Extracted

• • Target

    dfd577445daa4705c75e7695d43613c0N.exe

  • Size

    885KB

  • MD5

    dfd577445daa4705c75e7695d43613c0

  • SHA1

    de5fd2f958bd270c80e831d3f77fa1ba9a74db30

  • SHA256

    5756d366cde65c7e11ea6ee20610e854f64e385c74ca2ea712ad5d718d1f5b56

  • SHA512

    b82db0c4eb7998850b14f98260653e03e7ef872836afc8e57f5557b570809e9ad2863ef79e35cb600d0fa387676525dee420b0bfd4d777804dbe2f0edc9361b6

  • SSDEEP

    6144:jBYFJLgGlXQG0VWHlKuA0UvErhHNhzAsmUvzPusCNPfxlpk8Lk+xdansUT:jGXQG0OhisnRmUvr4NPJzk8jdezT

  Score

  10^/10

  oskidiscoveryinfostealercredential_accessspywarestealer

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Credentials from Password Stores: Credentials from Web Browsers

    Malicious Access or copy of Web Browser Credential store.

    credential_accessstealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2