA256

      fa78a9a0c6b0b531e744b38d77bbf121196b2e88dc2bb3e4c79509115cd6abe2

    • SHA512

      f64e05650d7acaa675345aad248f4185c26a0035973f79fd7ca87f86ecdee926da18941b55b7b3313a734c922d29bc73be8dd2c64b848df540f798f3bc1ad59c

    • SSDEEP

      768:Ag1qwOp3Ah4Y4pFrEmViJzl3+vKu3cfHrl:AIqNp3SJ4pFBMzl3AKu3cfHrl

    Score
    1/10
    behavioral9

    • Target

      Orcus Administartion/Orcus.Plugins.ExtensionSpoofer-master/Source/bin/Debug/Orcus.Shared.dll

    • Size

      353KB

    • MD5

      1bb840e6ffa317ebdd5179348de055df

    • SHA1

      7fada59204455e5235efb1ad1cd4daea8ae5e3a1

    • SHA256

      13925be6e2849b0a8ba567685fbb8c6a3e36da7294e03341ea1975123a17770d

    • SHA512

      e28e32241b951bb8ffce58a4a1b7a7a423e93350dbf15c10a32031b32aa6daa8e937d7655c72d6dc860f76fc1b92760f4b04effeb6a1be13835bc086e8e422e6

    • SSDEEP

      6144:67QV/Ul8Hf1uI1ocFfbF/ZT9nOpg0xCEFoF1tQLfDNKJb8PyUblrtAt+:60/Uapv0xCEItQLfoJbg3blJAt

    Score
    1/10
    behavioral10

    • Target

      Orcus Administartion/Orcus.Plugins.ExtensionSpoofer-master/Source/bin/Debug/Sorzus.Wpf.Toolkit.dll

    • Size

      60KB

    • MD5

      ad100bd000dc8301a6caa9b6426ae5da

    • SHA1

      b29863359973f228f11c1c567c5c5c2b98e373cb

    • SHA256

      4d9b236309b7c2ea4f824a2d301c9b7b09733ba1c08c7824d435c4afe5de9886

    • SHA512

      9855648988d4bc65612a9bb3b8800db4a0b4e4b0e27e03d3836c852060f65698a2cd3a64aad8e7657ec6798b0959c9832f979411923a8d41ba6cbb43505787f7

    • SSDEEP

      768:J81CdXuEcPnppfpH55IMrngVXpuwai8FLivooAzoy7TfsXjcgpH5puq:GjfaMEXuwMLie0yyjcgpHb

    Score
    1/10
    behavioral11

    • Target

      Orcus Administartion/Orcus.Plugins.ExtensionSpoofer-master/Source/bin/Debug/de/Orcus.Plugins.resources.dll

    • Size

      4KB

    • MD5

      3658c90e99a2753333c1f23b057641d7

    • SHA1

      6cf8e04d55f68f99d8915defddcf71b418cb9353

    • SHA256

      06257ac2c2918386c777c85e36dd56bb28d20c461e4719ab9ea9ef1d4d572c64

    • SHA512

      9ceb6d86ff42012b50676a1b9e3353a4bce9022e175d6cee0a83da1d368c56554c6ee824283b03aa84f9a4bd53bc7329ad265e3934c846ccb7f14ca63fd5a970

    • SSDEEP

      48:6V4n2Z+7QcsfjGop308x0lR4cGoAIEAsAGzod1hKeEY9eHrML/UqD6nXKgYsg:J2yA0lRBAIEAsAood1kTHwLsLXK

    Score
    1/10
    behavioral12

    • Target

      Orcus Administartion/Orcus.Plugins.ExtensionSpoofer-master/Source/obj/Debug/ExtensionSpoofer.dll

    • Size

      17KB

    • MD5

      6cb9836af0f12ab3456bd81664916d78

    • SHA1

      d35f1584734ce5189046c0c32b78bd17ba2328da

    • SHA256

      c996a530375793b80464a8eafccceed894632eedc1dc020db50e1ff07e580705

    • SHA512

      4d00b093f15e5a594dc665caffeb31ec8e780f43cf51424bf9e9fd125aa89757e6f2ce5218769b74f68c1a0474122b08b0a5e5a0314aac94547247e6c7a79d3d

    • SSDEEP

      384:EnXnW81qsTO4WSEDSB3ZApHDMY7NYBkgHS0EhB:EXnWKqPmGDhYqtr

    Score
    1/10
    behavioral13

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/Client.cs

    • Size

      10KB

    • MD5

      c193613d5d2076d5bac6623ccad31507

    • SHA1

      25edf3178f1b76e3b8df832bad92130488cddf6b

    • SHA256

      dc23d793903d39b9d24910139a249a8afaf7a582f146e1508ba3f33eed389c12

    • SHA512

      2138cd7550da758991be52a3a4aaf27a224b740bac56a371d88c3b80aa4c258e6df25abf30696bb961694bfcbe55a1b94a1e40ac90a72e585a6e9193bb11d014

    • SSDEEP

      192:9bIYZ27kiKEBTOHvCxHzjnCayvMbmJDfdf6guQL2EZuuLWdFEt/aCZyamMKNr7py:9xIoZGTOHUuaybJTdigVKEZuxd+VaCZJ

    Score
    3/10
    execution
    behavioral14

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/MainViewModel.cs

    • Size

      3KB

    • MD5

      591eda34a26c252dd108df8adab3ae4d

    • SHA1

      5f4c9bab8e88af057e6cd7bfc50ec2358baa5a66

    • SHA256

      7a3d1f8045dc98e7b5adc0c8c01c43900e33de729ed70edefeb6f9e70ab2343f

    • SHA512

      2e8d9a28a3102db7d397f0a43a7616ab837fbbcbbbf22f2c0a4f0ed86f7871c71665cabd66c3280327ef412cdf50886b5d4e3dc0c54c9ec223cac52d68f52000

    Score
    3/10
    execution
    behavioral15

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/Plugin.cs

    • Size

      979B

    • MD5

      f78f528dc4422ae573baf2a203354d16

    • SHA1

      9907071013d81bb278612a5bcd2df7bae7613688

    • SHA256

      e521f325a04ffd5659fdc74a15d1d8daae41e4acfc406044226cb4bbdb473a2d

    • SHA512

      6484092845ad9f2d4a5fbd4fdb6cf0372197cb0bc85075ddb9ecd1a0101cf92aaaa02cfa97b96f39b57dbc95822df40e817fa3897a548fe8db277b931c0abe61

    Score
    3/10
    execution
    behavioral16

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/Properties/Resources.Designer.cs

    • Size

      2KB

    • MD5

      a7ea51b8144b12aa7153333c5ee61a9b

    • SHA1

      f2f67d40aa419db7266cc282a792376cc2752171

    • SHA256

      7466e06ce38220b4ba9611974a4e0c42fd8920a45de573b83e23b98d5e37bd36

    • SHA512

      1afe7091889a5d8e17bc714738e8c0f1def694cb47e255f902a8c5465be0be19368f4afe6f10e4d2ec730390fb0d99500331a14a77500e1d98812ebaf78af4ef

    Score
    1/10
    behavioral17

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/Properties/Resources.resx

    • Size

      5KB

    • MD5

      c07716633f086d91759ae32a18996a1a

    • SHA1

      bf3383c20acf6e64ce49f120938456161e5f6cb9

    • SHA256

      4e124f5a7694ffe813c60601b1b73c53e47536b1f1c0e798d4d55bfc2ca3774f

    • SHA512

      c6ad0ec603ff69d2d1b787db9426f29d44ea1ba45cf1d2b7ec41cc2bd6d5c93af8d2299139cc1c5d10d56718f36daa37d544f8d5411fad91a72efc2e70454cdf

    • SSDEEP

      96:ECf+lbD5X5LPXCazYV5Lv6K6uOidfaxwsxuUPFE3qxdRMvDTursrbLAy202W:Zf+tLPfYnLvFVOiFQaUR6

    Score
    1/10
    behavioral18

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/bin/Debug/MahApps.Metro.dll

    • Size

      917KB

    • MD5

      aad21cdec97c45089fb742aaba6eea50

    • SHA1

      01272cf94e0b0ca78a7a783e2b40fb431214e2c5

    • SHA256

      48e58152705f2cc709ae67213f6f4ff5fa0386d35e45a0e3fc83e204630b5552

    • SHA512

      b7432a3f0aa40366acf877da2d4937e0915b89f1aedd3180dc6b9ce9ad16d4a48847846ee005d32f13e3ba7a93658a8b2f8a0f07c632bcf8ba29e12afdf1aa7e

    • SSDEEP

      12288:R804ZesX1mRHY3AkLup8GD/WonnnnnnnnnnnnnnnnnnnnnnnGnknnnnnAMxAnnnx:RJNa9uGk/WNKRNXmbwtE/

    Score
    1/10
    behavioral19

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/bin/Debug/ServerStressTest.dll

    • Size

      26KB

    • MD5

      17baea4a6d7ddd2ab381e53c7770c845

    • SHA1

      391097034dbbeff545f6a3ffdf1ba10779f362d7

    • SHA256

      55850f4f8fced3d5d443111ebc48d958aa7a88337d285e4a2926444db070973e

    • SHA512

      267ef084225afcca02ea4fb7c18e28baebbbd5916cc6f160128aae1f9a868e13f2e9a25afe9a1a22b988c30187877122207e68215227d4db26ccb4296d8a37c8

    • SSDEEP

      384:4ex4iNCBO+GcxpFS6chKdzCx8clxGa/mObL+zE/3fiwSaz8nqQJuJjHZ2Hyd8/kr:4AtgO+GipFLemk+Pwl23VH/xtntS

    Score
    1/10
    behavioral20

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/bin/Debug/Sorzus.Wpf.Toolkit.dll

    • Size

      60KB

    • MD5

      ad100bd000dc8301a6caa9b6426ae5da

    • SHA1

      b29863359973f228f11c1c567c5c5c2b98e373cb

    • SHA256

      4d9b236309b7c2ea4f824a2d301c9b7b09733ba1c08c7824d435c4afe5de9886

    • SHA512

      9855648988d4bc65612a9bb3b8800db4a0b4e4b0e27e03d3836c852060f65698a2cd3a64aad8e7657ec6798b0959c9832f979411923a8d41ba6cbb43505787f7

    • SSDEEP

      768:J81CdXuEcPnppfpH55IMrngVXpuwai8FLivooAzoy7TfsXjcgpH5puq:GjfaMEXuwMLie0yyjcgpHb

    Score
    1/10
    behavioral21

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/bin/Debug/System.Windows.Interactivity.dll

    • Size

      54KB

    • MD5

      580244bc805220253a87196913eb3e5e

    • SHA1

      ce6c4c18cf638f980905b9cb6710ee1fa73bb397

    • SHA256

      93fbc59e4880afc9f136c3ac0976ada7f3faa7cacedce5c824b337cbca9d2ebf

    • SHA512

      2666b594f13ce9df2352d10a3d8836bf447eaf6a08da528b027436bb4affaad9cd5466b4337a3eaf7b41d3021016b53c5448c7a52c037708cae9501db89a73f0

    • SSDEEP

      1536:BYQaIZaEmaOQxn6JxKjtlMZAnuETAV+w4:aIhOQcSLAj4

    Score
    1/10
    behavioral22

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/bin/Debug/de/Orcus.Plugins.resources.dll

    • Size

      5KB

    • MD5

      03258470c0c379c1eb894412fba1f15c

    • SHA1

      fac6cb9a73b6d9c48546afaaa2618ecd958b6dc7

    • SHA256

      de081d21b9d681d2e267a22cd679b215520af8b6c7f50656915920014d1f0de1

    • SHA512

      afc8d7bd66a2356d3ac5c3f1e056a72bd3b233bb55663c0e3744fb64f1e14946365ba13b8706bdd229896ae168a1292c40859a2278bf853c9bb83407ecafc4c7

