oski | 6ff2df9ce53194ba8f0cd6f4b391513a024fa0c87db70a2abd27619fdcf395af | Triage

Sharing

General

Target

6ff2df9ce53194ba8f0cd6f4b391513a024fa0c87db70a2abd27619fdcf395af
Size

185KB
Sample

220625-kxj34sgbe9
MD5

45806f0f5bd793789640e2d387b360b7
SHA1

84723dc5257f3dbc04757223631f75407082a7cf
SHA256

6ff2df9ce53194ba8f0cd6f4b391513a024fa0c87db70a2abd27619fdcf395af
SHA512

8f82af8bd555a175e5699e2206492f7afc25efa4fde156816fb48e84566c1f494141c5d3c55e662c4f72bc2e9569a613499068d60ad35f9fc93a4a96d5d523cd

Score

10^/10

oski infostealer spyware stealer

Malware Config

Extracted

Family

oski

C2

fontdrvhost.xyz

Targets

- Target
  
  6ff2df9ce53194ba8f0cd6f4b391513a024fa0c87db70a2abd27619fdcf395af
- Size
  
  185KB
- MD5
  
  45806f0f5bd793789640e2d387b360b7
- SHA1
  
  84723dc5257f3dbc04757223631f75407082a7cf
- SHA256
  
  6ff2df9ce53194ba8f0cd6f4b391513a024fa0c87db70a2abd27619fdcf395af
- SHA512
  
  8f82af8bd555a175e5699e2206492f7afc25efa4fde156816fb48e84566c1f494141c5d3c55e662c4f72bc2e9569a613499068d60ad35f9fc93a4a96d5d523cd
Score

10^/10

oski infostealer spyware stealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

oskiinfostealerspywarestealer

behavioral2

oskiinfostealerspywarestealer