Overview

overview

10

Static

static

3

751f86d2e4...2d.exe

windows7-x64

1

751f86d2e4...2d.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    141s
  • max time network
    122s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-01-2024 17:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    751f86d2e478387fe0a507a1e6fd7b2d.exe

  • Size

    138KB

  • MD5

    751f86d2e478387fe0a507a1e6fd7b2d

  • SHA1

    ae5f6a1eb37a1bc0aee563204aa15a4ae9af5e97

  • SHA256

    09a68a5608f2ea7944a69c85ddfdb7f7e3fe457c8bb5beee99d471952de5821a

  • SHA512

    5c6d3a3f0aa336aaa527d094daeaea078b98adbb90097e81e9792e3a08cc7fa657fdc807e3136a4ff46d573922b66a8290d27d87394905fd3d187cecfeb1b4a6

  • SSDEEP

    3072:BwSOHbH0oaAR16wpQ5VKgmsEkq6MvI4zKBOWBSvr:BIHYon16wmKgfLq6Mv6BzA

Score
10/10
kinsingloader

Malware Config

Signatures

  • Kinsing

    Kinsing is a loader written in Golang.

    loaderkinsing
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\751f86d2e478387fe0a507a1e6fd7b2d.exe
    "C:\Users\Admin\AppData\Local\Temp\751f86d2e478387fe0a507a1e6fd7b2d.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2824

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\prm3
    Filesize

    2KB

    MD5

    351ad8b416af82a2a9a46bea7afe7a20

    SHA1

    1c1278c5d43fb70f35525dd9c6c0daf2948e1289

    SHA256

    11ce3597d84f6b59a47b060384f10cab18d93bf7e66c6732c9747ddf63a4e865

    SHA512

    7cedaad5858c2ecbf14431a5215f347cf6cf827cd3c8febd105bfcaaab8179490ad0ed01d55adb0f11900a48f33b18b1e74541097435ef3062204fe4aa2bfbaa

    Download Submit
  • memory/2824-0-0x0000000000400000-0x000000000042F000-memory.dmp
    Filesize

    188KB

    Download
  • memory/2824-1-0x0000000000400000-0x000000000042F000-memory.dmp
    Filesize

    188KB

    Download
  • memory/2824-2-0x00000000006D0000-0x00000000006EB000-memory.dmp
    Filesize

    108KB

    Download
  • memory/2824-7-0x0000000000400000-0x000000000042F000-memory.dmp
    Filesize

    188KB

    Download
  • memory/2824-25-0x0000000000400000-0x000000000042F000-memory.dmp
    Filesize

    188KB

    Download