kinsing | c9cc5c0b7d439c7881227618879dc53ea07ddb4b649cef39fc0a1b1da6c4d476 | Triage

Sharing

General

Target

751f2d5097fc2ba1bebf9170bda56a14
Size

1.5MB
Sample

240125-v95wfsbhf7
MD5

751f2d5097fc2ba1bebf9170bda56a14
SHA1

ffa99d54d6443ca20e7306597acc7340b8a88eb0
SHA256

c9cc5c0b7d439c7881227618879dc53ea07ddb4b649cef39fc0a1b1da6c4d476
SHA512

f32d30f830775b5cf896d9fee826eea114d59ef42fe4bd6db2037a098904e1325869094785a791ce88a4f7536dbfce2d15a611a43b3f3e187afc0a431726b1b3
SSDEEP

24576:D2RtsxfT5Ecc6hwjZhWlkPzYiPnoIs9WoyZpGeWJkRUndufH5NTQ9FjnOAJIHZ:WkfTNEfWlQzBPnoIs9WoynWaaAfXTYFo

Score

10^/10

kinsing evasion loader spyware stealer trojan

Malware Config

Targets

- Target
  
  751f2d5097fc2ba1bebf9170bda56a14
- Size
  
  1.5MB
- MD5
  
  751f2d5097fc2ba1bebf9170bda56a14
- SHA1
  
  ffa99d54d6443ca20e7306597acc7340b8a88eb0
- SHA256
  
  c9cc5c0b7d439c7881227618879dc53ea07ddb4b649cef39fc0a1b1da6c4d476
- SHA512
  
  f32d30f830775b5cf896d9fee826eea114d59ef42fe4bd6db2037a098904e1325869094785a791ce88a4f7536dbfce2d15a611a43b3f3e187afc0a431726b1b3
- SSDEEP
  
  24576:D2RtsxfT5Ecc6hwjZhWlkPzYiPnoIs9WoyZpGeWJkRUndufH5NTQ9FjnOAJIHZ:WkfTNEfWlQzBPnoIs9WoynWaaAfXTYFo
Score

10^/10

evasion spyware stealer trojan kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionspywarestealertrojan

behavioral2

kinsingloaderspywarestealer