oski | 2ead76cdf40f1400d4f9efa5c76c72fbe4dab4cef0c73d694836e9480d415fa1 | Triage

Submit
Reports

Overview

overview

Static

static

1

21a256e588...07.ps1

windows7-x64

1

21a256e588...07.ps1

windows10-2004-x64

Sharing

General

Target

21a256e5887cb8472f38a391fa9f3f07
Size

485KB
Sample

231221-27bm6abeg7
MD5

21a256e5887cb8472f38a391fa9f3f07
SHA1

e00e22ccefc0af52fbbae04a753d504a2da76dc7
SHA256

2ead76cdf40f1400d4f9efa5c76c72fbe4dab4cef0c73d694836e9480d415fa1
SHA512

293ae268a3690a022b609785a67639087e983ac13006ea661ad911f921766b83df6ee14e18040d9506e398a143652edd00b453c975b9a16714d061e4a7bcdaa0
SSDEEP

12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64Nigu:q3Cu

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

21a256e5887cb8472f38a391fa9f3f07.ps1

Resource

win7-20231215-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

21a256e5887cb8472f38a391fa9f3f07.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l36/

Targets

- Target
  
  21a256e5887cb8472f38a391fa9f3f07
- Size
  
  485KB
- MD5
  
  21a256e5887cb8472f38a391fa9f3f07
- SHA1
  
  e00e22ccefc0af52fbbae04a753d504a2da76dc7
- SHA256
  
  2ead76cdf40f1400d4f9efa5c76c72fbe4dab4cef0c73d694836e9480d415fa1
- SHA512
  
  293ae268a3690a022b609785a67639087e983ac13006ea661ad911f921766b83df6ee14e18040d9506e398a143652edd00b453c975b9a16714d061e4a7bcdaa0
- SSDEEP
  
  12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64Nigu:q3Cu
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

oskiinfostealer

© 2018-2024

Terms | Privacy