Overview

overview

10

Static

static

1

f732f398ed...06.ps1

windows7-x64

1

f732f398ed...06.ps1

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f732f398ed8470ab3d7026e8efcea306

  • Size

    485KB

  • Sample

    231222-t7x76aaadr

  • MD5

    f732f398ed8470ab3d7026e8efcea306

  • SHA1

    464cea61f64d583e42065f54b6242d361ffdd2b0

  • SHA256

    3020a2995a18515860d4530d32cdecf88c04d14bd0d548b9d61302a572f8efc1

  • SHA512

    b8b9c1bde2a70acbd9c7188d7162ba5fb6c808e676ccc370a9babb450449602f383d2d47c8280bb33f0067279175d36e27d0416d34b1210229370024c06683a2

  • SSDEEP

    12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64Migu:q3pu

Score
10/10
oskiinfostealer

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l3030/

Targets

    • Target

      f732f398ed8470ab3d7026e8efcea306

    • Size

      485KB

    • MD5

      f732f398ed8470ab3d7026e8efcea306

    • SHA1

      464cea61f64d583e42065f54b6242d361ffdd2b0

    • SHA256

      3020a2995a18515860d4530d32cdecf88c04d14bd0d548b9d61302a572f8efc1

    • SHA512

      b8b9c1bde2a70acbd9c7188d7162ba5fb6c808e676ccc370a9babb450449602f383d2d47c8280bb33f0067279175d36e27d0416d34b1210229370024c06683a2

    • SSDEEP

      12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64Migu:q3pu

    Score
    10/10
    oskiinfostealer

    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

      infostealeroski

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks