Overview

overview

10

Static

static

3

7522c9ee94...90.exe

windows7-x64

7

7522c9ee94...90.exe

windows10-2004-x64

10

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

10

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

10

$PLUGINSDI...mp.dll

windows7-x64

3

$PLUGINSDI...mp.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    142s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-01-2024 17:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7522c9ee9466ba97331da148ff91b990.exe

  • Size

    10.3MB

  • MD5

    7522c9ee9466ba97331da148ff91b990

  • SHA1

    302c96adb32a2190e0400d7c1c9db80d3649a501

  • SHA256

    7a74fb60899179d6a5696a266139cde1f7a05660c73fccf636650e643ae67d21

  • SHA512

    5e789947cf6f9f1c0c53abae47be422d7c108e4456749f29837a78ff60d62ccca97a5e0d978bb271fc0d6bf185d0edabbed16f52c25644ef581de300783556ce

  • SSDEEP

    196608:GSNJB1GK19WX4TR5TqbWau8PBsObDa8k+v2cpTxM7u7P/oNgpbCIvZ3KYB8S:GEByKfTbFwDNjpNMu7P/C

Score
10/10
kinsingloader

Malware Config

Signatures

  • Kinsing

    Kinsing is a loader written in Golang.

    loaderkinsing
  • Loads dropped DLL 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\7522c9ee9466ba97331da148ff91b990.exe
    "C:\Users\Admin\AppData\Local\Temp\7522c9ee9466ba97331da148ff91b990.exe"
    1⤵
    • Loads dropped DLL
    PID:2920

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsj76F7.tmp\System.dll
    Filesize

    11KB

    MD5

    b9f430f71c7144d8ff4ab94be2785aa6

    SHA1

    c5c1e153caff7ad1d221a9acc8bbb831f05ccb05

    SHA256

    b496e81a74ce871236abcd096fb9a6b210b456bebaa7464fa844b3241e51a655

    SHA512

    c7ce431b6a1493fd7d1fe1b1c823ad22b582c43c8eb2fb6a471c648dd9df9953277c89932c66afd598d43ea36f4a8602e84cd175115266943071cbc8ce204099

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsj76F7.tmp\nsDialogs.dll
    Filesize

    9KB

    MD5

    7823fc560926dcd8741de6f0b900083f

    SHA1

    93dc0a704bc0b8f90668548e36daf459be0ae10a

    SHA256

    ca869d6c6752aa4a8a6c874a694b543442992d7e854d0c48a1b60bca01a8c8c6

    SHA512

    c79509cd306638ea9badec64ed9f7d0690e46fcab7ac77f25134065b628e76d2812f2d874ea2cc4283685c567b613a39d27b9fc4a6de2d4b9d30131f3161c4e9

    Download Submit