oski | 7a1cb678e79d27382387cd8df1b5f6f36c7d4b45b0151f608b125d226f6f16dc | Triage

Submit
Reports

Overview

overview

Static

static

1

cf8783d1c9...3b.ps1

windows7-x64

cf8783d1c9...3b.ps1

windows10-2004-x64

Sharing

General

Target

cf8783d1c9bd6b15618c6de26308703b
Size

421KB
Sample

240317-bdm6zsah9s
MD5

cf8783d1c9bd6b15618c6de26308703b
SHA1

2c15c65fd72e57d00913371e2745f467f75c4dd8
SHA256

7a1cb678e79d27382387cd8df1b5f6f36c7d4b45b0151f608b125d226f6f16dc
SHA512

5766a22b1b54feaf6ef387bb078068f28ab437b05239ecffd8d85006584cfd84cab1dcbc2fc1f554f9c5142b88d1cb3d1461d96802d0c1eda89ea715e3cf614c
SSDEEP

12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64dL68:q3y

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

cf8783d1c9bd6b15618c6de26308703b.ps1

Resource

win7-20240221-en

oski infostealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

cf8783d1c9bd6b15618c6de26308703b.ps1

Resource

win10v2004-20240226-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l27/

Targets

- Target
  
  cf8783d1c9bd6b15618c6de26308703b
- Size
  
  421KB
- MD5
  
  cf8783d1c9bd6b15618c6de26308703b
- SHA1
  
  2c15c65fd72e57d00913371e2745f467f75c4dd8
- SHA256
  
  7a1cb678e79d27382387cd8df1b5f6f36c7d4b45b0151f608b125d226f6f16dc
- SHA512
  
  5766a22b1b54feaf6ef387bb078068f28ab437b05239ecffd8d85006584cfd84cab1dcbc2fc1f554f9c5142b88d1cb3d1461d96802d0c1eda89ea715e3cf614c
- SSDEEP
  
  12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64dL68:q3y
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

oskiinfostealer

behavioral2

oskiinfostealer

© 2018-2025

Terms | Privacy