Overview

overview

10

Static

static

3

74eb66f46d...6f.exe

windows7-x64

3

74eb66f46d...6f.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    138s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-01-2024 16:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    74eb66f46d5475544ac259b4fcb9636f.exe

  • Size

    73KB

  • MD5

    74eb66f46d5475544ac259b4fcb9636f

  • SHA1

    c20d316950f8494f1352ec9e058c349b1787e27b

  • SHA256

    e6635263dbae6e9696aafe0ba57c55803e33ce3c32487cbd688d078c6d6b332c

  • SHA512

    298decd19d3080c5ca82ae0220aaeec8f4758959dbafe3ae7cc34bc4c729c258d2837b559cb81dbf642a2bd15b12b5acdead77300fad93945ae1a78d887934d3

  • SSDEEP

    1536:qCxKOBJyypgmDzV2NSQ85GdSu6uhkkUoUvGJdk5bH:1nyypmMGdSulaoUO6H

Score
10/10
kinsingloader

Malware Config

Signatures

  • Kinsing

    Kinsing is a loader written in Golang.

    loaderkinsing
  • Program crash 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\74eb66f46d5475544ac259b4fcb9636f.exe
    "C:\Users\Admin\AppData\Local\Temp\74eb66f46d5475544ac259b4fcb9636f.exe"
    1⤵
      PID:2196
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 2196 -s 252
        2⤵
        • Program crash
        PID:2420
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 2196 -s 264
        2⤵
        • Program crash
        PID:3440
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 368 -p 2196 -ip 2196
      1⤵
        PID:3932
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 2196 -ip 2196
        1⤵
          PID:4844

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2196-0-0x0000000010000000-0x0000000010013000-memory.dmp
          Filesize

          76KB

          Download
        • memory/2196-1-0x0000000010000000-0x0000000010013000-memory.dmp
          Filesize

          76KB

          Download