Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_8b2b272dc680f7859dcb09ae4a602c7f_cryptolocker

  • Size

    36KB

  • Sample

    240125-s48daahhf2

  • MD5

    8b2b272dc680f7859dcb09ae4a602c7f

  • SHA1

    52fce8824f526f3128e42fea24f63c3fb9c4a85b

  • SHA256

    282e6d8d7dfb5fb5866620787988448ba004099d7750c4a2bf47eb8cca246e90

  • SHA512

    a903738512e03d7f4932219ea1b0e796c5826d6bb39d7fec08baf1e763b4fb9dd7af2f326cfae70d36546db26153b0f671b0bfe8f17258c265fc6020c1168d9d

  • SSDEEP

    768:bxNQIE0eBhkL2Fo1CCwgfjOg1tsJ6zeen7JEgx3quX:bxNrC7kYo1Fxf3s06gV

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_8b2b272dc680f7859dcb09ae4a602c7f_cryptolocker

    • Size

      36KB

    • MD5

      8b2b272dc680f7859dcb09ae4a602c7f

    • SHA1

      52fce8824f526f3128e42fea24f63c3fb9c4a85b

    • SHA256

      282e6d8d7dfb5fb5866620787988448ba004099d7750c4a2bf47eb8cca246e90

    • SHA512

      a903738512e03d7f4932219ea1b0e796c5826d6bb39d7fec08baf1e763b4fb9dd7af2f326cfae70d36546db26153b0f671b0bfe8f17258c265fc6020c1168d9d

    • SSDEEP

      768:bxNQIE0eBhkL2Fo1CCwgfjOg1tsJ6zeen7JEgx3quX:bxNrC7kYo1Fxf3s06gV

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks