Backdoor:MSIL/Orcus - KernelMode.info

Re: Malware collection

#32392 by EP_X0FF
Tue Jan 08, 2019 5:54 am

markusg wrote: ↑Thu Sep 20, 2018 9:30 pm SHA-256
26e3ac4d81005556ccce5d912403bebd8423e47947abfc373b399ad375f35782
File name
wwe_2K18_installer.exe
https://www.virustotal.com/#/file/26e3a ... /detection

Backdoor Orcus written in C#.

Copy itself to %AppData%\Roaming\Microsoft\Windows\Start Menu\installer.exe

Obfuscated with Agile.NET, in attach deobfuscated (https://www.virustotal.com/en/file/195a ... 546927095/). Posts moved.

Attachments

orcus.zip

pass: infected
(608.3 KiB) Downloaded 14 times

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact