General
-
Target
AAservices.exe
-
Size
5.5MB
-
Sample
250223-ncw4qavqgj
-
MD5
239a6304b99ea2baed2e10d8b30b1209
-
SHA1
2952f62de0b350cbcdd41a4f9976047d13791608
-
SHA256
5a4239b41fdaa1ff47ea87a36b7ccc6eba7682fc4f08ad3e0f34b570d0e76096
-
SHA512
9ff6dc63ee280e44fe19745aedaa7cc74e3d669fb11fa8c99202d18b4aead9dd8f2087c1b1de7e27fcf28211c1c4f272032946100433e80ab2e72ec9e4628a12
-
SSDEEP
98304:G+suOjKx/DaLHcKrbpmZStVZ0wGGzBjryX82uypSb9ndo9JCmTqRq:ouOjKx/DaLHrpmguwB3ys2uypSZ4JC2F
Malware Config
Targets
-
-
Target
AAservices.exe
-
Size
5.5MB
-
MD5
239a6304b99ea2baed2e10d8b30b1209
-
SHA1
2952f62de0b350cbcdd41a4f9976047d13791608
-
SHA256
5a4239b41fdaa1ff47ea87a36b7ccc6eba7682fc4f08ad3e0f34b570d0e76096
-
SHA512
9ff6dc63ee280e44fe19745aedaa7cc74e3d669fb11fa8c99202d18b4aead9dd8f2087c1b1de7e27fcf28211c1c4f272032946100433e80ab2e72ec9e4628a12
-
SSDEEP
98304:G+suOjKx/DaLHcKrbpmZStVZ0wGGzBjryX82uypSb9ndo9JCmTqRq:ouOjKx/DaLHrpmguwB3ys2uypSZ4JC2F
Score10/10-
Orcus
Orcus is a Remote Access Trojan that is being sold on underground forums.
-
Orcus family
-
StormKitty
StormKitty is an open source info stealer written in C#.
-
StormKitty payload
-
Stormkitty family
-
Orcurs Rat Executable
-
Blocklisted process makes network request
-
Stops running service(s)
-