kinsing | e8f18a59a3c4a7b9d8f00c203d1c3cecb8b2353d79ba6546e78084796e36f56f | Triage

Resubmissions

23-02-2024 14:34

240223-rxp3paca7y 7

25-01-2024 16:04

240125-th1a8abbek 10

Sharing

General

Target

windows_10_cmake_Release_graphviz-install-8.1.0-win64.exe
Size

4.8MB
Sample

240125-th1a8abbek
MD5

54ecf446aadefeefc670db219d24aa42
SHA1

6ea3f6fea9eb7e6742fe6860f2eb32ede4bf1160
SHA256

e8f18a59a3c4a7b9d8f00c203d1c3cecb8b2353d79ba6546e78084796e36f56f
SHA512

4ddba7e8c9b09ee816c475f84b803508b72312565a2cb310ac6e9b4982cde915b7b5ab9eb401059ff3bd4a8bccdb5240aa4b4495267b5d68275729b166b6c2f9
SSDEEP

98304:iqPJFh3lBUKHpHYfB44ktUMnF7P9sPu1UYl+AfUVihNE3:dJD3TXVY51MnF7emoBIW

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  windows_10_cmake_Release_graphviz-install-8.1.0-win64.exe
- Size
  
  4.8MB
- MD5
  
  54ecf446aadefeefc670db219d24aa42
- SHA1
  
  6ea3f6fea9eb7e6742fe6860f2eb32ede4bf1160
- SHA256
  
  e8f18a59a3c4a7b9d8f00c203d1c3cecb8b2353d79ba6546e78084796e36f56f
- SHA512
  
  4ddba7e8c9b09ee816c475f84b803508b72312565a2cb310ac6e9b4982cde915b7b5ab9eb401059ff3bd4a8bccdb5240aa4b4495267b5d68275729b166b6c2f9
- SSDEEP
  
  98304:iqPJFh3lBUKHpHYfB44ktUMnF7P9sPu1UYl+AfUVihNE3:dJD3TXVY51MnF7emoBIW
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  5f35212d7e90ee622b10be39b09bd270
- SHA1
  
  c4bc9593902adf6daaef37e456dc6100d50d0925
- SHA256
  
  31944b93e44301974d9c6f810d2da792e34a53dcacd619a08cb0385ac59e513d
- SHA512
  
  7514810367f56d994c6d5703b56ac16124fab5dfdcfbe337d4413274c1ff9037a2ee623e49ab2fb6227412ab29fcc49a3ada1391910d44c2b5de0adeb3e7c2f0
- SSDEEP
  
  192:E4n3T5aK+dHCMR1aQR9RuZl3WWmU7WYZsw1JpVGnrjaK72dwF7dBOne:tn3T5KdHCMRD/R1cOnrja+BO
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  26836307758e048d1ce0afe754d6a972
- SHA1
  
  23a8f45cf5e2ad78add3c4dd3b3cf15fffced2cc
- SHA256
  
  a6919f5f3b53a9c8c015413babe7a9872491a2583e49bb3c261e60785c3c3534
- SHA512
  
  aaf7cfbb9c6951b65bd377db401617812f1d47960a01ae99164183c642fbd8f1ce08720bc92d26b642da5433b80720dfcd96280a162decf678139966be132746
- SSDEEP
  
  96:IgiqVPb3X8K8Kdr3gEq6nNdMk6Qiw290+q6LDtJ1tk3hhEl7y:IgiqVPgK8K9eIdE9B/t8hg7
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  fccff8cb7a1067e23fd2e2b63971a8e1
- SHA1
  
  30e2a9e137c1223a78a0f7b0bf96a1c361976d91
- SHA256
  
  6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e
- SHA512
  
  f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c
- SSDEEP
  
  192:xPtkiQJr7V9r3HcU17S8g1w5xzWxy6j2V7i77blbTc4v:g7VpNo8gmOyRsVc4
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  acbda33dd5700c122e2fe48e3d4351fd
- SHA1
  
  2c154baf7c64052ee712b7cdf9c36b7697dd3fc8
- SHA256
  
  943b33829f9013e4d361482a5c8981ba20a7155c78691dbe02a8f8cd2a02efa0
- SHA512
  
  d090adf65a74ac5b910b18bb67e989714335e7b4778cd771cff154d7186351a1bebbc7103cca849bdfa2709c991947ffff6c1d8fdf16a74f4dfb614bce3ff6fd
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral10 behavioral9
- Target
  
  Uninstall.exe
- Size
  
  177KB
- MD5
  
  c44e21287691aa027e367101defaff7a
- SHA1
  
  06db2c3e6c67860d1c05c6b26b7ffd326d0983d3
- SHA256
  
  87e90ea06dcba7d18f8ee71d4b6890d75a11fdfa8dc66eb78c19a816cc2e17ee
- SHA512
  
  d372ab9ed470354545cb91719d88aa4cba55d653fbf302e2517b2074f55af00b66a1a4dd64f2f8c54e3ddaae16b912bc4e7c86e66fca4041a93efa7cdf0de165
- SSDEEP
  
  3072:Fde3GHdi4uoF8cGVIhf6DJzRZBYDp0GS1YH29jXUsZkIpiXz7KRcA:Fgsd4DJXIHgTpiD4
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Executes dropped EXE
- Loads dropped DLL
behavioral11 behavioral12
- Target
  
  bin/acyclic.exe
- Size
  
  13KB
- MD5
  
  d3ee915aef8267af6a431f87878b97a7
- SHA1
  
  fc11659fb95ad8246b891928bd879384f7a7903e
- SHA256
  
  805e2e2c04e394e981c6b74001046a1ad672c1676fe0991943ed01e68c84c25a
- SHA512
  
  130a9666703580548f424ca54932bec8bdc78240d4b8c0293654fca6ec1872ec4a7edae75264a096c41eeb31a1133366c47b5b7073c7f582646f866ac05ead52
- SSDEEP
  
  192:54xaagsre+kG43nYa7EO4a6bzuP3ue8u420fsQ5tf/Dbv:KxPgsQG43MO8k4ZHsmv
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral13 behavioral14
- Target
  
  bin/bcomps.exe
- Size
  
  19KB
- MD5
  
  bf5116eb6c519339bf6a811ffbdb1b12
- SHA1
  
  81b1425f4ec8de36b6c0f2ee82e14c136e299b7d
- SHA256
  
  0197256dac208fb6eef90bed19d1c3fdc698cabfa2463beda48e1e0bdbd49967
- SHA512
  
  f9e64a296545a2eb01a4c4ebd1098ed43a0851028a02415f447e9fad83a0d7efc1355d91fb4a80c7e8274cd940a40bb0e29b6abea88cf63ffb49f4c6c75f55d9
- SSDEEP
  
  384:ObLSqJaJ+VpmswyLtPKt16SV5RiX9TOyos2wr:ObLNi+VpNZPcvV54tTJosBr
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral15 behavioral16
- Target
  
  bin/cairo.dll
- Size
  
  1.4MB
- MD5
  
  88bbd40e8bbe5ab910358abf1ef273c2
- SHA1
  
  efa1a573001f5e97b5d03b7c8c9e93f0055a5595
- SHA256
  
  0666a7f0a7c4e5a07328ec12699de10f1fb37ca0dcf48446bc63a5ca5090cd5a
- SHA512
  
  5b974cb6a4775ab0e32dc99655cba557d7f2788b4d3dca2d3cfca2144015bbe825a701fe7fd0b5554e9a7ce31dacdc1fe7a47fac2fe2ec4f015b364cca6fc2f7
- SSDEEP
  
  24576:flKt11sws+ccfh575V75iQtceAaL9WDgvOuqeFb4c8ZrTMS:0t1Rs+cc/75V75/HUgvRqepsT
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral17 behavioral18
- Target
  
  bin/ccomps.exe
- Size
  
  24KB
- MD5
  
  70ebee24e79568fb3c9086052e8c6b8d
- SHA1
  
  44cc321f6ba2cef11ea486d8b548a66c66fcc974
- SHA256
  
  208518e838c031f744aa13e26e53f258c8b7e9e5ce030cf30f4f4be277efa45f
- SHA512
  
  a6a34518bd1c2620e58782f6e161bd81af11c04d85d9057f89e9b1ee95564a7a6d342ee3b0cf0888a2bb83296d1b700d9df3060ff24937aee8d793d478cf4403
- SSDEEP
  
  384:5A20KZs0kXxq+2Q47XSFRhOkIPKUJCp/a+lAW7nPnHs4qxB:h08s0M7OXgYHPH4x/lAW7nPHszx
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral19 behavioral20
- Target
  
  bin/cdt.dll
- Size
  
  24KB
- MD5
  
  c5f6c280750ebfa566cddea5ca13e8cd
- SHA1
  
  9611cf6620fc3391f4790f647103725bb7e1656b
- SHA256
  
  c840bfab79c2d707688bdda7da41ed6d2a830a63d4df6775af45d52c6ef04551
- SHA512
  
  d633890f1bfc1db9442cef199198f36c070d1527a816dc7ad0ef9b2ec6d3f3681346ff01741c0cabdd097603c1d970ae153eb4bf4fd1864c4dbfc95abd6425c7
- SSDEEP
  
  384:z32N/c5ZvZoeXGPDYIHMivGuAPXo4r4IyF3Ed/rAvrXREMm6JqJOCEIzio9ZNWB:X5Z2PsApIE0dUvrXRfqcrIzio9C
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral21 behavioral22
- Target
  
  bin/cgraph++.dll
- Size
  
  11KB
- MD5
  
  9188d93b994f504a538f506a2e93295b
- SHA1
  
  53752f981723d740f4413a0ed6cf14cc85ac0890
- SHA256
  
  f2cb83e8c8822f72638dbd0270b493b41d7439bce117541008141ac09ad9ec4a
- SHA512
  
  424ba9944da6378d753ebb5210587e15f385c260b89fb16ae6d5b1462ed145607e87d60d0da8fbf909d8f6dd8156f7a64ef9af0bd65e5b34f2ca5f687062b51f
- SSDEEP
  
  96:XNxaRQDKpAB45opyg1TvtsJ+UQ5sPE38Or1ldUIbJGiF+3+lEyu9XCDsuy+fCOxx:barqtwgDb3MORlXS3+lEyyyDsNbfc
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral23 behavioral24
- Target
  
  bin/cgraph.dll
- Size
  
  76KB
- MD5
  
  509773500bceb707c94da395986e0cfa
- SHA1
  
  34b6c423770a8dffca4c0671de97054456cbd6dd
- SHA256
  
  7bb96722c6a83129b8c0f0dd99c2c46031bc8ca5eea0facbb6c9f82ca4be1182
- SHA512
  
  da07ba0167c58e176995d2c07b5a96d1678fde7910568f333658df6ee6dfacca61c4e331830d30767bbe8649f214447faad2f440230aff37613f96bcd3fb758c
- SSDEEP
  
  1536:Pqfq/F/L2rTujauMje5DOMIZFc7/QF3z1xG6B33yS7P:ifq/JaujeiQlnQ/QF3z1xG6Ri
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral25 behavioral26
- Target
  
  bin/circo.exe
- Size
  
  10KB
- MD5
  
  1585d7f2b5117236b518ced2dc07a9b6
- SHA1
  
  b9fc216a5e45730bf3bcccff4221008a69d619e5
- SHA256
  
  e92a65d718431793c0166b0071d7c9ed090d98cdb428de0c8c4c3f7e21ee9fe9
- SHA512
  
  e05de67f577c9df3ad3b7e4027886e1ed6e2066060a2ca47e6c02dd168433cc9e64e3b67d72c3dab0fce3125d2632b327dc4c237371621ddd2e620c556292f0b
- SSDEEP
  
  96:Oi1H40dk3bZPJ+r3tiUTPJRH5copsPajelj8+wEEUnR8mEsQ5tfOLCDbNXjyTQx:/YzrZTA5DeV8+5nR6sQ5tf/DbNXjyT
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral27 behavioral28
- Target
  
  bin/cluster.exe
- Size
  
  211KB
- MD5
  
  a45ea128738317e6dfde0b98616fa3b9
- SHA1
  
  3c31f980b7009c2207ce8cb732d8256e53db73ea
- SHA256
  
  e6474857628eb352581376f4502857017b8dbb8b444ccebe9a913f80a922b477
- SHA512
  
  ffe08e67a2d1b283cffe0d69b34b4d203eef6641170bdfc399b7091c35fd738065456136ef7cb3bbb81de652943a9400511b5554b6034dffaca56d6091f8e994
- SSDEEP
  
  3072:onNqwfgL5yyCyBTyMlNYbVOGXxFFFav3e5biTLcxy0VXUhiQFw4e:KqLkyXBTyNDavibdvxmu
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral29 behavioral30
- Target
  
  bin/concrt140.dll
- Size
  
  310KB
- MD5
  
  cd12471b295f6a1c66dcc9fc519eef5b
- SHA1
  
  dbca64bc390ea30d54c184086f0505fef35cd969
- SHA256
  
  573229a07f38ab9d2fc2e1a5b98e9243b9b39100323180c83ad7ddaf98eee46a
- SHA512
  
  c8a75f285e12f3e65ea18b002d4661f01ebf54d464fec761917ac09709ff6005f0e15bf76756ccde8d19fe88f096d05df20bab252bb2c26248af5aaad846b988
- SSDEEP
  
  6144:1EI93zcNn3dMiBXHxHSSXfPnevwbbeVu00Xp9gznWzgQQf3P2iyK:aIlwNqihUSPPd9z8yK
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32