Overview

overview

10

Static

static

3

2024-01-25...ia.exe

windows7-x64

7

2024-01-25...ia.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    136s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-01-2024 17:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-25_70fe617b03dc1e4caeb0d8dbc849e462_mafia.exe

  • Size

    433KB

  • MD5

    70fe617b03dc1e4caeb0d8dbc849e462

  • SHA1

    5c212d35f056abdf9c7aa8c24c5c74492cc8548b

  • SHA256

    7a99f0c0ec705e98ef4f26fd305aac699fda7cbf91dbcd33439e19d5cd7238e5

  • SHA512

    209b99b6a649e8579a35ac8e58cd6c81877c10182e51c26c299f571dccf2032f60c8fd69ba093a4e1da341bc196b5bc0c3cf07a680d7e00f628186eb36acc636

  • SSDEEP

    12288:Ci4g+yU+0pAiv+cdtpLG1i36t/PGJqMEDNmNQn:Ci4gXn0pD+D//PGET8Q

Score
10/10
kinsingloader

Malware Config

Signatures

  • Kinsing

    Kinsing is a loader written in Golang.

    loaderkinsing
  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-25_70fe617b03dc1e4caeb0d8dbc849e462_mafia.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-25_70fe617b03dc1e4caeb0d8dbc849e462_mafia.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4740
    • C:\Users\Admin\AppData\Local\Temp\42A6.tmp
      "C:\Users\Admin\AppData\Local\Temp\42A6.tmp" --helpC:\Users\Admin\AppData\Local\Temp\2024-01-25_70fe617b03dc1e4caeb0d8dbc849e462_mafia.exe 1CD106F75A10C424F251E5DCAD9EBE69EC1853AC2C280681E67B3B7D55C7548E8EEB3F2890DF78AA1EF50387DFA62A1FBC5E378A35A96E5B6DF78CE372546F0C
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\42A6.tmp
    Filesize

    433KB

    MD5

    afb340dc1d427666f83954973b01aa53

    SHA1

    416fe7c9bd42fb5743b006b7684d30399983b037

    SHA256

    a4ccca5a4cce4e1c813d287a88b1868760649289305dbe70505c2cef6c0d7825

    SHA512

    9bf82bd42da175bf37d7e547ff889fc889ef369414ef104c70af1ef0786ce7d67dd4b498fe004c2b96175862b1d6e6e826df61ed61e26c93ec8f636e82a73dd8

    Download Submit