oski | 17010c5ca84e2a4cf7a970c153bb3c042462af5b8273ab2f3043d13b35b1dcfe | Triage

Submit
Reports

Overview

overview

Static

static

1

db8f53266b...bf.ps1

windows7-x64

1

db8f53266b...bf.ps1

windows10-2004-x64

Sharing

General

Target

db8f53266b12e2beaf2f034b73824cbf
Size

485KB
Sample

231222-s2p4xscbh2
MD5

db8f53266b12e2beaf2f034b73824cbf
SHA1

a3d785e7173b2070123e06c7ce668df7f31c5493
SHA256

17010c5ca84e2a4cf7a970c153bb3c042462af5b8273ab2f3043d13b35b1dcfe
SHA512

d485740ec9464823470853402620939991884a2a77b9dfcfd5fd4e62cef41d8ffa4220d063325f525b9a4fc247e238c10d761d1b6f5635bb60015240a923b5d6
SSDEEP

12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64digu:q3eu

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

db8f53266b12e2beaf2f034b73824cbf.ps1

Resource

win7-20231215-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

db8f53266b12e2beaf2f034b73824cbf.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l808/

Targets

- Target
  
  db8f53266b12e2beaf2f034b73824cbf
- Size
  
  485KB
- MD5
  
  db8f53266b12e2beaf2f034b73824cbf
- SHA1
  
  a3d785e7173b2070123e06c7ce668df7f31c5493
- SHA256
  
  17010c5ca84e2a4cf7a970c153bb3c042462af5b8273ab2f3043d13b35b1dcfe
- SHA512
  
  d485740ec9464823470853402620939991884a2a77b9dfcfd5fd4e62cef41d8ffa4220d063325f525b9a4fc247e238c10d761d1b6f5635bb60015240a923b5d6
- SSDEEP
  
  12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64digu:q3eu
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

oskiinfostealer

© 2018-2024

Terms | Privacy