General

  • Target

    5043690661904384.zip

  • Size

    813KB

  • Sample

    210810-anr6e5a72j

  • MD5

    3057ff8f122f45bd8e7f50f82ac37c93

  • SHA1

    596a85c9104e8e7ffdc9fe4b0ae71a930ede9eeb

  • SHA256

    c68d8bed488e490acc7d6a670d19310be84f6654ab1ab5df12b7e609631b234c

  • SHA512

    45e5ddec84c5048e74bde5aa4ecafc5f0537e9b04379bebfc3faa35ef5550956a52999e0802fa91095d4a0b2ee47b11bafe9e6dbc75d3ab3f7042b898723f37e

Score
10/10

Malware Config

Extracted

Family

oski

C2

45.85.90.86

Targets

    • Target

      686c0b6bb3f5fd25462af572778f2627644119893e9b079d6650cfaeb726fa88

    • Size

      1.1MB

    • MD5

      b0113ca4c2986241d53ffab5595c0585

    • SHA1

      2e8d6879df4696247122e1b3e34186bb1c2d30f5

    • SHA256

      686c0b6bb3f5fd25462af572778f2627644119893e9b079d6650cfaeb726fa88

    • SHA512

      6a99b8923cf9cd5fef3f75cf2d7c82cb5a45bf0c351324bae709da671e0a1fdaefa94c69e03757d9c69c95fe7043e5a5b69dc88b4216b9dd3f90fbfd1e8fb1b5

    Score
    10/10
    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks