Overview

overview

10

Static

static

10

everything...on.exe

windows11-21h2-x64

3

everything...ow.dll

windows11-21h2-x64

1

everything...eo.dll

windows11-21h2-x64

1

everything...ox.dll

windows11-21h2-x64

1

everything...re.dll

windows11-21h2-x64

1

everything...Ex.dll

windows11-21h2-x64

1

everything...ed.dll

windows11-21h2-x64

1

everything...ed.dll

windows11-21h2-x64

1

everything...er.dll

windows11-21h2-x64

1

everything...op.dll

windows11-21h2-x64

1

everything...it.dll

windows11-21h2-x64

1

everything...ib.dll

windows11-21h2-x64

1

everything...rk.dll

windows11-21h2-x64

1

everything...al.dll

windows11-21h2-x64

1

everything...ro.dll

windows11-21h2-x64

1

everything...ks.dll

windows11-21h2-x64

1

everything...il.dll

windows11-21h2-x64

1

everything...og.dll

windows11-21h2-x64

1

everything...on.dll

windows11-21h2-x64

1

everything...pf.dll

windows11-21h2-x64

1

everything...er.dll

windows11-21h2-x64

1

everything...ns.dll

windows11-21h2-x64

1

everything...ns.dll

windows11-21h2-x64

1

everything...es.dll

windows11-21h2-x64

1

everything...ed.dll

windows11-21h2-x64

1

everything...ds.dll

windows11-21h2-x64

1

everything...pf.dll

windows11-21h2-x64

1

everything...GI.dll

windows11-21h2-x64

1

everything...11.dll

windows11-21h2-x64

1

everything...it.dll

windows11-21h2-x64

1

everything...ty.dll

windows11-21h2-x64

1

everything...ib.dll

windows11-21h2-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    whoisthisugly's RAT set.rar

  • Size

    187.1MB

  • Sample

    250316-zq94aazsbv

  • MD5

    c69fc756e1e907f9f5fb9fdf941d72ca

  • SHA1

    f8ca9861130e99f627342b252153f08ce04e134b

  • SHA256

    c866056155f15ef43598ffdfc6d0bc5dd8f2f13b6c07f489c29feb9dbf6287b7

  • SHA512

    2bc0bf3238b5e6dfdf85a717f27af428decc358b0125416e1681bd3b34e507665f23571578c6389733752a12d61cb96ad420a026a7a8a37924330f54ab711050

  • SSDEEP

    3145728:lUGO4i23z+ikexr5TwvjrBZWGmc7gbFtTmrAQeLKc39BYKmtQPPNtuKK1HYL56yV:lUN4i2D7kA+fKVRbFtkAb+c9BYKQut7j

Score
10/10
chaosorcusstormkittyumbralxwormagilenetdiscoverypyinstaller

Malware Config

Targets

    • Target

      everything/OrcusRAT/orсus/orсus 9191/Orcus.Administration.exe

    • Size

      4.0MB

    • MD5

      cc3670f1b3e60e00b43c86d787563a44

    • SHA1

      4f1f8908f0ca7dc5ad01c3029206cc8c9d735e09

    • SHA256

      9ca18641bc6b48708e4314b3f8275860aef6b9ea16cd6230d781f0abaa84c853

    • SHA512

      684e584d8f2c6ace168760faacdd6ef44fbb85ec519805046e7d183ccf9faf4eb6764b84326aba0a90223a5b8354c3f9d055cf2297416b4562ca417924da9442

    • SSDEEP

      49152:zB5DkV7F/Al4gU97zCvyRtQ5SH1veaEX6NrGAiAl4:zB5Dk7/Al4gU97zCvyRC5SBeJAl4

    Score
    3/10
    discovery
    behavioral1

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/AForge.Video.DirectShow.dll

    • Size

      60KB

    • MD5

      17ed442e8485ac3f7dc5b3c089654a61

    • SHA1

      d3a17c1fdd6d54951141053f88bf8238dea0b937

    • SHA256

      666d44798d94eafa1ed21af79e9bc0293ffd96f863ab5d87f78bcee9ef9ffd6b

    • SHA512

      9118bf11760354e9971ae8b27f7f6a405e46145b39ca6e6b413cb2e729e51304b895965e9140f66c9e3ef7caa4f344762bf059688b23dd32e4c2df271394fea2

    • SSDEEP

      1536:XwumrikcyTpOKVi+Dqp6viPUCcvKWz3NTpAK+7KI4v8U:6dOKViKa6pOWbhpAKyKIVU

    Score
    1/10
    behavioral2

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/AForge.Video.dll

    • Size

      20KB

    • MD5

      0bd34aa29c7ea4181900797395a6da78

    • SHA1

      ddffdcef29daddc36ca7d8ae2c8e01c1c8bb23a8

    • SHA256

      bafa6ed04ca2782270074127a0498dde022c2a9f4096c6bb2b8e3c08bb3d404d

    • SHA512

      a3734660c0aba1c2b27ab55f9e578371b56c82754a3b7cfd01e68c88967c8dada8d202260220831f1d1039a5a35bd1a67624398e689702481ac056d1c1ddcdb0

    • SSDEEP

      384:Wu9f/hWFwLX+WJ7gfZLTswhHDlOdKaCxkyf0l:HfpZL9uxE9Cxd8l

    Score
    1/10
    behavioral3

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Be.Windows.Forms.HexBox.dll

    • Size

      77KB

    • MD5

      e00907b3d9270d4cca87c25ff30bcd02

    • SHA1

      c59a191e9d0180530af19749b16f6382d410b322

    • SHA256

      5448e587498c560ef1d8e182344bc340a57cfd3b05c4507c48da11e139035818

    • SHA512

      73ee810bef992fab54cdb4ada648b2b32ba17f94076f3c079c57e97a0a62193a9a7d5745c454744b380bae2ba447b23556604765410929521260946ef73e7fb1

    • SSDEEP

      1536:jcF2tarjL/jyH9oHPvH3f5rhZ3rmGAp16RHJjGccjOthSXlOhZnTFp8k7kXk5GLd:jhtt9oGjOt8XlOh/zziR

    Score
    1/10
    behavioral4

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/CSCore.dll

    • Size

      516KB

    • MD5

      dde3ec6e17bc518b10c99efbd09ab72e

    • SHA1

      a2306e60b74b8a01a0dbc1199a7fffca288f2033

    • SHA256

      60a5077b443273238e6629ce5fc3ff7ee3592ea2e377b8fc28bfe6e76bda64b8

    • SHA512

      09a528c18291980ca7c5ddca67625035bbb21b9d95ab0854670d28c59c4e7adc6d13a356fa1d2c9ad75d16b334ae9818e06ddb10408a3e776e4ef0d7b295f877

    • SSDEEP

      6144:oBn0d6yfQwqLCz3B4Nwdp0NzEqPMbnQmko+pla/bIyefXzFoG2s7XH6:oBnqfiLyB4Nwdd3rX7g0oz9X

    Score
    1/10
    behavioral5

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/DirectoryInfoEx.dll

    • Size

      224KB

    • MD5

      314955d214bb02847e7f8607a16ec550

    • SHA1

      c471e2948d0cd1d4a11902a134735f00cd78c0c1

    • SHA256

      82fd40348eb630313d5032910d021ebd982fdde086fbe73ba8947a6d2cb40357

    • SHA512

      0ea2457db279159c1983455eee50a69305a151c012b9948950d038c101efc08a00da1f456a76a4351770684783c2e01a536ea194bb7f586865865d90d6dbb8de

    • SSDEEP

      3072:ue4PnMTtdrkD4u5wrT/ISpzM/p90brGp+2vQM1O4VzXOf6l/R5XKpJG6mzpF0qq:ue4PnMTjkD4XcYAsqp+ffCzXewRVD0

    Score
    1/10
    behavioral6

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Exceptionless.Signed.dll

    • Size

      722KB

    • MD5

      1b0128f8b2bf3aafec28817c2031dc70

    • SHA1

      b3ae68cb40a7fa82105e82d292d3e037f1a8d50f

    • SHA256

      98672dfd5c31b77afebc9853539a828836ec72e7d9b0d5f5f5267ad2ebda16ba

    • SHA512

      40e340ef2ed967aa055fd053c80b69a09404a70e97a63aec5598c992c907ac2af40934b6cc81c0980291ab4e89ec16e6eb47e7bc0fb587b4bc2c13d8e26497d7

