Overview

overview

10

Static

static

3

947c8b421e...98.exe

windows7-x64

8

947c8b421e...98.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    87s
  • max time network
    132s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-01-2024 16:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    947c8b421eb8793b640134c5ad4e7231582e89fb27d0f003c3ab25bb5dba0b98.exe

  • Size

    5.1MB

  • MD5

    18dd7943583279b96d7a3ccbcc6e7151

  • SHA1

    1a64269841e149f775c6aff9f9abb6b11d0dba02

  • SHA256

    947c8b421eb8793b640134c5ad4e7231582e89fb27d0f003c3ab25bb5dba0b98

  • SHA512

    4ff8e9d430bf4a7ac10bd44538d55940e0c4b07a747b25119c0d94de6cc7985410159b1d11387c5ead01a750692c95fefdbc551147735af9d23f5cdf9622bdd7

  • SSDEEP

    98304:8HenYKGxUcl3nT86Ytacv5Se1KdzOJDb4v+u:8Hr/YtacvuwN0v+u

Score
10/10
kinsingloader

Malware Config

Signatures

  • Kinsing

    Kinsing is a loader written in Golang.

    loaderkinsing
  • Downloads MZ/PE file
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\947c8b421eb8793b640134c5ad4e7231582e89fb27d0f003c3ab25bb5dba0b98.exe
    "C:\Users\Admin\AppData\Local\Temp\947c8b421eb8793b640134c5ad4e7231582e89fb27d0f003c3ab25bb5dba0b98.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3820

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    22daa0cda1021260dbc2dfb5792e19f8

    SHA1

    c779ef26d7571beebe468a41c53b2fb20be29980

    SHA256

    42be4b206395343536349d2f96e933bc494c2299479a75fb3df2486128a7f10c

    SHA512

    b0786db10a4360aa69fe8c25471d086e04ab5a14cae3911536976338585049a724ef6ce0aa1a12cc2432eb4b1eceae96cb5f57be53fb51908c0623f18ca40942

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    3KB

    MD5

    515281920aa4a5dff608a8b9d9172ed9

    SHA1

    40594236034560f8af1971504126031442ad3ecd

    SHA256

    d7c332407f9ea6653d75ff784708370452c9363ae2d1ac83792e217d2c3c17e7

    SHA512

    0bf1da5e469402522ac197fdd8dc9172302c316828818b512677dc67bd50c296cf7204838e0b264723630c27191ed903f64b41bd1aca6098c775e292c5342db9

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    b5e47b16b39fd6769c7df09d05aaa4db

    SHA1

    77516e96541901479e23632cd9a6ef74e397da5a

    SHA256

    731e2a4c612dc947044a8e054a2e72144ef9afeba1c464d45dbf21c8ce597aa7

    SHA512

    5c2ae693ce765cc1a46d658ec69f1aca67407f382d436b466a0af12b359a99844638ba9af0098c2ae566979fc5571e19966cb65161bb17672cb5f797a35bed54

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    4132ea93dc502dea2964f59c4ccacd51

    SHA1

    bfb119b436d274d0e7acce759343911dc63e9684

    SHA256

    049d053317e70030c7f8c4dd4d742a5472295ebaa22dd0fdc5d715520f5325b2

    SHA512

    4d15faaff6fedb76b7f530235530914f9838e663f5e5f0c6584a1913c086d4eba718daa039bfcc62de835073f7a3b9448f47ddda9ef15ccaa9335d2fb6374e03

    Download Submit