kinsing | 56e62518fdf791d5c5f673dcc004b0569c5dd4108e2873adf16cae76fec91e5d | Triage

Sharing

General

Target

74fc686e77c52a885e8dbbef7ba8f6e9
Size

5.1MB
Sample

240125-t5bw5sbfdl
MD5

74fc686e77c52a885e8dbbef7ba8f6e9
SHA1

1cb2bf9a840cb76af883488761c7cdede5d9ff66
SHA256

56e62518fdf791d5c5f673dcc004b0569c5dd4108e2873adf16cae76fec91e5d
SHA512

0e4497cd9423b2618f89667d02799857cba4b28ac64f4e6f375485681e5df6cba1e6d245acdaf6f85765818f9262df03a445cfb96f954f8834fd6a57d25b40fa
SSDEEP

98304:7eOCbO6qVO62lge7kjksuX5Ng9d9nxdSwyNtcPFkPdUoLKkc2C+/AejaXYh:7KC6+lYwjn9jnay4dUoukCEAejR

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  74fc686e77c52a885e8dbbef7ba8f6e9
- Size
  
  5.1MB
- MD5
  
  74fc686e77c52a885e8dbbef7ba8f6e9
- SHA1
  
  1cb2bf9a840cb76af883488761c7cdede5d9ff66
- SHA256
  
  56e62518fdf791d5c5f673dcc004b0569c5dd4108e2873adf16cae76fec91e5d
- SHA512
  
  0e4497cd9423b2618f89667d02799857cba4b28ac64f4e6f375485681e5df6cba1e6d245acdaf6f85765818f9262df03a445cfb96f954f8834fd6a57d25b40fa
- SSDEEP
  
  98304:7eOCbO6qVO62lge7kjksuX5Ng9d9nxdSwyNtcPFkPdUoLKkc2C+/AejaXYh:7KC6+lYwjn9jnay4dUoukCEAejR
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/BindDLL.dll
- Size
  
  49KB
- MD5
  
  45ee47b84617f225b8991c78675e649a
- SHA1
  
  5ee71b44abbd9823f0b5e5e93d4bc42da7048669
- SHA256
  
  021d056a03fd6a15154caef3faa98dd5388a1338552f8b5c89edffaa9e5a838d
- SHA512
  
  9ecab1b534a5a8abe67dc52d443f8ea93dc3844fddea6c6d285e208e600beb529c418559c0b4632e2f4db5c52fb55b5d64b4d207d25356f2c161b91e67862fd9
- SSDEEP
  
  768:O7kW8LkQaL0u6+l4g3FZN1ftMUZfmnXgwLWQbCm:O7kW8LknLn6rg3rN1ftMWfqXgwaECm
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/CommonFuncDll.dll
- Size
  
  29KB
- MD5
  
  563021d3e7a1feffd5825f74accd509d
- SHA1
  
  4f088428f5cd8db4c8162379cc2f04353f0cfb41
- SHA256
  
  69588124f8ef69475c9188dc7855e2bfec22d8aaf97aee569af9c3d895395aec
- SHA512
  
  7b4d778d8280b05a337a48754c065f79fd07fe62ba69cf0d6291ecd6591df4ba3e0a96837f8530e402fd42ef428323eb9679d44f344db919e4d8647a81814600
- SSDEEP
  
  192:UD+Qd6eSOl85H85uXq7MXlQQOEhzzyowJL/8Qpkqs1IOO9+ebCfwxv:ULd6y60uXqwllvYJLu18TbCav
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/CoreAAC.ax
- Size
  
  312KB
- MD5
  
  b0ffac757be8d6cc41e1131eb2b0d959
- SHA1
  
  0e41733a050bc2ed53fda6337d6501b9942317c2
- SHA256
  
  04bf38bbd9cb8287582f9a2fb8b06e0ab30f06f676a93f4a56656b576f10e597
- SHA512
  
  356ecf4902f767f74670e5fcd57f26fb8a43710d0a2b3a995877e6f265119b2f091c6e5e3457dfa1767c6e4043afc470cc7090f43dd997b27c0e94c7e102bee3
- SSDEEP
  
  6144:+yTbEUUmDAh189YEqbBpkJzJTba96sZTiaJfOMBfcESToVk:bxUmDAn4C9GBJba96sZTf9Oy+Wk
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/CoreAVC.2.0.0.0.ax
- Size
  
  265KB
- MD5
  
  a45cfb1f058297ae981f8afeef056b8d
- SHA1
  
  e454ed585a0f19d3119cef725958ea19c93cd7cf
- SHA256
  
  779768aa0bf2270422e1686547ae622238e7b7cf37ce212a1d75caf8628c1508
- SHA512
  
  efa87c97e4f76d5fbd73d2e0c5c580c719518d4e3e7e16efdb1355b659c9584956bc7df944f0d637f069f359a046fe65bfd178e4cbaf97fbb5921ebd29e09aa0
- SSDEEP
  
