kinsing | 405fe57ac4c21844b55ef0b26f87bf0ac40ec317051134ad47c32793013a06b4 | Triage

Sharing

General

Target

74f34c71cc649f3761bb37ebc073d1f8
Size

385KB
Sample

240125-trkbcsbchl
MD5

74f34c71cc649f3761bb37ebc073d1f8
SHA1

67e7dcbc87279b8f9b0b471744d7d5c89564c997
SHA256

405fe57ac4c21844b55ef0b26f87bf0ac40ec317051134ad47c32793013a06b4
SHA512

e4c968abf8e5dffbc2ea89680cbc44f485b384ed4f40a6b601b458710612c0551faa1e771fc40f6455f3db2dd994375d22d42de024f189619fc47da2306eed2e
SSDEEP

6144:fD7w1OQ+95OHOIR0ZYXaO4GSvOZdWmvpLcZSPaYpuMlHPOp6UtUlwbB:fD719eKO4N6dWmBLcZfYjgpElUB

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  74f34c71cc649f3761bb37ebc073d1f8
- Size
  
  385KB
- MD5
  
  74f34c71cc649f3761bb37ebc073d1f8
- SHA1
  
  67e7dcbc87279b8f9b0b471744d7d5c89564c997
- SHA256
  
  405fe57ac4c21844b55ef0b26f87bf0ac40ec317051134ad47c32793013a06b4
- SHA512
  
  e4c968abf8e5dffbc2ea89680cbc44f485b384ed4f40a6b601b458710612c0551faa1e771fc40f6455f3db2dd994375d22d42de024f189619fc47da2306eed2e
- SSDEEP
  
  6144:fD7w1OQ+95OHOIR0ZYXaO4GSvOZdWmvpLcZSPaYpuMlHPOp6UtUlwbB:fD719eKO4N6dWmBLcZfYjgpElUB
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2