kinsing | e4094334ca77406cbf25630e2b96a1723d264e17db2c1320d03f439e945f5648 | Triage

Submit
Reports

Overview

overview

Static

static

3

74f8feae13...03.exe

windows7-x64

7

74f8feae13...03.exe

windows10-2004-x64

Sharing

General

Target

74f8feae1380c4a530344c0b602f8703
Size

449KB
Sample

240125-tzzq1sbedp
MD5

74f8feae1380c4a530344c0b602f8703
SHA1

960b8c1dcd726dc646900fe4dbe602e8d3f8d72f
SHA256

e4094334ca77406cbf25630e2b96a1723d264e17db2c1320d03f439e945f5648
SHA512

de478079e1d324533c4eeca1af4c997306e8677b57ae2dd85e0b8dce87ed0467fc6720d328fc7ca6bc77f3193544bdc1799127e3dd00dcf2459b6dff0b91ecfc
SSDEEP

12288:Ld64QXqIQXBUXINsmUYYBrUXXyEsPSep+wkVTIY2yeWDC3U2W:gHgxUXJmVkrUXCEszRkVUY2eDC3U2W

Score

10^/10

kinsing loader persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

74f8feae1380c4a530344c0b602f8703.exe

Resource

win7-20231215-en

persistence upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

74f8feae1380c4a530344c0b602f8703.exe

Resource

win10v2004-20231215-en

kinsing loader persistence upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  74f8feae1380c4a530344c0b602f8703
- Size
  
  449KB
- MD5
  
  74f8feae1380c4a530344c0b602f8703
- SHA1
  
  960b8c1dcd726dc646900fe4dbe602e8d3f8d72f
- SHA256
  
  e4094334ca77406cbf25630e2b96a1723d264e17db2c1320d03f439e945f5648
- SHA512
  
  de478079e1d324533c4eeca1af4c997306e8677b57ae2dd85e0b8dce87ed0467fc6720d328fc7ca6bc77f3193544bdc1799127e3dd00dcf2459b6dff0b91ecfc
- SSDEEP
  
  12288:Ld64QXqIQXBUXINsmUYYBrUXXyEsPSep+wkVTIY2yeWDC3U2W:gHgxUXJmVkrUXCEszRkVUY2eDC3U2W
Score

10^/10

persistence upx kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingloaderpersistenceupx

© 2018-2024

Terms | Privacy