Extracted

• • Target

    5f0969cdd00801051ff7f2afd2343ff3_JaffaCakes118

  • Size

    789KB

  • MD5

    5f0969cdd00801051ff7f2afd2343ff3

  • SHA1

    6bbf42e0b05b025e8162404435eb1b25cc07d5f8

  • SHA256

    43460a1724b2521dd5e97c68c16edfce9caf22d49452efd956a64db91b5935a7

  • SHA512

    0b89a31ae863641dd0b87a7cedb566241e0df84a685f7df73e04c14580b16f80d3042eeaae65a2a09f2772187ff73d0d833f2cfad0663ba4b4a1e8a66c23a9dd

  • SSDEEP

    24576:seV+CQ38aT1m7NKsDTxe1/6hTMLevYWhzDcUjMFA:DV+CQ33T1m70sDTkhYM

  Score

  10^/10

  oskidiscoveryinfostealerspywarestealer

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2