kinsing | 942b0d0071e2668a886f5704ee61cfe5225990bc51fc8831cc89bc4300543802 | Triage

Submit
Reports

Overview

overview

Static

static

3

tmp.exe

windows7-x64

7

tmp.exe

windows10-2004-x64

Sharing

General

Target

tmp
Size

12.8MB
Sample

240125-vrtqgaccfj
MD5

c26969afb4d14b8a57e313173b6f0e99
SHA1

9f1d429af7b2beabae3108cbb0ef4c499491f356
SHA256

942b0d0071e2668a886f5704ee61cfe5225990bc51fc8831cc89bc4300543802
SHA512

a56a84a961fa7931577d80da4c60bc477962ba5eb2d70223e47f45d99299ba2ad1199f09bf2b618a2b414c2948ebb0a28db05fcfe8578d331630c0438c68fb60
SSDEEP

196608:fYFWAQhhSsXZJorYwXGc/Wmk7ZoP1NQsT2kYBqyLfi7lYSANK728OznHHXuJVv5:fY8RSQMswWc/WmTTFYgGSANKyTXu

Score

10^/10

kinsing aspackv2 loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

tmp.exe

Resource

win7-20231215-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

tmp.exe

Resource

win10v2004-20231215-en

kinsing aspackv2 loader

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  tmp
- Size
  
  12.8MB
- MD5
  
  c26969afb4d14b8a57e313173b6f0e99
- SHA1
  
  9f1d429af7b2beabae3108cbb0ef4c499491f356
- SHA256
  
  942b0d0071e2668a886f5704ee61cfe5225990bc51fc8831cc89bc4300543802
- SHA512
  
  a56a84a961fa7931577d80da4c60bc477962ba5eb2d70223e47f45d99299ba2ad1199f09bf2b618a2b414c2948ebb0a28db05fcfe8578d331630c0438c68fb60
- SSDEEP
  
  196608:fYFWAQhhSsXZJorYwXGc/Wmk7ZoP1NQsT2kYBqyLfi7lYSANK728OznHHXuJVv5:fY8RSQMswWc/WmTTFYgGSANKyTXu
Score

10^/10

aspackv2 kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

kinsingaspackv2loader

© 2018-2024

Terms | Privacy