kinsing | 992d1bdceea537bee02afe009e3c6b7b84a416277c2182c4bf1e1bf019eaf82f | Triage

Sharing

General

Target

74eaa5f66d8c19528d8f3c25d3d42199
Size

811KB
Sample

240125-tfhcmaabf7
MD5

74eaa5f66d8c19528d8f3c25d3d42199
SHA1

334d9e0f34294d7ec994afdb30bb1af1b7d012e9
SHA256

992d1bdceea537bee02afe009e3c6b7b84a416277c2182c4bf1e1bf019eaf82f
SHA512

760121985ff5cc79d18d1b0a57a1a9c858baea39dfa0b80a57223633dc2acb96817bc95b67ff36ffd1657f5157606b91272d711db4bd21f6829e51e1f7dc614a
SSDEEP

24576:If9Bs3450vt48uMwC2RvTNysh4Z1GzsprO:Ifs3DvtGKYv54ZKsBO

Score

10^/10

kinsing loader persistence

Malware Config

Targets

- Target
  
  74eaa5f66d8c19528d8f3c25d3d42199
- Size
  
  811KB
- MD5
  
  74eaa5f66d8c19528d8f3c25d3d42199
- SHA1
  
  334d9e0f34294d7ec994afdb30bb1af1b7d012e9
- SHA256
  
  992d1bdceea537bee02afe009e3c6b7b84a416277c2182c4bf1e1bf019eaf82f
- SHA512
  
  760121985ff5cc79d18d1b0a57a1a9c858baea39dfa0b80a57223633dc2acb96817bc95b67ff36ffd1657f5157606b91272d711db4bd21f6829e51e1f7dc614a
- SSDEEP
  
  24576:If9Bs3450vt48uMwC2RvTNysh4Z1GzsprO:Ifs3DvtGKYv54ZKsBO
Score

10^/10

persistence kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingloaderpersistence