General
-
Target
Payload94.754.225.exe
-
Size
609KB
-
Sample
241103-kmsx9szjaz
-
MD5
987a79c800f109491dcbfbc589f940f2
-
SHA1
d0a7eedc6b908ffc728f287036696fd0688436f7
-
SHA256
07457423012b530efe135d313c7c3d509c0ec8f13dacd5751ddfce7c311182c7
-
SHA512
959c7e45f4ae3ab901f7aad2ed3d5d74861aa9d812df0bf1bd499afd759a2811b98dbba43e143c3a90f8fa7c4b7d8592e1aa60402de8cc62da409c30aad118ac
-
SSDEEP
12288:KZ543M5v7Kc3ygT2lXVCllX8peI7cQitqUmyq+1pmhM:SUiL3yjXUlu0I7vitqUmyq+1paM
Behavioral task
behavioral1
Sample
Payload94.754.225.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
Payload94.754.225.exe
-
Size
609KB
-
MD5
987a79c800f109491dcbfbc589f940f2
-
SHA1
d0a7eedc6b908ffc728f287036696fd0688436f7
-
SHA256
07457423012b530efe135d313c7c3d509c0ec8f13dacd5751ddfce7c311182c7
-
SHA512
959c7e45f4ae3ab901f7aad2ed3d5d74861aa9d812df0bf1bd499afd759a2811b98dbba43e143c3a90f8fa7c4b7d8592e1aa60402de8cc62da409c30aad118ac
-
SSDEEP
12288:KZ543M5v7Kc3ygT2lXVCllX8peI7cQitqUmyq+1pmhM:SUiL3yjXUlu0I7vitqUmyq+1paM
-
Osiris family
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-