ScreenShot
| Created | 2021.09.23 15:41 | Machine | s1_win7_x6401 |
| Filename | kinsing | ||
| Type | ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, stripped | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 38 detected (Linux, GenericKD, STKN, a variant of Linux, CoinMiner, MALXMR, PUWEMA, Unix, Elf64, BtcMine, ifrhhr, Wogk, Miner, Malware@#24tyq1189df66, Kinsing, Static AI, Malicious ELF, hpdmz, ASELF, Malicious, score, ai score=100) | ||
| md5 | 648effa354b3cbaad87b45f48d59c616 | ||
| sha256 | 6e25ad03103a1a972b78c642bac09060fa79c460011dc5748cbb433cc459938b | ||
| ssdeep | 98304:zpU9MTfASNlnewCIoxAlfVG9bnY+Zx+A:zG9GfASNlnewChxAxVWbY | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 38 AntiVirus engines on VirusTotal as malicious |
| info | One or more processes crashed |
Rules (4cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| notice | anti_vm_detect | Possibly employs anti-virtualization techniques | binaries (upload) |
| info | IsELF | Executable and Linking Format executable file (Linux/Unix) | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|