kinsing | 816ceac49c2d646e60cdb2dc54c860d9f8352c099eef6b9aad6521613348ad5f | Triage

Sharing

General

Target

751bb7e94eea53e73da0c642939b37da
Size

385KB
Sample

240125-v5751scfhk
MD5

751bb7e94eea53e73da0c642939b37da
SHA1

33dd32d353940f2b3998d439ccbd4f8dc29a4745
SHA256

816ceac49c2d646e60cdb2dc54c860d9f8352c099eef6b9aad6521613348ad5f
SHA512

565650cb842c3166861229c31cb1c992d5b31e35ab1e102758ebe6d14df53ccc3ea9ecd1c2d82440900deaa4190060317e8687c15fdf094869b1c0f34fc37ad5
SSDEEP

12288:F0Jl/Ct2wbPCSl4csZB9FnA0I+gqMFK6O2S8B:CLCER24x79FnAF+5MU6Or8B

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  751bb7e94eea53e73da0c642939b37da
- Size
  
  385KB
- MD5
  
  751bb7e94eea53e73da0c642939b37da
- SHA1
  
  33dd32d353940f2b3998d439ccbd4f8dc29a4745
- SHA256
  
  816ceac49c2d646e60cdb2dc54c860d9f8352c099eef6b9aad6521613348ad5f
- SHA512
  
  565650cb842c3166861229c31cb1c992d5b31e35ab1e102758ebe6d14df53ccc3ea9ecd1c2d82440900deaa4190060317e8687c15fdf094869b1c0f34fc37ad5
- SSDEEP
  
  12288:F0Jl/Ct2wbPCSl4csZB9FnA0I+gqMFK6O2S8B:CLCER24x79FnAF+5MU6Or8B
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2