kinsing | 59c34ab10c3ed2f66543503c63df63cc7afa45bdd867c37a2281eb363116fa22 | Triage

Sharing

General

Target

a1s-root1=email_banfield_2024_01_25_16_SMTP-att-1-4TLRgQ29l4zJmsx-2024-01-25T16_51_46.eml.infected
Size

35KB
Sample

240125-wess3sdacr
MD5

0bdf90c601459a55b436af24ff96fdf3
SHA1

b751e92a160249e8743ade1f79d572803b3d57bc
SHA256

59c34ab10c3ed2f66543503c63df63cc7afa45bdd867c37a2281eb363116fa22
SHA512

15a52816937b41a92c05986c2d6b98d3d545b6fc8d15486c9535cc2d80a1b5a556f3263a3a2f3fe5a432833afd2abca1710fc3449566e50f90c6de67de7c530e
SSDEEP

768:zk08a88PqsrXQ0uhx6V6UaFSC9CJClCcCCNZ:zkO88P9+hYdSZ

Score

10^/10

kinsing loader

Malware Config

Targets

- Target
  
  a1s-root1=email_banfield_2024_01_25_16_SMTP-att-1-4TLRgQ29l4zJmsx-2024-01-25T16_51_46.eml.infected
- Size
  
  35KB
- MD5
  
  0bdf90c601459a55b436af24ff96fdf3
- SHA1
  
  b751e92a160249e8743ade1f79d572803b3d57bc
- SHA256
  
  59c34ab10c3ed2f66543503c63df63cc7afa45bdd867c37a2281eb363116fa22
- SHA512
  
  15a52816937b41a92c05986c2d6b98d3d545b6fc8d15486c9535cc2d80a1b5a556f3263a3a2f3fe5a432833afd2abca1710fc3449566e50f90c6de67de7c530e
- SSDEEP
  
  768:zk08a88PqsrXQ0uhx6V6UaFSC9CJClCcCCNZ:zkO88P9+hYdSZ
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  email-html-2.txt
- Size
  
  15KB
- MD5
  
  01627150ea7deccb38d2733a9dc96c8a
- SHA1
  
  ed7e3087128c57c3756eef2737cccf5064ebdd54
- SHA256
  
  61e4b36529a542d601b972729047126ee42ce0bc43090656ab9dfd2746e5a31b
- SHA512
  
  c033b2fb1332c3c4342788bfe3ab34c12ee9859f8348d55cfbe020128a51a8351542b0d80fcfa368568eaefa8636aaf1a159bb29804ce9562b87e46e59821b6f
- SSDEEP
  
  192:X9+qJPa+X2C9xuzIpYrVignH5hTd7vdwzk2usk9Z+dKAu:xJPZX2wxuL8ChTdBwTusUfN
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral3 behavioral4
- Target
  
  email-plain-1.txt
- Size
  
  4KB
- MD5
  
  529fd65c2c9239c183736c0799457208
- SHA1
  
  9c4630315b98d4f0d1f736974aad4a713fbb46bb
- SHA256
  
  9d18dacbdc8e58a0111938cbf9f0978d2b28afb6ff3d52edab74415d9d5c58dc
- SHA512
  
  6de98ea7c14af74279425694394343998fcabaef412f4286d5a59aa98661763e794e81678e9abf2a76039197bfdee6bf92314d943eb3a09d1c1abd1a39b674c1
- SSDEEP
  
  96:PaNYoVwWDpItaBvWC305m5CaSLE+RP+fSen2T:C6oV7m8HLSZP+fS82
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6