kinsing | b3ea8b2b094a3a5cc391fed2de9da24738e28ba87c90901869f349da0b51feb9 | Triage

Submit
Reports

Overview

overview

Static

static

1

b3ea8b2b09...b9.exe

windows7-x64

7

b3ea8b2b09...b9.exe

windows10-2004-x64

Sharing

General

Target

b3ea8b2b094a3a5cc391fed2de9da24738e28ba87c90901869f349da0b51feb9
Size

243KB
Sample

240125-sywsasafhr
MD5

c438937b3059fe33f600179c872145ee
SHA1

95b3ede118e4b8d7c0a338a7edadbfcef3622b86
SHA256

b3ea8b2b094a3a5cc391fed2de9da24738e28ba87c90901869f349da0b51feb9
SHA512

2c7c64bc005e42afadbd05c0df097c888964ffb9cf4cb485d039417feaa3bd3b2c07f69f4c7a4c16e88a4c98f06a9e39cb4a99a4ccf8249267d7f477f6880783
SSDEEP

6144:14iP/aK2h9nw/B+3ChmBV+UdvrEFp7hKiu:1RP/aK23eB+yYBjvrEH77u

Score

10^/10

kinsing loader persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

b3ea8b2b094a3a5cc391fed2de9da24738e28ba87c90901869f349da0b51feb9.exe

Resource

win7-20231215-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

b3ea8b2b094a3a5cc391fed2de9da24738e28ba87c90901869f349da0b51feb9.exe

Resource

win10v2004-20231215-en

kinsing loader persistence upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  b3ea8b2b094a3a5cc391fed2de9da24738e28ba87c90901869f349da0b51feb9
- Size
  
  243KB
- MD5
  
  c438937b3059fe33f600179c872145ee
- SHA1
  
  95b3ede118e4b8d7c0a338a7edadbfcef3622b86
- SHA256
  
  b3ea8b2b094a3a5cc391fed2de9da24738e28ba87c90901869f349da0b51feb9
- SHA512
  
  2c7c64bc005e42afadbd05c0df097c888964ffb9cf4cb485d039417feaa3bd3b2c07f69f4c7a4c16e88a4c98f06a9e39cb4a99a4ccf8249267d7f477f6880783
- SSDEEP
  
  6144:14iP/aK2h9nw/B+3ChmBV+UdvrEFp7hKiu:1RP/aK23eB+yYBjvrEH77u
Score

10^/10

upx kinsing loader persistence
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Modifies AppInit DLL entries
  persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingloaderpersistenceupx

© 2018-2024

Terms | Privacy