oski | 9a784909bd9a8ec2d179087e6dc8635fa4508be4d04afbe4a4c30a4922ee6a7d | Triage

Submit
Reports

Overview

overview

Static

static

1

a939544768...0a.ps1

windows7-x64

1

a939544768...0a.ps1

windows10-2004-x64

Sharing

General

Target

a939544768ca68a7346baa3619bcd80a
Size

485KB
Sample

231222-qydklsdbd2
MD5

a939544768ca68a7346baa3619bcd80a
SHA1

1b2f6e5eab4277e189ad5af04d83b92ff577af91
SHA256

9a784909bd9a8ec2d179087e6dc8635fa4508be4d04afbe4a4c30a4922ee6a7d
SHA512

9ee7baa5950c17e03926e2b792757073f6f4f0e6e093dc83cc52bff77ac033d7ba4849405d5704d52118a25b9dd941346f7a0c9cb6a397fbe5a8135cdd81d07d
SSDEEP

12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64Eigu:q3hu

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

a939544768ca68a7346baa3619bcd80a.ps1

Resource

win7-20231215-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

a939544768ca68a7346baa3619bcd80a.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l3131/

Targets

- Target
  
  a939544768ca68a7346baa3619bcd80a
- Size
  
  485KB
- MD5
  
  a939544768ca68a7346baa3619bcd80a
- SHA1
  
  1b2f6e5eab4277e189ad5af04d83b92ff577af91
- SHA256
  
  9a784909bd9a8ec2d179087e6dc8635fa4508be4d04afbe4a4c30a4922ee6a7d
- SHA512
  
  9ee7baa5950c17e03926e2b792757073f6f4f0e6e093dc83cc52bff77ac033d7ba4849405d5704d52118a25b9dd941346f7a0c9cb6a397fbe5a8135cdd81d07d
- SSDEEP
  
  12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64Eigu:q3hu
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

oskiinfostealer

© 2018-2024

Terms | Privacy