kinsing | eca30714b87bd9011d86d9aa40d3f5886657d7de385db3483a321671e9eea05f | Triage

Sharing

General

Target

75212d32ddf1685955ac36c06175a23c
Size

3.6MB
Sample

240125-wcwryschgq
MD5

75212d32ddf1685955ac36c06175a23c
SHA1

b2fee04a33c0ca2664100e2cd46c1a55c5fb788a
SHA256

eca30714b87bd9011d86d9aa40d3f5886657d7de385db3483a321671e9eea05f
SHA512

3a8d095abb1498b13084639804d03b94ecc14a5d283fe3298a5bf4e64b1b475cbc611cec60aaed099a43665be277c5ad4e096a8845ddd14d87cdaf53d1b58702
SSDEEP

49152:Q7/jkvCzRyOOlN3FXqDghbq4TTow+lsgVy1hySd/WF7kzIKAghbq4TTow+lsgp:QSCVyOO3FXvhTW81hynFoIAhTW5

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  75212d32ddf1685955ac36c06175a23c
- Size
  
  3.6MB
- MD5
  
  75212d32ddf1685955ac36c06175a23c
- SHA1
  
  b2fee04a33c0ca2664100e2cd46c1a55c5fb788a
- SHA256
  
  eca30714b87bd9011d86d9aa40d3f5886657d7de385db3483a321671e9eea05f
- SHA512
  
  3a8d095abb1498b13084639804d03b94ecc14a5d283fe3298a5bf4e64b1b475cbc611cec60aaed099a43665be277c5ad4e096a8845ddd14d87cdaf53d1b58702
- SSDEEP
  
  49152:Q7/jkvCzRyOOlN3FXqDghbq4TTow+lsgVy1hySd/WF7kzIKAghbq4TTow+lsgp:QSCVyOO3FXvhTW81hynFoIAhTW5
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2