General
-
Target
xiynk.dll
-
Size
356KB
-
Sample
200626-953qfplyej
-
MD5
e83a8a849188b48e79a6f49dd0c7ae91
-
SHA1
55a1669550d823104e1452f0e6a0a94c3f7fae12
-
SHA256
a97b7b2353dc9012b6cb914f6665d0e93f557859411d2e08b942316c09d7b07f
-
SHA512
b035faff865f72977879322f9d1c08c6f87c96a8805db76a0e5ae4b6118f2b075e58bb1cc6a9cee8ce1c51763301443bab40970ad1f072a1763d7d7727e477f4
Static task
static1
Behavioral task
behavioral1
Sample
xiynk.dll
Resource
win7
Malware Config
Targets
-
-
Target
xiynk.dll
-
Size
356KB
-
MD5
e83a8a849188b48e79a6f49dd0c7ae91
-
SHA1
55a1669550d823104e1452f0e6a0a94c3f7fae12
-
SHA256
a97b7b2353dc9012b6cb914f6665d0e93f557859411d2e08b942316c09d7b07f
-
SHA512
b035faff865f72977879322f9d1c08c6f87c96a8805db76a0e5ae4b6118f2b075e58bb1cc6a9cee8ce1c51763301443bab40970ad1f072a1763d7d7727e477f4
Score10/10-
Blacklisted process makes network request
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Modifies service
-
Suspicious use of SetThreadContext
-