Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

ef8854d445...18.exe

windows10-2004-x64

10

ef8854d445...18.exe

windows7-x64

10

ef8854d445...18.exe

windows10-1703-x64

10

ef8854d445...18.exe

windows10-2004-x64

10

ef8854d445...18.exe

windows11-21h2-x64

10

Resubmissions

17/04/2024, 15:13 UTC

240417-slw8asfa8t 10

17/04/2024, 15:13 UTC

240417-slwlrsfa71 10

17/04/2024, 15:13 UTC

240417-slwa1ade84 10

17/04/2024, 15:13 UTC

240417-slsvwade82 10

17/04/2024, 15:13 UTC

240417-slsj4sde79 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ef8854d445cff933d6ed5fc87e3a6eca_JaffaCakes118

  • Size

    3.6MB

  • Sample

    240417-slwlrsfa71

  • MD5

    ef8854d445cff933d6ed5fc87e3a6eca

  • SHA1

    88bf6e4c6a287c88fa739292959cef7d74288c25

  • SHA256

    1e2c6745afc6886504c7d49c03ec42b46e63530aa93e5ff1d5b2cbdd1ea1108d

  • SHA512

    3c6e10f6772b64ec9c9c643e086fda76d2dd1b24f099237c3403c43966d730ceff193f961204b2141fd8ece951b9d86e384ba69152c588069b523673dc259c88

  • SSDEEP

    49152:2pU1pIkY3RFCXgUG0xibD3QUaSalMG45TRVVqfMqJ7CdfAYQtTGC8:2psIbhYXJS3HaHM17Vqfz7sQti5

Score
10/10
osirisbankerbotnet

Malware Config

Targets

    • Target

      ef8854d445cff933d6ed5fc87e3a6eca_JaffaCakes118

    • Size

      3.6MB

    • MD5

      ef8854d445cff933d6ed5fc87e3a6eca

    • SHA1

      88bf6e4c6a287c88fa739292959cef7d74288c25

    • SHA256

      1e2c6745afc6886504c7d49c03ec42b46e63530aa93e5ff1d5b2cbdd1ea1108d

    • SHA512

      3c6e10f6772b64ec9c9c643e086fda76d2dd1b24f099237c3403c43966d730ceff193f961204b2141fd8ece951b9d86e384ba69152c588069b523673dc259c88

    • SSDEEP

      49152:2pU1pIkY3RFCXgUG0xibD3QUaSalMG45TRVVqfMqJ7CdfAYQtTGC8:2psIbhYXJS3HaHM17Vqfz7sQti5

    Score
    10/10
    osirisbankerbotnet

    • Osiris

      bankerbotnetosiris

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

    behavioral1behavioral2behavioral3behavioral4behavioral5

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.