oski | 2476e53d066a717d8627e08d13e7d2983e6ba9ecd76a8c3968273845f7996bde | Triage

Submit
Reports

Overview

overview

Static

static

1

134a8e6481...89.ps1

windows7-x64

134a8e6481...89.ps1

windows10-2004-x64

Sharing

General

Target

134a8e6481ac306a18cf1b20baaf8289
Size

421KB
Sample

231230-j8981aaacq
MD5

134a8e6481ac306a18cf1b20baaf8289
SHA1

5653dd3516e2d4dec7b3c711ebe0e1ada51dc930
SHA256

2476e53d066a717d8627e08d13e7d2983e6ba9ecd76a8c3968273845f7996bde
SHA512

4ad91e37428da130a6d0766e66f590550088d6757ac7e13266b1c38fbc1e5b1f4ba8e1225db26af98cb119ccdeb56c882291ab628eb6560ebce8f62ed66bc5bf
SSDEEP

12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64BL68:q3W

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

134a8e6481ac306a18cf1b20baaf8289.ps1

Resource

win7-20231215-en

oski infostealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

134a8e6481ac306a18cf1b20baaf8289.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l32/

Targets

- Target
  
  134a8e6481ac306a18cf1b20baaf8289
- Size
  
  421KB
- MD5
  
  134a8e6481ac306a18cf1b20baaf8289
- SHA1
  
  5653dd3516e2d4dec7b3c711ebe0e1ada51dc930
- SHA256
  
  2476e53d066a717d8627e08d13e7d2983e6ba9ecd76a8c3968273845f7996bde
- SHA512
  
  4ad91e37428da130a6d0766e66f590550088d6757ac7e13266b1c38fbc1e5b1f4ba8e1225db26af98cb119ccdeb56c882291ab628eb6560ebce8f62ed66bc5bf
- SSDEEP
  
  12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64BL68:q3W
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

oskiinfostealer

behavioral2

oskiinfostealer

© 2018-2024

Terms | Privacy