kinsing | 3b7da21bdcd1e4771b9508a5c1d6d404ce1ddf1292be5869ef081f72cc0bdae3 | Triage

Sharing

General

Target

750f2b6aa881f5c0d2a31594114ef012
Size

385KB
Sample

240125-vqsf1scccp
MD5

750f2b6aa881f5c0d2a31594114ef012
SHA1

8cb45dc9517baf0922405a87c80b8ec5cb33608a
SHA256

3b7da21bdcd1e4771b9508a5c1d6d404ce1ddf1292be5869ef081f72cc0bdae3
SHA512

35c223e8353b75827a133909920d0d8e4bd9d9abfd2df563ea90f77e18fd273f6ddd4f9fb5a537ca486b3c4df4fd059c67325d696adc9550bf60ff4458b8ea7e
SSDEEP

12288:Igef29ChD/jb8Mv1u5/B7uHb5ashTq/S75B:NH9Chz/LcJ765/hTeSVB

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  750f2b6aa881f5c0d2a31594114ef012
- Size
  
  385KB
- MD5
  
  750f2b6aa881f5c0d2a31594114ef012
- SHA1
  
  8cb45dc9517baf0922405a87c80b8ec5cb33608a
- SHA256
  
  3b7da21bdcd1e4771b9508a5c1d6d404ce1ddf1292be5869ef081f72cc0bdae3
- SHA512
  
  35c223e8353b75827a133909920d0d8e4bd9d9abfd2df563ea90f77e18fd273f6ddd4f9fb5a537ca486b3c4df4fd059c67325d696adc9550bf60ff4458b8ea7e
- SSDEEP
  
  12288:Igef29ChD/jb8Mv1u5/B7uHb5ashTq/S75B:NH9Chz/LcJ765/hTeSVB
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2