General

  • Target

    582363dcb0054210fb88aad873cb38b404d7f30a8c54219644b758b260faf5eb

  • Size

    341KB

  • Sample

    220320-c6zadsfce4

  • MD5

    3db40f1ac82a3bb9a512d822327c0a77

  • SHA1

    a076c95cd30946d97acb0dc5af9c4e8717d411bc

  • SHA256

    582363dcb0054210fb88aad873cb38b404d7f30a8c54219644b758b260faf5eb

  • SHA512

    f1983a3fe2cba4375e7bce681dbe79178ca9ed0b20ae1914eb17116ca906fdd8cddca8bf71d2cb72416ee8ee221f0c49cf0f15ccc8da6d67f7937f900c6f9a0f

Malware Config

Targets

    • Target

      582363dcb0054210fb88aad873cb38b404d7f30a8c54219644b758b260faf5eb

    • Size

      341KB

    • MD5

      3db40f1ac82a3bb9a512d822327c0a77

    • SHA1

      a076c95cd30946d97acb0dc5af9c4e8717d411bc

    • SHA256

      582363dcb0054210fb88aad873cb38b404d7f30a8c54219644b758b260faf5eb

    • SHA512

      f1983a3fe2cba4375e7bce681dbe79178ca9ed0b20ae1914eb17116ca906fdd8cddca8bf71d2cb72416ee8ee221f0c49cf0f15ccc8da6d67f7937f900c6f9a0f

    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks