General

  • Target

    678fe2eeaa5398e8366ede0ba83216f7

  • Size

    485KB

  • Sample

    240119-n323naddam

  • MD5

    678fe2eeaa5398e8366ede0ba83216f7

  • SHA1

    1b5f150b389e61b155f75a6b374f8aa02ec0a93f

  • SHA256

    e50457d38e4cd7424a17fa563b9a40c1db3d81a4ad29ffda9a50dad7327ade58

  • SHA512

    d4533677f984fdf9025f69ae20a2ffcf2b274647bde07954eedc502e1702d13bcab3e8c293e1adadd0bdcd5e145434ede1be14453e576c7a05fae8fb4e085b97

  • SSDEEP

    12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw641igu:q3qu

Score
10/10

Malware Config

Extracted

Family

oski

C2

103.114.107.28/l202/

Targets

    • Target

      678fe2eeaa5398e8366ede0ba83216f7

    • Size

      485KB

    • MD5

      678fe2eeaa5398e8366ede0ba83216f7

    • SHA1

      1b5f150b389e61b155f75a6b374f8aa02ec0a93f

    • SHA256

      e50457d38e4cd7424a17fa563b9a40c1db3d81a4ad29ffda9a50dad7327ade58

    • SHA512

      d4533677f984fdf9025f69ae20a2ffcf2b274647bde07954eedc502e1702d13bcab3e8c293e1adadd0bdcd5e145434ede1be14453e576c7a05fae8fb4e085b97

    • SSDEEP

      12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw641igu:q3qu

    Score
    10/10
    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks