General

  • Target

    8642746290.zip

  • Size

    100KB

  • Sample

    221223-vagdtagg46

  • MD5

    14e2ba30455bc49d52a79aac9308562b

  • SHA1

    92e854b0f68546516ae8c5aa368f1ea6c5a12698

  • SHA256

    5081336887096e6b585b69e35b2b4b6fb0f2ed9154d51f96216be598e8ba5300

  • SHA512

    f61e26545276a9f67df5dff712eb38cae16117b0719b5cdd92045b668dae153968a6680c2cbf0179bb0953951f1c70a2a3e29999c683f44dd51a10e620f8f201

  • SSDEEP

    1536:JMhFyftkLYUi2oPJN7aIIqBXL4zDvCtpxOP2NjWIpVmLBKCQY4KSSPXgtN7cKV0w:YkV4Diz70qN4zD6G5IpVWzQYxPQt70bc

Malware Config

Extracted

Family

oski

C2

extracreditunion.online

Targets

    • Target

      081b94112d9086adb69bfff00827a9bc5d59826a50e37ab7109686fc71f5db62

    • Size

      200KB

    • MD5

      85ec820f8dda2f12dc1d56722a28f65d

    • SHA1

      a601e4ceeca0ee0c954bc7c4f9e52b529970815d

    • SHA256

      081b94112d9086adb69bfff00827a9bc5d59826a50e37ab7109686fc71f5db62

    • SHA512

      384331470851d6cc8c3dc77dd707704e4d9050f1e9f0cfd67b371260849fb981ac0bde93aa2516fe8d51ba33fada63c9590d8ae20a63328bf77440a481907cf0

    • SSDEEP

      3072:WfUomEuYm98dlSq7gt5q7Dx+XgS6aCEwhOfUbCalNT2pbB3fI71Xi6FLPo3c:WfUauY68uSWCx+XA7mg2pNC1Ljo3c

    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Tasks