Extracted

• • Target

    532833e85f8f4777d3ac55833d80ffcbf4e337b33f1fda3eb2025a6964694c92

  • Size

    1.2MB

  • MD5

    f754d2350f759e84607ac814a850dd2c

  • SHA1

    dc3074efd9092b42d7b633663ffc3fad876bec06

  • SHA256

    532833e85f8f4777d3ac55833d80ffcbf4e337b33f1fda3eb2025a6964694c92

  • SHA512

    baaf7b758265dd8b5128f6a6f4e39a14be3e8dcd9ea558c6b01c1dc1f7d0a64c98b4570457f82d8b844f2ebcbd80e7981b29af1ca655154a6b1c79b68374e57d

  Score

  10^/10

  oskiinfostealerspywarestealersuricata

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern

    suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern

    suricata

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2