Overview

overview

10

Static

static

3

2024-01-25...uk.exe

windows7-x64

7

2024-01-25...uk.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_c703be897d388065a0be6ca5e7f37627_ryuk

  • Size

    1.6MB

  • Sample

    240125-vgpc1acacj

  • MD5

    c703be897d388065a0be6ca5e7f37627

  • SHA1

    33191a9a25d61f7654a50b2d19e5aa876c211bd0

  • SHA256

    e2fd400ef64cf11a4538fb9c4c88c3f74293642fcc26fc12bc25026ae7cb9480

  • SHA512

    4ce22eca565372e24e8f4a395add45ef3151f7e8d55a8efa3f89d2a3c5b8caaa6057d26baa7a84ddeeb2fb1a1a0ec3e85227493ac88f5571b120b3c47dacb3bf

  • SSDEEP

    24576:B5t2sjXfHEOtqZpp0YYtwlGhNsof2e7A+ebC:B5t2sTHmpSK8hWomh

Score
10/10
kinsingloaderspywarestealer

Malware Config

Targets

    • Target

      2024-01-25_c703be897d388065a0be6ca5e7f37627_ryuk

    • Size

      1.6MB

    • MD5

      c703be897d388065a0be6ca5e7f37627

    • SHA1

      33191a9a25d61f7654a50b2d19e5aa876c211bd0

    • SHA256

      e2fd400ef64cf11a4538fb9c4c88c3f74293642fcc26fc12bc25026ae7cb9480

    • SHA512

      4ce22eca565372e24e8f4a395add45ef3151f7e8d55a8efa3f89d2a3c5b8caaa6057d26baa7a84ddeeb2fb1a1a0ec3e85227493ac88f5571b120b3c47dacb3bf

    • SSDEEP

      24576:B5t2sjXfHEOtqZpp0YYtwlGhNsof2e7A+ebC:B5t2sTHmpSK8hWomh

    Score
    10/10
    spywarestealerkinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks