osiris | 5d779c5adeeea47cdfe6561bbb8c8a4a2d7e9eeab12b0482208be845be933565 | Triage

Sharing

General

Target

5d779c5adeeea47cdfe6561bbb8c8a4a2d7e9eeab12b0482208be845be933565
Size

811KB
Sample

220524-aylyzsach4
MD5

4dde427954743432f72829b418141855
SHA1

2ccb255990d65d18d6be680300f9b8249092f532
SHA256

5d779c5adeeea47cdfe6561bbb8c8a4a2d7e9eeab12b0482208be845be933565
SHA512

c370192e94a43fd0f4da2981395332d775be823b8fca128c95990cd9937fea28fb6ac1e1860096184cda82dc6d3e3c04fa167e6cea721bc0a459b25af05d84de

Score

10^/10

osiris banker botnet

Malware Config

Targets

- Target
  
  5d779c5adeeea47cdfe6561bbb8c8a4a2d7e9eeab12b0482208be845be933565
- Size
  
  811KB
- MD5
  
  4dde427954743432f72829b418141855
- SHA1
  
  2ccb255990d65d18d6be680300f9b8249092f532
- SHA256
  
  5d779c5adeeea47cdfe6561bbb8c8a4a2d7e9eeab12b0482208be845be933565
- SHA512
  
  c370192e94a43fd0f4da2981395332d775be823b8fca128c95990cd9937fea28fb6ac1e1860096184cda82dc6d3e3c04fa167e6cea721bc0a459b25af05d84de
Score

10^/10

osiris banker botnet
- Osiris
  banker botnet osiris
- Executes dropped EXE
- Loads dropped DLL
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Connection Proxy

Impact

Tasks

static1

behavioral1

osirisbankerbotnet

behavioral2

osirisbankerbotnet