oski | aa33731aa48e2ea6d1eaab7c425f9001182c0e73e0226eb01145d6b78d7cb9eb | Triage

Submit
Reports

Overview

overview

Static

static

aa33731aa4...in.exe

windows7_x64

aa33731aa4...in.exe

windows10_x64

Sharing

General

Target

aa33731aa48e2ea6d1eaab7c425f9001182c0e73e0226eb01145d6b78d7cb9eb.bin
Size

335KB
Sample

210430-zvvam51a32
MD5

5290a07ab2ae996e94dd6a6f4b552e80
SHA1

ec6297783caed61293b45bfdd26652d2e72aaee4
SHA256

aa33731aa48e2ea6d1eaab7c425f9001182c0e73e0226eb01145d6b78d7cb9eb
SHA512

0c3e5c7743f3da52b6f5165afce309b5d9504954f6117bd37091df32763d2959f9dfb24fef1164fcbe4aada019d9b67400b4f62582ad6fa3b6b1ea11b67e2f43

Score

10^/10

oski discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

aa33731aa48e2ea6d1eaab7c425f9001182c0e73e0226eb01145d6b78d7cb9eb.bin.exe

Resource

win7v20210408

oski discovery infostealer spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

aa33731aa48e2ea6d1eaab7c425f9001182c0e73e0226eb01145d6b78d7cb9eb.bin.exe

Resource

win10v20210410

oski discovery infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

oski

C2

sl9XA73g7u3EO07WT42n7f4vIn5fZH.biz

Targets

- Target
  
  aa33731aa48e2ea6d1eaab7c425f9001182c0e73e0226eb01145d6b78d7cb9eb.bin
- Size
  
  335KB
- MD5
  
  5290a07ab2ae996e94dd6a6f4b552e80
- SHA1
  
  ec6297783caed61293b45bfdd26652d2e72aaee4
- SHA256
  
  aa33731aa48e2ea6d1eaab7c425f9001182c0e73e0226eb01145d6b78d7cb9eb
- SHA512
  
  0c3e5c7743f3da52b6f5165afce309b5d9504954f6117bd37091df32763d2959f9dfb24fef1164fcbe4aada019d9b67400b4f62582ad6fa3b6b1ea11b67e2f43
Score

10^/10

oski discovery infostealer spyware stealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

oskidiscoveryinfostealerspywarestealer

behavioral2

oskidiscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy