osiris | dfb89b62125470adc70f0e24636633c45d0841aa8e84d09b6bab99f437e2f576 | Triage

Submit
Reports

Overview

overview

Static

static

0a22badfd2...ae.exe

windows7_x64

0a22badfd2...ae.exe

windows10-2004_x64

Sharing

General

Target

0a22badfd2f33aebe32d4689f11abbc31211d5ae
Size

1.4MB
Sample

220704-lebjpaabg2
MD5

10bdc120c93912b9b937ad16cc7a13c9
SHA1

0a22badfd2f33aebe32d4689f11abbc31211d5ae
SHA256

dfb89b62125470adc70f0e24636633c45d0841aa8e84d09b6bab99f437e2f576
SHA512

6b438edf1e591f485974085959634265096a42ef6148c74fe125f622e1f9667e543952fae8ee812d02990ca2566435a44b161383c3fcb58cfe4bb65f6c58530d

Score

10^/10

osiris banker botnet

Static task

static1

Behavioral task

behavioral1

Sample

0a22badfd2f33aebe32d4689f11abbc31211d5ae.exe

Resource

win7-20220414-en

osiris banker botnet

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0a22badfd2f33aebe32d4689f11abbc31211d5ae.exe

Resource

win10v2004-20220414-en

osiris banker botnet

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0a22badfd2f33aebe32d4689f11abbc31211d5ae
- Size
  
  1.4MB
- MD5
  
  10bdc120c93912b9b937ad16cc7a13c9
- SHA1
  
  0a22badfd2f33aebe32d4689f11abbc31211d5ae
- SHA256
  
  dfb89b62125470adc70f0e24636633c45d0841aa8e84d09b6bab99f437e2f576
- SHA512
  
  6b438edf1e591f485974085959634265096a42ef6148c74fe125f622e1f9667e543952fae8ee812d02990ca2566435a44b161383c3fcb58cfe4bb65f6c58530d
Score

10^/10

osiris banker botnet
- Osiris
  banker botnet osiris
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Connection Proxy

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Connection Proxy

Exfiltration

Impact

Tasks

static1

behavioral1

osirisbankerbotnet

behavioral2

osirisbankerbotnet

© 2018-2024

Terms | Privacy