Extracted

• • Target

    7610eebdfb8f0a1871fc6981414168af210ebd40c6148e2282b7d5c47faca413

  • Size

    293KB

  • MD5

    b8587f4bbee7e735a72d3652199342f7

  • SHA1

    3dcf20e70ec18584033d1cdfc3eeffc409ad88c4

  • SHA256

    7610eebdfb8f0a1871fc6981414168af210ebd40c6148e2282b7d5c47faca413

  • SHA512

    182e8f17d9f9a65e1df95f7050c9fc2a3423f0a2dbfa2faf2f5016930547532bd38d3e1e0eb41596abdf94bac6113293ba72d3006ae15f8c14db8b0cf8e093de

  • SSDEEP

    6144:/Q07BiMXZdbGmtcXTfI3x817i/GJsc950j/pPBlYLhZ+UfvpnDNt:/Q08MXZdGmtCQW17S4scDE/pPBlYLhZL

  Score

  10^/10

  oskiinfostealerpersistencespywarestealer

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2