oski | a1fb5c784bc7054210483191ef7a6c47da443b4283442de4eb0d297bce669751 | Triage

Sharing

General

Target

c927fbf0a308f0a52924210896ab4efa.exe
Size

200KB
Sample

230102-gakjksde84
MD5

c927fbf0a308f0a52924210896ab4efa
SHA1

6e139eeb5094862192d5f260b2a62beec9b910f4
SHA256

a1fb5c784bc7054210483191ef7a6c47da443b4283442de4eb0d297bce669751
SHA512

801ec93cc41051deb1c07818f0935c8b0c087bcf9971e1c43dd1745a0556f6b52ea34f02dfd2d508c95a1ea4f19a3695545cf42c40fefe464c01a9997aa4c3de
SSDEEP

3072:WfUomEuYm98dlSq7gt5q7Dx+XgS6aCEwhOfUbCalNT2pbB3fI21Xi6FLPo3c:WfUauY68uSWCx+XA7mg2pNj1Ljo3c

Score

10^/10

oski infostealer spyware stealer

Malware Config

Extracted

Family

oski

C2

mulkano.wwwhost.us

Targets

- Target
  
  c927fbf0a308f0a52924210896ab4efa.exe
- Size
  
  200KB
- MD5
  
  c927fbf0a308f0a52924210896ab4efa
- SHA1
  
  6e139eeb5094862192d5f260b2a62beec9b910f4
- SHA256
  
  a1fb5c784bc7054210483191ef7a6c47da443b4283442de4eb0d297bce669751
- SHA512
  
  801ec93cc41051deb1c07818f0935c8b0c087bcf9971e1c43dd1745a0556f6b52ea34f02dfd2d508c95a1ea4f19a3695545cf42c40fefe464c01a9997aa4c3de
- SSDEEP
  
  3072:WfUomEuYm98dlSq7gt5q7Dx+XgS6aCEwhOfUbCalNT2pbB3fI21Xi6FLPo3c:WfUauY68uSWCx+XA7mg2pNj1Ljo3c
Score

10^/10

oski infostealer spyware stealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

oskiinfostealerspywarestealer

behavioral2

oskiinfostealerspywarestealer