oski | f8973553be49784e769a41bd24358bfc076427c3004773161c479013f7b4aa87 | Triage

Submit
Reports

Overview

overview

Static

static

1

e2e0a44129...c0.ps1

windows7-x64

1

e2e0a44129...c0.ps1

windows10-2004-x64

Sharing

General

Target

e2e0a441291c5f7201101cf266aa2fc0
Size

656KB
Sample

231222-tbclksece9
MD5

e2e0a441291c5f7201101cf266aa2fc0
SHA1

fb41b0dd8b9c9bb363ab9eebbb9ccf78508fab78
SHA256

f8973553be49784e769a41bd24358bfc076427c3004773161c479013f7b4aa87
SHA512

a43816d2755b4691b2de6b76718c1918e90796a1c6cfc21faf66ad8c0bbde0b3e740c7a43608c3bce76f3c37f55f60a8df6599e66b14d27c3c88c03340f8fde0
SSDEEP

12288:EZjw0RJ9u5ILYDxD3fxYehza/tw64E8TVkc5A+:g3ITmr+

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

e2e0a441291c5f7201101cf266aa2fc0.ps1

Resource

win7-20231215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

e2e0a441291c5f7201101cf266aa2fc0.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l2121/

Targets

- Target
  
  e2e0a441291c5f7201101cf266aa2fc0
- Size
  
  656KB
- MD5
  
  e2e0a441291c5f7201101cf266aa2fc0
- SHA1
  
  fb41b0dd8b9c9bb363ab9eebbb9ccf78508fab78
- SHA256
  
  f8973553be49784e769a41bd24358bfc076427c3004773161c479013f7b4aa87
- SHA512
  
  a43816d2755b4691b2de6b76718c1918e90796a1c6cfc21faf66ad8c0bbde0b3e740c7a43608c3bce76f3c37f55f60a8df6599e66b14d27c3c88c03340f8fde0
- SSDEEP
  
  12288:EZjw0RJ9u5ILYDxD3fxYehza/tw64E8TVkc5A+:g3ITmr+
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

oskiinfostealer

© 2018-2025

Terms | Privacy