oski | c503d50ec3598bae502fb5600748e1b05173b8e32d99e329c1d82bf019df7e3d | Triage

Sharing

General

Target

16278019087.zip
Size

112KB
Sample

240328-spht3shd71
MD5

5d4694e70b6a856742f92ed9cd15a812
SHA1

d949bc7832adbe9afdea34bf7eee93307c6b92d4
SHA256

c503d50ec3598bae502fb5600748e1b05173b8e32d99e329c1d82bf019df7e3d
SHA512

c27846df3606e92d472b140198528240ccb185663440b06b59a85e0cead9207184415114a88cd44f0dbae700c6a92bb14a00f649f7e3730c989c2a374233e413
SSDEEP

3072:OkV4Diz70qN4zD6G5IpVWzQYxjLW+hgw2:OkV4s7fNi6CQQ+w2

Score

10^/10

oski infostealer spyware stealer

Malware Config

Extracted

Family

oski

C2

himarkh.xyz

Targets

- Target
  
  fb9b940ffe27e744eeeaef3d1a2805ce205668274bdabc3a30863b016ad47f27
- Size
  
  216KB
- MD5
  
  4bad60b9f9b806983c07ab47306ce6b0
- SHA1
  
  e4e1ac94ceaff5afb2d271e61ce28029fa01eae0
- SHA256
  
  fb9b940ffe27e744eeeaef3d1a2805ce205668274bdabc3a30863b016ad47f27
- SHA512
  
  1af5f7b7581dca68f7d4ce82689849dac08e073b689bec084300ba17beef6856353c1a8a4cff6cf453d2b18ca95c6fd82dd20f4f81ff2d527b73a7bd9d655fff
- SSDEEP
  
  3072:WfUomEuYm98dlSq7gt5q7Dx+XgS6aCEwhOfUbCalNT2pbB3fIH1Xi6FLPo3clJ2v:WfUauY68uSWCx+XA7mg2pNS1Ljo3cf2
Score

10^/10

oski infostealer spyware stealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

oskiinfostealerspywarestealer

behavioral2

oskiinfostealerspywarestealer