kinsing | a3d71d9738f975f9e71f8f0bf9c397ca45471e52dee61c5b3df08824142b7d06 | Triage

Sharing

General

Target

75002e5b546c90bac9b24cae7e9fb764
Size

192KB
Sample

240125-t8wqqaahe9
MD5

75002e5b546c90bac9b24cae7e9fb764
SHA1

6ffa885504abb21b6945af990352d601db43fa27
SHA256

a3d71d9738f975f9e71f8f0bf9c397ca45471e52dee61c5b3df08824142b7d06
SHA512

7f10e9899b15729bea94582b6743fb8e3630fe8bef7bd3d957fd82979ab05c5f4dc42f85c5d7fb091ee6818fc8878982a83d5724e5c099acc63d47a779311c28
SSDEEP

3072:+vALA7iAiwYJLFjwiGmYWlxG4n8mDQAVZggE0DZY/4BLN4Re8yL:UTuPxGXWzGZmDVZrEmbBuRe1

Score

10^/10

kinsing loader persistence

Malware Config

Targets

- Target
  
  75002e5b546c90bac9b24cae7e9fb764
- Size
  
  192KB
- MD5
  
  75002e5b546c90bac9b24cae7e9fb764
- SHA1
  
  6ffa885504abb21b6945af990352d601db43fa27
- SHA256
  
  a3d71d9738f975f9e71f8f0bf9c397ca45471e52dee61c5b3df08824142b7d06
- SHA512
  
  7f10e9899b15729bea94582b6743fb8e3630fe8bef7bd3d957fd82979ab05c5f4dc42f85c5d7fb091ee6818fc8878982a83d5724e5c099acc63d47a779311c28
- SSDEEP
  
  3072:+vALA7iAiwYJLFjwiGmYWlxG4n8mDQAVZggE0DZY/4BLN4Re8yL:UTuPxGXWzGZmDVZrEmbBuRe1
Score

10^/10

persistence kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingloaderpersistence