General

  • Target

    e0654cd7e7028ee40cd105e89f67608b68c9c4d0b92471d88996bb2508db5e42

  • Size

    587KB

  • Sample

    220418-mydc3afed3

  • MD5

    9165866020db244460fb092b9de4b0b3

  • SHA1

    a8973b73ed75425f722bd4c0ea801d58b31094ef

  • SHA256

    e0654cd7e7028ee40cd105e89f67608b68c9c4d0b92471d88996bb2508db5e42

  • SHA512

    6605bc05fe84940161ac0b21023929b503c32b04129f570cc8d98f5909af0a68c445743c956f70aa6741df7373ad8825b91047fcebda0205eed7051ee8bf6ff2

Score
10/10

Malware Config

Extracted

Family

oski

C2

http://185.206.214.130/

Targets

    • Target

      e0654cd7e7028ee40cd105e89f67608b68c9c4d0b92471d88996bb2508db5e42

    • Size

      587KB

    • MD5

      9165866020db244460fb092b9de4b0b3

    • SHA1

      a8973b73ed75425f722bd4c0ea801d58b31094ef

    • SHA256

      e0654cd7e7028ee40cd105e89f67608b68c9c4d0b92471d88996bb2508db5e42

    • SHA512

      6605bc05fe84940161ac0b21023929b503c32b04129f570cc8d98f5909af0a68c445743c956f70aa6741df7373ad8825b91047fcebda0205eed7051ee8bf6ff2

    Score
    10/10
    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks