Analysis

  • max time kernel
    139s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-01-2024 17:34

General

  • Target

    751b6f04d1752a8c0a754c6f2074bda5.lnk

  • Size

    856B

  • MD5

    751b6f04d1752a8c0a754c6f2074bda5

  • SHA1

    11c2bd6d08ee404fc742f8c8fcd02f01ebb0dffc

  • SHA256

    cbc44755ece5a72f74149c40c7a6505d51f291c166a7276589856c77f1d4b6eb

  • SHA512

    e21cec0af64c1811d3029a0ad926bcc240d039edea249b2378f5a756a1925e82c91b57e8714d03f598f0b5e3495307f8b0609aa47ab7527751b8c9d6fd73ccf6

Score
10/10

Malware Config

Signatures

  • Kinsing

    Kinsing is a loader written in Golang.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\751b6f04d1752a8c0a754c6f2074bda5.lnk
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:1608

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads