oski | e543def5c2daeca7cf754090cffd2985dd00a3e03630391d5e0155121a557af6 | Triage

Submit
Reports

Overview

overview

Static

static

1

588973c3e0...ad.ps1

windows7-x64

588973c3e0...ad.ps1

windows10-2004-x64

Sharing

General

Target

588973c3e0c9775ff44f3ec831624cad
Size

493KB
Sample

240113-k4w19afedp
MD5

588973c3e0c9775ff44f3ec831624cad
SHA1

ac392d1ffaf4eb0c38e946d4dc47e9347278d8cc
SHA256

e543def5c2daeca7cf754090cffd2985dd00a3e03630391d5e0155121a557af6
SHA512

2ada87f87a2988152b96262ac2c2d7338ed6155c1d9b1af11e709b3685f5de4fb025d22d89a0880d7fde4830dabf315d5052da5ebdf97de08e6d22c929a2a391
SSDEEP

12288:FMBZjw0RJ9u5ILYDxD3fxYehza/tw64Xj:FMn3+

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

588973c3e0c9775ff44f3ec831624cad.ps1

Resource

win7-20231215-en

oski infostealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

588973c3e0c9775ff44f3ec831624cad.ps1

Resource

win10v2004-20231215-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

103.99.1.60/b15o/

Targets

- Target
  
  588973c3e0c9775ff44f3ec831624cad
- Size
  
  493KB
- MD5
  
  588973c3e0c9775ff44f3ec831624cad
- SHA1
  
  ac392d1ffaf4eb0c38e946d4dc47e9347278d8cc
- SHA256
  
  e543def5c2daeca7cf754090cffd2985dd00a3e03630391d5e0155121a557af6
- SHA512
  
  2ada87f87a2988152b96262ac2c2d7338ed6155c1d9b1af11e709b3685f5de4fb025d22d89a0880d7fde4830dabf315d5052da5ebdf97de08e6d22c929a2a391
- SSDEEP
  
  12288:FMBZjw0RJ9u5ILYDxD3fxYehza/tw64Xj:FMn3+
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

oskiinfostealer

behavioral2

oskiinfostealer

© 2018-2025

Terms | Privacy