Overview

overview

3

Static

static

3

osiris_wit...as.dll

windows7-x64

1

osiris_wit...as.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    7s
  • max time network
    3s
  • platform
    windows7_x64
  • resource
    win7-20240319-en
  • resource tags

    arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
  • submitted
    16/04/2024, 11:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    osiris_with_extras.dll

  • Size

    5.0MB

  • MD5

    e747cdc0eca5c1eb6f19cd3c8e89babf

  • SHA1

    ff01a47e452463433fb9d1b9468a310d3bf9b17b

  • SHA256

    14a543a9f0ab3365c6e6de3fd1082bb9ea3f718e1f5d94039ae1ca53cd0c7d07

  • SHA512

    c8cdd075608c2f7defd44bc8be19796085b7fcf60740b38834707bb4fbca9a7fefb7975d529e0f6edae11451ce25fda713614c0840a7f3e5a1d1cc3c09f8e41e

  • SSDEEP

    49152:gK4e/Lpb/gTiEPGY1symWPNbdzhgNYUxc7d2uoMOM0qqTpyR6F0lrMKa0qU121e6:XNg1fr2uoDM0q+pytqU

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\osiris_with_extras.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2176
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\osiris_with_extras.dll,#1
      2⤵
        PID:2092
    • C:\Windows\system32\LogonUI.exe
      "LogonUI.exe" /flags:0x0
      1⤵
        PID:2588

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2588-0-0x00000000029C0000-0x00000000029C1000-memory.dmp

        Filesize

        4KB

        Download