kinsing | 6d7b69f527a6e113a98ae739a4875f4fd51930af88369a1cea2f4fc66d5f7c3a | Triage

Sharing

General

Target

7502b6043a53243fdc88a8f5de90fadb
Size

385KB
Sample

240125-vcadaabac7
MD5

7502b6043a53243fdc88a8f5de90fadb
SHA1

f5109b402e08f1b4add59886a3d262210af006cf
SHA256

6d7b69f527a6e113a98ae739a4875f4fd51930af88369a1cea2f4fc66d5f7c3a
SHA512

6e2c6e54d2356ce0df32d376b783912e960ee83841f064cf11d531862d73d12e47895d309220ad5c59a529e51f0d7c3505a1822746dd8e965316e5947a704a28
SSDEEP

6144:2XVEC+esAkLBNnshEDnUTIhVCzanyi8CdAxIUy2m8NxVlKSJ7V7+B:oJ+eSBNsynyA6odyeuNKSFViB

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  7502b6043a53243fdc88a8f5de90fadb
- Size
  
  385KB
- MD5
  
  7502b6043a53243fdc88a8f5de90fadb
- SHA1
  
  f5109b402e08f1b4add59886a3d262210af006cf
- SHA256
  
  6d7b69f527a6e113a98ae739a4875f4fd51930af88369a1cea2f4fc66d5f7c3a
- SHA512
  
  6e2c6e54d2356ce0df32d376b783912e960ee83841f064cf11d531862d73d12e47895d309220ad5c59a529e51f0d7c3505a1822746dd8e965316e5947a704a28
- SSDEEP
  
  6144:2XVEC+esAkLBNnshEDnUTIhVCzanyi8CdAxIUy2m8NxVlKSJ7V7+B:oJ+eSBNsynyA6odyeuNKSFViB
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2