    • SSDEEP

      12288:zEVDjdxJsjvEk8Zmj0fFK0KpaNDdUdnU7Y7fByyiVrEuRp:zETsjvEjmj0fohkUTfByyiVrEuH

    Score
    1/10
    behavioral7

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Exceptionless.Wpf.Signed.dll

    • Size

      25KB

    • MD5

      ef36a316751603cdcb9c3f5da42b3b60

    • SHA1

      29a40cb67bb07e53a6bd28362f3912050f1ddd18

    • SHA256

      78fdd30a20ee50f88602059f0940acc92d9bfc09bc5ebebe99372d2a5af7342a

    • SHA512

      c5efc98b648d7c946f13b2e9af1cb46eae5522a4f17482fd9fa3c95551f0e53d2a9abb4a29959652626a8df4430ddf41c2adaf95d281474a77d1307657fbec33

    • SSDEEP

      384:nfoIgNjjnx1hkuPwfkaNOAsL6L2pNLxrZfvTOtDTjzImcOFz/Ym1T9yQT0B0Am9d:nfodjjx/iLsBOtDbcsz/9NV66n

    Score
    1/10
    behavioral8

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/FluentCommandLineParser.dll

    • Size

      43KB

    • MD5

      9b5e37f89268ccce0e098222004093ad

    • SHA1

      30b12174abda6a420b2cc152b5c682ff8f106c37

    • SHA256

      fe068b6f15a5423f86558927dd22ec35070c041db9cde1ecade0590d93ca5285

    • SHA512

      23e8cbaa6103f5a76729ee8470b5b208d67be22c9b9fa78340055ac8ded04dc6147c8c50cde96f7c10b111f81cab3e5504227ac5b8f1a616c1a1384c6350257f

    • SSDEEP

      768:U74t6uOtRT8HuJ071hEdOgaaGoCbvfkGujm:Gc6uOtRa/71UO1onLS

    Score
    1/10
    behavioral9

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/GongSolutions.Wpf.DragDrop.dll

    • Size

      66KB

    • MD5

      21e4c0b33f44d13cdf91b4faf828c044

    • SHA1

      13b8f124a0ad69b135da714d2cc656923ebd66e1

    • SHA256

      508e1187d1a42cf9d7a2d7eab9012fc1fd75a24b6d94d9fa636d81dc38c4fcbb

    • SHA512

      f96c12db8626850fd6ec243f68f8c6e7834e53effa8afa2365d136531d3b4008546cf9921dd5118a1f3dad176f34fad4aca03d3cfb617875c63316350693ae25

    • SSDEEP

      1536:v09/965EKFbiJADfIUqW6C/hZWWlM1BLwt1z9Sbinb:vW9zoIA0LYZWLTLwt1Ibib

    Score
    1/10
    behavioral10

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/ICSharpCode.AvalonEdit.dll

    • Size

      592KB

    • MD5

      d7467d0156f22feb4b22cc5f74d7bd60

    • SHA1

      bcc1d959786ba4253491b67d448f97cf5ad709ed

    • SHA256

      2bf6079c143f177d954731db2ffde515bee8fbd6261e0d338ba8e7c8df1ab658

    • SHA512

      f13092a4154524226900c8f3089ef776932cae601cb21cc10af1111014aef97a1183a2344da3f5b8f5b9fbe8b4b420412d79b71e97a1b4ed2ec384b502ba1c28

    • SSDEEP

      6144:64Gybj4PJqJZD0JOi0Av5+ENJzHLeDjN3kNHjoJAo7gOfwlflvuSn:6i4PwJZ1szeDjKRWwl5

    Score
    1/10
    behavioral11

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/ICSharpCode.SharpZipLib.dll

    • Size

      196KB

    • MD5

      c8164876b6f66616d68387443621510c

    • SHA1

      7a9df9c25d49690b6a3c451607d311a866b131f4

    • SHA256

      40b3d590f95191f3e33e5d00e534fa40f823d9b1bb2a9afe05f139c4e0a3af8d

    • SHA512

      44a6accc70c312a16d0e533d3287e380997c5e5d610dbeaa14b2dbb5567f2c41253b895c9817ecd96c85d286795bbe6ab35fd2352fddd9d191669a2fb0774bc4

    • SSDEEP

      3072:hjMibqfQqFyGCDXiW9Pp/+Tl4abpuu201PB1BBXIDwtqSPVINrAfvp1:GibqI59PpOPf201/z7p

    Score
    1/10
    behavioral12

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Lidgren.Network.dll

    • Size

      117KB

    • MD5

      a6fdc03e2cbdfa9d393512606097a1ff

    • SHA1

      c63933c082d282a284250deceb51d0d300647fe7

    • SHA256

      bf9948c27bd2947a42ea51ccc63b93f2b9030bd117393e1d7637a5770b9b0776

    • SHA512

      2ec59fd17cd34741ab8d0ef0d8ef3533ef38b03e98d65bb1a19940349b16e47142b0d407946cb05bfc63d7859c1472c0906a72be0e1dcee0c170b80270ad6ca2

    • SSDEEP

      3072:vmwfq+PlFS1gh72NkCM9eu3JcCDMFfXZkHhKQ6u80y8/ko1r8ApI9G:uaVh7CTu3iI/NJe

    Score
    1/10
    behavioral13

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/MahApps.Metro.IconPacks.Material.dll

    • Size

      1.1MB

    • MD5

      d8e627aadfb6dfed292be0672faa9f15

    • SHA1

      2a7f51711bffd75ecb2d7ff2f510c89eecd16366

    • SHA256

      97f4ca8c89ee13b8c249ca6f929d067ba3e87be07b4afa372fdc0a7e9e6e78e1

    • SHA512

      d5139830d367a29e76ca260d9b17955cff80f1779c157551642f7e13d9abd265335ba0bbda433e8898042d482f29d79c48683fede4b8af746b69a7dfcd02098c

    • SSDEEP

      6144:z40kYmQYwygR8Vi3vTZ20kuCcrY5eakqF09HfnmnygreJrextoqQpddv0dxHde:MpYm

    Score
    1/10
    behavioral14

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/MahApps.Metro.dll

    • Size

      1020KB

    • MD5

      63a79e31b7bc52bb9aec3a747cbb63fe

    • SHA1

      dc62080001c75242dee8686b6d8078efcb37e2a7

    • SHA256

      fb5fae42fcc19f3fe3ed2d9b1fdf0594a4c442148b58ac4d2a9dafdda847e673

    • SHA512

      3af468554238df0807e25446fe028e9de381d3b0086edd8d9ff1aab52bb8986a9dddb5618d2a4f6d1aa6011187bcda4cd1858bf72d4a8bdf253c350bd0292b32

    • SSDEEP

      24576:67VgpmKf/Yuhd57OytB4052NWxV/5Tk1:y+DB40RxV/O1

    Score
    1/10
    behavioral15

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Microsoft.Threading.Tasks.dll

    • Size

      36KB

    • MD5

      d01819bfe03222dfa9e35a36555b6b6c

    • SHA1

      25f8069590b14724f28e6a04b8a42e4ef4a8562d

    • SHA256

      5f29e16edff5379e93d5be9bee4cddf98132b84326027688511ac0f3157aaf94

    • SHA512

      e63901f39315972e446768f2c14b4279cf1dd382f97ac90c444c4d858c2a486736a259c47245026b11e5c0846310e7da020bf2466ea91aa0a15d22cb67b37477

    • SSDEEP

      384:AjCan21RTf1FuPIgbSVHfiWvoVZHL+8SChE+QNEv4USWyWcWZ1q//0GftpBjfuHk:A+e21RTrgbSpfihdvF4eg8iUHWTmlr+

    Score
    1/10
    behavioral16

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Mono.Cecil.dll

    • Size

      263KB

    • MD5

      cc0bc97cb18ac4e7c6f4decf0218a127

    • SHA1

      8901c4a54995aed5e786dda0928905bcb98242e2

    • SHA256

      ea592e7ba43cb057966778b0027c0d6e7ce9672741b5d3c8c927d48918366183

    • SHA512

      e5865188de26c7e8d71c000224626d7dd0b26a5542acc9bf8f7974f5cb595386fd25e6e425ecaf57550e12600c6f37670a19a3a361381c10b97f9a26d1cfd856

    • SSDEEP

      3072:Ko8MptdteyB+kknlDeYJgM67aBsPvVIoPbAFhA+9+qk7o++++9+OddQIZ9c1nquO:Ko8Icybkl6YJgMHgdnqujDbDW4i8XS

