kinsing | 5afa3995ab10db02e4ae53eace0287b98302111a76fd5dd2184f3e96ce047ef9 | Triage

Sharing

General

Target

74f3b871d85aaa247e93290b2bbbe7e0
Size

4.7MB
Sample

240125-tr9agsaeb3
MD5

74f3b871d85aaa247e93290b2bbbe7e0
SHA1

4532523ce208a7b61f2707ef9020f27aabdd1d10
SHA256

5afa3995ab10db02e4ae53eace0287b98302111a76fd5dd2184f3e96ce047ef9
SHA512

42033f59c9baa72994e2b8fbd082dd693a1d546d52e09ec3b65f017c88f840772b40ee8e70222efed4c5f85f95d8e3926a06dafe9612e4325ba86b7970f2c843
SSDEEP

98304:PX4UgeItnJ43UEQdF9YHWYt33w234Ey8tmxiRGuc+yazx14:vOeItnEbQdFsWYC234EDtmYRL/ya0

Score

10^/10

kinsing discovery loader

Malware Config

Targets

- Target
  
  74f3b871d85aaa247e93290b2bbbe7e0
- Size
  
  4.7MB
- MD5
  
  74f3b871d85aaa247e93290b2bbbe7e0
- SHA1
  
  4532523ce208a7b61f2707ef9020f27aabdd1d10
- SHA256
  
  5afa3995ab10db02e4ae53eace0287b98302111a76fd5dd2184f3e96ce047ef9
- SHA512
  
  42033f59c9baa72994e2b8fbd082dd693a1d546d52e09ec3b65f017c88f840772b40ee8e70222efed4c5f85f95d8e3926a06dafe9612e4325ba86b7970f2c843
- SSDEEP
  
  98304:PX4UgeItnJ43UEQdF9YHWYt33w234Ey8tmxiRGuc+yazx14:vOeItnEbQdFsWYC234EDtmYRL/ya0
Score

10^/10

discovery kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingdiscoveryloader