kinsing | 316d69deb2d801e2bbbd3752a2a8b448ac54e5bbfce0ac84b868fe6443c8d078 | Triage

Sharing

General

Target

75008c45f4f63482f583de1108232255
Size

771KB
Sample

240125-t89mksbgcm
MD5

75008c45f4f63482f583de1108232255
SHA1

62a2068e8d213a7087bf54d3a89bcc826e29c2f5
SHA256

316d69deb2d801e2bbbd3752a2a8b448ac54e5bbfce0ac84b868fe6443c8d078
SHA512

a77d9787a29d481080ccb5e5c083bb05354fc8ea6b197bb9db360d6ad08ff06df09a311170573c44a84c1e5ef1c4453bde7dc0e7d8981b12083ee0e36fc6f3ea
SSDEEP

12288:IdHbt3BveMGLVovebFNmnEp6Klf6eb10VHmDXTuFaa2AtyGTKOF25ZoJJyhRge8V:It3By+1n8VPb10hJaothZ2/T6FBBB

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  75008c45f4f63482f583de1108232255
- Size
  
  771KB
- MD5
  
  75008c45f4f63482f583de1108232255
- SHA1
  
  62a2068e8d213a7087bf54d3a89bcc826e29c2f5
- SHA256
  
  316d69deb2d801e2bbbd3752a2a8b448ac54e5bbfce0ac84b868fe6443c8d078
- SHA512
  
  a77d9787a29d481080ccb5e5c083bb05354fc8ea6b197bb9db360d6ad08ff06df09a311170573c44a84c1e5ef1c4453bde7dc0e7d8981b12083ee0e36fc6f3ea
- SSDEEP
  
  12288:IdHbt3BveMGLVovebFNmnEp6Klf6eb10VHmDXTuFaa2AtyGTKOF25ZoJJyhRge8V:It3By+1n8VPb10hJaothZ2/T6FBBB
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2