oski | 37cdb8d6a19c396cebbe44953363fcf9c7f7c27b1d27734edb81491dfb8c3069 | Triage

Submit
Reports

Overview

overview

Static

static

1

f91a93aba7...c6.ps1

windows7-x64

1

f91a93aba7...c6.ps1

windows10-2004-x64

Sharing

General

Target

f91a93aba78c83e1e03a3ce5e2dc72c6
Size

656KB
Sample

231222-vejdzaafdr
MD5

f91a93aba78c83e1e03a3ce5e2dc72c6
SHA1

e0c790cc02a7af6ec022f81d1e6a2000e39fe0bc
SHA256

37cdb8d6a19c396cebbe44953363fcf9c7f7c27b1d27734edb81491dfb8c3069
SHA512

4235ad761835c2610c1e4314d7367f11970b546fcea106be81eaf698b0017c5269aa3264c46126e9d9269d4e9b034f21923b3ac1fd76302494a8f2dffd2d3815
SSDEEP

12288:EZjw0RJ9u5ILYDxD3fxYehza/tw64S8TVkc5A+:g3yTmr+

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

f91a93aba78c83e1e03a3ce5e2dc72c6.ps1

Resource

win7-20231129-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

f91a93aba78c83e1e03a3ce5e2dc72c6.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

103.114.107.28/l20/

Targets

- Target
  
  f91a93aba78c83e1e03a3ce5e2dc72c6
- Size
  
  656KB
- MD5
  
  f91a93aba78c83e1e03a3ce5e2dc72c6
- SHA1
  
  e0c790cc02a7af6ec022f81d1e6a2000e39fe0bc
- SHA256
  
  37cdb8d6a19c396cebbe44953363fcf9c7f7c27b1d27734edb81491dfb8c3069
- SHA512
  
  4235ad761835c2610c1e4314d7367f11970b546fcea106be81eaf698b0017c5269aa3264c46126e9d9269d4e9b034f21923b3ac1fd76302494a8f2dffd2d3815
- SSDEEP
  
  12288:EZjw0RJ9u5ILYDxD3fxYehza/tw64S8TVkc5A+:g3yTmr+
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

oskiinfostealer

© 2018-2025

Terms | Privacy