Overview

overview

10

Static

static

3

74f79c0739...05.exe

windows7-x64

3

74f79c0739...05.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    90s
  • max time network
    92s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-01-2024 16:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    74f79c0739738fd6ab5fdadf338e9c05.exe

  • Size

    342KB

  • MD5

    74f79c0739738fd6ab5fdadf338e9c05

  • SHA1

    cb307be3214651b48af2996f4c7e92d2ad4b0ade

  • SHA256

    bdc8ab3532c34a49d44c54fda3c4bd69eda762f5095a7da7f0cfe3f1d2c22214

  • SHA512

    ac9c175015074d37458ddffda4322952325e8f4ea3a18650da5f2346fedb3a5443d85ccb6e210fe1601e3861f1fff97a929797ba83e6c384e972b1c375f14ac6

  • SSDEEP

    6144:2Q2SIkatx3Nw6vn5DBvQdJnyvpzdQgTghL1cTlE3u9s8CsjJygwz:2QzmiC5dILyYgIclAu9s8Csjg

Score
10/10
kinsingloader

Malware Config

Signatures

  • Kinsing

    Kinsing is a loader written in Golang.

    loaderkinsing
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\74f79c0739738fd6ab5fdadf338e9c05.exe
    "C:\Users\Admin\AppData\Local\Temp\74f79c0739738fd6ab5fdadf338e9c05.exe"
    1⤵
      PID:4520
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4520 -s 248
        2⤵
        • Program crash
        PID:4160
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 4520 -ip 4520
      1⤵
        PID:4816

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4520-0-0x0000000000400000-0x0000000000428200-memory.dmp
        Filesize

        160KB

        Download
      • memory/4520-1-0x0000000000400000-0x0000000000428200-memory.dmp
        Filesize

        160KB

        Download