    Score
    1/10
    behavioral17

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/NLog.dll

    • Size

      585KB

    • MD5

      a10a1a2ae1c77e9c7b3fbf7df9179998

    • SHA1

      2e46f3ad8277105e5d4b71a363506bc16ae35be1

    • SHA256

      6e7016fd4ccf28a1549958dfe226e48b236c28c9b240c983e38bac0eb6b08989

    • SHA512

      f3b2b07a3942eb63e9ca89dc7022f6ff2dba3c9898c59501f00fe4b1c3a253226337a4d1f2719eb093ae3bd625a95998728818560067a7f30c4f767e1ed186a6

    • SSDEEP

      6144:umGAc/tm3fAeRW6Jp085GAYUsQXHhdKWEqjkFPNaSZ8n65GkUsAEhkE4qL:umGAc/tm3fAyXJVGHUsQXhjSZ8+0w

    Score
    1/10
    behavioral18

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Newtonsoft.Json.dll

    • Size

      514KB

    • MD5

      c53737821b861d454d5248034c3c097c

    • SHA1

      6b0da75617a2269493dc1a685d7a0b07f2e48c75

    • SHA256

      575e30f98e4ea42c9e516edc8bbb29ad8b50b173a3e6b36b5ba39e133cce9406

    • SHA512

      289543f5eea472e9027030e24011bea1e49e91059241fe6eb732e78f51822313e47d1e4769fa1c9c7d6139f6a97dcfef2946836b3383e8643988bf8908162fb9

    • SSDEEP

      6144:ZeC37wbJmJ5bd4m15M+S50cK7q2UGu7WEYEaWdDBLH5WHxJ16Wi/h4aBTBFFu4JD:p37Ogr2VAHx7JijBZdPfP

    Score
    1/10
    behavioral19

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Ookii.Dialogs.Wpf.dll

    • Size

      105KB

    • MD5

      5926472580c7a7b45cd611dc0fb06244

    • SHA1

      a3b33bc8c9963f727bc2a2714ec6de0c607bca40

    • SHA256

      04b8cb55ff481a4f4f9a60bc3c5e06ed78c12a8677c211621edcf9d8467bd823

    • SHA512

      be05b4695896b4a2ad2ca63836c9d05084b8aa1b71929e1b081fd47b851282438bdf8c7bc65466ce7f3fe30335e743c0bd12aa52670b12d6eaec8b3bfd193056

    • SSDEEP

      1536:5lPwQgrQnQaIM9MsmdgdSrtP7QdniuLF+mnNuu48pMBqDALYHu+an+HeaP6kOdWF:5lNJIceEMGFHnM8A8HC++aPA3O

    Score
    1/10
    behavioral20

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Orcus.Administration.FileExplorer.dll

    • Size

      108KB

    • MD5

      64d39f6ae623e811adfc568e2c4339f2

    • SHA1

      8edda4a68c7e58e3eade8a2cfcce612b97ef386e

    • SHA256

      073962b2c49be6fd7c844db723e6b8bf3ad950955acc0cd2b8f28a004597cf67

    • SHA512

      3ca5e87563873feea3523736a49c16a9099a157c9adcb13e10d69d797e18ab4221f1cdf9eb89c5ced8e32689d76d19a91c90bd5ca9f5fce64adaf2992e1222ce

    • SSDEEP

      1536:O94LQgHy0cRosZxCtvtpHXT2uj2p23UkWp35TJm7lBJO7Zxn7FU05lS:O94UgHKRoDlhj2L23U1Jt7Zxn7FzW

    Score
    1/10
    behavioral21

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Orcus.Administration.Plugins.dll

    • Size

      37KB

    • MD5

      c0a1d945b4edd07bfd16c7fa8c702425

    • SHA1

      1fea222fe9234ed61753dfc0dd2ee9f85d0ed568

    • SHA256

      8ffe6de509f29c52b2a62fae165dc91d015073eec33f2c8a90f36d08e0b8581f

    • SHA512

      f145c243563a1bd9b18e3ba88bffe17ac4e8206180dab7392be417932753ab0ad26cfd1a8937f563dc89f2d60badf400b317ce794d547ff4951824bc2f8504b7

    • SSDEEP

      768:Kex7UkW2O/JxFOQ74rQcDy5Gdt7qixTR:tUL2O/Jxsg4Ucb60R

    Score
    1/10
    behavioral22

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Orcus.Plugins.dll

    • Size

      44KB

    • MD5

      b1514fb82d332691bec05d5eb215621c

    • SHA1

      dceff86769ecde35030027c56a83275a0049890f

    • SHA256

      7aadc3b3cdf8ad6e8e6032ba2701d67703a8b530032d985215b146249c7ec9f0

    • SHA512

      1907f6a763faa094b817d2c77835f9f87ece3cf1e1a1c5107ba995a66e6a03d2b948fb737e33ba329e876962447cc3bb245a29f76ade4d7fe3a3259f902e05f6

    • SSDEEP

      768:NMv48bSmXeUBimViczl3+vKu3ckKrl+YzBUw/zBUwcHiT:iqXUBndzl3AKu3ckKrlV5/

    Score
    1/10
    behavioral23

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Orcus.Shared.Utilities.dll

    • Size

      61KB

    • MD5

      b35c2b279b4fb6e97937f09b98a529fe

    • SHA1

      26d1aefb8bab976d72c855051023530212833a79

    • SHA256

      393583b6dbb47e8de1c559b689aaf74308ca63a7cf0aa9fa56ebb4eaf6eafc2c

    • SHA512

      3068d8959296f597364d7b7832a22a4f1a293978a210028537b0dc0373758b72ad57f01506f61014025dca708e6443e6093c6ce4d2f763cfe849d65e110c5d9a

    • SSDEEP

      1536:HFtLCUEV2dpt1BBgB2xXvlTUDcHpfTUDO440:KUEAd1lNTUDcxTUDO440

    Score
    1/10
    behavioral24

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Orcus.Shared.dll

    • Size

      356KB

    • MD5

      ff50d43370efe0bbb001155843dbcb32

    • SHA1

      67a03d93fbc4f75c1a6eefde5e61f5f4ab71fbbc

    • SHA256

      496782100ff55259457a6bcd20b25b8a2b925e9830d9cc05be40114a30c1a1b1

    • SHA512

      cb884026510f1c46d1b97f175aaeb5b6e1f9b525bdd4c4bc70fd32c139cb01d6797a10fe5ce6ccbda43d3409bb9b3486c629b24892400a487c82c2f98eafcc6b

    • SSDEEP

      6144:s20qNqpLd/dlktjnOpi0xCEFRFAtQrfDNKJb8PyUblrtn:sP7EZ0xCECtQrfoJbg3blJn

    Score
    1/10
    behavioral25

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Orcus.StaticCommands.dll

    • Size

      83KB

    • MD5

      e6f165cb62b40d4cd53ccafedd0f253c

    • SHA1

      ef9d13b5cec4bcbc11404fec5a5d1d5173d140c8

    • SHA256

      c007c2a4aadc728be29aae5000e2389d0bdc40615d394d32a3dcf97c4e1a738a

    • SHA512

      92f74c8cb147496dbaaf6069ec55f2056cf9153b04a82cbbdd3e0ec295fb8235157aae3ad31e6d913110acb4f785b947feec3ae07bf96d894c81c9fd3a7406bc

    • SSDEEP

      1536:fzOktGXz9p9bmW8NvIipLVugRF1TcSUQ3tJBcz:LZtE9p9biNgiphui1TcSUQdJBcz

    Score
    1/10
    behavioral26

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/OxyPlot.Wpf.dll

    • Size

      156KB

    • MD5

      542f3f95bfcc7cdd6eeb79f03d104428

    • SHA1

      7b442e30194d87e8db77f6beaad4583853c1617d

    • SHA256

      6188d0b17fdee865f0896b2742b1d519435c8c04e5da903d969b69aeb66855ea

    • SHA512

      427ab37207c2fda5b9ac45dc9cf7c84d106c00de0b12a271692f68a02b2aff5de4968df45c7bb06bacaf09047002afbe930418837560fc1371bbbf3947b6a553

    • SSDEEP

      1536:xsHEBbr54Kccz+3hV0YWZkx9WcfdkFbXoybwnimkE3rFT2D76j8Gs6psBZ4wmaZB:GkBeK0hGXZkDff2hwnimku1qZv4LzG1

    Score
    1/10
    behavioral27

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/SharpDX.DXGI.dll

    • Size

      125KB

    • MD5

      2b44c70c49b70d797fbb748158b5d9bb

    • SHA1

      93e00e6527e461c45c7868d14cf05c007e478081

    • SHA256

      3762d43c83af69cd38c9341a927ca6bd00f6bae8217c874d693047d6df4705bf

    • SHA512

      faced62f6ecbfa2ee0d7a47e300302d23030d1f28758cbe9c442e9d8d4f8359c59088aa6237a28103e43d248c8efc7eeaf2c184028701b752df6cce92d6854d0

    • SSDEEP

      1536:taSL4xpOaI0PXSgMkPXsHIrPQkrNCivO5Ib6VU3x8w85SMxcnqNojG5JW/UlibAs:taSLYpfI0fTtP8HIbQkreK

    Score
    1/10
    behavioral28

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/SharpDX.Direct3D11.dll

    • Size

      271KB

    • MD5

      98eb5ba5871acdeaebf3a3b0f64be449

    • SHA1

      c965284f60ef789b00b10b3df60ee682b4497de3

    • SHA256

      d7617d926648849cbfef450b8f48e458ee52e2793fb2251a30094b778aa8848c

    • SHA512

      a60025e304713d333e4b82b2d0be28087950688b049c98d2db5910c00b8d45b92e16d25ac8a58ff1318de019de3a9a00c7cbf8a6ad4b5bb1cb175dafa1b9bea2

    • SSDEEP

      3072:6ccUvNf/AThDrcfiSDt0XN3ZDoyz91Sy0KwbwgG5OHDyGQsnHZ09K3vJqlQ1VcTS:zRfi+SmNgOHDyGQsucvJqW6Ts4dDjJZ

    Score
    1/10
    behavioral29

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Sorzus.Wpf.Toolkit.dll

    • Size

      55KB

    • MD5

      24e84c8a2d39b66e80966f3a860581ff

    • SHA1

      85c4d1d0fb9159dea4a1f4b824481b849a1f596f

    • SHA256

      34e1daea8b1b338654c8dc347d97f435708b605c58808791509c69354eef60d9

    • SHA512

      600e1132f03627633d1460da6f4c02b56fff30704ed6b7f1947e214e591ef42b0e7be828a0dfcce97fbb7665780b061d208b23bbb9f23be7adf025dfd92d6455

    • SSDEEP

      768:Smrn66+m5GvS6/j9CHnIrGy2cs0x29cHX/UPoL7TfsXjM2H74:Tr66+m5GK6/j9CHAGPcs0xAALyjMk4

    Score
    1/10
    behavioral30

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/System.Windows.Interactivity.dll

    • Size

      54KB

    • MD5

      580244bc805220253a87196913eb3e5e

    • SHA1

      ce6c4c18cf638f980905b9cb6710ee1fa73bb397

    • SHA256

      93fbc59e4880afc9f136c3ac0976ada7f3faa7cacedce5c824b337cbca9d2ebf

    • SHA512

      2666b594f13ce9df2352d10a3d8836bf447eaf6a08da528b027436bb4affaad9cd5466b4337a3eaf7b41d3021016b53c5448c7a52c037708cae9501db89a73f0

    • SSDEEP

      1536:BYQaIZaEmaOQxn6JxKjtlMZAnuETAV+w4:aIhOQcSLAj4

    Score
    1/10
    behavioral31

    • Target

      everything/OrcusRAT/orсus/orсus 9191/libraries/Vestris.ResourceLib.dll

    • Size

      76KB

    • MD5

      01e1e34a2e2622a72a261c41bc017787

    • SHA1

      90de25656fb0119fe8bab5a0e316e72361d93a17

    • SHA256

      e421fa5b5143b08ee6f773deb6b0d7b8f2f9e701fe3d5a698541d34f0757fc46

    • SHA512

      8818707744bf8e6a9c726b9f48d1f0af5f6db77eceafa752c8bbe8702210a88c36353f97cd144eb89541af7a99071b8317e621b2cb7d36bd91748cfbd81b8720

    • SSDEEP

      1536:jV0Ri89PUYicM38AWV7Kr5bYoRKkA/Dxp0/qTP3po3akPYgGKeKJs/JBHE:50Ri89PUOM3M7Kr5xKLw3PVG/KJsA

    Score
    1/10
    behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

agilenetpyinstallerorcusumbralstormkittyxwormchaos
Score
10/10

behavioral1

discovery
Score
3/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10