Extracted

• • Target

    4ac1f3c7d6751d5f161f82483bbcf27b795d3b205391acbde576094da81badfc.bin

  • Size

    4.8MB

  • MD5

    e20c33f2403cd0bc0b8cf425586ef01c

  • SHA1

    0d55b0167cffeaaea07493b5ff3b0ca3e54d67c5

  • SHA256

    4ac1f3c7d6751d5f161f82483bbcf27b795d3b205391acbde576094da81badfc

  • SHA512

    2308573c4b9277dbcf7cc93511ff9ecbc3340edb20c86772aa0a326e5c6621abc4b770d59e479af55f5ae0f011203b42048d43387eae500da31a85b9831cbb14

  • SSDEEP

    98304:83ReZRsg6m4bZTqS1CGjqc9kfqfVhJaI/M4KBMzWOBfB+sV7q3R2u5I:KUs3mir1CzCSSM4zKI7q4Z

  Score

  10^/10

  oskiinfostealerspywarestealer

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  behavioral1behavioral2