osiris | 333c641576886498ec84d9a8962805100834e640a46c1a6c27d80286647b29a0 | Triage

Submit
Reports

Overview

overview

Static

static

6bb71d8bf3...0f3.js

windows7_x64

1

6bb71d8bf3...0f3.js

windows10_x64

Sharing

General

Target

6bb71d8bf32cceef6a431136e0c965aa905c45c240b40bb20aa6fb6f661300f3.zip
Size

481KB
Sample

210112-j8xsp5fbmx
MD5

794d3b5bcd195106d03eb033bca4600f
SHA1

eb7a03c56634936a1c97978f1a24e3b624035819
SHA256

333c641576886498ec84d9a8962805100834e640a46c1a6c27d80286647b29a0
SHA512

1f34ddc64b86f2b7fd4853205619c4dc42f3c4d02715527f6a68c434bee0273bda186526d8d9c5e2b8c6ad22f4c91f9c47ae7b789a15e207171eeedf846842c0

Score

10^/10

osiris banker botnet

Static task

static1

Behavioral task

behavioral1

Sample

6bb71d8bf32cceef6a431136e0c965aa905c45c240b40bb20aa6fb6f661300f3.js

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6bb71d8bf32cceef6a431136e0c965aa905c45c240b40bb20aa6fb6f661300f3.js

Resource

win10v20201028

osiris banker botnet

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  6bb71d8bf32cceef6a431136e0c965aa905c45c240b40bb20aa6fb6f661300f3.js
- Size
  
  2.5MB
- MD5
  
  d7445ce4be501700003a79023147e9b9
- SHA1
  
  2d80ceba1af9a16ef2b8186c5f46a19e984837f3
- SHA256
  
  6bb71d8bf32cceef6a431136e0c965aa905c45c240b40bb20aa6fb6f661300f3
- SHA512
  
  61d1c6d20b793b3f47143db918b66f8968cb43b0f5aee20d73ce009e6c2f924336a7f58b10ba631bff164371a9e80787ae3ac50caaa1943b57750b788db3ddc2
Score

10^/10

osiris banker botnet
- Osiris
  banker botnet osiris
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

osirisbankerbotnet

© 2018-2024

Terms | Privacy