oski | 10dee76aaab7ab2441547cd74e8a282fb349e3e023c73f958d212db7ad09b313 | Triage

Submit
Reports

Overview

overview

Static

static

1

05df1a35f2...77.ps1

windows7-x64

1

05df1a35f2...77.ps1

windows10-2004-x64

Sharing

General

Target

05df1a35f25ff857db2e24c1dcb65777
Size

485KB
Sample

231221-zkdswsgag3
MD5

05df1a35f25ff857db2e24c1dcb65777
SHA1

6950118354e4cfcccac686d6ac11d229cae8fc96
SHA256

10dee76aaab7ab2441547cd74e8a282fb349e3e023c73f958d212db7ad09b313
SHA512

3ad73346dec9f0bf84bc04b2364bcc99bade5d2ed1607f88fd9301fb268a0171af3ddb3d195b4081b6c7aa45069443b47fe908e70c26fda625f1559b57ba273a
SSDEEP

12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64rigu:q3cu

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

05df1a35f25ff857db2e24c1dcb65777.ps1

Resource

win7-20231215-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

05df1a35f25ff857db2e24c1dcb65777.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l29/

Targets

- Target
  
  05df1a35f25ff857db2e24c1dcb65777
- Size
  
  485KB
- MD5
  
  05df1a35f25ff857db2e24c1dcb65777
- SHA1
  
  6950118354e4cfcccac686d6ac11d229cae8fc96
- SHA256
  
  10dee76aaab7ab2441547cd74e8a282fb349e3e023c73f958d212db7ad09b313
- SHA512
  
  3ad73346dec9f0bf84bc04b2364bcc99bade5d2ed1607f88fd9301fb268a0171af3ddb3d195b4081b6c7aa45069443b47fe908e70c26fda625f1559b57ba273a
- SSDEEP
  
  12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64rigu:q3cu
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

oskiinfostealer

© 2018-2024

Terms | Privacy