oski | 628b76cce75b5f7f322b00b2ae144d7ffb1d2f09e89357629efe6f6f175cd459 | Triage

Submit
Reports

Overview

overview

Static

static

1

fdd9a6618c...18.ps1

windows7-x64

1

fdd9a6618c...18.ps1

windows10-2004-x64

Sharing

General

Target

fdd9a6618c208226657cb8461e7dab96_JaffaCakes118
Size

485KB
Sample

240420-2ylf1acb68
MD5

fdd9a6618c208226657cb8461e7dab96
SHA1

bbbffcdddbf21c590b4ff24a89793354f6be2338
SHA256

628b76cce75b5f7f322b00b2ae144d7ffb1d2f09e89357629efe6f6f175cd459
SHA512

366432581c7829c87454597e86228568f4f50db5c5fadd7ffcc9b5418df58b3170e9ae7eacbc5ed3cbe65a4d0af4725aece471e5f8ebb10296527c6252fb22ff
SSDEEP

12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64Pigu:q34u

Score

10^/10

oski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

fdd9a6618c208226657cb8461e7dab96_JaffaCakes118.ps1

Resource

win7-20240221-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

fdd9a6618c208226657cb8461e7dab96_JaffaCakes118.ps1

Resource

win10v2004-20240412-en

oski infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

oski

C2

/103.114.107.28/l34/

Targets

- Target
  
  fdd9a6618c208226657cb8461e7dab96_JaffaCakes118
- Size
  
  485KB
- MD5
  
  fdd9a6618c208226657cb8461e7dab96
- SHA1
  
  bbbffcdddbf21c590b4ff24a89793354f6be2338
- SHA256
  
  628b76cce75b5f7f322b00b2ae144d7ffb1d2f09e89357629efe6f6f175cd459
- SHA512
  
  366432581c7829c87454597e86228568f4f50db5c5fadd7ffcc9b5418df58b3170e9ae7eacbc5ed3cbe65a4d0af4725aece471e5f8ebb10296527c6252fb22ff
- SSDEEP
  
  12288:+Zjw0RJ9u5ILYDxD3fxYehza/tw64Pigu:q34u
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

oskiinfostealer

© 2018-2024

Terms | Privacy