kinsing | 538846cb6455c23e4f803b523921f1d9ade5f27451c67b25a06625d80206ce00 | Triage

Submit
Reports

Overview

overview

Static

static

3

538846cb64...00.exe

windows7-x64

7

538846cb64...00.exe

windows10-2004-x64

Sharing

General

Target

538846cb6455c23e4f803b523921f1d9ade5f27451c67b25a06625d80206ce00
Size

2.5MB
Sample

240125-tjhskaace5
MD5

90e7a25b9f808d95d5c6086c8d1e79dd
SHA1

fdbbfe0e5e91aeebaed3f1950b390847ba268a01
SHA256

538846cb6455c23e4f803b523921f1d9ade5f27451c67b25a06625d80206ce00
SHA512

400a25dbee70a9f5fb5146062f53bdfc1486cefbba80f1d8f28c6d1fa77e3262873dfa42eb8237bc3b9e852e1a9720f32565fc934b7c1d0172a61b3f6970ab57
SSDEEP

49152:2cGJbpgcOVmQ+ljS7yLfijfzQwMWjoFznh7J5uP9USCfmzz9YVgY:jGJbp4VmQ+ljS2LfijbQwMW+J0+SC+zL

Score

10^/10

kinsing loader spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

538846cb6455c23e4f803b523921f1d9ade5f27451c67b25a06625d80206ce00.exe

Resource

win7-20231215-en

spyware stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

538846cb6455c23e4f803b523921f1d9ade5f27451c67b25a06625d80206ce00.exe

Resource

win10v2004-20231215-en

kinsing loader spyware stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  538846cb6455c23e4f803b523921f1d9ade5f27451c67b25a06625d80206ce00
- Size
  
  2.5MB
- MD5
  
  90e7a25b9f808d95d5c6086c8d1e79dd
- SHA1
  
  fdbbfe0e5e91aeebaed3f1950b390847ba268a01
- SHA256
  
  538846cb6455c23e4f803b523921f1d9ade5f27451c67b25a06625d80206ce00
- SHA512
  
  400a25dbee70a9f5fb5146062f53bdfc1486cefbba80f1d8f28c6d1fa77e3262873dfa42eb8237bc3b9e852e1a9720f32565fc934b7c1d0172a61b3f6970ab57
- SSDEEP
  
  49152:2cGJbpgcOVmQ+ljS7yLfijfzQwMWjoFznh7J5uP9USCfmzz9YVgY:jGJbp4VmQ+ljS2LfijbQwMW+J0+SC+zL
Score

10^/10

spyware stealer kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingloaderspywarestealer

© 2018-2024

Terms | Privacy