kinsing | 446f5d4bdeb230747be93d2559e93006951730671d62d6ac1af8f7675fa29916 | Triage

Sharing

General

Target

75062f0c176769202af8cfe712bc141b
Size

4.0MB
Sample

240125-vfer6sbhhk
MD5

75062f0c176769202af8cfe712bc141b
SHA1

0847ff0777e9017bb71f5de6700e82baf7a0d3de
SHA256

446f5d4bdeb230747be93d2559e93006951730671d62d6ac1af8f7675fa29916
SHA512

93745d7a3373df154781236efbed2dbfc8b7306f9ae301daa0db21ba0240f6e2373af6448864d22f35f00f39a116b5bba836a9862bdf33a3de8dbff147af0d5d
SSDEEP

98304:7JoTa2NqO3oE6d5u889y15uxobSRWGR0IS2FVErAgEXqH+2:4amqS6ds8Qoux9rejaELQ2+2

Score

10^/10

kinsing loader persistence

Malware Config

Targets

- Target
  
  75062f0c176769202af8cfe712bc141b
- Size
  
  4.0MB
- MD5
  
  75062f0c176769202af8cfe712bc141b
- SHA1
  
  0847ff0777e9017bb71f5de6700e82baf7a0d3de
- SHA256
  
  446f5d4bdeb230747be93d2559e93006951730671d62d6ac1af8f7675fa29916
- SHA512
  
  93745d7a3373df154781236efbed2dbfc8b7306f9ae301daa0db21ba0240f6e2373af6448864d22f35f00f39a116b5bba836a9862bdf33a3de8dbff147af0d5d
- SSDEEP
  
  98304:7JoTa2NqO3oE6d5u889y15uxobSRWGR0IS2FVErAgEXqH+2:4amqS6ds8Qoux9rejaELQ2+2
Score

10^/10

persistence kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingloaderpersistence