kinsing | 686ea96873af08a40753a12567b316dcd9251c07a602ba593cfc50642daa94e6 | Triage

Sharing

General

Target

750a45ffaa72f0acf325748edbf3bf35
Size

771KB
Sample

240125-vkk5racahr
MD5

750a45ffaa72f0acf325748edbf3bf35
SHA1

db882018fd091e2b3467a0386c82f5365b0fb17c
SHA256

686ea96873af08a40753a12567b316dcd9251c07a602ba593cfc50642daa94e6
SHA512

8ad76d44b3718eb10beaf73586d69db6b85e0612949b89fec7edb792851344299f8aa03a5c240839fc22ba1583523cfe8d9488331a1aeea389c869ce3f68b72d
SSDEEP

12288:GRrcqlKmGO7kplRA7Y766FCvW9z+4b10VHmDXTuFaa2AtyGTKOF25ZoJJyhRge8V:GRrBkmSWuFR64b10hJaothZ2/T6FBBB

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  750a45ffaa72f0acf325748edbf3bf35
- Size
  
  771KB
- MD5
  
  750a45ffaa72f0acf325748edbf3bf35
- SHA1
  
  db882018fd091e2b3467a0386c82f5365b0fb17c
- SHA256
  
  686ea96873af08a40753a12567b316dcd9251c07a602ba593cfc50642daa94e6
- SHA512
  
  8ad76d44b3718eb10beaf73586d69db6b85e0612949b89fec7edb792851344299f8aa03a5c240839fc22ba1583523cfe8d9488331a1aeea389c869ce3f68b72d
- SSDEEP
  
  12288:GRrcqlKmGO7kplRA7Y766FCvW9z+4b10VHmDXTuFaa2AtyGTKOF25ZoJJyhRge8V:GRrBkmSWuFR64b10hJaothZ2/T6FBBB
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2