kinsing | 623349e598d90b2b62f10fb5208cb4b3ddbe1fef627064e671f8fc538abd94b7 | Triage

Sharing

General

Target

750123c116611a4558041a17c109d961
Size

88KB
Sample

240125-t99zqsbgfk
MD5

750123c116611a4558041a17c109d961
SHA1

ef72f4ff5f72a71c126f4cd14ca3a8ea7023f62d
SHA256

623349e598d90b2b62f10fb5208cb4b3ddbe1fef627064e671f8fc538abd94b7
SHA512

b48e08d75227e81c918d200fd582c17022a4be4e109d55f1446f5f3df6543aa7fe8ae090ce0425bce645e5773c555b7b9d9d03b0d7d935d5d04302c14cc37c8c
SSDEEP

1536:zlUDymoGJ89iqYsQ0I+syDEC/Hwv/G5JW8x2njyaxemyW544GZ+ALFP2zCTndL5Q:5UDymoGJ899YIfy3opx2jNN4fZtuKdLu

Score

10^/10

kinsing loader persistence upx

Malware Config

Targets

- Target
  
  750123c116611a4558041a17c109d961
- Size
  
  88KB
- MD5
  
  750123c116611a4558041a17c109d961
- SHA1
  
  ef72f4ff5f72a71c126f4cd14ca3a8ea7023f62d
- SHA256
  
  623349e598d90b2b62f10fb5208cb4b3ddbe1fef627064e671f8fc538abd94b7
- SHA512
  
  b48e08d75227e81c918d200fd582c17022a4be4e109d55f1446f5f3df6543aa7fe8ae090ce0425bce645e5773c555b7b9d9d03b0d7d935d5d04302c14cc37c8c
- SSDEEP
  
  1536:zlUDymoGJ89iqYsQ0I+syDEC/Hwv/G5JW8x2njyaxemyW544GZ+ALFP2zCTndL5Q:5UDymoGJ899YIfy3opx2jNN4fZtuKdLu
Score

10^/10

upx kinsing loader persistence
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingloaderpersistenceupx