Overview

overview

10

Static

static

3

d1dad29a25...7d.exe

windows7-x64

8

d1dad29a25...7d.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    145s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-01-2024 17:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d1dad29a2525b95ce94705869a60c039b5ae1d81c30c78905d8ee3b9e09d677d.exe

  • Size

    2.3MB

  • MD5

    8435ad96af0ee17f56852905c8900d62

  • SHA1

    d54ef15f2dad874ff469587ec159457c0ba86048

  • SHA256

    d1dad29a2525b95ce94705869a60c039b5ae1d81c30c78905d8ee3b9e09d677d

  • SHA512

    c1789b8011b01fd87779d69c167c6933b46392bbe12b104bbb6b488bf5d73e05083a150a02920784654857344ede81e415c2e6a483608e623a4b24b43d605f46

  • SSDEEP

    24576:4e61lYQzB+r1HLmOtL0vl8i/5xU4KN1Lxlw/im44Hi7ZCWlJwanJOOf5ImPfxwEE:olitAvvu1M/gmWlJw2lLm+r5u8QeL+

Score
10/10
kinsingloader

Malware Config

Signatures

  • Kinsing

    Kinsing is a loader written in Golang.

    loaderkinsing
  • Downloads MZ/PE file
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d1dad29a2525b95ce94705869a60c039b5ae1d81c30c78905d8ee3b9e09d677d.exe
    "C:\Users\Admin\AppData\Local\Temp\d1dad29a2525b95ce94705869a60c039b5ae1d81c30c78905d8ee3b9e09d677d.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4688

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    d8d1084e48569c16535d035fbe6da239

    SHA1

    21eedb44ecb0771ad5e2e77a9a039926daf4a873

    SHA256

    e23747231d5afbe24bb67467bf1c19a2d1a4c977b14157d9416bd78826920dda

    SHA512

    22ebfbf1b5ffbab15eed066a485058daa511bc89dab3f3a6a9b4a585c3b1248118ab2ea393a4d146af7caade114d5a3b75fa5299bd96a85e2c9af4441d00f175

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    d90db43a912c6ec0605813a82e9af49c

    SHA1

    1167f5f435c73f73f0353cd747162c58ac9bd7b8

    SHA256

    bc3049e9070f337d2509fdc6b122156985cd4bbf26ebbf14af181f3582d00dc6

    SHA512

    dd6840d3fba534cf9386add1a82ae3bc7097612e1acd8492db8cf7fd83d32d4211580670728dfe0f4b3316b3e8bbd2418b328246a98cb167a1d87c514cd665f3

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    dfa30ceaaffb27ade2c8c47f0e5ca834

    SHA1

    11df66e8c1c85a3e3abcfffa718d30aaae837494

    SHA256

    c621c89170fab50093372fa9e1bf1b7d8d91c6ffd8f8235cfc8bab79a88847d6

    SHA512

    fc25d9f2d61b4199ba9d7613f43eb5332a7d5978a019f9f32b19ac928cc2093764f6347d6d90516da7cb20a13eb74706c08b541930f7a8670afa0d2cf214543c

    Download Submit