Overview

overview

10

Static

static

10

73c610ed5f...52.exe

windows7-x64

1

73c610ed5f...52.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    73c610ed5f12594f570c015b39f76d029a4b65b70716304a24124701a0430752

  • Size

    912KB

  • Sample

    250218-bhpklsvpcs

  • MD5

    9cdb60fb52561caf7df59bab65909615

  • SHA1

    1e7ec967568cad334c5c0f627375d6b7e4b456da

  • SHA256

    73c610ed5f12594f570c015b39f76d029a4b65b70716304a24124701a0430752

  • SHA512

    8637778a8680408fd88d9395d9ad3313c4856a9534f1c8a0e7224f404334f29424f6a932bad61489d74575bf7cad4839cb40b9b57d5aaf0e5e78c9210faa3fff

  • SSDEEP

    12288:wUzyPotpL82hF457dG1lFlWcYT70pxnnaaoawVmr+4GSrZNrI0AilFEvxHvBM9/U:IcI4MROxnFZprZlI0AilFEvxHi9Dw

Score
10/10
orcus

Malware Config

Extracted

Family

orcus

C2

10.0.0.60:10134

Mutex

5d0f73085b35495f8a4be1cf81a6ccb4

Attributes
  • autostart_method

    Disable

  • enable_keylogger

    false

  • install_path

    %programfiles%\Orcus\Orcus.exe

  • reconnect_delay

    10000

  • registry_keyname

    Orcus

  • taskscheduler_taskname

    Orcus

  • watchdog_path

    AppData\OrcusWatchdog.exe

Targets

    • Target

      73c610ed5f12594f570c015b39f76d029a4b65b70716304a24124701a0430752

    • Size

      912KB

    • MD5

      9cdb60fb52561caf7df59bab65909615

    • SHA1

      1e7ec967568cad334c5c0f627375d6b7e4b456da

    • SHA256

      73c610ed5f12594f570c015b39f76d029a4b65b70716304a24124701a0430752

    • SHA512

      8637778a8680408fd88d9395d9ad3313c4856a9534f1c8a0e7224f404334f29424f6a932bad61489d74575bf7cad4839cb40b9b57d5aaf0e5e78c9210faa3fff

    • SSDEEP

      12288:wUzyPotpL82hF457dG1lFlWcYT70pxnnaaoawVmr+4GSrZNrI0AilFEvxHvBM9/U:IcI4MROxnFZprZlI0AilFEvxHi9Dw

    Score
    6/10

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks