Overview

overview

10

Static

static

7

7522c4702b...31.exe

windows7-x64

7

7522c4702b...31.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7522c4702b11ad52da4c03c45f527031

  • Size

    133KB

  • Sample

    240125-weyz4acah2

  • MD5

    7522c4702b11ad52da4c03c45f527031

  • SHA1

    4756f3bba17aa058d3a39a915719c0f9d09124a7

  • SHA256

    b6e3021017eec6f146e96ece9474d7990b4d574cfa50ec5dec3b86f002d6b0c8

  • SHA512

    a0348d49d887659dac88323c26e8fa9b3720c61d1f1cbb09f98b7c214b161430ea8d094b26bc24d27e8427ce8022b640d43602eb36e0bea5d94cac18b7231346

  • SSDEEP

    3072:WnS2BUKBiRI/3paqNy4gNqIB1N9VKq8WCN2+g6uXk1MuQ:ZaiOv8GyD1N9VX8i+OXWtQ

Score
10/10
kinsingloaderupx

Malware Config

Targets

    • Target

      7522c4702b11ad52da4c03c45f527031

    • Size

      133KB

    • MD5

      7522c4702b11ad52da4c03c45f527031

    • SHA1

      4756f3bba17aa058d3a39a915719c0f9d09124a7

    • SHA256

      b6e3021017eec6f146e96ece9474d7990b4d574cfa50ec5dec3b86f002d6b0c8

    • SHA512

      a0348d49d887659dac88323c26e8fa9b3720c61d1f1cbb09f98b7c214b161430ea8d094b26bc24d27e8427ce8022b640d43602eb36e0bea5d94cac18b7231346

    • SSDEEP

      3072:WnS2BUKBiRI/3paqNy4gNqIB1N9VKq8WCN2+g6uXk1MuQ:ZaiOv8GyD1N9VX8i+OXWtQ

    Score
    10/10
    upxkinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks