oski | 54c6b52fb9b20e66ead545c8628472cfa3700c168ae261a699cd972c93c65588 | Triage

Submit
Reports

Overview

overview

Static

static

1

6d23761fa9...9c.ps1

windows7-x64

1

6d23761fa9...9c.ps1

windows10-2004-x64

Sharing

General

Target

6d23761fa990f64ebbb3a9fb0b617e9c
Size

485KB
Sample

231222-fpbpjsgbfm
MD5

6d23761fa990f64ebbb3a9fb0b617e9c
SHA1

3813b03b3c750a009f1e774976bfaf5e78dd1f60
SHA256

54c6b52fb9b20e66ead545c8628472cfa3700c168ae261a699cd972c93c65588
SHA512

e1f00c4d2d6fd3cdf76382bbd445b911588511fb3ce52658d1de47fdf70b8d03c9cf7b7b99b7ad1ed619393378c704a1dc6915a43d08680384c029ac2b2fa2c6
SSDEEP

12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64oigu:q3Vu

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

6d23761fa990f64ebbb3a9fb0b617e9c.ps1

Resource

win7-20231215-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

6d23761fa990f64ebbb3a9fb0b617e9c.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l33/

Targets

- Target
  
  6d23761fa990f64ebbb3a9fb0b617e9c
- Size
  
  485KB
- MD5
  
  6d23761fa990f64ebbb3a9fb0b617e9c
- SHA1
  
  3813b03b3c750a009f1e774976bfaf5e78dd1f60
- SHA256
  
  54c6b52fb9b20e66ead545c8628472cfa3700c168ae261a699cd972c93c65588
- SHA512
  
  e1f00c4d2d6fd3cdf76382bbd445b911588511fb3ce52658d1de47fdf70b8d03c9cf7b7b99b7ad1ed619393378c704a1dc6915a43d08680384c029ac2b2fa2c6
- SSDEEP
  
  12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64oigu:q3Vu
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

oskiinfostealer

© 2018-2024

Terms | Privacy