Overview

overview

10

Static

static

caf1bf6339...20.exe

windows7_x64

10

caf1bf6339...20.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    caf1bf6339d21c8bf3451420e78097bf7c8fa0a6baad42afa9a4f32981864120

  • Size

    293KB

  • Sample

    220701-esmqjsbeen

  • MD5

    a0d0319e501904cd74e51782e1ab74f9

  • SHA1

    b8f7c45ecf8aaabccff860356f03ef02b65f12f6

  • SHA256

    caf1bf6339d21c8bf3451420e78097bf7c8fa0a6baad42afa9a4f32981864120

  • SHA512

    3cc308094f4dbacd5f9aabc45d074e0b0af08676a694cb2e2898d1880646b22a0b64bbc0211ebf53fea7e6de34c631df6d5632c834298e432f804f7b8f593f10

Score
10/10
oskiinfostealerspywarestealer

Malware Config

Extracted

Family

oski

C2

ivchenkosvetlana.online

Targets

    • Target

      caf1bf6339d21c8bf3451420e78097bf7c8fa0a6baad42afa9a4f32981864120

    • Size

      293KB

    • MD5

      a0d0319e501904cd74e51782e1ab74f9

    • SHA1

      b8f7c45ecf8aaabccff860356f03ef02b65f12f6

    • SHA256

      caf1bf6339d21c8bf3451420e78097bf7c8fa0a6baad42afa9a4f32981864120

    • SHA512

      3cc308094f4dbacd5f9aabc45d074e0b0af08676a694cb2e2898d1880646b22a0b64bbc0211ebf53fea7e6de34c631df6d5632c834298e432f804f7b8f593f10

    Score
    10/10
    oskiinfostealerspywarestealer

    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

      infostealeroski

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks