Extracted

• • Target

    JaffaCakes118_8d97f71457a0a2977a82571583306c26

  • Size

    396KB

  • MD5

    8d97f71457a0a2977a82571583306c26

  • SHA1

    936800c740c13a3fc2e05a1c1376007f58002a7d

  • SHA256

    a7c9e0bba10b853dd183f2c6b732bd0e1001f1a7b455007dc3022ff465b7797f

  • SHA512

    5708375538d7b9927784809912a0b0588e200aaf62668226b9b83c2c4879306d989bef3033807bd7bb8989a56b58b2369b42327968f23f2dddc6d9b2975c51f5

  • SSDEEP

    12288:7ycqterR53JplKiFwgxtQ9LdQAGAHUq/uzK6UA8t9HHHHHHHHHIHHHHHHczJXNAG:7QtervJXzQ9L

  Score

  10^/10

  oskidiscoveryinfostealerpersistencespywarestealer

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Oski family

    oski

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2