osiris | d03ba24ab70fa01053ef1b27420a0585540d371702c06332bfa1c7fb8999574d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

b4d051eb4e...99.exe

windows7-x64

b4d051eb4e...99.exe

windows10-2004-x64

Sharing

General

Target

b4d051eb4e505340638048ae8ada9899
Size

3.1MB
Sample

240305-qr1rkagg86
MD5

b4d051eb4e505340638048ae8ada9899
SHA1

fadd88fad71647894d3aa76010c6606a60388f23
SHA256

d03ba24ab70fa01053ef1b27420a0585540d371702c06332bfa1c7fb8999574d
SHA512

cdd13f5b6fe6193effa755115685b0df1e2c2003d781e05a93a5b05750a9818a3ff00763fe25e52f8bf60e4006718dc80f203e0705772c6df56e4443762dc8d9
SSDEEP

49152:qitOd4k7ydepSSPIZDscC+QZKDVdfu31r:qiK4IIZYfZKDVQFr

Score

10^/10

osiris banker botnet

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b4d051eb4e505340638048ae8ada9899.exe

Resource

win7-20240221-en

osiris banker botnet

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

b4d051eb4e505340638048ae8ada9899.exe

Resource

win10v2004-20240226-en

osiris banker botnet

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  b4d051eb4e505340638048ae8ada9899
- Size
  
  3.1MB
- MD5
  
  b4d051eb4e505340638048ae8ada9899
- SHA1
  
  fadd88fad71647894d3aa76010c6606a60388f23
- SHA256
  
  d03ba24ab70fa01053ef1b27420a0585540d371702c06332bfa1c7fb8999574d
- SHA512
  
  cdd13f5b6fe6193effa755115685b0df1e2c2003d781e05a93a5b05750a9818a3ff00763fe25e52f8bf60e4006718dc80f203e0705772c6df56e4443762dc8d9
- SSDEEP
  
  49152:qitOd4k7ydepSSPIZDscC+QZKDVdfu31r:qiK4IIZYfZKDVQFr
Score

10^/10

osiris banker botnet
- Osiris
  banker botnet osiris
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Proxy

Exfiltration

Impact

Tasks

static1

behavioral1

osirisbankerbotnet

behavioral2

osirisbankerbotnet

© 2018-2025

Terms | Privacy