oski | 74fed62553501ee21a1ec9bfd2e0d3785dec401249c9da3154fbe6b10c713038 | Triage

Submit
Reports

Overview

overview

Static

static

8

74fed62553...38.exe

windows7_x64

74fed62553...38.exe

windows10-2004_x64

Sharing

General

Target

74fed62553501ee21a1ec9bfd2e0d3785dec401249c9da3154fbe6b10c713038
Size

1.2MB
Sample

220524-bqxwysehgq
MD5

0040b750f231f0eeb175a48aebab5b48
SHA1

b5446600d2df181c644f9ab582f6d99440727616
SHA256

74fed62553501ee21a1ec9bfd2e0d3785dec401249c9da3154fbe6b10c713038
SHA512

58504c6b4be1c801a68d7d0339254bdf9e49a2ca8865ab7cfb9e7791fe1cf0447ed52ca395b2b160d31f7ab8ea5baff10e60a33dcce708d65b3e896bdd0f5532

Score

10^/10

oski infostealer spyware stealer vmprotect

Static task

static1

Behavioral task

behavioral1

Sample

74fed62553501ee21a1ec9bfd2e0d3785dec401249c9da3154fbe6b10c713038.exe

Resource

win7-20220414-en

oski infostealer spyware stealer vmprotect

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

74fed62553501ee21a1ec9bfd2e0d3785dec401249c9da3154fbe6b10c713038.exe

Resource

win10v2004-20220414-en

oski infostealer spyware stealer vmprotect

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  74fed62553501ee21a1ec9bfd2e0d3785dec401249c9da3154fbe6b10c713038
- Size
  
  1.2MB
- MD5
  
  0040b750f231f0eeb175a48aebab5b48
- SHA1
  
  b5446600d2df181c644f9ab582f6d99440727616
- SHA256
  
  74fed62553501ee21a1ec9bfd2e0d3785dec401249c9da3154fbe6b10c713038
- SHA512
  
  58504c6b4be1c801a68d7d0339254bdf9e49a2ca8865ab7cfb9e7791fe1cf0447ed52ca395b2b160d31f7ab8ea5baff10e60a33dcce708d65b3e896bdd0f5532
Score

10^/10

oski infostealer spyware stealer vmprotect
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

oskiinfostealerspywarestealervmprotect

behavioral2

oskiinfostealerspywarestealervmprotect

© 2018-2025

Terms | Privacy