oski | f491801e1e4a8b38f28d939e337436a8650f5d849060854df452eb1b56053b17 | Triage

Submit
Reports

Overview

overview

Static

static

1

5e955058a4...63.ps1

windows7-x64

5e955058a4...63.ps1

windows10-2004-x64

Sharing

General

Target

5e955058a451a655fe87853ab9195363
Size

421KB
Sample

231222-efymaadgc3
MD5

5e955058a451a655fe87853ab9195363
SHA1

2ead44f355efa2a71ee7b39e828a15bda8ce8a08
SHA256

f491801e1e4a8b38f28d939e337436a8650f5d849060854df452eb1b56053b17
SHA512

4999a0308fc4f446e281fe51bbd2b245bc890fbf13e514c9209d1db0d4988db4fff959da9290a38f50f4164391a5edf30e8fa3662b33b97684d82c9149524d79
SSDEEP

12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64dL68:q3e

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

5e955058a451a655fe87853ab9195363.ps1

Resource

win7-20231215-en

oski infostealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

5e955058a451a655fe87853ab9195363.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l808/

Targets

- Target
  
  5e955058a451a655fe87853ab9195363
- Size
  
  421KB
- MD5
  
  5e955058a451a655fe87853ab9195363
- SHA1
  
  2ead44f355efa2a71ee7b39e828a15bda8ce8a08
- SHA256
  
  f491801e1e4a8b38f28d939e337436a8650f5d849060854df452eb1b56053b17
- SHA512
  
  4999a0308fc4f446e281fe51bbd2b245bc890fbf13e514c9209d1db0d4988db4fff959da9290a38f50f4164391a5edf30e8fa3662b33b97684d82c9149524d79
- SSDEEP
  
  12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64dL68:q3e
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

oskiinfostealer

behavioral2

oskiinfostealer

© 2018-2024

Terms | Privacy