osiris | 017a7ccf3e5eb12c679dad6b9897c1ea788975d6e5e90e4ddf59df981dd11ec1 | Triage

Submit
Reports

Overview

overview

Static

static

1

017a7ccf3e...c1.exe

windows7_x64

017a7ccf3e...c1.exe

windows10_x64

Resubmissions

22-09-2021 14:15

210922-rkjp5sfecr 10

Sharing

General

Target

017a7ccf3e5eb12c679dad6b9897c1ea788975d6e5e90e4ddf59df981dd11ec1
Size

527KB
Sample

210922-rkjp5sfecr
MD5

afca14738e00c61a837d450b38a3f067
SHA1

bc07bcaa858fd87418563b54f1e3197a252c0ee8
SHA256

017a7ccf3e5eb12c679dad6b9897c1ea788975d6e5e90e4ddf59df981dd11ec1
SHA512

50f084c2ffd0b6592bea5face7092294003812421009e8241c8045c117aa9ae4e802bd4fb56398df06670ffbad57683c9157fc1b91a28443720b13fbf300772c

Score

10^/10

osiris banker botnet

Static task

static1

Behavioral task

behavioral1

Sample

017a7ccf3e5eb12c679dad6b9897c1ea788975d6e5e90e4ddf59df981dd11ec1.exe

Resource

win7-en-20210920

osiris banker botnet

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

017a7ccf3e5eb12c679dad6b9897c1ea788975d6e5e90e4ddf59df981dd11ec1.exe

Resource

win10-en-20210920

osiris banker botnet

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  017a7ccf3e5eb12c679dad6b9897c1ea788975d6e5e90e4ddf59df981dd11ec1
- Size
  
  527KB
- MD5
  
  afca14738e00c61a837d450b38a3f067
- SHA1
  
  bc07bcaa858fd87418563b54f1e3197a252c0ee8
- SHA256
  
  017a7ccf3e5eb12c679dad6b9897c1ea788975d6e5e90e4ddf59df981dd11ec1
- SHA512
  
  50f084c2ffd0b6592bea5face7092294003812421009e8241c8045c117aa9ae4e802bd4fb56398df06670ffbad57683c9157fc1b91a28443720b13fbf300772c
Score

10^/10

osiris banker botnet
- Osiris
  banker botnet osiris
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Connection Proxy

Impact

Tasks

static1

behavioral1

osirisbankerbotnet

behavioral2

osirisbankerbotnet

© 2018-2024

Terms | Privacy