Overview

overview

10

Static

static

1

330ef71ad7...52.ps1

windows7-x64

10

330ef71ad7...52.ps1

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    330ef71ad71267a0eb80fcc149121052

  • Size

    421KB

  • Sample

    231222-aj6pvagga7

  • MD5

    330ef71ad71267a0eb80fcc149121052

  • SHA1

    d6c7ba0885c72f7503d84467b0c537c97bd9d53b

  • SHA256

    70bfeefcd0c266f10aab2e4bd30a5e1e89509db7e6b929531018dc0b3876103f

  • SHA512

    b5b08104d14b86ac49ef2af40baee5e7a9ccb74939bbf977d6ec3fcbf124accc26c63c436346b93865085d1c84a4a51fa6476b7cbe916b9f271a791a3c2219ce

  • SSDEEP

    12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64sL68:q3H

Score
10/10
oskiinfostealer

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l4040/

Targets

    • Target

      330ef71ad71267a0eb80fcc149121052

    • Size

      421KB

    • MD5

      330ef71ad71267a0eb80fcc149121052

    • SHA1

      d6c7ba0885c72f7503d84467b0c537c97bd9d53b

    • SHA256

      70bfeefcd0c266f10aab2e4bd30a5e1e89509db7e6b929531018dc0b3876103f

    • SHA512

      b5b08104d14b86ac49ef2af40baee5e7a9ccb74939bbf977d6ec3fcbf124accc26c63c436346b93865085d1c84a4a51fa6476b7cbe916b9f271a791a3c2219ce

    • SSDEEP

      12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64sL68:q3H

    Score
    10/10
    oskiinfostealer

    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

      infostealeroski

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks