Overview

overview

10

Static

static

3

26d4800081...d8.exe

windows7-x64

7

26d4800081...d8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    26d4800081efd88d96cb564dc2cbca3ecf40aa357302b152efec8fd3d3cbadd8

  • Size

    598KB

  • Sample

    240125-thh2yaacc4

  • MD5

    c3b5d72db79281a010c211e101e00984

  • SHA1

    f8f583a3ba99f851d1b741bebdbd2cfb5d67b9d7

  • SHA256

    26d4800081efd88d96cb564dc2cbca3ecf40aa357302b152efec8fd3d3cbadd8

  • SHA512

    fa9c3605fe7d0341d6a250bebee692159bc19d8381f91e999f20ee03e96a5cbd5dfe6edc5c482b5903155fd17918da330b008ac508a872fc455d505f9c638e1b

  • SSDEEP

    12288:HV+iSF+5v9vsb+zpwYcUutCDb4QK608Badqv31NUdYYKYAJxgy+Hwjq:HnSF+5JwXgb1081v3iYYKLJxNk

Score
10/10
kinsingloaderspywarestealer

Malware Config

Targets

    • Target

      26d4800081efd88d96cb564dc2cbca3ecf40aa357302b152efec8fd3d3cbadd8

    • Size

      598KB

    • MD5

      c3b5d72db79281a010c211e101e00984

    • SHA1

      f8f583a3ba99f851d1b741bebdbd2cfb5d67b9d7

    • SHA256

      26d4800081efd88d96cb564dc2cbca3ecf40aa357302b152efec8fd3d3cbadd8

    • SHA512

      fa9c3605fe7d0341d6a250bebee692159bc19d8381f91e999f20ee03e96a5cbd5dfe6edc5c482b5903155fd17918da330b008ac508a872fc455d505f9c638e1b

    • SSDEEP

      12288:HV+iSF+5v9vsb+zpwYcUutCDb4QK608Badqv31NUdYYKYAJxgy+Hwjq:HnSF+5JwXgb1081v3iYYKLJxNk

    Score
    10/10
    kinsingloaderspywarestealer

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks