oski | 9d4388563479b260352b5a5e00b5468315c27febd66b4428407f64126372306f | Triage

Submit
Reports

Overview

overview

Static

static

1

cdfbd78961...18.ps1

windows7-x64

1

cdfbd78961...18.ps1

windows10-2004-x64

Sharing

General

Target

cdfbd789618943e68323a61e3f36c905_JaffaCakes118
Size

363KB
Sample

240405-jt29vaeh61
MD5

cdfbd789618943e68323a61e3f36c905
SHA1

8df62d6b66925f9c091ef285e7db70703922e317
SHA256

9d4388563479b260352b5a5e00b5468315c27febd66b4428407f64126372306f
SHA512

a446c80e832c34a2c1b92af649362cccae1f558ecca8f8229c8b3738ed5c2c63c82cf5d1fde3f355231e3832fc4a9c76b006092e20182354265a9d8dc0583c5f
SSDEEP

1536:EUsNE7WNSVZF13AH5YAQIDDPK44rVL/GglenfNqYoKLE3nWNjwNxRpy1F5J7khmP:N9G

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

cdfbd789618943e68323a61e3f36c905_JaffaCakes118.ps1

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

cdfbd789618943e68323a61e3f36c905_JaffaCakes118.ps1

Resource

win10v2004-20240226-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

103.125.190.248/i1/

Targets

- Target
  
  cdfbd789618943e68323a61e3f36c905_JaffaCakes118
- Size
  
  363KB
- MD5
  
  cdfbd789618943e68323a61e3f36c905
- SHA1
  
  8df62d6b66925f9c091ef285e7db70703922e317
- SHA256
  
  9d4388563479b260352b5a5e00b5468315c27febd66b4428407f64126372306f
- SHA512
  
  a446c80e832c34a2c1b92af649362cccae1f558ecca8f8229c8b3738ed5c2c63c82cf5d1fde3f355231e3832fc4a9c76b006092e20182354265a9d8dc0583c5f
- SSDEEP
  
  1536:EUsNE7WNSVZF13AH5YAQIDDPK44rVL/GglenfNqYoKLE3nWNjwNxRpy1F5J7khmP:N9G
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

oskiinfostealer

© 2018-2024

Terms | Privacy