oski | db7c19cc03486f9948a0d9bb304baea5017f937802c88bb8ad85c7493fb5aeeb | Triage

Submit
Reports

Overview

overview

Static

static

1

b33604969a...d3.ps1

windows7-x64

1

b33604969a...d3.ps1

windows10-2004-x64

Sharing

General

Target

b33604969a34f8a6d4678e154e049fd3
Size

656KB
Sample

240304-1ylakaff69
MD5

b33604969a34f8a6d4678e154e049fd3
SHA1

f56bd427fbd88e2111208e07b0121ebb83fdabd7
SHA256

db7c19cc03486f9948a0d9bb304baea5017f937802c88bb8ad85c7493fb5aeeb
SHA512

3c06d348e37865da3a155868432afae2b922d07c88b6df7f5d75f8fadf3e97aa82c320507f5aee4faf71b7b4565a9293cbecd9712f09ce4ea891a8fa3a17bf76
SSDEEP

12288:EZjw0RJ9u5ILYDxD3fxYehza/tw64d8TVkc5A+:g3/Tmr+

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

b33604969a34f8a6d4678e154e049fd3.ps1

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

b33604969a34f8a6d4678e154e049fd3.ps1

Resource

win10v2004-20240226-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l27/

Targets

- Target
  
  b33604969a34f8a6d4678e154e049fd3
- Size
  
  656KB
- MD5
  
  b33604969a34f8a6d4678e154e049fd3
- SHA1
  
  f56bd427fbd88e2111208e07b0121ebb83fdabd7
- SHA256
  
  db7c19cc03486f9948a0d9bb304baea5017f937802c88bb8ad85c7493fb5aeeb
- SHA512
  
  3c06d348e37865da3a155868432afae2b922d07c88b6df7f5d75f8fadf3e97aa82c320507f5aee4faf71b7b4565a9293cbecd9712f09ce4ea891a8fa3a17bf76
- SSDEEP
  
  12288:EZjw0RJ9u5ILYDxD3fxYehza/tw64d8TVkc5A+:g3/Tmr+
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

oskiinfostealer

© 2018-2025

Terms | Privacy