kinsing | 5a350e28faf4c3788dd68b51e80c7dd1aa187f3e71d4a2f83339d8027a11c53e | Triage

Sharing

General

Target

75186c253c2ef1ea55adc9f78c09c7b5
Size

385KB
Sample

240125-v2nxzacefr
MD5

75186c253c2ef1ea55adc9f78c09c7b5
SHA1

240cead2e4cd3f2c2f567f1708cc7ed78bbfa19a
SHA256

5a350e28faf4c3788dd68b51e80c7dd1aa187f3e71d4a2f83339d8027a11c53e
SHA512

72f466e20812d949ada06f3acce41cac77742b24417573053f6dcae92179594ed88c966355aa4a6d37b0bf2f68264c00be49b1102ba3c97c87623623eda86158
SSDEEP

6144:ATS0tiFuhllLbCulSoVDp/vKDDs4SqBfxSvFTbbiwGVZ2DCDWFVry9B:AMQhvLd7FKDbS+fx4THY21FV+9B

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  75186c253c2ef1ea55adc9f78c09c7b5
- Size
  
  385KB
- MD5
  
  75186c253c2ef1ea55adc9f78c09c7b5
- SHA1
  
  240cead2e4cd3f2c2f567f1708cc7ed78bbfa19a
- SHA256
  
  5a350e28faf4c3788dd68b51e80c7dd1aa187f3e71d4a2f83339d8027a11c53e
- SHA512
  
  72f466e20812d949ada06f3acce41cac77742b24417573053f6dcae92179594ed88c966355aa4a6d37b0bf2f68264c00be49b1102ba3c97c87623623eda86158
- SSDEEP
  
  6144:ATS0tiFuhllLbCulSoVDp/vKDDs4SqBfxSvFTbbiwGVZ2DCDWFVry9B:AMQhvLd7FKDbS+fx4THY21FV+9B
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2