General

  • Target

    9019caf9c14645b88f4c246b16bda29a

  • Size

    485KB

  • Sample

    240204-zetxxsccaq

  • MD5

    9019caf9c14645b88f4c246b16bda29a

  • SHA1

    8e85880050a174b2b7c7dcaa61cc4c535d293d23

  • SHA256

    acadc18004851aa36a37701a59b485f013880cf371a7d9083444b480cf21c3ad

  • SHA512

    d178a0c45ce3e3c11e389668a7e97b4e199b35d99d1560c2ff0e30769f3161d47290edde2a2675599453bde660d493fbf393893602eeb02b8db70167d3231040

  • SSDEEP

    12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64eigu:q3Xu

Score
10/10

Malware Config

Extracted

Family

oski

C2

103.114.107.28/l3/

Targets

    • Target

      9019caf9c14645b88f4c246b16bda29a

    • Size

      485KB

    • MD5

      9019caf9c14645b88f4c246b16bda29a

    • SHA1

      8e85880050a174b2b7c7dcaa61cc4c535d293d23

    • SHA256

      acadc18004851aa36a37701a59b485f013880cf371a7d9083444b480cf21c3ad

    • SHA512

      d178a0c45ce3e3c11e389668a7e97b4e199b35d99d1560c2ff0e30769f3161d47290edde2a2675599453bde660d493fbf393893602eeb02b8db70167d3231040

    • SSDEEP

      12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64eigu:q3Xu

    Score
    10/10
    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks