kinsing | ad3f08f174a7453874738ec32e75a5e9978e6d5a091aee9b147e7411f4cefcb4 | Triage

Sharing

General

Target

7516ab5695ba0f726eaefa84b1fa146c
Size

385KB
Sample

240125-vzvmqsbfb2
MD5

7516ab5695ba0f726eaefa84b1fa146c
SHA1

a661fa0f44e698a9229bdbfe6d1df50c6b524c5c
SHA256

ad3f08f174a7453874738ec32e75a5e9978e6d5a091aee9b147e7411f4cefcb4
SHA512

9bd5e4e10f5b1ba7aed8798562ee2a2bef6a03ab1e85e089a3c6678a1a286e8a46a5ccfd17a36f750531beea7f4a44218cf192b79fd4cec9c00dfc1788bb996b
SSDEEP

12288:rNTse3TMtloo9ePPuRYaN6lr6CtWAeIh23Iz4CxBPB:rJXogo9eDC6lr6KZeIhQIz4wB

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  7516ab5695ba0f726eaefa84b1fa146c
- Size
  
  385KB
- MD5
  
  7516ab5695ba0f726eaefa84b1fa146c
- SHA1
  
  a661fa0f44e698a9229bdbfe6d1df50c6b524c5c
- SHA256
  
  ad3f08f174a7453874738ec32e75a5e9978e6d5a091aee9b147e7411f4cefcb4
- SHA512
  
  9bd5e4e10f5b1ba7aed8798562ee2a2bef6a03ab1e85e089a3c6678a1a286e8a46a5ccfd17a36f750531beea7f4a44218cf192b79fd4cec9c00dfc1788bb996b
- SSDEEP
  
  12288:rNTse3TMtloo9ePPuRYaN6lr6CtWAeIh23Iz4CxBPB:rJXogo9eDC6lr6KZeIhQIz4wB
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2