Extracted

• • Target

    2d07cce707ba7637c75311e428b10c88534cc71023f2b1265c0de3af452ba996

  • Size

    608KB

  • MD5

    a513dcf625df4909a341fa22995ce99c

  • SHA1

    6746281bfd98f359bb2ed40da4a7e5f78f25c0a2

  • SHA256

    2d07cce707ba7637c75311e428b10c88534cc71023f2b1265c0de3af452ba996

  • SHA512

    81c5b8fc6e3a93702f42d482348fe61e448b876f29869003f9d47606b8a08bdf572c9e1e8aaf4759430a940357cc1119bb86e2a81d407b145209fd5eaa0e416e

  • SSDEEP

    12288:C8HN29FWOs+sxEVvib9ybSYQSXdNzUSGq0Ygsv:PHN7xl5yWydxUSGq0Ygs

  Score

  10^/10

  oskiinfostealerspywarestealer

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2