kinsing | dab14529caeac755a18561ee147e05db721a0cd6a37d8fe7bdd18bc6141db86f | Triage

Sharing

General

Target

74f018d8f7f7e46e314b8d4ab0c128c1
Size

385KB
Sample

240125-tmhxqsbcbm
MD5

74f018d8f7f7e46e314b8d4ab0c128c1
SHA1

4fe849a30b7af68c3323dd60c20e81b9c948341f
SHA256

dab14529caeac755a18561ee147e05db721a0cd6a37d8fe7bdd18bc6141db86f
SHA512

a6d32dfbeb32dbb48cb930d1d65a0f0c7b32ce1b2a6b2bcf2bd731421edccfa5df176e09384f7aa914d370620c54c60687c86c01b2f6c79cef9b42fbed6cc5c1
SSDEEP

6144:79XgntqyzGb9LHRwWMJolZhn+b0gr02M8sFzSKrKkrCDPLDl1B:7pgntqaGbcWrm2xtrrCDPnB

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  74f018d8f7f7e46e314b8d4ab0c128c1
- Size
  
  385KB
- MD5
  
  74f018d8f7f7e46e314b8d4ab0c128c1
- SHA1
  
  4fe849a30b7af68c3323dd60c20e81b9c948341f
- SHA256
  
  dab14529caeac755a18561ee147e05db721a0cd6a37d8fe7bdd18bc6141db86f
- SHA512
  
  a6d32dfbeb32dbb48cb930d1d65a0f0c7b32ce1b2a6b2bcf2bd731421edccfa5df176e09384f7aa914d370620c54c60687c86c01b2f6c79cef9b42fbed6cc5c1
- SSDEEP
  
  6144:79XgntqyzGb9LHRwWMJolZhn+b0gr02M8sFzSKrKkrCDPLDl1B:7pgntqaGbcWrm2xtrrCDPnB
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2