osiris | 12dc9ca2e6b5e7c547ebd3814953c4e2aa0d1eb726877151b09494ab6a0c07bd | Triage

Submit
Reports

Overview

overview

Static

static

3

07de8d93ec...ae.exe

windows7-x64

07de8d93ec...ae.exe

windows10-2004-x64

3

Sharing

General

Target

07de8d93ec7190afee1eb569dce09bae
Size

3.1MB
Sample

231230-aa77badaan
MD5

07de8d93ec7190afee1eb569dce09bae
SHA1

ef0b072fcf7f00184471589a6e4a0d3bd09b9553
SHA256

12dc9ca2e6b5e7c547ebd3814953c4e2aa0d1eb726877151b09494ab6a0c07bd
SHA512

a8d226bd9c8c0a8d6f856a9ef5ef8d235ca1e1c67c250d0f0bd043ae400f61b3dd7f1032c3278178d783edec343ba5a3870f1b753079f0d16a7955cdb57670ac
SSDEEP

49152:nitOd4k7ydepSSPIZDscC+QZKDVdfu31W:niK4IIZYfZKDVQFW

Score

10^/10

osiris banker botnet

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

07de8d93ec7190afee1eb569dce09bae.exe

Resource

win7-20231215-en

osiris banker botnet

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

07de8d93ec7190afee1eb569dce09bae.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  07de8d93ec7190afee1eb569dce09bae
- Size
  
  3.1MB
- MD5
  
  07de8d93ec7190afee1eb569dce09bae
- SHA1
  
  ef0b072fcf7f00184471589a6e4a0d3bd09b9553
- SHA256
  
  12dc9ca2e6b5e7c547ebd3814953c4e2aa0d1eb726877151b09494ab6a0c07bd
- SHA512
  
  a8d226bd9c8c0a8d6f856a9ef5ef8d235ca1e1c67c250d0f0bd043ae400f61b3dd7f1032c3278178d783edec343ba5a3870f1b753079f0d16a7955cdb57670ac
- SSDEEP
  
  49152:nitOd4k7ydepSSPIZDscC+QZKDVdfu31W:niK4IIZYfZKDVQFW
Score

10^/10

osiris banker botnet
- Osiris
  banker botnet osiris
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Proxy

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

osirisbankerbotnet

behavioral2

© 2018-2024

Terms | Privacy