Extracted

• • Target

    FLP_1037850047.exe

  • Size

    379KB

  • MD5

    d32bc982566fbb8d81d3012779d3c320

  • SHA1

    74e5c60af59a50757abc29942c888fa43e854204

  • SHA256

    a59fbc4f9903ed18c989e87bc83073b463310ffe6c90a43c53400739719d0aae

  • SHA512

    de6afafb1412a652405072ba6f123383baa55e9287bbbef8a2e9c25edbfdebb6bf9e8aa1834caf386384096ce7eaa3c9dc03b7831f134ad8ccc4c98f066db699

  Score

  10^/10

  oskidiscoveryinfostealerspywarestealer

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Deletes itself

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2