kinsing | 42c58b4a4061e2080418e840c553e3f9b8a6c17af3538c25fa9578a08cfbd223 | Triage

Sharing

General

Target

74f0b768aea7d2b81740278b3e2a1ce3
Size

385KB
Sample

240125-tnabzsbccn
MD5

74f0b768aea7d2b81740278b3e2a1ce3
SHA1

7356217e0d2cc1ef1b15be547a5bd4b342816575
SHA256

42c58b4a4061e2080418e840c553e3f9b8a6c17af3538c25fa9578a08cfbd223
SHA512

42ea668cef5ee13b2eaa961c6742268940eb2ffd2b5251e5611ea5a43e6e4be48632bffbe843c3fbab8b0bff28d0e7fed9692d068132bb191c13803554522082
SSDEEP

12288:W/CqridTWOBw16ABQWquUrVgJSZ22qNu5BIQBB:yrohwxBQKUBgJSI26uY2B

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  74f0b768aea7d2b81740278b3e2a1ce3
- Size
  
  385KB
- MD5
  
  74f0b768aea7d2b81740278b3e2a1ce3
- SHA1
  
  7356217e0d2cc1ef1b15be547a5bd4b342816575
- SHA256
  
  42c58b4a4061e2080418e840c553e3f9b8a6c17af3538c25fa9578a08cfbd223
- SHA512
  
  42ea668cef5ee13b2eaa961c6742268940eb2ffd2b5251e5611ea5a43e6e4be48632bffbe843c3fbab8b0bff28d0e7fed9692d068132bb191c13803554522082
- SSDEEP
  
  12288:W/CqridTWOBw16ABQWquUrVgJSZ22qNu5BIQBB:yrohwxBQKUBgJSI26uY2B
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2