osiris | cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a | Triage

Resubmissions

07-05-2024 12:34

240507-pr1k5aae36 10

07-05-2024 12:34

240507-prx51aae34 10

07-05-2024 12:34

240507-prvpwaae33 10

07-05-2024 12:34

240507-prt4caae32 10

07-05-2024 12:34

240507-prs62sae28 10

25-04-2024 13:14

240425-qgqtlsbb44 10

Sharing

General

Target

cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a
Size

329KB
Sample

240425-qgqtlsbb44
MD5

c8cf269fcf175d316c6ae2fb694a9e62
SHA1

e5fe77d901aefdbe5c59408c047bfd6266f48d5d
SHA256

cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a
SHA512

f8c31b72ed05555680bfc4bcf27b579afe6daa60a37481e0f894a616f7ab92722017ab64c4d437c80edadd8d6f735ec47fa9f98a41bd83d17bfccdf985607d95
SSDEEP

6144:OiptXar/IK1Hp/eQUN/Y3ctEZotx3+FdkWaigxNeQpFpc0zCaQOQZzAmA40d3uOB:JHkIKdp/QwMKW3+FKHzxQGpc0zkOQZk7

Score

10^/10

osiris banker botnet

Malware Config

Targets

- Target
  
  cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a
- Size
  
  329KB
- MD5
  
  c8cf269fcf175d316c6ae2fb694a9e62
- SHA1
  
  e5fe77d901aefdbe5c59408c047bfd6266f48d5d
- SHA256
  
  cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a
- SHA512
  
  f8c31b72ed05555680bfc4bcf27b579afe6daa60a37481e0f894a616f7ab92722017ab64c4d437c80edadd8d6f735ec47fa9f98a41bd83d17bfccdf985607d95
- SSDEEP
  
  6144:OiptXar/IK1Hp/eQUN/Y3ctEZotx3+FdkWaigxNeQpFpc0zCaQOQZzAmA40d3uOB:JHkIKdp/QwMKW3+FKHzxQGpc0zkOQZk7
Score

10^/10

osiris banker botnet
- Osiris
  banker botnet osiris
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2 behavioral3 behavioral4 behavioral5

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Proxy

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

osirisbankerbotnet

behavioral2

osirisbankerbotnet

behavioral3

osirisbankerbotnet

behavioral4

osirisbankerbotnet

behavioral5

osirisbankerbotnet