Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_e7476f5c2d8d802c0737d9f7d92d0c53

  • Size

    808KB

  • Sample

    250110-sg1pxsxqex

  • MD5

    e7476f5c2d8d802c0737d9f7d92d0c53

  • SHA1

    9f3ed412395af9bb3db4872e634acc99fc0ed250

  • SHA256

    492ca440a9dc4c40b2e8384461c122f7e078c3f771a7457c8ec4eb35d0745e59

  • SHA512

    35f6d0c3fcb4806349d657b0a2ce0fd51db2cb2eec968f04756ac3e45fb372aaf820f71a3d04260518b1b29b93df71b6f56b6bc61b2d809d9f21a663bef745dc

  • SSDEEP

    1536:7CZD3zuq5Q5JH5BE3Lj84Ro77bDNW3WsN5K93TdMCNvWjxkIfnvODAU4V0pLyNU1:9

Malware Config

Extracted

Family

oski

C2

103.125.190.248/i1/

Targets

    • Target

      JaffaCakes118_e7476f5c2d8d802c0737d9f7d92d0c53

    • Size

      808KB

    • MD5

      e7476f5c2d8d802c0737d9f7d92d0c53

    • SHA1

      9f3ed412395af9bb3db4872e634acc99fc0ed250

    • SHA256

      492ca440a9dc4c40b2e8384461c122f7e078c3f771a7457c8ec4eb35d0745e59

    • SHA512

      35f6d0c3fcb4806349d657b0a2ce0fd51db2cb2eec968f04756ac3e45fb372aaf820f71a3d04260518b1b29b93df71b6f56b6bc61b2d809d9f21a663bef745dc

    • SSDEEP

      1536:7CZD3zuq5Q5JH5BE3Lj84Ro77bDNW3WsN5K93TdMCNvWjxkIfnvODAU4V0pLyNU1:9

    • Oski

      Oski is an infostealer targeting browser data, crypto wallets.

    • Oski family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks