General
-
Target
7509bff39368c962baba415c3ffa45db
-
Size
1.3MB
-
Sample
240125-vj5g1acagp
-
MD5
7509bff39368c962baba415c3ffa45db
-
SHA1
dbd53896ad66feb827fab4c556ba24ba52487858
-
SHA256
09a00f373b00912e6f674123e14bb559705ddd41d51ec79082408572f554aaca
-
SHA512
75bb90e73ff53c5cbe5fd82cfd1027ec60799978d2da8843c8d7a31dff2eab02fc64583f5ad0833417887e854da8b30e5dca40e34e8b84983b3c8506e0a60fd0
-
SSDEEP
12288:UZWtI6RkBBz07WhkXrOnBs07WhkXrOnBs07WhkXrOnBs07WhkXRJut:UuhaBBz07wBs07wBs07wBs07Le
Malware Config
Targets
-
-
Target
7509bff39368c962baba415c3ffa45db
-
Size
1.3MB
-
MD5
7509bff39368c962baba415c3ffa45db
-
SHA1
dbd53896ad66feb827fab4c556ba24ba52487858
-
SHA256
09a00f373b00912e6f674123e14bb559705ddd41d51ec79082408572f554aaca
-
SHA512
75bb90e73ff53c5cbe5fd82cfd1027ec60799978d2da8843c8d7a31dff2eab02fc64583f5ad0833417887e854da8b30e5dca40e34e8b84983b3c8506e0a60fd0
-
SSDEEP
12288:UZWtI6RkBBz07WhkXrOnBs07WhkXrOnBs07WhkXrOnBs07WhkXRJut:UuhaBBz07wBs07wBs07wBs07Le
Score10/10-
Kinsing
Kinsing is a loader written in Golang.
-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-