General

  • Target

    8c7c82469de5aacc1025699b79718847

  • Size

    1001KB

  • Sample

    240203-q472eadcfk

  • MD5

    8c7c82469de5aacc1025699b79718847

  • SHA1

    46d38208bc64db83dc306d05870675f3b4208389

  • SHA256

    f5abfba489bfcef9819f0ca20cd54efc779d6091f6462b6083c363636739f41b

  • SHA512

    f92280edc4c212c08e93e9a47a0da5036550d899e4f8db75ef4de5bfb39ac9a9e87a8e166fb53af5ca1b3ef4755c83526912735fd07e5c74011e5a8d721c46f2

  • SSDEEP

    12288:3d5HEJbjJEKY+WddGJHbhfqO+sGxVgtdsTe6czZuGmSsPJcEljysDc9F3nC0Py3x:9Nm9rZP6MQ/Rq

Malware Config

Extracted

Family

oski

C2

kckark.xyz

Targets

    • Target

      8c7c82469de5aacc1025699b79718847

    • Size

      1001KB

    • MD5

      8c7c82469de5aacc1025699b79718847

    • SHA1

      46d38208bc64db83dc306d05870675f3b4208389

    • SHA256

      f5abfba489bfcef9819f0ca20cd54efc779d6091f6462b6083c363636739f41b

    • SHA512

      f92280edc4c212c08e93e9a47a0da5036550d899e4f8db75ef4de5bfb39ac9a9e87a8e166fb53af5ca1b3ef4755c83526912735fd07e5c74011e5a8d721c46f2

    • SSDEEP

      12288:3d5HEJbjJEKY+WddGJHbhfqO+sGxVgtdsTe6czZuGmSsPJcEljysDc9F3nC0Py3x:9Nm9rZP6MQ/Rq

    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks