kinsing | 6a71c2c422e96096b5cc01fb21a0952ac10ed70813bb0f2f7c04665103eb0aea | Triage

Sharing

General

Target

75077829bc1c4b2b40bd8ed3bc94b3a7
Size

1.2MB
Sample

240125-vgsqesbbc3
MD5

75077829bc1c4b2b40bd8ed3bc94b3a7
SHA1

d2db5992379944e3b57e7ea3c0bb575e8bc8c9e1
SHA256

6a71c2c422e96096b5cc01fb21a0952ac10ed70813bb0f2f7c04665103eb0aea
SHA512

f71e9b8864a0b5c0bb920d5a14088f36c9969c7d893de0cfc27b3b5f3d6bd0d545af5b0c6493e3655729ce0107969ddde78bb5772c1ebdd279ead50cdfcbd789
SSDEEP

6144:fe34tPicdq1zQbe9DP3n3BLY6MpEVagK:bwzQcv3B93VP

Score

10^/10

kinsing loader upx

Malware Config

Targets

- Target
  
  75077829bc1c4b2b40bd8ed3bc94b3a7
- Size
  
  1.2MB
- MD5
  
  75077829bc1c4b2b40bd8ed3bc94b3a7
- SHA1
  
  d2db5992379944e3b57e7ea3c0bb575e8bc8c9e1
- SHA256
  
  6a71c2c422e96096b5cc01fb21a0952ac10ed70813bb0f2f7c04665103eb0aea
- SHA512
  
  f71e9b8864a0b5c0bb920d5a14088f36c9969c7d893de0cfc27b3b5f3d6bd0d545af5b0c6493e3655729ce0107969ddde78bb5772c1ebdd279ead50cdfcbd789
- SSDEEP
  
  6144:fe34tPicdq1zQbe9DP3n3BLY6MpEVagK:bwzQcv3B93VP
Score

10^/10

upx kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  9384f4007c492d4fa040924f31c00166
- SHA1
  
  aba37faef30d7c445584c688a0b5638f5db31c7b
- SHA256
  
  60a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5
- SHA512
  
  68f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf
- SSDEEP
  
  48:iV6pAvmNC6iMPUptxEZK65x/AmvycNSmwVsOYJyvrpXptp/JvR0Jlof5d2:2811GED5ZTvycNSmwVsTJuftpZR0Sd2
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  24KB
- MD5
  
  1efbbf5a54eb145a1a422046fd8dfb2c
- SHA1
  
  ec4efd0a95bb72fd4cf47423647e33e5a3fddf26
- SHA256
  
  983859570099b941c19d5eb9755eda19dd21f63e8ccad70f6e93f055c329d341
- SHA512
  
  7fdeba8c961f3507162eb59fb8b9b934812d449cc85c924f61722a099618d771fed91cfb3944e10479280b73648a9a5cbb23482d7b7f8bfb130f23e8fd6c15fb
- SSDEEP
  
  384:XErRo4TdlKCdUk6qz46qu2vPqUcnlSHmkuPJOiya4fF0Ac9khYLMkIX0+GvBgK3M:XiRoW7Kc5bBq1qNlSHmkuPJOJa4f4CD
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/md5dll.dll
- Size
  
  6KB
- MD5
  
  0745ff646f5af1f1cdd784c06f40fce9
- SHA1
  
  bf7eba06020d7154ce4e35f696bec6e6c966287f
- SHA256
  
  fbed2f1160469f42ce97c33ad558201b2b43e3020257f9b2259e3ce295317a70
- SHA512
  
  8d31627c719e788b5d0f5f34d4cb175989eaa35aa3335c98f2ba7902c8ae01b23de3ccb9c6eb95945f0b08ef74d456f9f22ca7539df303e1df3f6a7e67b358da
- SSDEEP
  
  96:GL2PcvGn5olZMTZxEp8agTsflVwn4GogZcko5N1ub:U2Pxn5UZMTZipyaw4ZkKP2
Score

10^/10

kinsing loader upx
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c10e04dd4ad4277d5adc951bb331c777
- SHA1
  
  b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
- SHA256
  
  e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
- SHA512
  
  853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
- SSDEEP
  
  96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsRandom.dll
- Size
  
  21KB
- MD5
  
  ab467b8dfaa660a0f0e5b26e28af5735
- SHA1
  
  596abd2c31eaff3479edf2069db1c155b59ce74d
- SHA256
  
  db267d9920395b4badc48de04df99dfd21d579480d103cae0f48e6578197ff73
- SHA512
  
  7d002dc203997b8a4d8ec20c92cd82848e29d746414f4a61265c76d4afb12c05bce826fc63f4d2bd3d527f38506c391855767d864c37584df11b5db9ca008301
- SSDEEP
  
  384:LCHDPMs4GdtyO5roguusMxUXiO3wOw95euooP2UgKbd9BvNtf:LCHD6Gh87MKXil/5r2U3z
Score

10^/10

upx kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingloaderupx

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

kinsingloaderupx

behavioral11

behavioral12

behavioral13

behavioral14

kinsingloaderupx