Extracted

• • Target

    JaffaCakes118_17f29e1266b932eed30041c713f5a6c4

  • Size

    3.4MB

  • MD5

    17f29e1266b932eed30041c713f5a6c4

  • SHA1

    c11e8506b245883ee0a82f378b3f1109f9509a16

  • SHA256

    c52a02959a1a2c60d5e7606a74fded6c6522d6a7b70e379e7a76b96d5a3bfa6a

  • SHA512

    4113e8dac44e49dba557fd713c8834ecf2a71621cc1c04579618c698f964d4b181a0677008d2c36ccdf754b240636a24470a54ea2d6bfe5b2d9b57516dfc6035

  • SSDEEP

    49152:jseNGMHAbrb/TKvO90dL3BmAFd4A64nsfJUqzgTR55Infwz1:jsDh6hP

  Score

  10^/10

  orcustest infected - noinstalldiscoveryratspywarestealer

  • Orcus

    Orcus is a Remote Access Trojan that is being sold on underground forums.

    ratspywarestealerorcus

  • Orcus family

    orcus

  • Orcus main payload

  • Orcurs Rat Executable

  • Executes dropped EXE

  behavioral1behavioral2