oski | 231ac4cf73a42ea2dc3fb6fc6c708a1288322ce9c98098d3e6f1b100c2c0b3d7 | Triage

Submit
Reports

Overview

overview

Static

static

1

bff92dc804...32.ps1

windows7-x64

bff92dc804...32.ps1

windows10-2004-x64

Sharing

General

Target

bff92dc80413fbf07cac532191df5832
Size

706KB
Sample

240311-f9mybach72
MD5

bff92dc80413fbf07cac532191df5832
SHA1

dc231645b8164777b6e7d5b87d3c16a564d84fcf
SHA256

231ac4cf73a42ea2dc3fb6fc6c708a1288322ce9c98098d3e6f1b100c2c0b3d7
SHA512

ec2aa38e798d65d3d7788e099e677f3a575fae2ed8a2c273fcf322a26e166cd3a47c2106af1ee12ba752cdb8c562f09290d36332407ee9aa6bb3f8297010b701
SSDEEP

6144:raJpHs+ApelD0TpSXKFlECflUZdAMr9LXoFNihdhUNK/16dBzMeiuoC6GSO0m02:BOARZ02

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

bff92dc80413fbf07cac532191df5832.ps1

Resource

win7-20240220-en

oski infostealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

bff92dc80413fbf07cac532191df5832.ps1

Resource

win10v2004-20240226-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

103.99.1.60/we/sb/

Targets

- Target
  
  bff92dc80413fbf07cac532191df5832
- Size
  
  706KB
- MD5
  
  bff92dc80413fbf07cac532191df5832
- SHA1
  
  dc231645b8164777b6e7d5b87d3c16a564d84fcf
- SHA256
  
  231ac4cf73a42ea2dc3fb6fc6c708a1288322ce9c98098d3e6f1b100c2c0b3d7
- SHA512
  
  ec2aa38e798d65d3d7788e099e677f3a575fae2ed8a2c273fcf322a26e166cd3a47c2106af1ee12ba752cdb8c562f09290d36332407ee9aa6bb3f8297010b701
- SSDEEP
  
  6144:raJpHs+ApelD0TpSXKFlECflUZdAMr9LXoFNihdhUNK/16dBzMeiuoC6GSO0m02:BOARZ02
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

oskiinfostealer

behavioral2

oskiinfostealer

© 2018-2025

Terms | Privacy