oski | 0f95674881b43d8ef2847c7794b00bb4b4e0d94cb8f8099d0d5108d09303b9bf | Triage

Submit
Reports

Overview

overview

Static

static

0021b817e1...44.exe

windows7_x64

0021b817e1...44.exe

windows10-2004_x64

Sharing

General

Target

7527956130.zip
Size

1.1MB
Sample

220527-1vjbssabeq
MD5

0c7afef652cac2b1db2a16e6fd6bac44
SHA1

484cfbda7f73dd51d3df08fa354a7559ea92748b
SHA256

0f95674881b43d8ef2847c7794b00bb4b4e0d94cb8f8099d0d5108d09303b9bf
SHA512

e38391a4c0bbea1c888461fc5a6f34b1a5b674617281aba9ac4eed27a70c9f57a43aa15938725752552975a7b0b23d27d5323ef1034d009ef96c2378a7488426

Score

10^/10

oski infostealer suricata

Static task

static1

Behavioral task

behavioral1

Sample

0021b817e1306a450e86beb8fd3eb204f027d193b317500739ebc38324f89b44.exe

Resource

win7-20220414-en

oski infostealer suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0021b817e1306a450e86beb8fd3eb204f027d193b317500739ebc38324f89b44.exe

Resource

win10v2004-20220414-en

oski infostealer suricata

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

oski

C2

chika1992.xyz

Targets

- Target
  
  0021b817e1306a450e86beb8fd3eb204f027d193b317500739ebc38324f89b44
- Size
  
  1.3MB
- MD5
  
  a66e0719560248b1c5a9cb1b28f66b41
- SHA1
  
  f77ed452781f5b60702c26a78249b667094dbe95
- SHA256
  
  0021b817e1306a450e86beb8fd3eb204f027d193b317500739ebc38324f89b44
- SHA512
  
  5d731685aac8a8a4bdf92854649a24cc24ea4bbb0a5339624b68d0476d47961fcdb47dbbf1e64c7606a78a1d7adec57aa32feb98b157cfe7615462784d7bf9b5
Score

10^/10

oski infostealer suricata
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
  suricata: ET MALWARE Vidar/Arkei/Megumin/Oski Stealer HTTP POST Pattern
  suricata
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

oskiinfostealersuricata

behavioral2

oskiinfostealersuricata

© 2018-2024

Terms | Privacy