oski | 885e52307f6adb37083352ef06cd26243612018731c6ec8914664506d11ea70c | Triage

Sharing

General

Target

885E52307F6ADB37083352EF06CD26243612018731C6E.exe
Size

200KB
Sample

220901-lrmgqabfgn
MD5

ecb3be33e7b9240e66f41548c625a126
SHA1

5b458380b287151ab79230902134f17cbecf099d
SHA256

885e52307f6adb37083352ef06cd26243612018731c6ec8914664506d11ea70c
SHA512

9f3849e1667fff93f5e223e65bb5b28fd3fe002db920002070306ef5f81dd8009e0f50ef6885e01adbac42efd863b2b7b1957b07c01630e61858d489fab9c8ee
SSDEEP

3072:WfUomEuYm98dlSq7gt5q7Dx+XgS6aCEwhOfUbCalNT2pbB3fIQ1Xi6FLPo3c:WfUauY68uSWCx+XA7mg2pN51Ljo3c

Score

10^/10

oski infostealer spyware stealer

Malware Config

Extracted

Family

oski

C2

twinsoul.co.za

Targets

- Target
  
  885E52307F6ADB37083352EF06CD26243612018731C6E.exe
- Size
  
  200KB
- MD5
  
  ecb3be33e7b9240e66f41548c625a126
- SHA1
  
  5b458380b287151ab79230902134f17cbecf099d
- SHA256
  
  885e52307f6adb37083352ef06cd26243612018731c6ec8914664506d11ea70c
- SHA512
  
  9f3849e1667fff93f5e223e65bb5b28fd3fe002db920002070306ef5f81dd8009e0f50ef6885e01adbac42efd863b2b7b1957b07c01630e61858d489fab9c8ee
- SSDEEP
  
  3072:WfUomEuYm98dlSq7gt5q7Dx+XgS6aCEwhOfUbCalNT2pbB3fIQ1Xi6FLPo3c:WfUauY68uSWCx+XA7mg2pN51Ljo3c
Score

10^/10

oski infostealer spyware stealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

oskiinfostealerspywarestealer

behavioral2

oskiinfostealerspywarestealer