Overview

overview

10

Static

static

f7a799555a...ce.exe

windows7_x64

10

f7a799555a...ce.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f7a799555a5177453ec51b3b9eeb9dc470e5f355b970bfbdf7dfd49e901ff4ce

  • Size

    767KB

  • Sample

    220524-zwbsnsgbc8

  • MD5

    1e8e6c7b0357b7590f694162733e1f2f

  • SHA1

    fc2ea46d76bc7ab12ada51226b655771422ec343

  • SHA256

    f7a799555a5177453ec51b3b9eeb9dc470e5f355b970bfbdf7dfd49e901ff4ce

  • SHA512

    23a2e7544fcf2db2b7f28cefe03c7826d1f575ed6c8f8a5f4a0a1c2ea48f6f0f3e6c7529b04793f6404bdda9b651a090ed8a29277e05665f4547cd23a24177f8

Score
10/10
oskiinfostealerspywarestealer

Malware Config

Extracted

Family

oski

C2

levitt.ug

Targets

    • Target

      f7a799555a5177453ec51b3b9eeb9dc470e5f355b970bfbdf7dfd49e901ff4ce

    • Size

      767KB

    • MD5

      1e8e6c7b0357b7590f694162733e1f2f

    • SHA1

      fc2ea46d76bc7ab12ada51226b655771422ec343

    • SHA256

      f7a799555a5177453ec51b3b9eeb9dc470e5f355b970bfbdf7dfd49e901ff4ce

    • SHA512

      23a2e7544fcf2db2b7f28cefe03c7826d1f575ed6c8f8a5f4a0a1c2ea48f6f0f3e6c7529b04793f6404bdda9b651a090ed8a29277e05665f4547cd23a24177f8

    Score
    10/10
    oskiinfostealerspywarestealer

    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

      infostealeroski

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks