Extracted

• • Target

    5cd0759c1e566b6e74ef3f29a49a34a08ded2dc44408fccd41b5a9845573a34c.bin

  • Size

    680KB

  • MD5

    bc7f80814ad63a035fbf8e0b67b02155

  • SHA1

    a7d76dd02b12bb250f9f42101fda1fa235154710

  • SHA256

    5cd0759c1e566b6e74ef3f29a49a34a08ded2dc44408fccd41b5a9845573a34c

  • SHA512

    ac336b61ad93d51e68784350d59d56d08ac947426c3570ed7f0dfbbbdfce24bd0c495c6f626d3edeb8de47a0f0a3a09701b33b78dbb7a7a1e0b1cd32f8d0991a

  • SSDEEP

    6144:nSiQrg69p5Ozn2zdCQ2I8EXAOteqM+Z4q6NHnfmDZET62KGUXtkJwov56hL:eBIzn2zd6EX6qM+Z4qufG6/PUyJw+A

  Score

  10^/10

  oskiinfostealerspywarestealer

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Drops file in System32 directory

  • Suspicious use of SetThreadContext

  behavioral1behavioral2