General

  • Target

    osiris_test001.exe

  • Size

    1.0MB

  • Sample

    210713-1lzcmd7ckn

  • MD5

    3c0ac3056b53599168fe3028e081865e

  • SHA1

    8248bc73de44fece386f6cf2db0a880e0293c195

  • SHA256

    0dbc1af2d931bdeada204f13aafb51ab3bf83a3354c32fe5076bbcc5244b7f63

  • SHA512

    de9554cf10de7b9afbae6b410f0a54c1419b879799a6da6d0a0327323c2eaf5b6fdd263c85931a79cb5c1491b3836cb434ec31a48207f53cba16943199ab26b5

Score
10/10

Malware Config

Targets

    • Target

      osiris_test001.exe

    • Size

      1.0MB

    • MD5

      3c0ac3056b53599168fe3028e081865e

    • SHA1

      8248bc73de44fece386f6cf2db0a880e0293c195

    • SHA256

      0dbc1af2d931bdeada204f13aafb51ab3bf83a3354c32fe5076bbcc5244b7f63

    • SHA512

      de9554cf10de7b9afbae6b410f0a54c1419b879799a6da6d0a0327323c2eaf5b6fdd263c85931a79cb5c1491b3836cb434ec31a48207f53cba16943199ab26b5

    Score
    10/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Enterprise v6

Tasks