osiris | 2b6f62b7b957100080f851c141e79a09c394750332d445d5c00b9c5b8bf20401 | Triage

Submit
Reports

Overview

overview

Static

static

3

c78ad25795...18.exe

windows7-x64

c78ad25795...18.exe

windows10-2004-x64

Sharing

General

Target

c78ad25795300ed3c4ed7f3d2cdb8b51_JaffaCakes118
Size

786KB
Sample

240405-b9d8yshf96
MD5

c78ad25795300ed3c4ed7f3d2cdb8b51
SHA1

62f9bbf935d54415eadf7fdb72b1640ac4ac390e
SHA256

2b6f62b7b957100080f851c141e79a09c394750332d445d5c00b9c5b8bf20401
SHA512

0889c4511ca3f6cfb1c4f875de5d0432518f0c14a6328991397e1b7003d80cfb0512f76c19f5af51bbdbedc607c917f98b265fd959e3124d038da077e526050d
SSDEEP

12288:vyxPJa2s86jofrWEuxjcZxyPq8tf8sQ+PRtj3lDsmMHj3N6eiaFmhL+Jig8:vyxPJ/s86szWEuKiflOmMDhPEhL+l8

Score

10^/10

osiris banker botnet

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c78ad25795300ed3c4ed7f3d2cdb8b51_JaffaCakes118.exe

Resource

win7-20240221-en

osiris banker botnet

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

c78ad25795300ed3c4ed7f3d2cdb8b51_JaffaCakes118.exe

Resource

win10v2004-20240226-en

osiris banker botnet

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  c78ad25795300ed3c4ed7f3d2cdb8b51_JaffaCakes118
- Size
  
  786KB
- MD5
  
  c78ad25795300ed3c4ed7f3d2cdb8b51
- SHA1
  
  62f9bbf935d54415eadf7fdb72b1640ac4ac390e
- SHA256
  
  2b6f62b7b957100080f851c141e79a09c394750332d445d5c00b9c5b8bf20401
- SHA512
  
  0889c4511ca3f6cfb1c4f875de5d0432518f0c14a6328991397e1b7003d80cfb0512f76c19f5af51bbdbedc607c917f98b265fd959e3124d038da077e526050d
- SSDEEP
  
  12288:vyxPJa2s86jofrWEuxjcZxyPq8tf8sQ+PRtj3lDsmMHj3N6eiaFmhL+Jig8:vyxPJ/s86szWEuKiflOmMDhPEhL+l8
Score

10^/10

osiris banker botnet
- Osiris
  banker botnet osiris
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Proxy

Exfiltration

Impact

Tasks

static1

behavioral1

osirisbankerbotnet

behavioral2

osirisbankerbotnet

© 2018-2025

Terms | Privacy