kinsing | 02c4d594c19a55d3ea2ab26766333d20441d364829d133f473864f6c4616f0bc | Triage

Submit
Reports

Overview

overview

Static

static

1

02c4d594c1...bc.exe

windows7-x64

8

02c4d594c1...bc.exe

windows10-2004-x64

Sharing

General

Target

02c4d594c19a55d3ea2ab26766333d20441d364829d133f473864f6c4616f0bc
Size

234KB
Sample

240125-th2t2sacd5
MD5

d51091dcf809f6f1285058e0bb1781b3
SHA1

e7c1a4170dcbe2f131889e40ac3375f9ee6519ff
SHA256

02c4d594c19a55d3ea2ab26766333d20441d364829d133f473864f6c4616f0bc
SHA512

41aa7d7d40a8eb4b3a731c3a46c0d9c926f2671550bab3928521d0b4f4583622d9e49de5d7ad19b8060114106fb680719fcfe5ef6fe7ef1ef9e874f01540c484
SSDEEP

3072:HwzvOYZi5YP/aKav6UvK9aobNI2B+JlIjDe7kal2n1TWl9o1B0C98CqtVFiDflu1:oiiP/aK999H/B+rTBV+UdvrEFp7hKY8

Score

10^/10

kinsing loader persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

02c4d594c19a55d3ea2ab26766333d20441d364829d133f473864f6c4616f0bc.exe

Resource

win7-20231215-en

persistence upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

02c4d594c19a55d3ea2ab26766333d20441d364829d133f473864f6c4616f0bc.exe

Resource

win10v2004-20231222-en

kinsing loader persistence upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  02c4d594c19a55d3ea2ab26766333d20441d364829d133f473864f6c4616f0bc
- Size
  
  234KB
- MD5
  
  d51091dcf809f6f1285058e0bb1781b3
- SHA1
  
  e7c1a4170dcbe2f131889e40ac3375f9ee6519ff
- SHA256
  
  02c4d594c19a55d3ea2ab26766333d20441d364829d133f473864f6c4616f0bc
- SHA512
  
  41aa7d7d40a8eb4b3a731c3a46c0d9c926f2671550bab3928521d0b4f4583622d9e49de5d7ad19b8060114106fb680719fcfe5ef6fe7ef1ef9e874f01540c484
- SSDEEP
  
  3072:HwzvOYZi5YP/aKav6UvK9aobNI2B+JlIjDe7kal2n1TWl9o1B0C98CqtVFiDflu1:oiiP/aK999H/B+rTBV+UdvrEFp7hKY8
Score

10^/10

persistence upx kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Modifies AppInit DLL entries
  persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingloaderpersistenceupx

© 2018-2024

Terms | Privacy