  6144:/+x+B++xX1f3uZINBKD5wlA9amB38sDFe9E23XbFDZ:Wi+A1fJ2wlhmKsg22nbNZ
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/CoreAVC.ax
- Size
  
  181KB
- MD5
  
  c264fed121afd44bda8bf0ff8f4e4269
- SHA1
  
  7480a3b26b81045a1504e68e15225682bcc6f440
- SHA256
  
  cb8d9d80dcd48d9a9e3d87c847c47125f7201a98fb5abb4bd6c443322071b951
- SHA512
  
  99ed4b723b2b7a90fce8e9bf9ee8d5a1440c4d569638ff6a1aa59354c8bca91618a13c440f754fad3ae22c306709da35b4c53b8a00a09753027eaed0d238052b
- SSDEEP
  
  3072:eFX0fCcmjZvyTdndzMryzKdvYQ/5c0q3ARsK/l74obxK7Dtp0XRHSOg9lX9cWR82:GEKpZY2r3VYQ/c0d7Hbw7pp0X8hlX6WB
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/FWUpnp.dll
- Size
  
  140KB
- MD5
  
  be2d4b56d5d40afca9c804d0776a25c6
- SHA1
  
  7ea48cf0e980fe999f14338f44ad4c57c9b714de
- SHA256
  
  e54031818e6449897e3a81f0637b0af7618f6aa9e1530c3bf4989d2fabe4a2d4
- SHA512
  
  f32b8e1d27acb7c9021dcc6cd426599374f61a78fd38a0f9d0bf5bf63c424ca816e3859387d98b3060592ea86d1743c5ff149099bcab4da9e31ff7abc81fd627
- SSDEEP
  
  3072:HE0D5eN3rsEkHJGYM+y/DV7u4hNesdd56PeAWK5:HRQ3rshhMn/DVj3dc2LK5
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  20KB
- MD5
  
  943ccc923be093185c04e893245e55c4
- SHA1
  
  5d48cfcbe7a659e8c1da7127aced2cffb8e6d125
- SHA256
  
  893607cef43f3dbe210b301c6b91d426a4eca11694d8feb5104edd329365f57d
- SHA512
  
  5006e7b312a3182b4d638a38579ff1bbbaecf288995d23135d201745b4d2b999357ce8ca051decd51c55620fc144e536d51846f73e42d76c5cd058a00c5661f6
- SSDEEP
  
  48:KR9SLgW+/BpWXrBHHC6p5/NR2WIOo6R9NBxIA9NAyUXXfbXW+gN0VbgAa4QYAB4:t+/Bp89C6p5u1OoQkA8yUXPb60Vb+4
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/GdiPlus.dll
- Size
  
  1.2MB
- MD5
  
  f41017bce96960db300112c638cf9e5f
- SHA1
  
  ee9a555a00b82b971b5de2a46e6fc6cf9f40cb10
- SHA256
  
  2eecccbd600f4fb7f5482d710f276d5a17b25f04e46afad774dc95840f5506a6
- SHA512
  
  5f06c891e2435a24f32e157967f1b181220c62cc8cfce0ad6bff5c5709d4079f61ba7c2dffea0abeedf210ca56ddce07a4b6d9e04ab77b7bea257ba9dc8bd032
- SSDEEP
  
  24576:uxnzzlD7ReVXjqvyigpv71+h3A6DZq0PCFUm1zfvDf73zJAMR:uBzpD700KVwh3TA0PCUuz73aM
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/GetCommentsInfoDll.dll
- Size
  
  53KB
- MD5
  
  aa61ac6aa49a499b30dce871869bb6be
- SHA1
  
  cfce11e23f1678fe9e46bc72b54ccc546c6e79aa
- SHA256
  
  c5a4a3674b518f7378a900665ac94d39a305f92dccaed5a879c328d6cc308ae7
- SHA512
  
  bd1facaded3bb2fa47901e0e0cc27a5376fe11c140a5be26a95a38fd66a1799109dd97ece1c413fd226ef5da3ebf55b0999c80b8bc1eab828a84a4600d84108d
- SSDEEP
  
  768:vU3ivFTmDlQLCbGch8PbPCBoh5Nw0dw7P9YJz0luVFLWQbCY:lFTmDlQqGchWbKey+J4l8FaECY
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/HTTP_ASF_SOURCE.ax
- Size
  
