Overview

overview

10

Static

static

1

Refresh.ps1

windows10-1703-x64

10

Refresh.ps1

windows10-2004-x64

10

Refresh.ps1

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Refresh.ps1

  • Size

    5KB

  • Sample

    240125-s5zsjahhg4

  • MD5

    704b0f9d81facd22bc981533658d35d2

  • SHA1

    0a588b24db210246abd374e4eaca14feb09b3c01

  • SHA256

    eeb0371e7c3c26ff35d9f20f94ec2cf9925fcd779826cd5b0cae8f4c5a7582b3

  • SHA512

    23fc4bb52fb3bbe92e8398c8bbb9b929fe27ef201f167ac2c88eeda39ede2e0f0746d433938d9dad98794ec9fbaa788c6305ceb8766af2f4ce4b11eaae2e51a6

  • SSDEEP

    48:BeSMaBuYJ1G93GNviWIBXiD7+cpfZMR/RE:BqaIYJ1Y3GNv6BXiD7HpfZMRq

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      Refresh.ps1

    • Size

      5KB

    • MD5

      704b0f9d81facd22bc981533658d35d2

    • SHA1

      0a588b24db210246abd374e4eaca14feb09b3c01

    • SHA256

      eeb0371e7c3c26ff35d9f20f94ec2cf9925fcd779826cd5b0cae8f4c5a7582b3

    • SHA512

      23fc4bb52fb3bbe92e8398c8bbb9b929fe27ef201f167ac2c88eeda39ede2e0f0746d433938d9dad98794ec9fbaa788c6305ceb8766af2f4ce4b11eaae2e51a6

    • SSDEEP

      48:BeSMaBuYJ1G93GNviWIBXiD7+cpfZMR/RE:BqaIYJ1Y3GNv6BXiD7HpfZMRq

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Blocklisted process makes network request

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks