oski | 54b0cd3ee5db8f6574c92e39ac3fcb8be6236f57c82305404ee60b2553c6dbff | Triage

Submit
Reports

Overview

overview

Static

static

1

666ed175d4...f7.ps1

windows7-x64

1

666ed175d4...f7.ps1

windows10-2004-x64

Sharing

General

Target

666ed175d4a2f463c4df96f78e48adf7
Size

485KB
Sample

231222-fb8gcsebcr
MD5

666ed175d4a2f463c4df96f78e48adf7
SHA1

db3b749999695944c0e27c42682a39ee719fac94
SHA256

54b0cd3ee5db8f6574c92e39ac3fcb8be6236f57c82305404ee60b2553c6dbff
SHA512

7148a341f650bd5821abba0a13fce4bd277d17544b61b823c2c2a0ab313825fe56e52b2c968386f2fba97fc1f8cb932bd2d35469e65cd8e03064db917ce8f3bc
SSDEEP

12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64Eigu:q3Ru

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

666ed175d4a2f463c4df96f78e48adf7.ps1

Resource

win7-20231215-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

666ed175d4a2f463c4df96f78e48adf7.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l1616/

Targets

- Target
  
  666ed175d4a2f463c4df96f78e48adf7
- Size
  
  485KB
- MD5
  
  666ed175d4a2f463c4df96f78e48adf7
- SHA1
  
  db3b749999695944c0e27c42682a39ee719fac94
- SHA256
  
  54b0cd3ee5db8f6574c92e39ac3fcb8be6236f57c82305404ee60b2553c6dbff
- SHA512
  
  7148a341f650bd5821abba0a13fce4bd277d17544b61b823c2c2a0ab313825fe56e52b2c968386f2fba97fc1f8cb932bd2d35469e65cd8e03064db917ce8f3bc
- SSDEEP
  
  12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64Eigu:q3Ru
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

oskiinfostealer

© 2018-2024

Terms | Privacy