Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_7276bc3600231a300f2adba942672b79_cryptolocker

  • Size

    39KB

  • Sample

    240125-s2mnsshhb2

  • MD5

    7276bc3600231a300f2adba942672b79

  • SHA1

    a4e015f479691a8ebdc01c430583f29c0358cb4b

  • SHA256

    483ff53cc00c6235f8b83e319990075fc0865419c19c5eebd47c911f89e8b6a8

  • SHA512

    6a52aad1c931b6bb7430cc5d3d565d84a53c3f06a18a4a609726954120e50c65e05d17810dea32780ed8c21ea3cf7975d3efb1d61f5eb252d1b5247832933b9b

  • SSDEEP

    768:bgX4zYcgTEu6QOaryfjqDDw3sCu5b+rc5vrp:bgGYcA/53GADw8Clrc7

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_7276bc3600231a300f2adba942672b79_cryptolocker

    • Size

      39KB

    • MD5

      7276bc3600231a300f2adba942672b79

    • SHA1

      a4e015f479691a8ebdc01c430583f29c0358cb4b

    • SHA256

      483ff53cc00c6235f8b83e319990075fc0865419c19c5eebd47c911f89e8b6a8

    • SHA512

      6a52aad1c931b6bb7430cc5d3d565d84a53c3f06a18a4a609726954120e50c65e05d17810dea32780ed8c21ea3cf7975d3efb1d61f5eb252d1b5247832933b9b

    • SSDEEP

      768:bgX4zYcgTEu6QOaryfjqDDw3sCu5b+rc5vrp:bgGYcA/53GADw8Clrc7

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks