Overview

overview

10

Static

static

10

e204210f55...f0.exe

windows7-x64

1

e204210f55...f0.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e204210f55662ee3a8c374cb24b2f824c19386cff7db54e47594d82e4038bbf0

  • Size

    911KB

  • Sample

    250106-bg95xs1lew

  • MD5

    cf78e7c352ad00b31d9c7a6d001fd6f6

  • SHA1

    4651bca09bcd2551b0e1c4c9f8cff20149e62d69

  • SHA256

    e204210f55662ee3a8c374cb24b2f824c19386cff7db54e47594d82e4038bbf0

  • SHA512

    5ace1658abd46a7fbd2f0ebce1fee0c5f51abcac953afaf193e7e6d5d9b3a79aee7f1791912b0935832264f388a277d8199ef1953b30a688859b29e8fceb9b51

  • SSDEEP

    24576:d+5T4MROxnFm5bHKTlQqrZlI0AilFEvxHipXoX:I50MiAqrZlI0AilFEvxHi

Score
10/10
orcus

Malware Config

Extracted

Family

orcus

C2

192.168.224.143:14892

Mutex

99ee85ecb1ff458698464339dbdd4f3f

Attributes
  • autostart_method

    Disable

  • enable_keylogger

    false

  • install_path

    %programfiles%\Orcus\Orcus.exe

  • reconnect_delay

    10000

  • registry_keyname

    Orcus

  • taskscheduler_taskname

    Orcus

  • watchdog_path

    AppData\OrcusWatchdog.exe

Targets

    • Target

      e204210f55662ee3a8c374cb24b2f824c19386cff7db54e47594d82e4038bbf0

    • Size

      911KB

    • MD5

      cf78e7c352ad00b31d9c7a6d001fd6f6

    • SHA1

      4651bca09bcd2551b0e1c4c9f8cff20149e62d69

    • SHA256

      e204210f55662ee3a8c374cb24b2f824c19386cff7db54e47594d82e4038bbf0

    • SHA512

      5ace1658abd46a7fbd2f0ebce1fee0c5f51abcac953afaf193e7e6d5d9b3a79aee7f1791912b0935832264f388a277d8199ef1953b30a688859b29e8fceb9b51

    • SSDEEP

      24576:d+5T4MROxnFm5bHKTlQqrZlI0AilFEvxHipXoX:I50MiAqrZlI0AilFEvxHi

    Score
    6/10

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks