osiris | 4bd4ccdaefa72f9326ba93542ddc447f6df1452a6f626a54d43c3a4c37e23968 | Triage

Submit
Reports

Overview

overview

Static

static

2bb0000.exe

windows7_x64

2bb0000.exe

windows10_x64

Sharing

General

Target

2bb0000.exe
Size

434KB
Sample

210504-ea5kd82f4e
MD5

1cdb3fb1f8aceed1ebe8dbf591f3d8db
SHA1

21bd149cf8eec05f453665b888aae9b2b8e62320
SHA256

4bd4ccdaefa72f9326ba93542ddc447f6df1452a6f626a54d43c3a4c37e23968
SHA512

4df44aea1de81ee299cc0944d14da5a28290d1d3cf60691bf85a650ea12e4be73017f68bbb01466f757203e9f6d4fbdb3446a468f241a9383b35cd8f681b3021

Score

10^/10

osiris banker botnet

Static task

static1

Behavioral task

behavioral1

Sample

2bb0000.exe

Resource

win7v20210410

osiris banker botnet

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2bb0000.exe

Resource

win10v20210408

osiris banker botnet

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  2bb0000.exe
- Size
  
  434KB
- MD5
  
  1cdb3fb1f8aceed1ebe8dbf591f3d8db
- SHA1
  
  21bd149cf8eec05f453665b888aae9b2b8e62320
- SHA256
  
  4bd4ccdaefa72f9326ba93542ddc447f6df1452a6f626a54d43c3a4c37e23968
- SHA512
  
  4df44aea1de81ee299cc0944d14da5a28290d1d3cf60691bf85a650ea12e4be73017f68bbb01466f757203e9f6d4fbdb3446a468f241a9383b35cd8f681b3021
Score

10^/10

osiris banker botnet
- Osiris
  banker botnet osiris
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Connection Proxy

Impact

Tasks

static1

behavioral1

osirisbankerbotnet

behavioral2

osirisbankerbotnet

© 2018-2024

Terms | Privacy