Overview

overview

10

Static

static

2672e663c2...d0.exe

windows7_x64

1

2672e663c2...d0.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2672e663c20a2695b2b4dadb2162bb7fe8c037d34eaa9660181dd529fa0c04d0

  • Size

    458KB

  • Sample

    220512-n1jhjagbdn

  • MD5

    c5e62282e79fc994c3eea5ab5669a671

  • SHA1

    b3324b6272dc54ac34989d7af595064286c6870f

  • SHA256

    2672e663c20a2695b2b4dadb2162bb7fe8c037d34eaa9660181dd529fa0c04d0

  • SHA512

    32ef996dc8223ca0fd25c14fb6a6298295ee5ea9d56483e201c1d86497c76ed6fefe3154607847e0ffa0fed3306c9d5b0ffa9caabc3e243438639eb311e0974d

Score
10/10
oskiinfostealersuricata

Malware Config

Extracted

Family

oski

C2

45.8.228.100

Targets

    • Target

      2672e663c20a2695b2b4dadb2162bb7fe8c037d34eaa9660181dd529fa0c04d0

    • Size

      458KB

    • MD5

      c5e62282e79fc994c3eea5ab5669a671

    • SHA1

      b3324b6272dc54ac34989d7af595064286c6870f

    • SHA256

      2672e663c20a2695b2b4dadb2162bb7fe8c037d34eaa9660181dd529fa0c04d0

    • SHA512

      32ef996dc8223ca0fd25c14fb6a6298295ee5ea9d56483e201c1d86497c76ed6fefe3154607847e0ffa0fed3306c9d5b0ffa9caabc3e243438639eb311e0974d

    Score
    10/10
    oskiinfostealersuricata

    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

      infostealeroski

    • suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern

      suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern

      suricata

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks