Analysis
-
max time kernel
135s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
25-01-2024 17:37
General
-
Target
751cab0a43b50466c2b209e2be6b6caf.dll
-
Size
39KB
-
MD5
751cab0a43b50466c2b209e2be6b6caf
-
SHA1
51a6f38864a97e25680ab2727a420f8af4bc3747
-
SHA256
7afd7d29905e0f051782d4b9578eb3b626f9a097b9e20f34eb237b76250d73fd
-
SHA512
e066c76adb6c85ba43648cd8abffd36fbf916b2dc9602c5ae7c073169b46bdb3c4c769c69c138015ce9d6631216f7d3b898ed17adb590c6aa55d2bae15b4bfb3
-
SSDEEP
768:Gjuy+qgVszMVTr2Jm0hkqTMDs4vvlSt2RZni6T1ZPFIO/7Zvm:RBqgVsYVv4XOvvlueniQZdIOU
Score
10/10
Malware Config
Signatures
-
Kinsing
Kinsing is a loader written in Golang.
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\751cab0a43b50466c2b209e2be6b6caf.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\751cab0a43b50466c2b209e2be6b6caf.dll,#12⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1076 -s 5963⤵
- Program crash
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 1076 -ip 10761⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
56KB