General

  • Target

    6483904bde570f741510bfb9e77989ad21dc5add07fbf26b9ceb6fd0a1862ef0.zip

  • Size

    250KB

  • Sample

    211110-z5d96afdcq

  • MD5

    77e028e14ac43bec7db4f125c1426f96

  • SHA1

    62f8b3509f8d3cc7a98fc29d948a3f295453a40e

  • SHA256

    e4b48a804e4d83b0c9223b60a7246d782cd08be28f3cf60339abe92e8620129b

  • SHA512

    0a841d0ccd092788ee108b3c81d8b39910573bc57e30528a3ee5eabf280a5cffd71592225089d01a4f0ed392065aeb65b42986a02b150deb7c87aecf59dbb561

Malware Config

Extracted

Family

oski

C2

vegas1e.xyz

Targets

    • Target

      6483904bde570f741510bfb9e77989ad21dc5add07fbf26b9ceb6fd0a1862ef0

    • Size

      376KB

    • MD5

      9cee74d7b71c02f3ece6d61cbe278c40

    • SHA1

      049539ce4239d4e2a7cb1a6f2ee154e30e421692

    • SHA256

      6483904bde570f741510bfb9e77989ad21dc5add07fbf26b9ceb6fd0a1862ef0

    • SHA512

      a64089c97a7aa9f24193d9f76230ec20b024470838309a4f3e324b48fa1209d52a03f98e8df9ef817f6f1564178f0f0ddf909d2c484c5d2dfa2a685a84415dbd

    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

1
T1082

Collection

Data from Local System

1
T1005

Tasks