osiris | d03ba24ab70fa01053ef1b27420a0585540d371702c06332bfa1c7fb8999574d | Triage

Submit
Reports

Overview

overview

Static

static

3

b4d051eb4e...99.exe

windows7-x64

b4d051eb4e...99.exe

windows10-2004-x64

Sharing

General

Target

b4d051eb4e505340638048ae8ada9899
Size

3.1MB
Sample

240305-qr1rkagg86
MD5

b4d051eb4e505340638048ae8ada9899
SHA1

fadd88fad71647894d3aa76010c6606a60388f23
SHA256

d03ba24ab70fa01053ef1b27420a0585540d371702c06332bfa1c7fb8999574d
SHA512

cdd13f5b6fe6193effa755115685b0df1e2c2003d781e05a93a5b05750a9818a3ff00763fe25e52f8bf60e4006718dc80f203e0705772c6df56e4443762dc8d9
SSDEEP

49152:qitOd4k7ydepSSPIZDscC+QZKDVdfu31r:qiK4IIZYfZKDVQFr

Score

10^/10

osiris banker botnet

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b4d051eb4e505340638048ae8ada9899.exe

Resource

win7-20240221-en

osiris banker botnet

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

b4d051eb4e505340638048ae8ada9899.exe

Resource

win10v2004-20240226-en

osiris banker botnet

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  b4d051eb4e505340638048ae8ada9899
- Size
  
  3.1MB
- MD5
  
  b4d051eb4e505340638048ae8ada9899
- SHA1
  
  fadd88fad71647894d3aa76010c6606a60388f23
- SHA256
  
  d03ba24ab70fa01053ef1b27420a0585540d371702c06332bfa1c7fb8999574d
- SHA512
  
  cdd13f5b6fe6193effa755115685b0df1e2c2003d781e05a93a5b05750a9818a3ff00763fe25e52f8bf60e4006718dc80f203e0705772c6df56e4443762dc8d9
- SSDEEP
  
  49152:qitOd4k7ydepSSPIZDscC+QZKDVdfu31r:qiK4IIZYfZKDVQFr
Score

10^/10

osiris banker botnet
- Osiris
  banker botnet osiris
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Proxy

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

osirisbankerbotnet

behavioral2

osirisbankerbotnet

© 2018-2024

Terms | Privacy