kinsing | 64edb26d136f085a71f2737644f6408abaed87ae2344c94b39634c4b74d736c6 | Triage

Sharing

General

Target

Vape v4.zip
Size

18.1MB
Sample

240125-v81v4scgfp
MD5

9a1428478cd92c0448f54d46301348d3
SHA1

66536b29af618a8c36c86eee8feb746441f858c6
SHA256

64edb26d136f085a71f2737644f6408abaed87ae2344c94b39634c4b74d736c6
SHA512

5361a348318b55f65ecb6f9c478bcb6f2c6c84d4bbc4d3652214262ac4d16f6f1ec7711441b2a30ea7e84ebcc23181ad6ab89d5bbf51c1d08886233a02a6daf6
SSDEEP

393216:jHQITwVy+zsvdijw1SeUW5sH7IZm+nBkRIdqkfidYIz6ijQ8:jr8B41rhUL7IZiRIdqWidPuij1

Score

10^/10

kinsing discovery loader

Malware Config

Targets

- Target
  
  Vape v4/Vape.exe
- Size
  
  16KB
- MD5
  
  92fc77de12d43f2528c5d6ec02f97c1a
- SHA1
  
  280c88b9880d578dd29fc510046d3334dc569d8d
- SHA256
  
  1c57279a06989a6245dabe4da9bb1a44dbf753c6c254ce6d95f4a69b3d4ded94
- SHA512
  
  460a2b087b0fd8580456d26c1dcf12268f8599bb86c625df336a6fbfff94922b538bd297d85331edf40a7f9124b8051ef38e1e98e7aabee5ae91027b8b532197
- SSDEEP
  
  192:pUfcKr+kAUtQYkNwEBWevhvzCoLHt8CQKgr81eThEqcNG6cO5tfwp:pookAhYkNqMhWkKdT+d3c/
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral1
- Target
  
  Vape v4/Vape4DLL.dll
- Size
  
  5.0MB
- MD5
  
  6990d8eccbb8bbc6b5835ba7d94ffe4c
- SHA1
  
  48ca050052c5db2fe8861a9eadbf2d6689e924cd
- SHA256
  
  1634d50dc2263dff2305de904ddf903467a6edcc464a778fcf77e4ca8df8365f
- SHA512
  
  d41b89be7a35b3738c1518fd93b5f8ace6c69fea66ca33cfa38ebf22a9c27967b37f70e10e8afd59c171a72a0b4a087bce5ee022eb009a8f17e368df32559953
- SSDEEP
  
  98304:IIo/Y7mgTm05AwJHE6hnRVL6MgbscSEd17E7GV3td:INg7PAmkOvgoXYI7GVP
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral2
- Target
  
  Vape v4/vape-loader.jar
- Size
  
  5.7MB
- MD5
  
  942b440da0b181b775771d1543084f30
- SHA1
  
  666ac2ae1d22c0ad657d89e2074044d27b9caa18
- SHA256
  
  5fdcb68e0b267332bf806b1e465c0e55eb2b8140c932c2b8856de804c83f1a55
- SHA512
  
  41d05c4c12696a0c70c3640ba282154d5987cf66742999c5ecfdcfb66e62c4276c4a8afdc7f98211a195441184057b0ca9ed4a7526950987671db9f8b99214e6
- SSDEEP
  
  98304:CDbPd7m1KUTz0KPXX2jPlSS1i3oG7bMDtILXHdGE9EWaDMg0gzAmUnlJ5ruI+69P:2LpJUTN/oPES1i3oG0qJVGWmMgxzAn5L
Score

10^/10

kinsing discovery loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Modifies file permissions
  discovery
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

kinsingdiscoveryloader