oski | 23505626c4370e6730243a7a0d238665762757f334486692af862e19c0f42c7e | Triage

Submit
Reports

Overview

overview

Static

static

1

8feadf3a0c...74.ps1

windows7-x64

1

8feadf3a0c...74.ps1

windows10-2004-x64

Sharing

General

Target

8feadf3a0c1ceb6b2207a4be0746dc74
Size

485KB
Sample

231222-p3vt1sdeh4
MD5

8feadf3a0c1ceb6b2207a4be0746dc74
SHA1

98226516bbf42ef670248b5d1376fddc2c5f3e50
SHA256

23505626c4370e6730243a7a0d238665762757f334486692af862e19c0f42c7e
SHA512

901498b3545ba411161e23f62f56fc0f9539dbab8b50776c8a983a96f9b34debe5ff9955306004c48028d69a1fd6dfadea3b21f79adad9e5863fa61705320e90
SSDEEP

12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw640igu:q3xu

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

8feadf3a0c1ceb6b2207a4be0746dc74.ps1

Resource

win7-20231215-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

8feadf3a0c1ceb6b2207a4be0746dc74.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

103.114.107.28/l1/

Targets

- Target
  
  8feadf3a0c1ceb6b2207a4be0746dc74
- Size
  
  485KB
- MD5
  
  8feadf3a0c1ceb6b2207a4be0746dc74
- SHA1
  
  98226516bbf42ef670248b5d1376fddc2c5f3e50
- SHA256
  
  23505626c4370e6730243a7a0d238665762757f334486692af862e19c0f42c7e
- SHA512
  
  901498b3545ba411161e23f62f56fc0f9539dbab8b50776c8a983a96f9b34debe5ff9955306004c48028d69a1fd6dfadea3b21f79adad9e5863fa61705320e90
- SSDEEP
  
  12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw640igu:q3xu
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

oskiinfostealer

© 2018-2024

Terms | Privacy