kinsing | c306ae721c046eb3246e863b7bd4f1fdecb4dac5c1ed04c06f29c582443a389c | Triage

Sharing

General

Target

74fa76f32b4cc3c485ad7169f8d9336e
Size

393KB
Sample

240125-t2xpfabehl
MD5

74fa76f32b4cc3c485ad7169f8d9336e
SHA1

d8abef98edc1b7709c3c86af576e529ea927ade7
SHA256

c306ae721c046eb3246e863b7bd4f1fdecb4dac5c1ed04c06f29c582443a389c
SHA512

de4ea7237270fb905e86e518169897bb0a125a7d646f9ecb9ec66dfcbb03231eb399de9ea9277ed387c9a2e0035628ae32547f979b472ba9ab293b5f059f47ce
SSDEEP

6144:jbOmwnO5EVvDpIHbS267kd44dy267Jtntpf/zNnQGwV0FX91ieTcOZ8jw4ugaw:fwOeU4U4gIDtp3z5QGwmX91iet/L3w

Score

10^/10

kinsing loader upx

Malware Config

Targets

- Target
  
  74fa76f32b4cc3c485ad7169f8d9336e
- Size
  
  393KB
- MD5
  
  74fa76f32b4cc3c485ad7169f8d9336e
- SHA1
  
  d8abef98edc1b7709c3c86af576e529ea927ade7
- SHA256
  
  c306ae721c046eb3246e863b7bd4f1fdecb4dac5c1ed04c06f29c582443a389c
- SHA512
  
  de4ea7237270fb905e86e518169897bb0a125a7d646f9ecb9ec66dfcbb03231eb399de9ea9277ed387c9a2e0035628ae32547f979b472ba9ab293b5f059f47ce
- SSDEEP
  
  6144:jbOmwnO5EVvDpIHbS267kd44dy267Jtntpf/zNnQGwV0FX91ieTcOZ8jw4ugaw:fwOeU4U4gIDtp3z5QGwmX91iet/L3w
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  10f710e8bb6259592a4b5874f0a554c6
- SHA1
  
  b6e5df9276a1c8717cc05b3f71dbb13b90de5e0e
- SHA256
  
  5e7bc15c54fce6d02cc0b5bd4c14838f7f5cab3fda5dacd3d128bd22d78a4f31
- SHA512
  
  75df142db5d8aac1b9b8dc72ee2c7ae9531c742e452df3bd12b94fbfecc901b5890f579f38d4f577dfc80e829d3d80fe1c4c0aeedf619e5b6d37f1cd38a22f98
- SSDEEP
  
  384:2Klm7i+c3QW6ckPhyDEaLnx2bbBBIXwZ:7qi8BcyhEhL0bbTI
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  9b11a5ff844d591aebaf526b5f1d5582
- SHA1
  
  e60948a5101c282957ffee3988816a9187963565
- SHA256
  
  9d23b28fa88d485810d8895d429365a7c826a0e9804ca8697446a05bbfdc196c
- SHA512
  
  8dc48f5b94da146798e1eca08ed33105422cb841badbaf3d868cebf167307162fae001386510977211829f96395f4142d2dc8311a2837d0d0a28ad5f6ff53319
- SSDEEP
  
  48:SHePtcWCeM7etAo1UurdGl4A0h2TpXHWFv+wewzpv1XP3GhaEJtof2ynh1:f1cWxfzrrh2cFvWwFtSq
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral5 behavioral6
- Target
  
  ConfigTsXP.exe
- Size
  
  109KB
- MD5
  
  0814c4c6fcb7c4a6ffc792467ca71dac
- SHA1
  
  42839bc929d21b0c2549cb099b4eded038f29dcc
- SHA256
  
  9155f0ad63805ba201b3b3efe4708466aff97105e9a5fe7c0fbc52549620f76e
- SHA512
  
  81ce1ad8f3cc113f7c38a9f62681f1694cd1089279beaf9d402a7be6685e85e1a2d37b4e9200df9a1d41352c300e9e2a8bc32fcdc07aac51e129049c0e54f972
- SSDEEP
  
  1536:Hng4S6g1S6qIqGmsOASZbCEogeNTEnwbws2c+xoPf3t3MV3S8bhnrsKnK:HrKU6v3O3bC3g2Tbb68Pf35OxdK
Score

10^/10

upx kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  TaskSwitchXP.chm
- Size
  
  25KB
- MD5
  
  1779c34c9fe39814b1b02a08a89aedd1
- SHA1
  
  33d118901b5695ce350e2443db73ee346e2fde21
- SHA256
  
  2b36b63d5a58ede588156904aff3583dd6fc271bbc63aa43aa32b3620c99b22b
- SHA512
  
  a818044be3ccd452bb4fed3375e3be5b0a31a8013b515d6c38c88afc6873e14fa297353a195906f5256f9933074a38d416284cbb040743bc104e66cfd7aad37e
- SSDEEP
  
  384:3/cq2eHEKX7rpcqW/JABw2RWZhzQ3CByhPcxOZKXQTIcAu:3/l2eJX7rpcJABwmWB4Og8cAu
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral10 behavioral9
- Target
  
