Overview

overview

10

Static

static

3

1dcf313c7b...a3.exe

windows7-x64

6

1dcf313c7b...a3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1dcf313c7b9200277a88700ff036b5a3

  • Size

    1.2MB

  • Sample

    231225-a3bzkscghq

  • MD5

    1dcf313c7b9200277a88700ff036b5a3

  • SHA1

    2bcf6d85a214e8c5acf6bdf845d51776318e059a

  • SHA256

    6ed40b29d8cbea35c1fba43b81b4ced3dd22dedb50871ac1168513826f4332ff

  • SHA512

    526ab3ad4eef95b92239e5d7d48a0f42fcb04e1b52591bd4cf79e0e51cfc20a24e2918451f6837825b023fe5e4892f7e04b7dfd207cc36b0f54ee61cf1678685

  • SSDEEP

    24576:YaUZCHwO1d1QqbBE2tTBFSZzuKo0gNEPSwDOCzwJSbc7wmersHL:bQqtnLRs6MwJS+7

Score
10/10
osirisbankerbotnet

Malware Config

Targets

    • Target

      1dcf313c7b9200277a88700ff036b5a3

    • Size

      1.2MB

    • MD5

      1dcf313c7b9200277a88700ff036b5a3

    • SHA1

      2bcf6d85a214e8c5acf6bdf845d51776318e059a

    • SHA256

      6ed40b29d8cbea35c1fba43b81b4ced3dd22dedb50871ac1168513826f4332ff

    • SHA512

      526ab3ad4eef95b92239e5d7d48a0f42fcb04e1b52591bd4cf79e0e51cfc20a24e2918451f6837825b023fe5e4892f7e04b7dfd207cc36b0f54ee61cf1678685

    • SSDEEP

      24576:YaUZCHwO1d1QqbBE2tTBFSZzuKo0gNEPSwDOCzwJSbc7wmersHL:bQqtnLRs6MwJS+7

    Score
    10/10
    osirisbankerbotnet

    • Osiris

      bankerbotnetosiris

    • Executes dropped EXE

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks