Overview

overview

10

Static

static

1

约翰迪�...��.bmp

windows7-x64

3

约翰迪�...��.bmp

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    约翰迪尔融资租赁有限公司.bmp (1).zip

  • Size

    44KB

  • Sample

    240125-vss6bsccgp

  • MD5

    9b0bad235d8105e2e333779a8984090d

  • SHA1

    94476492175ddab45b847a648d40d89757aebd3a

  • SHA256

    611f6338787c8d0e3b308f4831f90c5d842e4e263348a8ea23fadd2221014287

  • SHA512

    3784079620d9a4290ea74fe7a3469cfdab57fb84a453897f0f10392946aaf0c4b860fe6507869b1c56d2ec92750c699923454c211fa55a97ab4badc9774d1d91

  • SSDEEP

    768:DO54JPI7mnQhJGh6+LO1YHPRMWkacjmmq/Ld/4XnwjeDj7DF3uWxTgh:DOyPghJGh5LBJYaV7zJ4XnwyDjN3nY

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      约翰迪尔融资租赁有限公司.bmp

    • Size

      1.9MB

    • MD5

      0c82b65faf383bfc67c9e78c074f34ab

    • SHA1

      b902acf84344894ef9f4267d1622297e3a3bcc2b

    • SHA256

      1fbfd71dd3e01fbc430819c0d0e7057033a9ba996827da9c20d35234d3bb17e9

    • SHA512

      6fd52f3885489145ff4d9ef6218fa18b338f573f9dcfe0386556366b162f50d98b451be103d9133f7a5555b9825adb9e51bc0062c319a46337b4eaf3ca26af45

    • SSDEEP

      1536:8pobi/CKreZvXQ/v/fYJy0SE0+tVWdl3EwaDN6M21IdPMHlHE8hPzkOoY0ge/v/f:5

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks