dd2b03dfe0e44f341463bcbde9db6967fba87d3797dfc950ab6610f936b980ab | Triage

Submit
Reports

Overview

overview

Static

static

Orcus.Admi...on.exe

windows7-x64

3

Orcus.Admi...on.exe

windows10-2004-x64

libraries/...er.dll

windows7-x64

1

libraries/...er.dll

windows10-2004-x64

1

libraries/...ds.dll

windows7-x64

1

libraries/...ds.dll

windows10-2004-x64

1

libraries/...re.dll

windows7-x64

1

libraries/...re.dll

windows10-2004-x64

1

libraries/...er.dll

windows7-x64

1

libraries/...er.dll

windows10-2004-x64

1

libraries/...ns.dll

windows7-x64

1

libraries/...ns.dll

windows10-2004-x64

1

libraries/...es.dll

windows7-x64

1

libraries/...es.dll

windows10-2004-x64

1

libraries/...ls.dll

windows7-x64

1

libraries/...ls.dll

windows10-2004-x64

1

libraries/...ns.dll

windows7-x64

1

libraries/...ns.dll

windows10-2004-x64

1

libraries/...es.dll

windows7-x64

1

libraries/...es.dll

windows10-2004-x64

1

libraries/...ed.dll

windows7-x64

1

libraries/...ed.dll

windows10-2004-x64

1

libraries/...ds.dll

windows7-x64

1

libraries/...ds.dll

windows10-2004-x64

1

libraries/...pf.dll

windows7-x64

1

libraries/...pf.dll

windows10-2004-x64

1

libraries/OxyPlot.dll

windows7-x64

1

libraries/OxyPlot.dll

windows10-2004-x64

1

libraries/...GI.dll

windows7-x64

1

libraries/...GI.dll

windows10-2004-x64

1

libraries/...11.dll

windows7-x64

1

libraries/...11.dll

windows10-2004-x64

1

Analysis

max time kernel
91s
max time network
161s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
19-11-2024 23:33

Sharing

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Orcus.Administration.exe

Resource

win7-20240903-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

Orcus.Administration.exe

Resource

win10v2004-20241007-en

orcus discovery rat spyware stealer

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

libraries/OpusWrapper.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

libraries/OpusWrapper.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

libraries/Orcus.Administration.Commands.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

libraries/Orcus.Administration.Commands.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

libraries/Orcus.Administration.Core.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

libraries/Orcus.Administration.Core.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

libraries/Orcus.Administration.FileExplorer.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

libraries/Orcus.Administration.FileExplorer.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

libraries/Orcus.Administration.Plugins.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

libraries/Orcus.Administration.Plugins.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

libraries/Orcus.Administration.Resources.dll

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

libraries/Orcus.Administration.Resources.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

libraries/Orcus.Administration.ViewModels.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

libraries/Orcus.Administration.ViewModels.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

libraries/Orcus.Plugins.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

libraries/Orcus.Plugins.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

libraries/Orcus.Shared.Utilities.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

libraries/Orcus.Shared.Utilities.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

libraries/Orcus.Shared.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

libraries/Orcus.Shared.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

libraries/Orcus.StaticCommands.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

libraries/Orcus.StaticCommands.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

libraries/OxyPlot.Wpf.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

libraries/OxyPlot.Wpf.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

libraries/OxyPlot.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

libraries/OxyPlot.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

libraries/SharpDX.DXGI.dll

Resource

win7-20241023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

libraries/SharpDX.DXGI.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

libraries/SharpDX.Direct3D11.dll

Resource

win7-20241023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

libraries/SharpDX.Direct3D11.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

libraries/Orcus.Plugins.dll
Size

31KB
MD5

2104cfafefb5159a15a23049782c5b29
SHA1

c62e5ff315c3a714fad68aad640b254b460ae529
SHA256

a39388bfda8a584685cc8ad8f4e5d4fa7daf60845a12c7961a08dfd0ff5c9b47
SHA512

ea2a13b46c4ca4091df19e0e271c4c3ca39173251fc34824af5b349088e0ed6976df02de3647cd10ff61c609f66a99b12bc5e6e162374e07885e80153fcbf805
SSDEEP

768:Cq9CzWIysjcU83CDYAmVimzl3+vKu3cpxxl:A2T3kYJNzl3AKu3cpxxl

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\libraries\Orcus.Plugins.dll,#1
1⤵
PID:3116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy