Overview

overview

10

Static

static

10

78afefee16...97.exe

windows7-x64

1

78afefee16...97.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    78afefee16a6e648a08f0e348c086dde76f917e24b45dd4c64124fa0645f8d97

  • Size

    903KB

  • Sample

    250103-bqc7jstldx

  • MD5

    e01f6c2e3489ec4f372f5e42043c76ad

  • SHA1

    ff18a6f8f0535cb90bd1be41c5f751eb7e68c9bf

  • SHA256

    78afefee16a6e648a08f0e348c086dde76f917e24b45dd4c64124fa0645f8d97

  • SHA512

    b7eb8aaf68bc5a91e94bb1889cda2d0c22af3cbf4011134b6b4d86d08ca6e945002f868a3c818fb0aa0e551193863167c874f4780aa93142b7e74768d96dd932

  • SSDEEP

    12288:Y8shHAVBuQBBed37dG1lFlWcYT70pxnnaaoawMRVcTqSA+9rZNrI0AilFEvxHvBJ:p3s4MROxnF9LqrZlI0AilFEvxHi8b8o

Score
10/10
orcus

Malware Config

Extracted

Family

orcus

C2

25.58.174.75:10134

Mutex

5959ab4ab0884401bc50ad7556c97639

Attributes
  • autostart_method

    Disable

  • enable_keylogger

    false

  • install_path

    %programfiles%\Orcus\Orcus.exe

  • reconnect_delay

    10000

  • registry_keyname

    Orcus

  • taskscheduler_taskname

    Orcus

  • watchdog_path

    AppData\OrcusWatchdog.exe

Targets

    • Target

      78afefee16a6e648a08f0e348c086dde76f917e24b45dd4c64124fa0645f8d97

    • Size

      903KB

    • MD5

      e01f6c2e3489ec4f372f5e42043c76ad

    • SHA1

      ff18a6f8f0535cb90bd1be41c5f751eb7e68c9bf

    • SHA256

      78afefee16a6e648a08f0e348c086dde76f917e24b45dd4c64124fa0645f8d97

    • SHA512

      b7eb8aaf68bc5a91e94bb1889cda2d0c22af3cbf4011134b6b4d86d08ca6e945002f868a3c818fb0aa0e551193863167c874f4780aa93142b7e74768d96dd932

    • SSDEEP

      12288:Y8shHAVBuQBBed37dG1lFlWcYT70pxnnaaoawMRVcTqSA+9rZNrI0AilFEvxHvBJ:p3s4MROxnF9LqrZlI0AilFEvxHi8b8o

    Score
    6/10

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks