oski | dd22eb456a9a1b80eb044458c761643ba2a47acbe1f98e76b0efecc9a80f4488 | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...34.exe

windows7_x64

SecuriteIn...34.exe

windows10_x64

Sharing

General

Target

SecuriteInfo.com.Mal.Generic-S.28463.8334
Size

772KB
Sample

201109-wb671rcjwx
MD5

65e641e56046e02afa450a6b45becbf3
SHA1

4ff9cc7a7322fb54a9f45d6bab2c71992a729ea7
SHA256

dd22eb456a9a1b80eb044458c761643ba2a47acbe1f98e76b0efecc9a80f4488
SHA512

d8dab099d9ee4efb2df7ed21ad1c3d9290bc230cf8db75c95f7e8f3cd63b8c8b20184043012a7f08a6b90eb2b175413b23a1cb53c9de59dce0d23c3f3d2913d7

Score

10^/10

oski discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Mal.Generic-S.28463.8334.exe

Resource

win7v20201028

oski discovery infostealer spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Mal.Generic-S.28463.8334.exe

Resource

win10v20201028

oski discovery infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Mal.Generic-S.28463.8334
- Size
  
  772KB
- MD5
  
  65e641e56046e02afa450a6b45becbf3
- SHA1
  
  4ff9cc7a7322fb54a9f45d6bab2c71992a729ea7
- SHA256
  
  dd22eb456a9a1b80eb044458c761643ba2a47acbe1f98e76b0efecc9a80f4488
- SHA512
  
  d8dab099d9ee4efb2df7ed21ad1c3d9290bc230cf8db75c95f7e8f3cd63b8c8b20184043012a7f08a6b90eb2b175413b23a1cb53c9de59dce0d23c3f3d2913d7
Score

10^/10

oski discovery infostealer spyware stealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

oskidiscoveryinfostealerspywarestealer

behavioral2

oskidiscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy