oski | c84f2ac6e626a212fa854025fccebdbf755ec135d0e02ab883713dcab716396e | Triage

Sharing

General

Target

6521a3753639b263d04fb559c67c7209_JaffaCakes118
Size

432KB
Sample

240521-27ls5adc51
MD5

6521a3753639b263d04fb559c67c7209
SHA1

4dcc4d52f8dba1a5bdb8e1132dc03fca8552c5bf
SHA256

c84f2ac6e626a212fa854025fccebdbf755ec135d0e02ab883713dcab716396e
SHA512

0c90533335389a2e88876e9a3fac576b5c4e0a1a590e401afc753b2136155cb36a077a9459e6cac9ad292f157cd8f2ddbde64934c13523926617d2d7775eb257
SSDEEP

6144:GU/I8xDWenaDOmjd91wir8zBowmGuT3xiTGN7EEpLdJF+UYELYGcJg65H0d9JqHJ:GU/IGWJN/1ws8txuT3xiSNbrMUF8GxfU

Score

10^/10

oski infostealer

Malware Config

Extracted

Family

oski

C2

195.133.147.113

Targets

- Target
  
  6521a3753639b263d04fb559c67c7209_JaffaCakes118
- Size
  
  432KB
- MD5
  
  6521a3753639b263d04fb559c67c7209
- SHA1
  
  4dcc4d52f8dba1a5bdb8e1132dc03fca8552c5bf
- SHA256
  
  c84f2ac6e626a212fa854025fccebdbf755ec135d0e02ab883713dcab716396e
- SHA512
  
  0c90533335389a2e88876e9a3fac576b5c4e0a1a590e401afc753b2136155cb36a077a9459e6cac9ad292f157cd8f2ddbde64934c13523926617d2d7775eb257
- SSDEEP
  
  6144:GU/I8xDWenaDOmjd91wir8zBowmGuT3xiTGN7EEpLdJF+UYELYGcJg65H0d9JqHJ:GU/IGWJN/1ws8txuT3xiSNbrMUF8GxfU
Score

10^/10

oski infostealer
- Oski
  Oski is an infostealer targeting browser data, crypto wallets.
  infostealer oski
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

oskiinfostealer

behavioral2

oskiinfostealer