  TaskSwitchXP.exe
- Size
  
  61KB
- MD5
  
  aceb501dc6253d26039cde2fe82a5576
- SHA1
  
  ec24fd29abfaa6edc33c70398b1103df0a7083e1
- SHA256
  
  9fd657b28e280ffcd0de863c11c0d9526316a9c45516c3a7fb816db3227014c4
- SHA512
  
  7c7a4755e5a566eb24adf68ff2f41486389b7df044ce1a26b92c32da838645d913efb07d8d18013f0333311c49b9b90d0d71f44684a3b985d27ff43e555aba91
- SSDEEP
  
  1536:OPK+ruVAPGxHhMhGl2Xr79N/9KZH83h9mPKpK8KZKB:O7r5PGxBMhbXr79N/9K5Qk/
Score

10^/10

upx kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral11 behavioral12
- Target
  
  scripts/ShowDelay.js
- Size
  
  1KB
- MD5
  
  4b1dc4669462d821b2f0f09becec1134
- SHA1
  
  7a947f24e2daf248b00e905b26ec59a966b7acd5
- SHA256
  
  e1ceb98ffee8da43d66484ce774c6af3c7ccd38cf07fb6c70208d2a0771a1e8c
- SHA512
  
  a63639954bab7618abe39e6b081627b35f66eee5c7e7b054f7c3bb05375951eedb5a604b247c8a0ebc082b1bd10f4305582f6f72d9d64d48dedbfd68ea095558
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral13 behavioral14
- Target
  
  scripts/UnlockQ.js
- Size
  
  1KB
- MD5
  
  5ad91cb14e203bffef6b567731b968d5
- SHA1
  
  7a2b94176d316a808eb6e45b99485861d3d3215d
- SHA256
  
  50112883a395d0425122f5c5fb89221a2d6900b3a94726a2947954c20b98cbda
- SHA512
  
  3bc766b68fa249e8eb462fbce4d97b218c9644752c579386ca7930045be579744ce70cb1e053a5a1dcaad86b140165d5f0b5042506bc2769e451c0ab087cd911
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral15 behavioral16
- Target
  
  scripts/WheelTab.js
- Size
  
  1KB
- MD5
  
  bdf5603d6cba7ef736111c58c6c477a1
- SHA1
  
  16967bad04cdf9467439fc52441772e6c96c1539
- SHA256
  
  71a665bcc8cfce3a5c280da52601534f4aeb23fb8e76b018bec27a08557c116f
- SHA512
  
  6a3a8ae73b30fb3be8bbe3a7a2836d55c877a9c21cff43e9b0e67ebd21e12e3a80934caa208c2443ed05cfff4fc91b56d0dc3aaceddd2f0ba0ae1efb75d513ea
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral17 behavioral18
- Target
  
  wa_ldr.exe
- Size
  
  3KB
- MD5
  
  2acbc1ede7fe181e5f3f0a8d0b17342d
- SHA1
  
  76f9812d60d08b097f6711f59ceb5934491de7a5
- SHA256
  
  c5978f10cd50dc8102510738045dd8761de5b4515706e8eac1bc5a53a88fb830
- SHA512
  
  047be59162bf6c5f9dc18019f6526f1210e1165408f7a0c37cb83f93882b634ed1304f5a3842f161375f1d16cc5f330d1cbcfc1d18f4f8ed77ee4968ec74a0ad
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral19 behavioral20
- Target
  
  uninst.exe
- Size
  
  84KB
- MD5
  
  f71a855850fe6af8c99a146f5283ea5a
- SHA1
  
  8cd8cf69659ed2324fd03bf88b047beeb9c19bc5
- SHA256
  
  aa058750c9f285b8fa54ee096dedabec200538eb4a185a4519a5f6a928748cc0
- SHA512
  
  9d10ee5f9b7c2aa5dfbe4d028ecf964874370107c8549183e5b8225e3d3080c5d11a27a21922d3228ceb38cb6a44fb3fab22db4b6f98954855c90c8b269cbdc3
- SSDEEP
  
  1536:jbSqZVJdThUxmskJmtTPCrP6mpeuNyQ88AI8bCV2gAncq:jbLpZuEskJ0TPCrS/INIcq
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Executes dropped EXE
- Loads dropped DLL
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  9b11a5ff844d591aebaf526b5f1d5582
- SHA1
  
  e60948a5101c282957ffee3988816a9187963565
- SHA256
  
  9d23b28fa88d485810d8895d429365a7c826a0e9804ca8697446a05bbfdc196c
- SHA512
  
  8dc48f5b94da146798e1eca08ed33105422cb841badbaf3d868cebf167307162fae001386510977211829f96395f4142d2dc8311a2837d0d0a28ad5f6ff53319
- SSDEEP
  
  48:SHePtcWCeM7etAo1UurdGl4A0h2TpXHWFv+wewzpv1XP3GhaEJtof2ynh1:f1cWxfzrrh2cFvWwFtSq
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral23 behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

kinsingloaderupx

behavioral9

behavioral10

behavioral11

behavioral12

kinsingloaderupx

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24