osiris | 7176b06d8ef959057db3fa2868695ee2d3e810353fb236923840903ddb47019a | Triage

Submit
Reports

Overview

overview

Static

static

2f50000.exe

windows7_x64

2f50000.exe

windows10_x64

Sharing

General

Target

2f50000.exe
Size

434KB
Sample

210504-w56k6ejkba
MD5

e2f99487e970a27006cf282abab1d49a
SHA1

b5d6b3b95f265888ce74e1be495858928214eb00
SHA256

7176b06d8ef959057db3fa2868695ee2d3e810353fb236923840903ddb47019a
SHA512

40e23b344272daba585c707e7e6298450049102052ae516b7b98ca0591274676cdc4e9891d149204595388b0347ed701b42b65c64901683a17c930f925a19351

Score

10^/10

osiris banker botnet

Static task

static1

Behavioral task

behavioral1

Sample

2f50000.exe

Resource

win7v20210408

osiris banker botnet

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2f50000.exe

Resource

win10v20210410

osiris banker botnet

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  2f50000.exe
- Size
  
  434KB
- MD5
  
  e2f99487e970a27006cf282abab1d49a
- SHA1
  
  b5d6b3b95f265888ce74e1be495858928214eb00
- SHA256
  
  7176b06d8ef959057db3fa2868695ee2d3e810353fb236923840903ddb47019a
- SHA512
  
  40e23b344272daba585c707e7e6298450049102052ae516b7b98ca0591274676cdc4e9891d149204595388b0347ed701b42b65c64901683a17c930f925a19351
Score

10^/10

osiris banker botnet
- Osiris
  banker botnet osiris
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Connection Proxy

Impact

Tasks

static1

behavioral1

osirisbankerbotnet

behavioral2

osirisbankerbotnet

© 2018-2024

Terms | Privacy