kinsing | 79fb6575110e29a99ec77ceafe4554c257ba3552cd6631e0883ee7c174b3ffbf | Triage

Sharing

General

Target

750559a19af10b1e8ed529814b0603b1
Size

146KB
Sample

240125-vencxsbag8
MD5

750559a19af10b1e8ed529814b0603b1
SHA1

b56e880a546f1abb905816850b51bfee27edeb9e
SHA256

79fb6575110e29a99ec77ceafe4554c257ba3552cd6631e0883ee7c174b3ffbf
SHA512

5e26064d13012ec360c8f4e67e77fb552c4ac077609ec2151905b7811daff03fcc0b2bb8d1bf224585dc36124b764207c468b25274bc62e9b78f479cb8afdbd1
SSDEEP

3072:aCChqu4f6w7a36zuTHHRtFuWp9Ixy+sS8bGTyhoA2VDnb1HrxS/c:iIu4f6w7yXnRt0GmpTyh52dzS/c

Score

10^/10

kinsing loader persistence

Malware Config

Targets

- Target
  
  750559a19af10b1e8ed529814b0603b1
- Size
  
  146KB
- MD5
  
  750559a19af10b1e8ed529814b0603b1
- SHA1
  
  b56e880a546f1abb905816850b51bfee27edeb9e
- SHA256
  
  79fb6575110e29a99ec77ceafe4554c257ba3552cd6631e0883ee7c174b3ffbf
- SHA512
  
  5e26064d13012ec360c8f4e67e77fb552c4ac077609ec2151905b7811daff03fcc0b2bb8d1bf224585dc36124b764207c468b25274bc62e9b78f479cb8afdbd1
- SSDEEP
  
  3072:aCChqu4f6w7a36zuTHHRtFuWp9Ixy+sS8bGTyhoA2VDnb1HrxS/c:iIu4f6w7yXnRt0GmpTyh52dzS/c
Score

10^/10

persistence kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Modifies system executable filetype association
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingloaderpersistence