oski | 3975ff5fd7f0c5e82b1f932ce5c5fd1d66627dac6043701fe26cbf36035f91bb | Triage

Submit
Reports

Overview

overview

Static

static

1

c3e00cc05d...c2.ps1

windows7-x64

c3e00cc05d...c2.ps1

windows10-2004-x64

Sharing

General

Target

c3e00cc05db28caecab4318f65f9a7c2
Size

421KB
Sample

231222-rt3vdaaggm
MD5

c3e00cc05db28caecab4318f65f9a7c2
SHA1

fd468321e743de0aab68ae03bdc214b3442d5195
SHA256

3975ff5fd7f0c5e82b1f932ce5c5fd1d66627dac6043701fe26cbf36035f91bb
SHA512

67ffd50620c1d33ad3dc450095fd6a5606251efec9661b180ad97e21b789df3130dbe3b5589e5b061ff0c03cb52bc2e225364c6f80d8d1272ebdd597313da10a
SSDEEP

12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64NL68:q36

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

c3e00cc05db28caecab4318f65f9a7c2.ps1

Resource

win7-20231129-en

oski infostealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

c3e00cc05db28caecab4318f65f9a7c2.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l36/

Targets

- Target
  
  c3e00cc05db28caecab4318f65f9a7c2
- Size
  
  421KB
- MD5
  
  c3e00cc05db28caecab4318f65f9a7c2
- SHA1
  
  fd468321e743de0aab68ae03bdc214b3442d5195
- SHA256
  
  3975ff5fd7f0c5e82b1f932ce5c5fd1d66627dac6043701fe26cbf36035f91bb
- SHA512
  
  67ffd50620c1d33ad3dc450095fd6a5606251efec9661b180ad97e21b789df3130dbe3b5589e5b061ff0c03cb52bc2e225364c6f80d8d1272ebdd597313da10a
- SSDEEP
  
  12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64NL68:q36
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

oskiinfostealer

behavioral2

oskiinfostealer

© 2018-2025

Terms | Privacy