kinsing | b9b7fa49df3067fe019994494f04a394f3e7b070bb145950a1762f785ed4b2db | Triage

Submit
Reports

Overview

overview

Static

static

7

751b36fff9...25.exe

windows7-x64

7

751b36fff9...25.exe

windows10-2004-x64

Sharing

General

Target

751b36fff907a13ce2117455c14b4325
Size

3.9MB
Sample

240125-v5la9abge2
MD5

751b36fff907a13ce2117455c14b4325
SHA1

149fdccfe1ef72216895f9f9b5a661370226bf0c
SHA256

b9b7fa49df3067fe019994494f04a394f3e7b070bb145950a1762f785ed4b2db
SHA512

a121736c4c0c6e042eef41309a845f0e491a69e8caf53a592a5b5dace67557d8ffa535682877f0ca83f256df10963b3fdc6e7b1c567e79ff627447e8134e5a5d
SSDEEP

98304:1wWD2i7D3xkOxYwpK6kV8x94MD2i7D3xkOxYwpK7klaeIBSdW+um4D2i7D3xkOx8:1wWh7FkNqK6y8x9nh7FkNqKwla9cVShQ

Score

10^/10

kinsing loader upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

751b36fff907a13ce2117455c14b4325.exe

Resource

win7-20231215-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

751b36fff907a13ce2117455c14b4325.exe

Resource

win10v2004-20231222-en

kinsing loader upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  751b36fff907a13ce2117455c14b4325
- Size
  
  3.9MB
- MD5
  
  751b36fff907a13ce2117455c14b4325
- SHA1
  
  149fdccfe1ef72216895f9f9b5a661370226bf0c
- SHA256
  
  b9b7fa49df3067fe019994494f04a394f3e7b070bb145950a1762f785ed4b2db
- SHA512
  
  a121736c4c0c6e042eef41309a845f0e491a69e8caf53a592a5b5dace67557d8ffa535682877f0ca83f256df10963b3fdc6e7b1c567e79ff627447e8134e5a5d
- SSDEEP
  
  98304:1wWD2i7D3xkOxYwpK6kV8x94MD2i7D3xkOxYwpK7klaeIBSdW+um4D2i7D3xkOx8:1wWh7FkNqK6y8x9nh7FkNqKwla9cVShQ
Score

10^/10

upx kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingloaderupx

© 2018-2024

Terms | Privacy