  511KB
- MD5
  
  2ca0666cb7eebc4f31d1b1cd5567defa
- SHA1
  
  57937bc69d62e8405742137b94172b129274c77d
- SHA256
  
  5ccfce12fdeb592955cd14154446374a547864a6b5ef1a5a5d9cd801121a0128
- SHA512
  
  bac83324d390f961aec228ddee702a0709e9e59501500592e8fc5f30e0236719836b86c880e9cc90af3747c2b23dcce7ce1b7b29121740c82a0b9fb8fc086e41
- SSDEEP
  
  6144:xEBjCmsazwA6exhQWHb7Do9b2GRPKT1E9o5H4G/VmKEYTzKKAmKCetU0ub7lqE:w+m3P6exhQW77TiSECrYKfTmSrVqE
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/Hookkernel.dll
- Size
  
  275KB
- MD5
  
  65c2129a5c0cabd657022cf49a1a96a3
- SHA1
  
  03c529e0226eb5b41cd91708512dbd58edecd600
- SHA256
  
  0aa0271fc27552af57fd171c3288b00b600c912a60d8752bf70f90b997f5d67c
- SHA512
  
  b9900c3f6c93cf30c55cf718d96743728535bcb820ffaf4efa3c1ab874c684903a8fb30c2e88babdd468c2badc49306186df95f32d86bfb1a84d8d182bc8143c
- SSDEEP
  
  3072:VOGElO2Vtd2LW5ukXA8l7xLsx1BuAYzPWMYCWyRQzaniwlXs5Yo4qD1icgE:FEzrd2LWDXA8lVsNczPWtCW/zO3XtooE
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/InetLoad.dll
- Size
  
  23KB
- MD5
  
  7a10bf1243756d9cfbf6a5160d0daa23
- SHA1
  
  5770bab5f288383e316e2e59b427f7eac1e50347
- SHA256
  
  64d779b5bac8a2b8a31a83cb3b4171141b4809e3e126a546a4c1f7570ee93210
- SHA512
  
  3a8d37a47a17893388ad9f58028d98ff0687ecc9fc9f0b0501650544985e3ec257c113381a3910b3b0cc8a06fe4e26fea1b65adfd4768822e6e638a9215841bf
- SSDEEP
  
  384:pmo3/Rgcxh1s7HBPJfQYooYfk8dLN0Ac9k+LMkIX1+GnTXBhHYJLu18TbCx:pm+Ns7HZWYrYfVdL72LWQbCx
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  20KB
- MD5
  
  acc5bb97897cbc7d49d89d6ed5ba79bc
- SHA1
  
  9ec453aa48a25851a65900aab09a534a67875491
- SHA256
  
  6d43d9d45c52273ea9b3dd16af030a6221df78fcf0f07238f6aa92b4cda660a4
- SHA512
  
  c38a5bdf14d1bc1e1214ef0b2693a919629350cd0b159486f180307013df83c22e95c8209dcecede07afb47422ccca72efa7c6ed53642017eabe6bcb341d1a06
- SSDEEP
  
  96:aUGda5TnpKPmDq+Fmq1wu++wto/kQAQyU7YCHb+4SqTh:xGdappPmtqCDtob/64pTh
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/Live.dll
- Size
  
  205KB
- MD5
  
  ec03fa69a025dc807314b9dcb5498986
- SHA1
  
  a0f5abfa07ce548f10b806922eff748d2652f0e9
- SHA256
  
  c3c5091dad0c0be701f6da2ae41a07f3614d6f567031dda823e5a320483c2243
- SHA512
  
  78c30b0616686454be4c2eff375c91445270effb8d7bcbca372692ed86ce9dc383f91512fc65a937cd7c478c0c5cbd840e301aceabbf7d3c58cb92a80671cabb
- SSDEEP
  
  6144:juVS50/4IMjqndIM7NpiLgqe4tQ+PAHWgaWSJKR82+gS45y69z6gm61xdO:jg82+gS4J9+gO
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/Loader.exe
- Size
  
  65KB
- MD5
  
  8fe734d97bcb8fe7f095a42d0d1f5762
- SHA1
  
  caefa34860dda8139fdbddfeae1c141e8834c84d
- SHA256
  
  fc992ccf209aeb64f9c8c5de50811196ec829647ef4cffdf18e9571e090cdc69
- SHA512
  
  1510955ea18953a7b503307ad0a7bcfc8529839a6acd4611402fada20754c8d77cdca9eca2870a407b4e23860a104713cfd895d4c1641d34c2e368289d7c541c
- SSDEEP
  
  768:Zz3Mfz6JrbhySF1o59g66R9vhrp20+BaeLz/t8LWh1Jf8KQCVALWQbC5:Qz65df766NrpBkZx1Jf8+VAaEC5
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32