General

  • Target

    7aa1d4597d658099f9c75c5ee7208f78

  • Size

    485KB

  • Sample

    240127-s5a46sghek

  • MD5

    7aa1d4597d658099f9c75c5ee7208f78

  • SHA1

    7463e2abb7d99c9b525dc58e820fbf26d85079b7

  • SHA256

    382792848f3f8a490036822be4f4fdc0731a60163999a77243eb9332d53f7b00

  • SHA512

    a445547daf2344e437f345bf1675ba6cb54634e4a7ed4846cc160c6b0e77404c5b31e76748018954340c1f2fe8b9af810bddacc81112880c3c17e20187b19b59

  • SSDEEP

    12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw644igu:q3tu

Score
10/10

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l22/

Targets

    • Target

      7aa1d4597d658099f9c75c5ee7208f78

    • Size

      485KB

    • MD5

      7aa1d4597d658099f9c75c5ee7208f78

    • SHA1

      7463e2abb7d99c9b525dc58e820fbf26d85079b7

    • SHA256

      382792848f3f8a490036822be4f4fdc0731a60163999a77243eb9332d53f7b00

    • SHA512

      a445547daf2344e437f345bf1675ba6cb54634e4a7ed4846cc160c6b0e77404c5b31e76748018954340c1f2fe8b9af810bddacc81112880c3c17e20187b19b59

    • SSDEEP

      12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw644igu:q3tu

    Score
    10/10
    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks