Analysis
-
max time kernel
141s -
max time network
145s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
25-01-2024 16:40
General
-
Target
74fdf276251087de9542c2da90ed9b59.exe
-
Size
1.0MB
-
MD5
74fdf276251087de9542c2da90ed9b59
-
SHA1
750c4be9b74c0ff9ee612ebc8a0567deee7f431f
-
SHA256
2412815db6cbeeef60d7309a065b6d0bd8eec84f97f87d419147cde21c91bff2
-
SHA512
14497f2699d17ed7f36c3341f90eadc9b0ea354d68bc8c096911110c08fb7ecdf9d12f5e56a8b4278ed4379c72f853f0bbc14fc649c9c0365c32627995f6babc
-
SSDEEP
24576:xfLHuzBsBX4BF3LEV8dz/WqBEJBFeYns+HAeyfLGfgyMy/cF:xfj0wk9L80z/LEJBFeJ+HZEGTw
Score
10/10
Malware Config
Signatures
-
Kinsing
Kinsing is a loader written in Golang.
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SendNotifyMessage 1 IoCs
-
Suspicious use of SetWindowsHookEx 14 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\74fdf276251087de9542c2da90ed9b59.exe"C:\Users\Admin\AppData\Local\Temp\74fdf276251087de9542c2da90ed9b59.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4608-0-0x0000000000160000-0x00000000003A6000-memory.dmpFilesize
2.3MB
-
memory/4608-4-0x0000000000160000-0x00000000003A6000-memory.dmpFilesize
2.3MB