osiris | 4cb106c0109ad1012ec621c6caca401ffb8a9d28b0119e383cf7b6d935a0c4df | Triage

Submit
Reports

Overview

overview

Static

static

6f0000.exe

windows7_x64

6f0000.exe

windows10_x64

Sharing

General

Target

6f0000.exe
Size

434KB
Sample

210302-qzb1xylgha
MD5

11f98a3e4edab64bcb5efcd39397d253
SHA1

a980cc4af6900b9975c31a06fa7c76799ae061b7
SHA256

4cb106c0109ad1012ec621c6caca401ffb8a9d28b0119e383cf7b6d935a0c4df
SHA512

8e7a258a48b85fae4c39f8b1f338ba448979e73d12e636c3ca549ddc0b637bd4d56cffda56780e1010d2de3338b4eb9badb6a2f2cb9a89d0105093646e5d3b8f

Score

10^/10

osiris banker botnet

Static task

static1

Behavioral task

behavioral1

Sample

6f0000.exe

Resource

win7v20201028

osiris banker botnet

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6f0000.exe

Resource

win10v20201028

osiris banker botnet

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  6f0000.exe
- Size
  
  434KB
- MD5
  
  11f98a3e4edab64bcb5efcd39397d253
- SHA1
  
  a980cc4af6900b9975c31a06fa7c76799ae061b7
- SHA256
  
  4cb106c0109ad1012ec621c6caca401ffb8a9d28b0119e383cf7b6d935a0c4df
- SHA512
  
  8e7a258a48b85fae4c39f8b1f338ba448979e73d12e636c3ca549ddc0b637bd4d56cffda56780e1010d2de3338b4eb9badb6a2f2cb9a89d0105093646e5d3b8f
Score

10^/10

osiris banker botnet
- Osiris
  banker botnet osiris
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Connection Proxy

Impact

Tasks

static1

behavioral1

osirisbankerbotnet

behavioral2

osirisbankerbotnet

© 2018-2024

Terms | Privacy