Extracted

• • Target

    379ab7eebd100778e2605df3c32da046.exe

  • Size

    595KB

  • MD5

    379ab7eebd100778e2605df3c32da046

  • SHA1

    cba7f97fb75338262c97549608a653c155150813

  • SHA256

    0d680dba51deffe04686d1df8c87de9c6c0310f7060bf4cfb0079a2f25caef10

  • SHA512

    f95a923b84b7594a464bcf981e01af94d4e4d1d3bc98e52c022aac12c9393106fe1fda97a66b15cfdae867e2272585a1a99e6e7237f823fde6c0183c6676a7a3

  Score

  10^/10

  oskiinfostealerpersistence

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2