kinsing | 93df33c27f484f855e99f9e2e58ac0d390b12704484e33ea580c66563adc35f0 | Triage

Sharing

General

Target

74ec11ce2abb6092698bfe9f12a0a940
Size

1000KB
Sample

240125-tgqqdsaca9
MD5

74ec11ce2abb6092698bfe9f12a0a940
SHA1

16c1113a17eed49d4c7e44d48fc285bd358769a3
SHA256

93df33c27f484f855e99f9e2e58ac0d390b12704484e33ea580c66563adc35f0
SHA512

6b0fd0d826677f2ff9f41517ccfff2a8407bffffe2ef5006c80b549afbdfa93aebc3d71b8a378fd4c0683076811e77db3e77bb4ec5c2d3e00e36107cfef519cd
SSDEEP

24576:6wbXlz15/KVh/FquyLN1B+5vMiqt0gj2ed:Bz15/AFJylqOL

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  74ec11ce2abb6092698bfe9f12a0a940
- Size
  
  1000KB
- MD5
  
  74ec11ce2abb6092698bfe9f12a0a940
- SHA1
  
  16c1113a17eed49d4c7e44d48fc285bd358769a3
- SHA256
  
  93df33c27f484f855e99f9e2e58ac0d390b12704484e33ea580c66563adc35f0
- SHA512
  
  6b0fd0d826677f2ff9f41517ccfff2a8407bffffe2ef5006c80b549afbdfa93aebc3d71b8a378fd4c0683076811e77db3e77bb4ec5c2d3e00e36107cfef519cd
- SSDEEP
  
  24576:6wbXlz15/KVh/FquyLN1B+5vMiqt0gj2ed:Bz15/AFJylqOL
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2