General

  • Target

    7522301a75daa0a9afb3bb82d1286956

  • Size

    506KB

  • Sample

    240125-wdx2eadabl

  • MD5

    7522301a75daa0a9afb3bb82d1286956

  • SHA1

    b7c825b1abcdb96e89491ae1db98f340c21023a9

  • SHA256

    0f6f73652f44192fa235488f68747cf8c6abc83139a13b00df491dbbab7ec5ce

  • SHA512

    418c620ec48a75a0747bff40ab9203664a926d593ddf3c8be686a8a4603a4ff77c3185eccc4be2ee82c3cbb2a38b371dee13130870d45f31153028c5605a85ef

  • SSDEEP

    12288:Xox7c2TPv7kRvVfxh1Q4Qq8YACCftal5xv1kle59:6c6v7wHh24QZCWGsY59

Score
10/10

Malware Config

Targets

    • Target

      7522301a75daa0a9afb3bb82d1286956

    • Size

      506KB

    • MD5

      7522301a75daa0a9afb3bb82d1286956

    • SHA1

      b7c825b1abcdb96e89491ae1db98f340c21023a9

    • SHA256

      0f6f73652f44192fa235488f68747cf8c6abc83139a13b00df491dbbab7ec5ce

    • SHA512

      418c620ec48a75a0747bff40ab9203664a926d593ddf3c8be686a8a4603a4ff77c3185eccc4be2ee82c3cbb2a38b371dee13130870d45f31153028c5605a85ef

    • SSDEEP

      12288:Xox7c2TPv7kRvVfxh1Q4Qq8YACCftal5xv1kle59:6c6v7wHh24QZCWGsY59

    Score
    10/10
    • Kinsing

      Kinsing is a loader written in Golang.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks