kinsing | 97e8112850166997a5e5e924206b4f52c382530cea890b1df505af04fe7b408d | Triage

Sharing

General

Target

7509f942c933356566bae27d72a0690c
Size

771KB
Sample

240125-vke9habbh4
MD5

7509f942c933356566bae27d72a0690c
SHA1

c656d983e40f89a63aa75ff79fe8460f6860bfaa
SHA256

97e8112850166997a5e5e924206b4f52c382530cea890b1df505af04fe7b408d
SHA512

b565e2c096e962ae8d9e7275a295a6ae34d5c51dc021e21f9616b874c9db22ec7a9f583c00d05dc2df59bccde941cc8e057e23ef81fdcb66ae9639893cb70fb5
SSDEEP

12288:O8QiJ9U5CbCbns51ZMMhX6KfMa9z9PzJLniYZ/C9OFEIif0F6rerfrEhU8zFVMB:OLiJGbnEJhXXz9tvZWqEIz6qrfiTMB

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  7509f942c933356566bae27d72a0690c
- Size
  
  771KB
- MD5
  
  7509f942c933356566bae27d72a0690c
- SHA1
  
  c656d983e40f89a63aa75ff79fe8460f6860bfaa
- SHA256
  
  97e8112850166997a5e5e924206b4f52c382530cea890b1df505af04fe7b408d
- SHA512
  
  b565e2c096e962ae8d9e7275a295a6ae34d5c51dc021e21f9616b874c9db22ec7a9f583c00d05dc2df59bccde941cc8e057e23ef81fdcb66ae9639893cb70fb5
- SSDEEP
  
  12288:O8QiJ9U5CbCbns51ZMMhX6KfMa9z9PzJLniYZ/C9OFEIif0F6rerfrEhU8zFVMB:OLiJGbnEJhXXz9tvZWqEIz6qrfiTMB
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2