oski | adddf3a8edacd49f26632d6e2db61c77c1e4f52a0f3ef042528f15eba7aab610 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

adddf3a8ed...10.exe

windows7_x64

adddf3a8ed...10.exe

windows10-2004_x64

Sharing

General

Target

adddf3a8edacd49f26632d6e2db61c77c1e4f52a0f3ef042528f15eba7aab610
Size

502KB
Sample

220625-lwazgshff7
MD5

ab5be0d669ea17b096b0ab7f70c46d31
SHA1

c0baca7a79c5acbe9b1a326539798599308ad94b
SHA256

adddf3a8edacd49f26632d6e2db61c77c1e4f52a0f3ef042528f15eba7aab610
SHA512

81362639d5e390577403e299df111017ca0246092234c3bdb40968b9cab0ff4ddfaab51c2ed75d253dfd718c682da216ff4d544b828b102b8f94f297e3e55d42

Score

10^/10

oski infostealer rezer0

Static task

static1

Behavioral task

behavioral1

Sample

adddf3a8edacd49f26632d6e2db61c77c1e4f52a0f3ef042528f15eba7aab610.exe

Resource

win7-20220414-en

oski infostealer rezer0

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

adddf3a8edacd49f26632d6e2db61c77c1e4f52a0f3ef042528f15eba7aab610.exe

Resource

win10v2004-20220414-en

oski infostealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

oski

C2

serhuwadwtr.xyz

Targets

- Target
  
  adddf3a8edacd49f26632d6e2db61c77c1e4f52a0f3ef042528f15eba7aab610
- Size
  
  502KB
- MD5
  
  ab5be0d669ea17b096b0ab7f70c46d31
- SHA1
  
  c0baca7a79c5acbe9b1a326539798599308ad94b
- SHA256
  
  adddf3a8edacd49f26632d6e2db61c77c1e4f52a0f3ef042528f15eba7aab610
- SHA512
  
  81362639d5e390577403e299df111017ca0246092234c3bdb40968b9cab0ff4ddfaab51c2ed75d253dfd718c682da216ff4d544b828b102b8f94f297e3e55d42
Score

10^/10

oski infostealer rezer0
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- ReZer0 packer
  Detects ReZer0, a packer with multiple versions used in various campaigns.
  rezer0
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

oskiinfostealerrezer0

behavioral2

oskiinfostealer

© 2018-2025

Terms | Privacy