Overview

overview

10

Static

static

3

abb99945a5...14.exe

windows7-x64

10

abb99945a5...14.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    abb99945a52b54e68d1357107a94dd14

  • Size

    1.4MB

  • Sample

    231222-q146cadhc2

  • MD5

    abb99945a52b54e68d1357107a94dd14

  • SHA1

    d3be1af0f41256db38312a62d23d89cde1a24f5d

  • SHA256

    9bf4175c419ac4a5a1b2cb6c3dff2609a20b229ce45c38c0afdbd485edb23c0a

  • SHA512

    a1cbda79305052defa3c2c5373902f7d2474989354bb1eb53faa7f869386eedc7e38d426bd03f9ed5926524319204c3bbed6c393859c921de110c946030ef1b7

  • SSDEEP

    24576:R763+4CwVnefCnhVDXDFEPGSHnGiXDqMVqrkgjDGfnYw1s:RseeVuPZHpq/ZDQY

Score
10/10
osirisbankerbotnet

Malware Config

Targets

    • Target

      abb99945a52b54e68d1357107a94dd14

    • Size

      1.4MB

    • MD5

      abb99945a52b54e68d1357107a94dd14

    • SHA1

      d3be1af0f41256db38312a62d23d89cde1a24f5d

    • SHA256

      9bf4175c419ac4a5a1b2cb6c3dff2609a20b229ce45c38c0afdbd485edb23c0a

    • SHA512

      a1cbda79305052defa3c2c5373902f7d2474989354bb1eb53faa7f869386eedc7e38d426bd03f9ed5926524319204c3bbed6c393859c921de110c946030ef1b7

    • SSDEEP

      24576:R763+4CwVnefCnhVDXDFEPGSHnGiXDqMVqrkgjDGfnYw1s:RseeVuPZHpq/ZDQY

    Score
    10/10
    osirisbankerbotnet

    • Osiris

      bankerbotnetosiris

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks