kinsing | dc8f630031cc2f319050a819f97ded6361fda04eeb43cff56729a0e7fba421eb | Triage

Sharing

General

Target

7518f196c0a30ca7202bf1d353236f00
Size

44KB
Sample

240125-v264jsbfg6
MD5

7518f196c0a30ca7202bf1d353236f00
SHA1

acf912b642638db249d4576746851cab2e763f64
SHA256

dc8f630031cc2f319050a819f97ded6361fda04eeb43cff56729a0e7fba421eb
SHA512

7ec2e35eab20d0d8c124a2cba340cc7d8c85d6c6c9bba7baa141924c666edf9829b48086c8422e1eab9c85673e162f12ccb6c84b2973d67ea3471266cdb128be
SSDEEP

768:YC6NHpHUhtUaFuGusosVYUSb8GXc3rt82CqI:YC6NBUhKXdjsh3GXKtt

Score

10^/10

kinsing loader persistence

Malware Config

Targets

- Target
  
  7518f196c0a30ca7202bf1d353236f00
- Size
  
  44KB
- MD5
  
  7518f196c0a30ca7202bf1d353236f00
- SHA1
  
  acf912b642638db249d4576746851cab2e763f64
- SHA256
  
  dc8f630031cc2f319050a819f97ded6361fda04eeb43cff56729a0e7fba421eb
- SHA512
  
  7ec2e35eab20d0d8c124a2cba340cc7d8c85d6c6c9bba7baa141924c666edf9829b48086c8422e1eab9c85673e162f12ccb6c84b2973d67ea3471266cdb128be
- SSDEEP
  
  768:YC6NHpHUhtUaFuGusosVYUSb8GXc3rt82CqI:YC6NBUhKXdjsh3GXKtt
Score

10^/10

persistence kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingloaderpersistence