Technical Information
- <SYSTEM32>\tasks\orcus respawner
- %APPDATA%\orcus\err_355e16e07c8348d48c8ec09450ae2dd5.dat
- %ProgramFiles(x86)%\orcus\orcus.exe
- %ProgramFiles(x86)%\orcus\orcus.exe.config
- %APPDATA%\orcuswatchdog.exe
- %APPDATA%\orcuswatchdog.exe.config
- '<LOCALNET>.10.12':10134
- '%ProgramFiles(x86)%\orcus\orcus.exe'
- '%APPDATA%\orcuswatchdog.exe' /launchSelfAndExit "%ProgramFiles(x86)%\Orcus\Orcus.exe" 2212
- '%APPDATA%\orcuswatchdog.exe' /watchProcess "%ProgramFiles(x86)%\Orcus\Orcus.exe" 2212
- '%ProgramFiles(x86)%\orcus\orcus.exe' ' (with hidden window)
- '<SYSTEM32>\taskeng.exe' {11E6E02F-3E74-4425-A243-D48F806B8AC4} S-1-5-21-1960123792-2022915161-3775307078-1001:wjujjmsp\user:Interactive:[1]