    • SSDEEP

      48:6OvT2Z+7QcsfjGop308FlR458oAIEAsAGAq6IfLd1feEY9eHrML/UqD6nXKgYs:+yClRqAIEAsAqLd1XTHwLsLXK

    Score
    1/10
    behavioral23

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/bin/Release/Mono.Cecil.dll

    • Size

      263KB

    • MD5

      cc0bc97cb18ac4e7c6f4decf0218a127

    • SHA1

      8901c4a54995aed5e786dda0928905bcb98242e2

    • SHA256

      ea592e7ba43cb057966778b0027c0d6e7ce9672741b5d3c8c927d48918366183

    • SHA512

      e5865188de26c7e8d71c000224626d7dd0b26a5542acc9bf8f7974f5cb595386fd25e6e425ecaf57550e12600c6f37670a19a3a361381c10b97f9a26d1cfd856

    • SSDEEP

      3072:Ko8MptdteyB+kknlDeYJgM67aBsPvVIoPbAFhA+9+qk7o++++9+OddQIZ9c1nquO:Ko8Icybkl6YJgMHgdnqujDbDW4i8XS

    Score
    1/10
    behavioral24

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/bin/Release/Orcus.Administration.Plugins.dll

    • Size

      37KB

    • MD5

      4cf28fc963d03cfce340a018850b2f95

    • SHA1

      d4cde3b66b5666a8a99ae4c8a62c6412c932b823

    • SHA256

      a70662914de7fc43763b855f0deafd5fb14d4075fa6d4f6e646967b44ac2d286

    • SHA512

      780aa4e8d401e1b82bf56bdfd578915bebc6110280b0e9f5cfc59a447a7bd8d6853f9ed252fc873d18d6a5acac278519e685230063d7d8250f019413320943a2

    • SSDEEP

      384:TmADDkhwlc8RPqZEh7w3haYLqNKy6oj+47nWprxrpzZ7G13sD1l5GS8KfoH1BPv:TmAfkSlFJqZE1w3siHyHUht7TixdVw

    Score
    1/10
    behavioral25

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/bin/Release/Orcus.Plugins.dll

    • Size

      44KB

    • MD5

      b1514fb82d332691bec05d5eb215621c

    • SHA1

      dceff86769ecde35030027c56a83275a0049890f

    • SHA256

      7aadc3b3cdf8ad6e8e6032ba2701d67703a8b530032d985215b146249c7ec9f0

    • SHA512

      1907f6a763faa094b817d2c77835f9f87ece3cf1e1a1c5107ba995a66e6a03d2b948fb737e33ba329e876962447cc3bb245a29f76ade4d7fe3a3259f902e05f6

    • SSDEEP

      768:NMv48bSmXeUBimViczl3+vKu3ckKrl+YzBUw/zBUwcHiT:iqXUBndzl3AKu3ckKrlV5/

    Score
    1/10
    behavioral26

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/bin/Release/Orcus.Shared.dll

    • Size

      353KB

    • MD5

      1bb840e6ffa317ebdd5179348de055df

    • SHA1

      7fada59204455e5235efb1ad1cd4daea8ae5e3a1

    • SHA256

      13925be6e2849b0a8ba567685fbb8c6a3e36da7294e03341ea1975123a17770d

    • SHA512

      e28e32241b951bb8ffce58a4a1b7a7a423e93350dbf15c10a32031b32aa6daa8e937d7655c72d6dc860f76fc1b92760f4b04effeb6a1be13835bc086e8e422e6

    • SSDEEP

      6144:67QV/Ul8Hf1uI1ocFfbF/ZT9nOpg0xCEFoF1tQLfDNKJb8PyUblrtAt+:60/Uapv0xCEItQLfoJbg3blJAt

    Score
    1/10
    behavioral27

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/bin/Release/ServerStressTest.dll

    • Size

      25KB

    • MD5

      9aca50efde597a8da2494d50bd61082f

    • SHA1

      e01c6f5fe64057ffa71399f77bf31b9475e9690c

    • SHA256

      7ebc1a248cc8dfdda274184561774def8d33821de9f1f2e9426e156a09ba978e

    • SHA512

      feec8b1016bf3c898b2ea17f140aa22e2879142f1b101976b8330a9a498717f1d038c1aa6c01fdd29143ee91a538cc6b29bf36f45da3e00eae3e2b25bacf32f4

    • SSDEEP

      384:UyLSwhjWhku/Zmko1zCwjclxGa/mObL+zE/lfiwSaz8nqQJuJWzXZcd8YkgZlOoj:UKRtpkoqmk+Fwl23BZFQfZ

    Score
    1/10
    behavioral28

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/bin/Release/Sorzus.Wpf.Toolkit.dll

    • Size

      60KB

    • MD5

      ad100bd000dc8301a6caa9b6426ae5da

    • SHA1

      b29863359973f228f11c1c567c5c5c2b98e373cb

    • SHA256

      4d9b236309b7c2ea4f824a2d301c9b7b09733ba1c08c7824d435c4afe5de9886

    • SHA512

      9855648988d4bc65612a9bb3b8800db4a0b4e4b0e27e03d3836c852060f65698a2cd3a64aad8e7657ec6798b0959c9832f979411923a8d41ba6cbb43505787f7

    • SSDEEP

      768:J81CdXuEcPnppfpH55IMrngVXpuwai8FLivooAzoy7TfsXjcgpH5puq:GjfaMEXuwMLie0yyjcgpHb

    Score
    1/10
    behavioral29

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/bin/Release/System.Windows.Interactivity.dll

    • Size

      54KB

    • MD5

      580244bc805220253a87196913eb3e5e

    • SHA1

      ce6c4c18cf638f980905b9cb6710ee1fa73bb397

    • SHA256

      93fbc59e4880afc9f136c3ac0976ada7f3faa7cacedce5c824b337cbca9d2ebf

    • SHA512

      2666b594f13ce9df2352d10a3d8836bf447eaf6a08da528b027436bb4affaad9cd5466b4337a3eaf7b41d3021016b53c5448c7a52c037708cae9501db89a73f0

    • SSDEEP

      1536:BYQaIZaEmaOQxn6JxKjtlMZAnuETAV+w4:aIhOQcSLAj4

    Score
    1/10
    behavioral30

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/bin/Release/de/Orcus.Plugins.resources.dll

    • Size

      5KB

    • MD5

      03258470c0c379c1eb894412fba1f15c

    • SHA1

      fac6cb9a73b6d9c48546afaaa2618ecd958b6dc7

    • SHA256

      de081d21b9d681d2e267a22cd679b215520af8b6c7f50656915920014d1f0de1

    • SHA512

      afc8d7bd66a2356d3ac5c3f1e056a72bd3b233bb55663c0e3744fb64f1e14946365ba13b8706bdd229896ae168a1292c40859a2278bf853c9bb83407ecafc4c7

    • SSDEEP

      48:6OvT2Z+7QcsfjGop308FlR458oAIEAsAGAq6IfLd1feEY9eHrML/UqD6nXKgYs:+yClRqAIEAsAqLd1XTHwLsLXK

    Score
    1/10
    behavioral31

    • Target

      Orcus Administartion/Orcus.Plugins.ServerStressTest-master/Source/obj/Debug/TempPE/Properties.Resources.Designer.cs.dll

    • Size

      3KB

    • MD5

      90ba97ebb9d072a3b14011f2d6b897b6

    • SHA1

      d4d37f6e1b1761b70bcecf7d32db6b324fdad490

    • SHA256

      774e4a8bdf2c7a3a89da6d301fa6713d43fde0195b9fb051892783de6a1e9978

    • SHA512

      bfc4bbf33804d3579603afa0c667bbabe896c62b0d52d805144e0741053a434e7fd90cee1a644f48901f8742cae1f00486c1be3ffd68005224729ad0e5f575c7

    Score
    1/10
    behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

orcus
Score
10/10

behavioral1

discovery
Score
10/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

execution
Score
3/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10