kinsing | 23e410d5a2962b92e61f25dba35585371524de95e886291564dbd61f011bd71f | Triage

Sharing

General

Target

74fd5b707557c2def642ac033c7b3e2f
Size

1000KB
Sample

240125-t6dgcsbfeq
MD5

74fd5b707557c2def642ac033c7b3e2f
SHA1

9f53d7470d0c9f03d5cebe139affd884a1ae80c5
SHA256

23e410d5a2962b92e61f25dba35585371524de95e886291564dbd61f011bd71f
SHA512

5300940b74ed9c31966c27bbf52fd4fc0021a72f8a8c27b07c0590a636848544e8b290e4639b0a614359c7bf9d373ffb1663b7ad02a0cd3491cbfe14b400ab65
SSDEEP

24576:3xdjpaMpV6BJJCCJ+uM71B+5vMiqt0gj2ed:3rjpa8aCCAuQqOL

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  74fd5b707557c2def642ac033c7b3e2f
- Size
  
  1000KB
- MD5
  
  74fd5b707557c2def642ac033c7b3e2f
- SHA1
  
  9f53d7470d0c9f03d5cebe139affd884a1ae80c5
- SHA256
  
  23e410d5a2962b92e61f25dba35585371524de95e886291564dbd61f011bd71f
- SHA512
  
  5300940b74ed9c31966c27bbf52fd4fc0021a72f8a8c27b07c0590a636848544e8b290e4639b0a614359c7bf9d373ffb1663b7ad02a0cd3491cbfe14b400ab65
- SSDEEP
  
  24576:3xdjpaMpV6BJJCCJ+uM71B+5vMiqt0gj2ed:3rjpa8aCCAuQqOL
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2