kinsing | 3a3ca208752b7eb06086b0526fe19621385ad3980c26526e071e88acefe358c2 | Triage

Sharing

General

Target

74eacd7f34b8a2bbed2d689038215931
Size

1.1MB
Sample

240125-tfrlasbahn
MD5

74eacd7f34b8a2bbed2d689038215931
SHA1

cb3ee62bca7b043091cb34f2f9a94cf865e47386
SHA256

3a3ca208752b7eb06086b0526fe19621385ad3980c26526e071e88acefe358c2
SHA512

c3596dbc470d6438a1b35c46876cd1afb50db7e7998b45bef828a16d475029436d71bc3c0f2a52eef2f892ad5ee422d1c79c56136d7fe1f71ae9456e13068b7f
SSDEEP

24576:Y4oKmf5R/pOCuxGU13IlBwaa6NKHb/JBE6JuHMfMooE:Y4uv/pOCIGk3Ivwaa6IHz3E6JuHMfM

Score

10^/10

kinsing loader spyware stealer

Malware Config

Targets

- Target
  
  74eacd7f34b8a2bbed2d689038215931
- Size
  
  1.1MB
- MD5
  
  74eacd7f34b8a2bbed2d689038215931
- SHA1
  
  cb3ee62bca7b043091cb34f2f9a94cf865e47386
- SHA256
  
  3a3ca208752b7eb06086b0526fe19621385ad3980c26526e071e88acefe358c2
- SHA512
  
  c3596dbc470d6438a1b35c46876cd1afb50db7e7998b45bef828a16d475029436d71bc3c0f2a52eef2f892ad5ee422d1c79c56136d7fe1f71ae9456e13068b7f
- SSDEEP
  
  24576:Y4oKmf5R/pOCuxGU13IlBwaa6NKHb/JBE6JuHMfMooE:Y4uv/pOCIGk3Ivwaa6IHz3E6JuHMfM
Score

10^/10

spyware stealer kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingloaderspywarestealer