orcus | 2f1f1453e9b25081aa85cc14188a17d39bad9380a303ddca391e1670022c5768 | Triage

Sharing

General

Target

2f1f1453e9b25081aa85cc14188a17d39bad9380a303ddca391e1670022c5768
Size

3.0MB
Sample

241216-bnmm7swpaw
MD5

55aa8f71dd8e53e8272802adbcfcb2b6
SHA1

b02f77ad4283f160b4702205d2107187a6897c54
SHA256

2f1f1453e9b25081aa85cc14188a17d39bad9380a303ddca391e1670022c5768
SHA512

2301db40956d529233e4c47668366cad91c2a77c2589a78c08e1e051f4bb6b609f56e2f8980a7672bf4eb7f837262f03897540eb1bef8986665cad3da736e2db
SSDEEP

49152:o+fEKO3T5adZKM0sz5otCeEvsDKx+msbfGGW8wlBKJwAypQxbxEo9JnCmmkcrZEu:o+ftODUKTslWp2MpbfGGilIJPypSbxEW

Score

10^/10

orcus

Malware Config

Extracted

Family

orcus

C2

192.168.0.13:7777

Mutex

cac037bbf0124b2d97ed82751fc96538

Attributes

autostart_method
Disable
enable_keylogger
false
install_path
%programfiles%\Orcus\Orcus.exe
reconnect_delay
10000
registry_keyname
Orcus
taskscheduler_taskname
Orcus
watchdog_path
AppData\OrcusWatchdog.exe

Targets

- Target
  
  2f1f1453e9b25081aa85cc14188a17d39bad9380a303ddca391e1670022c5768
- Size
  
  3.0MB
- MD5
  
  55aa8f71dd8e53e8272802adbcfcb2b6
- SHA1
  
  b02f77ad4283f160b4702205d2107187a6897c54
- SHA256
  
  2f1f1453e9b25081aa85cc14188a17d39bad9380a303ddca391e1670022c5768
- SHA512
  
  2301db40956d529233e4c47668366cad91c2a77c2589a78c08e1e051f4bb6b609f56e2f8980a7672bf4eb7f837262f03897540eb1bef8986665cad3da736e2db
- SSDEEP
  
  49152:o+fEKO3T5adZKM0sz5otCeEvsDKx+msbfGGW8wlBKJwAypQxbxEo9JnCmmkcrZEu:o+ftODUKTslWp2MpbfGGilIJPypSbxEW
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2