Extracted

• • Target

    0eab3ccc18c952cc89f73ba1a480070f

  • Size

    1.3MB

  • MD5

    0eab3ccc18c952cc89f73ba1a480070f

  • SHA1

    475b8039046cc7283ee3495aa8abc879679a860b

  • SHA256

    c254079e9a75cb708e28deb9c72c77689c53425f8256338343c06285bed8ebbe

  • SHA512

    0e7560b4b0de29541944de249cf6dce10d6f51d858e45362e9bb86cc8abe00fcf9fce8a76c660f938313f467ea38defc97f881ec4a9ce56924c78e3af9f71ec5

  • SSDEEP

    24576:v2X1TrFY8blhBPHKFOoOxlVkqF2gZROak1FsGrQxQn9Y:OXpyQ1vxzxlPI6RE/Drh9

  Score

  10^/10

  oskiinfostealerspywarestealer

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2