Extracted

• • Target

    SKBM-120821.exe

  • Size

    732KB

  • MD5

    807a927252237ee6436724cbbcd05fa0

  • SHA1

    2344ad154e7d098704278cd5e28fccd29a9dec15

  • SHA256

    a03b45dabcaf812402454befd876b2eafbdf9e967f3bb01e66f33f3cabbdebd5

  • SHA512

    7f0bba03bd838900569e63bdab43e7caa3a1ab2d6744fcb9c38e7ca8914fcf31323b3db5d1ed2efdef1b5b5326f980c8712faef53ca6966c42318b20fd4bd541

  • SSDEEP

    12288:SPqqPtYaerpyXOSs1vJhzl7txF3gSEyI32u6Yaer:wMrpW6vfl7hpE7mmr

  Score

  10^/10

  oskidiscoveryinfostealerspywarestealer

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Oski family

    oski

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2