Overview

overview

10

Static

static

3

2024-01-25...uk.exe

windows7-x64

7

2024-01-25...uk.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_5374045bd8c58a31f038138fdde0295a_ryuk

  • Size

    1.5MB

  • Sample

    240125-t2yxhabehn

  • MD5

    5374045bd8c58a31f038138fdde0295a

  • SHA1

    f29c58fae7ddc5ce8615c017603c79b33be78d27

  • SHA256

    2069aba57b3589f2fcffd86133233d57cf622751f0cf45d092b882e0f896f101

  • SHA512

    59ab0a03af99c9fa73bb4b6306d0139e266da5b671e0133a8a87ab021b804eda79659f31603a5e2fbd1d0375167a1d0bd26f77179ea9e801285ce007da077790

  • SSDEEP

    24576:W5t2sWxEOtqZpp0YYtwlGhNsof2e7A+ebC:W5t2syHmpSK8hWomh

Score
10/10
kinsingloaderspywarestealer

Malware Config

Targets

    • Target

      2024-01-25_5374045bd8c58a31f038138fdde0295a_ryuk

    • Size

      1.5MB

    • MD5

      5374045bd8c58a31f038138fdde0295a

    • SHA1

      f29c58fae7ddc5ce8615c017603c79b33be78d27

    • SHA256

      2069aba57b3589f2fcffd86133233d57cf622751f0cf45d092b882e0f896f101

    • SHA512

      59ab0a03af99c9fa73bb4b6306d0139e266da5b671e0133a8a87ab021b804eda79659f31603a5e2fbd1d0375167a1d0bd26f77179ea9e801285ce007da077790

    • SSDEEP

      24576:W5t2sWxEOtqZpp0YYtwlGhNsof2e7A+ebC:W5t2syHmpSK8hWomh

    Score
    10/10
    spywarestealerkinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks