Extracted

• • Target

    Request For Qoutation and Company Profile for.exe

  • Size

    832KB

  • MD5

    5be68e2fdd151ab51beb125c8796d3ac

  • SHA1

    4eaf09cda6d4ce743b2aa5b274cb66b6a58f7f4f

  • SHA256

    b1d3c9d99b280d0b6c75efbf271254f8081cf947b77d51ff8fa9fa67e61e6513

  • SHA512

    ca7a46b577c48e3ae8b86bd62b8a364ca085464823ec8f32c6f630d13cd9bc9db75de9c74ec7c2aa5ad45cc4c5bf3e41f16732b0b6502ae0dc0b074b788430cd

  Score

  10^/10

  oskidiscoveryinfostealerspywarestealer

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Downloads MZ/PE file

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1behavioral2