kinsing | 5bc539044959631e8942d9fa7fc7c032a80577ff7ec1113996177aa6bfdf90b2 | Triage

Sharing

General

Target

751e5c1201bb0c9821aea59fa2baf7c5
Size

385KB
Sample

240125-v84l1acgfr
MD5

751e5c1201bb0c9821aea59fa2baf7c5
SHA1

4725de78ba60076c3677c4e5158753ac95bedf6a
SHA256

5bc539044959631e8942d9fa7fc7c032a80577ff7ec1113996177aa6bfdf90b2
SHA512

ac17cff640c64f3f921824e21b2b1059efbf9218a35922419304cf20509c3f5251d88b3daecbde21314b1317be3104f58f3adf84950afde7332ae4c640b9d2db
SSDEEP

6144:+d6/rvDUtAKTrpXZC+sTX9zXbre1z1Ex/wDkL3HIgGEDtFPSx9xkFerNTh8MzB:+d6HOrobre1z1Ex/ZL3HIAerbrN2oB

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  751e5c1201bb0c9821aea59fa2baf7c5
- Size
  
  385KB
- MD5
  
  751e5c1201bb0c9821aea59fa2baf7c5
- SHA1
  
  4725de78ba60076c3677c4e5158753ac95bedf6a
- SHA256
  
  5bc539044959631e8942d9fa7fc7c032a80577ff7ec1113996177aa6bfdf90b2
- SHA512
  
  ac17cff640c64f3f921824e21b2b1059efbf9218a35922419304cf20509c3f5251d88b3daecbde21314b1317be3104f58f3adf84950afde7332ae4c640b9d2db
- SSDEEP
  
  6144:+d6/rvDUtAKTrpXZC+sTX9zXbre1z1Ex/wDkL3HIgGEDtFPSx9xkFerNTh8MzB:+d6HOrobre1z1Ex/ZL3HIAerbrN2oB
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2