oski | b620a20d94e78625856a1abd0a3b89b097e2ff8e57861ab71186dd8f0d1d0994 | Triage

Sharing

General

Target

Oski_Cracked_ikramonayparibuda.com.bin.zip
Size

95KB
Sample

220518-dylvrsfdek
MD5

d141abfb61874ea8c860d52f47f182a6
SHA1

00c22ad62e1d69cdea5499e1d614fd73d02f9d15
SHA256

b620a20d94e78625856a1abd0a3b89b097e2ff8e57861ab71186dd8f0d1d0994
SHA512

59ce55af6ee3c6cbb10fba01e0dfa7be7161f4f8a5c58b5a110eb207a82c92b992c068dfc10089b784a89c864ae3cb9d6d562afc04ff4cdb70e4cc1c212c8d07

Score

10^/10

oski infostealer spyware stealer suricata

Malware Config

Extracted

Family

oski

C2

ikramonayparibuda.com

Targets

- Target
  
  Oski_Cracked_ikramonayparibuda.com.bin
- Size
  
  200KB
- MD5
  
  fac3ce44d5bc47212d4ea7ffcb4d49c8
- SHA1
  
  0ba6207e4716c3bad0b94cb4a9af64ec98c9b277
- SHA256
  
  5cf69dad4c558a23c29d77864b30f5321841c0e3c33044c1bb625a7a0cc2dd24
- SHA512
  
  7a3874f55d3e3b9640cfa0a2954f2618aa5d6c2ceb1a06ce259eff62af1c406a2a18ee6924236d509f95d9cf0741fdc9eff9ae7e6a6c22b6457a2c08037ec90b
Score

10^/10

oski infostealer spyware stealer suricata
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
  suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
  suricata
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

oskiinfostealerspywarestealersuricata