osiris | 0664c46691135a3d6015354e0f0c54fd09fed20ab5b8b2582c799dfe35d2dd69 | Triage

Sharing

General

Target

0664c46691135a3d6015354e0f0c54fd09fed20ab5b8b2582c799dfe35d2dd69
Size

507KB
Sample

220531-gx86fscchp
MD5

e38d0d5ef1f8dd657479d08248dd83a1
SHA1

85df1e4f362b0bd9f48016b7f155aa757f7bc1d7
SHA256

0664c46691135a3d6015354e0f0c54fd09fed20ab5b8b2582c799dfe35d2dd69
SHA512

212d9a356406bacc8f8f388b195fd22fcf02757da5543e7a5f5d66d09b84ee310a9359cf8f979ee0923889862b48ba1ed02fb60fea0b4bd3486a930f4a3d690b

Score

10^/10

osiris banker botnet

Malware Config

Targets

- Target
  
  0664c46691135a3d6015354e0f0c54fd09fed20ab5b8b2582c799dfe35d2dd69
- Size
  
  507KB
- MD5
  
  e38d0d5ef1f8dd657479d08248dd83a1
- SHA1
  
  85df1e4f362b0bd9f48016b7f155aa757f7bc1d7
- SHA256
  
  0664c46691135a3d6015354e0f0c54fd09fed20ab5b8b2582c799dfe35d2dd69
- SHA512
  
  212d9a356406bacc8f8f388b195fd22fcf02757da5543e7a5f5d66d09b84ee310a9359cf8f979ee0923889862b48ba1ed02fb60fea0b4bd3486a930f4a3d690b
Score

10^/10

osiris banker botnet
- Osiris
  banker botnet osiris
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Connection Proxy

Impact

Tasks

static1

behavioral1

osirisbankerbotnet

behavioral2

osirisbankerbotnet