kinsing | 85cdb11bbcb91fa874b5ff4eee8565d7f64421bc17965dbafc932e387397ad71 | Triage

Sharing

General

Target

751f73044d0b419d6ddb606917bb59ac
Size

385KB
Sample

240125-wamfhabhg8
MD5

751f73044d0b419d6ddb606917bb59ac
SHA1

20c19cff1d3a5b38cd5fe9725f84dad4fd065f5e
SHA256

85cdb11bbcb91fa874b5ff4eee8565d7f64421bc17965dbafc932e387397ad71
SHA512

b8893a18922041cb3825f88f5cf3749aafbcb36ee0f0459251e1c770207833975fb69237782b948f8a32c39764e71d29368d7ad30925a462682edbe2a70cb69b
SSDEEP

6144:NcXKbTgeHqR6t3AFVZFv7c6j2R5EmKblrvM/wBQb+RHSgJKQfJWCB:NweHKBZF1YZIlSPwHSgJdfJWCB

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  751f73044d0b419d6ddb606917bb59ac
- Size
  
  385KB
- MD5
  
  751f73044d0b419d6ddb606917bb59ac
- SHA1
  
  20c19cff1d3a5b38cd5fe9725f84dad4fd065f5e
- SHA256
  
  85cdb11bbcb91fa874b5ff4eee8565d7f64421bc17965dbafc932e387397ad71
- SHA512
  
  b8893a18922041cb3825f88f5cf3749aafbcb36ee0f0459251e1c770207833975fb69237782b948f8a32c39764e71d29368d7ad30925a462682edbe2a70cb69b
- SSDEEP
  
  6144:NcXKbTgeHqR6t3AFVZFv7c6j2R5EmKblrvM/wBQb+RHSgJKQfJWCB:NweHKBZF1YZIlSPwHSgJdfJWCB
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2