3ad5f2990414da79e320ea8f2ded41993adf0e2d0e0eefb11ab085f7e55f320c | Triage

Submit
Reports

Overview

overview

Static

static

OrcusRAT/o...on.exe

windows10-2004-x64

3

OrcusRAT/o...on.exe

windows10-ltsc 2021-x64

3

OrcusRAT/o...on.exe

windows11-21h2-x64

3

OrcusRAT/s...er.exe

windows10-2004-x64

7

OrcusRAT/s...er.exe

windows10-ltsc 2021-x64

7

OrcusRAT/s...er.exe

windows11-21h2-x64

7

OrcusRAT/s...8a.dll

windows10-2004-x64

1

OrcusRAT/s...8a.dll

windows10-ltsc 2021-x64

1

OrcusRAT/s...8a.dll

windows11-21h2-x64

1

Analysis

max time kernel
124s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20250217-en
resource tags

arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
submitted
10/03/2025, 14:35

Sharing

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

OrcusRAT/orсus/orсus 9191/Orcus.Administration.exe

Resource

win10v2004-20250217-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

OrcusRAT/orсus/orсus 9191/Orcus.Administration.exe

Resource

win10ltsc2021-20250218-en

windows10-ltsc 2021-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

OrcusRAT/orсus/orсus 9191/Orcus.Administration.exe

Resource

win11-20250217-en

windows11-21h2-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

OrcusRAT/server/Orcus.Server.exe

Resource

win10v2004-20250217-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral5

Sample

OrcusRAT/server/Orcus.Server.exe

Resource

win10ltsc2021-20250217-en

windows10-ltsc 2021-x64

5 signatures

150 seconds

Behavioral task

behavioral6

Sample

OrcusRAT/server/Orcus.Server.exe

Resource

win11-20250217-en

windows11-21h2-x64

5 signatures

150 seconds

Behavioral task

behavioral7

Sample

OrcusRAT/server/data/a94f5f3c-37c5-40dc-a55f-c56b7fdcba8a.dll

Resource

win10v2004-20250217-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

OrcusRAT/server/data/a94f5f3c-37c5-40dc-a55f-c56b7fdcba8a.dll

Resource

win10ltsc2021-20250217-en

windows10-ltsc 2021-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

OrcusRAT/server/data/a94f5f3c-37c5-40dc-a55f-c56b7fdcba8a.dll

Resource

win11-20250217-en

windows11-21h2-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

OrcusRAT/server/data/a94f5f3c-37c5-40dc-a55f-c56b7fdcba8a.dll
Size

1.5MB
MD5

d49bbcf52fe93e9123ca4db9456ea3c5
SHA1

0dc2169eb1ee61315abe432d465c4028ec58d199
SHA256

8b245e0499064d33e7797b88246ad7ade7382f1700b550c8cdf2cf146b2e0b57
SHA512

1ec9116369357886522b07ed587be44cf0f4a2899fddd676d3223567fe07fd40f74bfcd84f656c558b188d3c09ad8054aa2461e4b4e236eb0e551a245539249c
SSDEEP

24576:GrXhagX91MItueGGOUcTdad9mPcOxHXJNFYByiOlq2Wv50KID:IxaPIXo0uZJNFDo2W6KID

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\OrcusRAT\server\data\a94f5f3c-37c5-40dc-a55f-c56b7fdcba8a.dll,#1
1⤵
PID:3028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy