Overview

overview

10

Static

static

3

74eb1dd660...ee.exe

windows7-x64

1

74eb1dd660...ee.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    141s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-01-2024 16:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    74eb1dd660b60bc76e3000cecc00bbee.exe

  • Size

    39KB

  • MD5

    74eb1dd660b60bc76e3000cecc00bbee

  • SHA1

    f024e798a854b485abd2c73d38b7d0eb95691ac7

  • SHA256

    eb2b142e75be8ff796246a96fa301ecab7066e5af2ec540671b1a641ba8af62d

  • SHA512

    5cd10df0464800141f0cf8983c4aaaec3d204021b6a2e240a7a49372fa6b732a19872e28734bf31bb38a193afd7bde5400b0e746e2f5dab06090ef704e7da1b8

  • SSDEEP

    768:9uL6m2A/pz1dD/24xLHAV4q2YreCFE21+zpj:Tm2A/pz144BHAV4dYr7FNo

Score
10/10
kinsingloader

Malware Config

Signatures

  • Kinsing

    Kinsing is a loader written in Golang.

    loaderkinsing
  • Drops file in Drivers directory 64 IoCs
  • Drops file in System32 directory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\74eb1dd660b60bc76e3000cecc00bbee.exe
    "C:\Users\Admin\AppData\Local\Temp\74eb1dd660b60bc76e3000cecc00bbee.exe"
    1⤵
    • Drops file in Drivers directory
    • Drops file in System32 directory
    PID:3816

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3816-0-0x0000000000400000-0x0000000000417000-memory.dmp
    Filesize

    92KB

    Download
  • memory/3816-1-0x00000000001C0000-0x00000000001C1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3816-2-0x0000000077652000-0x0000000077653000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3816-4-0x0000000000400000-0x0000000000417000-memory.dmp
    Filesize

    92KB

    Download
  • memory/3816-3-0x0000000075EF0000-0x0000000076105000-memory.dmp
    Filesize

    2.1MB

    Download
  • memory/3816-7-0x00000000001C0000-0x00000000001C1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3816-8-0x0000000075EF0000-0x0000000076105000-memory.dmp
    Filesize

    2.1MB

    Download