oski | ca7ea5639f68059383b50c24c2428e60de949a65a6d5bec9266c4fa8526e1621 | Triage

Sharing

General

Target

2034F7E2DEE001E94FE81EA7F10456FD.exe
Size

200KB
Sample

230417-k194psdf32
MD5

2034f7e2dee001e94fe81ea7f10456fd
SHA1

75075fcc9073e71dc7f4c3f478a6b78b12326833
SHA256

ca7ea5639f68059383b50c24c2428e60de949a65a6d5bec9266c4fa8526e1621
SHA512

3458b41efcea959471ffd4b544e2a5b0b9e3bbb6027a1c12c5cb9766ebc876c5e53082c33c2be09b88a74f808a5796fb0478f606e461667885eb664d5c6ba3e4
SSDEEP

3072:WfUomEuYm98dlSq7gt5q7Dx+XgS6aCEwhOfUbCalNT2pbB3fId1Xi6FLPo3c:WfUauY68uSWCx+XA7mg2pNs1Ljo3c

Score

10^/10

oski infostealer spyware stealer

Malware Config

Extracted

Family

oski

C2

http://itskuba.com/1g

Targets

- Target
  
  2034F7E2DEE001E94FE81EA7F10456FD.exe
- Size
  
  200KB
- MD5
  
  2034f7e2dee001e94fe81ea7f10456fd
- SHA1
  
  75075fcc9073e71dc7f4c3f478a6b78b12326833
- SHA256
  
  ca7ea5639f68059383b50c24c2428e60de949a65a6d5bec9266c4fa8526e1621
- SHA512
  
  3458b41efcea959471ffd4b544e2a5b0b9e3bbb6027a1c12c5cb9766ebc876c5e53082c33c2be09b88a74f808a5796fb0478f606e461667885eb664d5c6ba3e4
- SSDEEP
  
  3072:WfUomEuYm98dlSq7gt5q7Dx+XgS6aCEwhOfUbCalNT2pbB3fId1Xi6FLPo3c:WfUauY68uSWCx+XA7mg2pNs1Ljo3c
Score

10^/10

oski infostealer spyware stealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

oskiinfostealerspywarestealer

behavioral2

oskiinfostealerspywarestealer