kinsing | a13a4e97eef375822cbbf2634e30d7b8674b8bb72bebc769a077156f5eb319ec | Triage

Submit
Reports

Overview

overview

Static

static

1

a13a4e97ee...ec.exe

windows7-x64

7

a13a4e97ee...ec.exe

windows10-2004-x64

Sharing

General

Target

a13a4e97eef375822cbbf2634e30d7b8674b8bb72bebc769a077156f5eb319ec
Size

286KB
Sample

240125-s3vqsshhd5
MD5

95a039bd2b4861cc9c2c9b39b77654eb
SHA1

21e0d2f5fe3427e5c471a294131255087a81c75d
SHA256

a13a4e97eef375822cbbf2634e30d7b8674b8bb72bebc769a077156f5eb319ec
SHA512

f54a280a28cb6e112f142f1867e7e533d5422974952b480d71a00c6bae13209a67486e54f3088df086f51a17c65b4acc539cbe14bf7dd027e0a84c54a4eb3dd3
SSDEEP

6144:9rNkhSR/5kHouyXnZhB+h8WHlBV+UdvrEFp7hKgUQ:9rNkhm/JuyXnPB+h8WHlBjvrEH7JUQ

Score

10^/10

kinsing loader persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

a13a4e97eef375822cbbf2634e30d7b8674b8bb72bebc769a077156f5eb319ec.exe

Resource

win7-20231215-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

a13a4e97eef375822cbbf2634e30d7b8674b8bb72bebc769a077156f5eb319ec.exe

Resource

win10v2004-20231222-en

kinsing loader persistence upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  a13a4e97eef375822cbbf2634e30d7b8674b8bb72bebc769a077156f5eb319ec
- Size
  
  286KB
- MD5
  
  95a039bd2b4861cc9c2c9b39b77654eb
- SHA1
  
  21e0d2f5fe3427e5c471a294131255087a81c75d
- SHA256
  
  a13a4e97eef375822cbbf2634e30d7b8674b8bb72bebc769a077156f5eb319ec
- SHA512
  
  f54a280a28cb6e112f142f1867e7e533d5422974952b480d71a00c6bae13209a67486e54f3088df086f51a17c65b4acc539cbe14bf7dd027e0a84c54a4eb3dd3
- SSDEEP
  
  6144:9rNkhSR/5kHouyXnZhB+h8WHlBV+UdvrEFp7hKgUQ:9rNkhm/JuyXnPB+h8WHlBjvrEH7JUQ
Score

10^/10

upx kinsing loader persistence
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Modifies AppInit DLL entries
  persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingloaderpersistenceupx

© 2018-2024

Terms | Privacy