kinsing | 4409a2d6457405682a5a0ada61573bb53117a5906a4021bc52ec89ec46a08ddb | Triage

Sharing

General

Target

7503f33c454ff72f582b1d730cd89471
Size

241KB
Sample

240125-vdedmabhdj
MD5

7503f33c454ff72f582b1d730cd89471
SHA1

8d4a46c0be9ee73f8b6b32459d8998db490a8461
SHA256

4409a2d6457405682a5a0ada61573bb53117a5906a4021bc52ec89ec46a08ddb
SHA512

cf99c784346caaa71579e735ffd98ae4c7536402ff36eee0ebcb8f0b826106aa3f91871e174c6dc239adc8d1cd30a150856c840933e7715240c782653e757496
SSDEEP

6144:Sd+0o58vYv0YMb5627rvzg97XdjBZzL2V:Sd+b6UC6yXgJXN6V

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  7503f33c454ff72f582b1d730cd89471
- Size
  
  241KB
- MD5
  
  7503f33c454ff72f582b1d730cd89471
- SHA1
  
  8d4a46c0be9ee73f8b6b32459d8998db490a8461
- SHA256
  
  4409a2d6457405682a5a0ada61573bb53117a5906a4021bc52ec89ec46a08ddb
- SHA512
  
  cf99c784346caaa71579e735ffd98ae4c7536402ff36eee0ebcb8f0b826106aa3f91871e174c6dc239adc8d1cd30a150856c840933e7715240c782653e757496
- SSDEEP
  
  6144:Sd+0o58vYv0YMb5627rvzg97XdjBZzL2V:Sd+b6UC6yXgJXN6V
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2