Extracted

• • Target

    b3344d57c132a4ea95c92fd21c597590

  • Size

    441KB

  • MD5

    b3344d57c132a4ea95c92fd21c597590

  • SHA1

    26f255504c86d3ee652c88450ac8ef9d49651d11

  • SHA256

    b5a1a2fbb4786f68248ba11b8780b8c8294ed881fed3c362c54b0560e1cb2018

  • SHA512

    483b50f0b49555065e2b395246567f2f8a925ed13df43dd96438aac4a6aacae37ab25af61ce85d21de3d9e9ff23ef24f37eccae69d377a2ad5ae44a4acedf370

  • SSDEEP

    12288:EAodPtkt4pss2IBgWbtAZPSNvg4JQLIGcmq9W:EAgVziIBgW5Ax2g4+7cv8

  Score

  10^/10

  oskiinfostealerspywarestealer

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2