Trusted Design

Orcus RAT

概要

Orcus is advertised on its homepage as a remote administration tool, behaving similarly to TeamViewer and other applications. Unfortunately, it is not as clean as those apps, since Orcus blatantly advertises illegal features, such as the ability to recover browser cookies and passwords from famous applications, launch server stress tests (DDoS attacks), disable the webcam activity light, record microphone input, spoof file extensions, log keystrokes, and many more. Most of these features are provided as plugins to the main Orcus package, which is sold for $40 paid in Bitcoin or via a PayPal account. According to the official website, the Orcus RAT is managed by Orcus Technologies. There was no registration number or any other type of official details regarding Orcus Technologies on the Orcus RAT website.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

#1020 Dissecting the Malware Involved in the INOCNATION Campaign (score: 0.47)
Ratcheting Down on JSocket: A PC and Android Threat (score: 0.46)
Ding! Your RAT has been delivered (score: 0.46)
RTF Exploit Installs Italian RAT: uWarrior (score: 0.45)
InvisiMole: surprisingly equipped spyware, undercover since 2013 (score: 0.44)

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 11.46

Matched TTPs:

T1036.007 - Double File Extension
T1102.002 - Bidirectional Communication
T1021.001 - Remote Desktop Protocol
T1584.001 - Domains

MITREへのリンク →

Mustang Panda

Score: 8.26

Matched TTPs:

T1036.007 - Double File Extension
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Medusa Group

Score: 5.78

Matched TTPs:

T1608.002 - Upload Tool
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Threat Group-3390

Score: 9.05

Matched TTPs:

T1608.002 - Upload Tool
T1189 - Drive-by Compromise
T1027.015 - Compression

MITREへのリンク →

FIN7

Score: 11.18

Matched TTPs:

T1674 - Input Injection
T1102.002 - Bidirectional Communication
T1021.001 - Remote Desktop Protocol
T1124 - System Time Discovery

MITREへのリンク →

APT28

Score: 17.08

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1102.002 - Bidirectional Communication
T1189 - Drive-by Compromise
T1498 - Network Denial of Service
T1137.002 - Office Test

MITREへのリンク →

CURIUM

Score: 8.20

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1189 - Drive-by Compromise
T1124 - System Time Discovery

MITREへのリンク →

Storm-1811

Score: 11.31

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1056 - Input Capture
T1036.010 - Masquerade Account Name

MITREへのリンク →

Gamaredon Group

Score: 10.09

Matched TTPs:

T1001 - Data Obfuscation
T1102.002 - Bidirectional Communication
T1027.015 - Compression

MITREへのリンク →

APT42

Score: 3.84

Matched TTPs:

T1056 - Input Capture

MITREへのリンク →

APT39

Score: 7.89

Matched TTPs:

T1056 - Input Capture
T1102.002 - Bidirectional Communication
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

APT37

Score: 4.16

Matched TTPs:

T1102.002 - Bidirectional Communication
T1189 - Drive-by Compromise

MITREへのリンク →

Lazarus Group

Score: 12.54

Matched TTPs:

T1102.002 - Bidirectional Communication
T1189 - Drive-by Compromise
T1027.007 - Dynamic API Resolution
T1021.001 - Remote Desktop Protocol
T1124 - System Time Discovery

MITREへのリンク →

Magic Hound

Score: 12.72

Matched TTPs:

T1102.002 - Bidirectional Communication
T1036.010 - Masquerade Account Name
T1189 - Drive-by Compromise
T1021.001 - Remote Desktop Protocol
T1584.001 - Domains

MITREへのリンク →

Turla

Score: 6.76

Matched TTPs:

T1102.002 - Bidirectional Communication
T1189 - Drive-by Compromise
T1124 - System Time Discovery

MITREへのリンク →

HEXANE

Score: 4.05

Matched TTPs:

T1102.002 - Bidirectional Communication
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Sandworm Team

Score: 6.94

Matched TTPs:

T1102.002 - Bidirectional Communication
T1499 - Endpoint Denial of Service

MITREへのリンク →

ZIRCONIUM

Score: 4.99

Matched TTPs:

T1102.002 - Bidirectional Communication
T1124 - System Time Discovery

MITREへのリンク →

OilRig

Score: 6.19

Matched TTPs:

T1137.004 - Outlook Home Page
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

APT29

Score: 4.54

Matched TTPs:

T1562.008 - Disable or Modify Cloud Logs

MITREへのリンク →

Dragonfly

Score: 7.03

Matched TTPs:

T1036.010 - Masquerade Account Name
T1189 - Drive-by Compromise
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

APT3

Score: 5.27

Matched TTPs:

T1036.010 - Masquerade Account Name
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Transparent Tribe

Score: 5.05

Matched TTPs:

T1189 - Drive-by Compromise
T1584.001 - Domains

MITREへのリンク →

Axiom

Score: 3.41

Matched TTPs:

T1189 - Drive-by Compromise
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Darkhotel

Score: 4.36

Matched TTPs:

T1189 - Drive-by Compromise
T1124 - System Time Discovery

MITREへのリンク →

Patchwork

Score: 3.41

Matched TTPs:

T1189 - Drive-by Compromise
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Leviathan

Score: 6.56

Matched TTPs:

T1189 - Drive-by Compromise
T1021.001 - Remote Desktop Protocol
T1027.015 - Compression

MITREへのリンク →

BRONZE BUTLER

Score: 4.36

Matched TTPs:

T1189 - Drive-by Compromise
T1124 - System Time Discovery

MITREへのリンク →

Mustard Tempest

Score: 5.05

Matched TTPs:

T1189 - Drive-by Compromise
T1584.001 - Domains

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Volt Typhoon

Score: 4.24

Matched TTPs:

T1021.001 - Remote Desktop Protocol
T1124 - System Time Discovery

MITREへのリンク →

Scattered Spider

Score: 5.49

Matched TTPs:

T1021.001 - Remote Desktop Protocol
T1213.005 - Messaging Applications

MITREへのリンク →

Fox Kitten

Score: 5.49

Matched TTPs:

T1021.001 - Remote Desktop Protocol
T1213.005 - Messaging Applications

MITREへのリンク →

Chimera

Score: 4.24

Matched TTPs:

T1021.001 - Remote Desktop Protocol
T1124 - System Time Discovery

MITREへのリンク →

APT1

Score: 4.93

Matched TTPs:

T1021.001 - Remote Desktop Protocol
T1584.001 - Domains

MITREへのリンク →

Higaisa

Score: 5.74

Matched TTPs:

T1124 - System Time Discovery
T1027.015 - Compression

MITREへのリンク →

SideCopy

Score: 3.29

Matched TTPs:

T1584.001 - Domains

MITREへのリンク →

LAPSUS$

Score: 3.84

Matched TTPs:

T1213.005 - Messaging Applications

MITREへのリンク →

Molerats

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

TA2541

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.75

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1498 - Network Denial of Service
T1102.002 - Bidirectional Communication
T1137.002 - Office Test
T1189 - Drive-by Compromise

MITREへのリンク →

Magic Hound

Score: 0.60

Matched TTPs:

T1036.010 - Masquerade Account Name
T1584.001 - Domains
T1102.002 - Bidirectional Communication
T1189 - Drive-by Compromise
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Lazarus Group

Score: 0.58

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1102.002 - Bidirectional Communication
T1124 - System Time Discovery
T1189 - Drive-by Compromise
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る