oski | c0fa9b79d5ff08641d2490f2942b205120e157e790bfb7540aaed7a0e69a1d49 | Triage

Submit
Reports

Overview

overview

Static

static

c0fa9b79d5...49.exe

windows7_x64

c0fa9b79d5...49.exe

windows10_x64

Sharing

General

Target

c0fa9b79d5ff08641d2490f2942b205120e157e790bfb7540aaed7a0e69a1d49
Size

200KB
Sample

210722-s6ths7fkk6
MD5

9c75d0a696028660f0f7333c2d3f5d8a
SHA1

3a3f86412b3d48bf9bf4f73fac3fc0d6c2a49293
SHA256

c0fa9b79d5ff08641d2490f2942b205120e157e790bfb7540aaed7a0e69a1d49
SHA512

58b1494fb5455e761ca99fdc80c6b648f23d1183355c0742ceb134bd0ac77a37385e736014319a1f801644ea741fab1ba9babb7b4323660f55870263c33bb000

Score

10^/10

oski infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

c0fa9b79d5ff08641d2490f2942b205120e157e790bfb7540aaed7a0e69a1d49.exe

Resource

win7v20210410

oski infostealer spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c0fa9b79d5ff08641d2490f2942b205120e157e790bfb7540aaed7a0e69a1d49.exe

Resource

win10v20210408

oski infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

oski

C2

103.153.76.164/we/mar2/

Targets

- Target
  
  c0fa9b79d5ff08641d2490f2942b205120e157e790bfb7540aaed7a0e69a1d49
- Size
  
  200KB
- MD5
  
  9c75d0a696028660f0f7333c2d3f5d8a
- SHA1
  
  3a3f86412b3d48bf9bf4f73fac3fc0d6c2a49293
- SHA256
  
  c0fa9b79d5ff08641d2490f2942b205120e157e790bfb7540aaed7a0e69a1d49
- SHA512
  
  58b1494fb5455e761ca99fdc80c6b648f23d1183355c0742ceb134bd0ac77a37385e736014319a1f801644ea741fab1ba9babb7b4323660f55870263c33bb000
Score

10^/10

oski infostealer spyware stealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

oskiinfostealerspywarestealer

behavioral2

oskiinfostealerspywarestealer

© 2018-2024

Terms | Privacy