osiris | 37c34bc3b886f0995b0ba57fec6d33eee5c98d200fddc2c50feeef10c51adf5e | Triage

Resubmissions

18-04-2024 11:13

240418-nbxzmabc92 10

18-04-2024 11:13

240418-nbqkjscf2x 10

18-04-2024 11:12

240418-nbbrdsce9w 10

18-04-2024 11:12

240418-nba5vsbc82 10

18-04-2024 11:12

240418-nbat4abc79 10

18-04-2024 09:58

240418-lzkcbshg55 10

Sharing

General

Target

37c34bc3b886f0995b0ba57fec6d33eee5c98d200fddc2c50feeef10c51adf5e
Size

791KB
Sample

240418-nba5vsbc82
MD5

79614c2110f224d0ef0bb674304ca2d2
SHA1

eb1f200aaeb480c9ed8c4e694e80efb27cb7db1f
SHA256

37c34bc3b886f0995b0ba57fec6d33eee5c98d200fddc2c50feeef10c51adf5e
SHA512

887ebba92b9d361467e5f26d478a6296e4405f8954a9ae69d38bf83372f5a1ab772aa2cc38f5b9305135aab527219209e9175936eccb25f31749fd0bbd5c28c7
SSDEEP

12288:OGoOiNM1QcKQkjLSKjrecrE5bglF2Yg5BeV9V8XpcXAD1u2F43md8ds7NZQmvS2t:OGwV17acI5bglsQ+5cwD1b40csYvg

Score

10^/10

osiris banker botnet

Malware Config

Targets

- Target
  
  37c34bc3b886f0995b0ba57fec6d33eee5c98d200fddc2c50feeef10c51adf5e
- Size
  
  791KB
- MD5
  
  79614c2110f224d0ef0bb674304ca2d2
- SHA1
  
  eb1f200aaeb480c9ed8c4e694e80efb27cb7db1f
- SHA256
  
  37c34bc3b886f0995b0ba57fec6d33eee5c98d200fddc2c50feeef10c51adf5e
- SHA512
  
  887ebba92b9d361467e5f26d478a6296e4405f8954a9ae69d38bf83372f5a1ab772aa2cc38f5b9305135aab527219209e9175936eccb25f31749fd0bbd5c28c7
- SSDEEP
  
  12288:OGoOiNM1QcKQkjLSKjrecrE5bglF2Yg5BeV9V8XpcXAD1u2F43md8ds7NZQmvS2t:OGwV17acI5bglsQ+5cwD1b40csYvg
Score

10^/10

osiris banker botnet
- Osiris
  banker botnet osiris
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2 behavioral3 behavioral4 behavioral5

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Proxy

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

osirisbankerbotnet

behavioral2

osirisbankerbotnet

behavioral3

osirisbankerbotnet

behavioral4

osirisbankerbotnet

behavioral5

osirisbankerbotnet