oski | 072611cbd21330320b51fb7e49a58d2810f81c4f4a923f5af91b97b91052dbde | Triage

Submit
Reports

Overview

overview

Static

static

1

9c22614554...39.ps1

windows7-x64

1

9c22614554...39.ps1

windows10-2004-x64

Sharing

General

Target

9c226145547ce4265b7cdaf7c5e0cb39
Size

656KB
Sample

231222-qgdjaaehgr
MD5

9c226145547ce4265b7cdaf7c5e0cb39
SHA1

703c3fa709594ae52e474e5e6525c31cb7ec34fe
SHA256

072611cbd21330320b51fb7e49a58d2810f81c4f4a923f5af91b97b91052dbde
SHA512

529a25f4694a0e7099809920301f606920d2aff7e367cbdbb5b871a018afa5ce5350851c3ae0e3e6b0c09d39a115504ff0ae74622e10bd17d47fc1007783f886
SSDEEP

12288:EZjw0RJ9u5ILYDxD3fxYehza/tw64M8TVkc5A+:g3kTmr+

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

9c226145547ce4265b7cdaf7c5e0cb39.ps1

Resource

win7-20231215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

9c226145547ce4265b7cdaf7c5e0cb39.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

103.114.107.28/l11/

Targets

- Target
  
  9c226145547ce4265b7cdaf7c5e0cb39
- Size
  
  656KB
- MD5
  
  9c226145547ce4265b7cdaf7c5e0cb39
- SHA1
  
  703c3fa709594ae52e474e5e6525c31cb7ec34fe
- SHA256
  
  072611cbd21330320b51fb7e49a58d2810f81c4f4a923f5af91b97b91052dbde
- SHA512
  
  529a25f4694a0e7099809920301f606920d2aff7e367cbdbb5b871a018afa5ce5350851c3ae0e3e6b0c09d39a115504ff0ae74622e10bd17d47fc1007783f886
- SSDEEP
  
  12288:EZjw0RJ9u5ILYDxD3fxYehza/tw64M8TVkc5A+:g3kTmr+
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

oskiinfostealer

© 2018-2024

Terms | Privacy