Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

1734c05884...64.exe

windows7-x64

10

1734c05884...64.exe

windows10-1703-x64

10

1734c05884...64.exe

windows10-2004-x64

10

1734c05884...64.exe

windows11-21h2-x64

10

Resubmissions

18/04/2024, 05:10 UTC

240418-ftstmadc7v 10

18/04/2024, 05:10 UTC

240418-ftrassdc7s 10

18/04/2024, 05:10 UTC

240418-ftqn9sdc61 10

18/04/2024, 05:10 UTC

240418-ftp3qsdc6z 10

18/04/2024, 05:10 UTC

240418-ftprzaca38 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1734c05884e55ddb98494e1e5489f8e65e27e5752384eaeddb8adbdcc3788a64

  • Size

    434KB

  • Sample

    240414-q3nalsgh97

  • MD5

    fd3312938db4f099372ee8f6cd664d46

  • SHA1

    5fca27cf9c9ecaaffd1ee4ee7413bc4a36c59269

  • SHA256

    1734c05884e55ddb98494e1e5489f8e65e27e5752384eaeddb8adbdcc3788a64

  • SHA512

    d204112a5c6611c653f36cc67e69598209f70bfbfbfb0da2cb7333a287c6a28bb8a9331dfffcfb0465d77860917e0d5b903a637b0463e9b1b6d8fe6d577cca01

  • SSDEEP

    12288:rXPcLcbGfVylwG/ZDCK/ScBXo8TsyMkKMY8m7WOK95OTTsx/SA/WegYfdNbrqnum:rXh6XcBXo8TsL8Y8m4OTTySA/DrfdNbU

Score
10/10
osirisbankerbotnet

Malware Config

Targets

    • Target

      1734c05884e55ddb98494e1e5489f8e65e27e5752384eaeddb8adbdcc3788a64

    • Size

      434KB

    • MD5

      fd3312938db4f099372ee8f6cd664d46

    • SHA1

      5fca27cf9c9ecaaffd1ee4ee7413bc4a36c59269

    • SHA256

      1734c05884e55ddb98494e1e5489f8e65e27e5752384eaeddb8adbdcc3788a64

    • SHA512

      d204112a5c6611c653f36cc67e69598209f70bfbfbfb0da2cb7333a287c6a28bb8a9331dfffcfb0465d77860917e0d5b903a637b0463e9b1b6d8fe6d577cca01

    • SSDEEP

      12288:rXPcLcbGfVylwG/ZDCK/ScBXo8TsyMkKMY8m7WOK95OTTsx/SA/WegYfdNbrqnum:rXh6XcBXo8TsL8Y8m4OTTySA/DrfdNbU

    Score
    10/10
    osirisbankerbotnet

    • Osiris

      bankerbotnetosiris

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.