Overview

overview

10

Static

static

1

32a1564f74...b5.ps1

windows7-x64

1

32a1564f74...b5.ps1

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    32a1564f7474be62da3d73e7c4ea4fb5

  • Size

    656KB

  • Sample

    231222-ah9ecaedfp

  • MD5

    32a1564f7474be62da3d73e7c4ea4fb5

  • SHA1

    c173f0239e2f823112c10cb19265ddad06dd57d8

  • SHA256

    c842d544f43cc4768ee7566cec5c6f7c5bdcff367f616d8f195fc1908c2b955e

  • SHA512

    deddf99783282405c89005d5d230745027b328d55e5f804671fc56b4f7e84e5081cbe32ad4c25538a8be6a1013ea7575ca23ac78c5e58f02ca1b71c3f902b5cd

  • SSDEEP

    12288:EZjw0RJ9u5ILYDxD3fxYehza/tw64y8TVkc5A+:g3+Tmr+

Score
10/10
oskiinfostealer

Malware Config

Extracted

Family

oski

C2

103.114.107.28/l7/

Targets

    • Target

      32a1564f7474be62da3d73e7c4ea4fb5

    • Size

      656KB

    • MD5

      32a1564f7474be62da3d73e7c4ea4fb5

    • SHA1

      c173f0239e2f823112c10cb19265ddad06dd57d8

    • SHA256

      c842d544f43cc4768ee7566cec5c6f7c5bdcff367f616d8f195fc1908c2b955e

    • SHA512

      deddf99783282405c89005d5d230745027b328d55e5f804671fc56b4f7e84e5081cbe32ad4c25538a8be6a1013ea7575ca23ac78c5e58f02ca1b71c3f902b5cd

    • SSDEEP

      12288:EZjw0RJ9u5ILYDxD3fxYehza/tw64y8TVkc5A+:g3+Tmr+

    Score
    10/10
    oskiinfostealer

    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

      infostealeroski

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks