Extracted

• • Target

    a9173de71087efdd86e903af04eb8e2d.exe

  • Size

    256KB

  • MD5

    a9173de71087efdd86e903af04eb8e2d

  • SHA1

    52c9d2a0b2a930070da73df07de39bf7c2f16691

  • SHA256

    1214ecff163eb393c89cdf5d4623b40eae8150af6ec578bbb26a535b66af822a

  • SHA512

    59cf21fd347ef58682ce084db25d1c2588b1277867c4429234e91221e4e2e234ca0e4de3b0f32d68baded47facd64bfadbd2b4871474d8d16105a53ed3d0aa96

  • SSDEEP

    6144:AfUauY68uSWCx+XA7mg2pNv1LjCei8TI3c:4wY68u1Cx+wm/pP7TI

  Score

  10^/10

  oskiinfostealerspywarestealer

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Downloads MZ/PE file

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware
  behavioral1behavioral2