oski | 572c0ed2674a63ce3e58d42a019cdaca9cce57398636a07432da48f4920421c7 | Triage

Submit
Reports

Overview

overview

Static

static

1

691bcebe74...6b.ps1

windows7-x64

691bcebe74...6b.ps1

windows10-2004-x64

Sharing

General

Target

691bcebe74dfe8204bb6eb1ca4f37f6b
Size

421KB
Sample

231222-fhq6naghh7
MD5

691bcebe74dfe8204bb6eb1ca4f37f6b
SHA1

de511e989219a1d93d778c448d28e2c585acc113
SHA256

572c0ed2674a63ce3e58d42a019cdaca9cce57398636a07432da48f4920421c7
SHA512

8b4d64c8c725cb8b464eb1ea85a4321ab1d3732f9b21eb7c4b6d2111b0643358b24d03777d806f858f8ccefab7e4693f29e74e64099792357abbc3a6f8263375
SSDEEP

12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64oL68:q3r

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

691bcebe74dfe8204bb6eb1ca4f37f6b.ps1

Resource

win7-20231129-en

oski infostealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

691bcebe74dfe8204bb6eb1ca4f37f6b.ps1

Resource

win10v2004-20231222-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l33/

Targets

- Target
  
  691bcebe74dfe8204bb6eb1ca4f37f6b
- Size
  
  421KB
- MD5
  
  691bcebe74dfe8204bb6eb1ca4f37f6b
- SHA1
  
  de511e989219a1d93d778c448d28e2c585acc113
- SHA256
  
  572c0ed2674a63ce3e58d42a019cdaca9cce57398636a07432da48f4920421c7
- SHA512
  
  8b4d64c8c725cb8b464eb1ea85a4321ab1d3732f9b21eb7c4b6d2111b0643358b24d03777d806f858f8ccefab7e4693f29e74e64099792357abbc3a6f8263375
- SSDEEP
  
  12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64oL68:q3r
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

oskiinfostealer

behavioral2

oskiinfostealer

© 2018-2025

Terms | Privacy