Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_85afaa2519b1bb690f31d2f19dec5a29_cryptolocker

  • Size

    60KB

  • Sample

    240125-s4eqzaaggq

  • MD5

    85afaa2519b1bb690f31d2f19dec5a29

  • SHA1

    ea0b627ecf32a3e2a13274353e3cda204a5c5580

  • SHA256

    e91f59071d7cae2b998abbe45bfbc13ed74dccb1a326a721eb73ef55f79eb4ef

  • SHA512

    ae7aa7c4d4e1e8b5922b61a08b4ac79845123179e4e4d6b8c927305a85d1d82c0a3301d19caa6b854c93d950e9801c63338adf5225d00cb7d0832f4fb80e7a16

  • SSDEEP

    768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4hdCY8EQMjpi/Wpi3B3URiLnuoUwUsfqB1y:vj+jsMQMOtEvwDpj5Hy7B3gG8xzUH

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_85afaa2519b1bb690f31d2f19dec5a29_cryptolocker

    • Size

      60KB

    • MD5

      85afaa2519b1bb690f31d2f19dec5a29

    • SHA1

      ea0b627ecf32a3e2a13274353e3cda204a5c5580

    • SHA256

      e91f59071d7cae2b998abbe45bfbc13ed74dccb1a326a721eb73ef55f79eb4ef

    • SHA512

      ae7aa7c4d4e1e8b5922b61a08b4ac79845123179e4e4d6b8c927305a85d1d82c0a3301d19caa6b854c93d950e9801c63338adf5225d00cb7d0832f4fb80e7a16

    • SSDEEP

      768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4hdCY8EQMjpi/Wpi3B3URiLnuoUwUsfqB1y:vj+jsMQMOtEvwDpj5Hy7B3gG8xzUH

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks