Overview

overview

10

Static

static

3

8086778c10...18.exe

windows7-x64

10

8086778c10...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8086778c1015d255bfbf3558aa88c4e2_JaffaCakes118

  • Size

    629KB

  • Sample

    240529-m6ntrscd5x

  • MD5

    8086778c1015d255bfbf3558aa88c4e2

  • SHA1

    23af1b1714fe0286a4031f2798ae19dd4f7305b6

  • SHA256

    a073b78de7b2b5d859a17812585f825fbf71fbd940fa208f6853c744c1c64359

  • SHA512

    1e9866e7da258279b3bad74b72d2e44eaa7e190f535d630e69206bdd22259889e58481ebd1128aae4006cd98843e5c03bda7feda0efc68eb6c843ed6f22516a2

  • SSDEEP

    12288:xy5YtC/DXhT2t6Fm2j/6a7CvLjOFfbwwV+:johT2CXLwwV

Score
10/10
osirisbankerbotnet

Malware Config

Targets

    • Target

      8086778c1015d255bfbf3558aa88c4e2_JaffaCakes118

    • Size

      629KB

    • MD5

      8086778c1015d255bfbf3558aa88c4e2

    • SHA1

      23af1b1714fe0286a4031f2798ae19dd4f7305b6

    • SHA256

      a073b78de7b2b5d859a17812585f825fbf71fbd940fa208f6853c744c1c64359

    • SHA512

      1e9866e7da258279b3bad74b72d2e44eaa7e190f535d630e69206bdd22259889e58481ebd1128aae4006cd98843e5c03bda7feda0efc68eb6c843ed6f22516a2

    • SSDEEP

      12288:xy5YtC/DXhT2t6Fm2j/6a7CvLjOFfbwwV+:johT2CXLwwV

    Score
    10/10
    osirisbankerbotnet

    • Osiris

      bankerbotnetosiris

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks