kinsing | 69e62c01d01514823c9f50a77e79b456241aed9f23596e48d78490d227fbb18b | Triage

Sharing

General

Target

751b0391c47ac27fd5880602095c2b75
Size

392KB
Sample

240125-v5bf2scffl
MD5

751b0391c47ac27fd5880602095c2b75
SHA1

57bb747fc1bff49bb43598d4e9ef035589ff8a65
SHA256

69e62c01d01514823c9f50a77e79b456241aed9f23596e48d78490d227fbb18b
SHA512

7ac38504d483601ec7dc660559f23b75d127a82091eba15f50f4f62d715c8d327f5950c5cc99ba7cf31c1f60c2457ff8fa6fc3691dffb60abca7a355eb7ae607
SSDEEP

3072:TjeF/OZ/HI8IhYt5BjAsoDYp9qducrNK+B968s655MjawzakfWeiKWVOzYZO:TjC/4/HI87/Xr6UKzB92hOvVUYZO

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  751b0391c47ac27fd5880602095c2b75
- Size
  
  392KB
- MD5
  
  751b0391c47ac27fd5880602095c2b75
- SHA1
  
  57bb747fc1bff49bb43598d4e9ef035589ff8a65
- SHA256
  
  69e62c01d01514823c9f50a77e79b456241aed9f23596e48d78490d227fbb18b
- SHA512
  
  7ac38504d483601ec7dc660559f23b75d127a82091eba15f50f4f62d715c8d327f5950c5cc99ba7cf31c1f60c2457ff8fa6fc3691dffb60abca7a355eb7ae607
- SSDEEP
  
  3072:TjeF/OZ/HI8IhYt5BjAsoDYp9qducrNK+B968s655MjawzakfWeiKWVOzYZO:TjC/4/HI87/Xr6UKzB92hOvVUYZO
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2