Overview

overview

10

Static

static

osi.exe

windows7_x64

10

osi.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    osi.exe

  • Size

    991KB

  • Sample

    201008-3emphqmq8a

  • MD5

    918b4df1f8d7b1e18e3e8fccdef3f5de

  • SHA1

    9b8f84e2d239252c83d89c3179f53893574c97a1

  • SHA256

    62bd38c89d1a30b03bd89a788d9f2852659f77715c97e5c12445c33f43fa13e5

  • SHA512

    bd6f8633285547160039a0730f936944f47336af5eda702332de7c23c6eefc2b3a19160dd235d1b5e18ecaefd9949ee847a1875949beac921f5890b6d3f841b8

Score
10/10
osirisbankerbotnetspyware

Malware Config

Targets

    • Target

      osi.exe

    • Size

      991KB

    • MD5

      918b4df1f8d7b1e18e3e8fccdef3f5de

    • SHA1

      9b8f84e2d239252c83d89c3179f53893574c97a1

    • SHA256

      62bd38c89d1a30b03bd89a788d9f2852659f77715c97e5c12445c33f43fa13e5

    • SHA512

      bd6f8633285547160039a0730f936944f47336af5eda702332de7c23c6eefc2b3a19160dd235d1b5e18ecaefd9949ee847a1875949beac921f5890b6d3f841b8

    Score
    10/10
    spywarebankerbotnetosiris

    • Osiris

      bankerbotnetosiris

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks