orcus | 7753de049d1607a1a5f9686b1d41a6093c7f163742edd9d71e47e76523a3d2f8 | Triage

Submit
Reports

Overview

overview

Static

static

Orcus RAT 1.9.1.zip

windows10-2004-x64

Sharing

General

Target

Orcus RAT 1.9.1.zip
Size

22.7MB
Sample

250328-a3r1ssslt5
MD5

16d89509da82189fed1a8a2649d2a168
SHA1

fd8d57cae1952adf0e70d40e57802fb70b9aac3c
SHA256

7753de049d1607a1a5f9686b1d41a6093c7f163742edd9d71e47e76523a3d2f8
SHA512

ec9c7485123183731385bcfc0a247d400588d310a6ec981123fa2e883073ef7b8f1d5f835e31a995b1c010ebea4a6e882038f8e341d6bbc9676952c0dd96d03c
SSDEEP

393216:7zO42vwWQW21/wnn//z8AzU6JvPSBQVEjRoG55998AEuFfIReyDAEjR4:vz2gbgX7/jq1oG5L98AvnM14

Score

10^/10

orcus discovery rat spyware stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Orcus RAT 1.9.1.zip

Resource

win10v2004-20250314-en

orcus discovery rat spyware stealer

windows10-2004-x64

12 signatures

300 seconds

Malware Config

Targets

- Target
  
  Orcus RAT 1.9.1.zip
- Size
  
  22.7MB
- MD5
  
  16d89509da82189fed1a8a2649d2a168
- SHA1
  
  fd8d57cae1952adf0e70d40e57802fb70b9aac3c
- SHA256
  
  7753de049d1607a1a5f9686b1d41a6093c7f163742edd9d71e47e76523a3d2f8
- SHA512
  
  ec9c7485123183731385bcfc0a247d400588d310a6ec981123fa2e883073ef7b8f1d5f835e31a995b1c010ebea4a6e882038f8e341d6bbc9676952c0dd96d03c
- SSDEEP
  
  393216:7zO42vwWQW21/wnn//z8AzU6JvPSBQVEjRoG55998AEuFfIReyDAEjR4:vz2gbgX7/jq1oG5L98AvnM14
Score

10^/10

orcus discovery rat spyware stealer
- Orcus
  Orcus is a Remote Access Trojan that is being sold on underground forums.
  rat spyware stealer orcus
- Orcus family
  orcus
- Orcurs Rat Executable
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

orcusdiscoveryratspywarestealer

© 2018-2025

Terms | Privacy