oski | 67001e9d36071d9cf4927282e50e07c02a61036cd34d4e7ed0578c64352b3739 | Triage

Submit
Reports

Overview

overview

Static

static

1

1789c812d8...19.ps1

windows7-x64

1789c812d8...19.ps1

windows10-2004-x64

Sharing

General

Target

1789c812d8efebd2b67d2ada473a2219
Size

421KB
Sample

231230-ny6v2sdce2
MD5

1789c812d8efebd2b67d2ada473a2219
SHA1

e25923be4840de11c5cbc5ca8bbc1251b783972a
SHA256

67001e9d36071d9cf4927282e50e07c02a61036cd34d4e7ed0578c64352b3739
SHA512

97c8b1ecdf536d1309cfd8f1abb5df0e224c2a9a6e1be49f3d9fe7d7cb1f5814cbaa0b1df9e2142afd2fe0d4ef83d72ce0dc882ec73672f4fb5393198ffb550d
SSDEEP

12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64oL68:q3L

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

1789c812d8efebd2b67d2ada473a2219.ps1

Resource

win7-20231215-en

oski infostealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

1789c812d8efebd2b67d2ada473a2219.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

103.114.107.28/l5/

Targets

- Target
  
  1789c812d8efebd2b67d2ada473a2219
- Size
  
  421KB
- MD5
  
  1789c812d8efebd2b67d2ada473a2219
- SHA1
  
  e25923be4840de11c5cbc5ca8bbc1251b783972a
- SHA256
  
  67001e9d36071d9cf4927282e50e07c02a61036cd34d4e7ed0578c64352b3739
- SHA512
  
  97c8b1ecdf536d1309cfd8f1abb5df0e224c2a9a6e1be49f3d9fe7d7cb1f5814cbaa0b1df9e2142afd2fe0d4ef83d72ce0dc882ec73672f4fb5393198ffb550d
- SSDEEP
  
  12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64oL68:q3L
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

oskiinfostealer

behavioral2

oskiinfostealer

© 2018-2024

Terms | Privacy