Extracted

• • Target

    JaffaCakes118_89bc6b34e3333b5538b56661b4720a3b

  • Size

    416KB

  • MD5

    89bc6b34e3333b5538b56661b4720a3b

  • SHA1

    8d45cbfc8defcd6b2ae70a154bfa896aea580a01

  • SHA256

    34df6d609cc20cb1740280603d5ab2011bfd664ba45783bfe2a2254d965f16a9

  • SHA512

    af3e4a286828def89d9a1240b9b87fc56953fe81c653ed465742eaf5b9b69baf41299e9ed84fe2fdfb049989b8135e375ba029c9093dab88cd58b42b85d5b003

  • SSDEEP

    6144:pb+QWIhV2WPguI87PQOB3xbkuZanpNh2w75aqfyjL6KSgDoaC/MtStAr5ijt+g2a:AQnrw7AqfcLTSgEEVijNsE

  Score

  10^/10

  oskidiscoveryinfostealerspywarestealer

  • Oski

    Oski is an infostealer targeting browser data, crypto wallets.

    infostealeroski

  • Oski family

    oski

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2