kinsing | 96622bdbe5036a822168712a019f8ff2a29811f1496445eaa78a2d4e534879c3 | Triage

Submit
Reports

Overview

overview

Static

static

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

Sharing

General

Target

2024-01-25_87bb9ee9bd5499eab2cc19547b2f2005_cryptolocker
Size

149KB
Sample

240125-s4g64ahhe3
MD5

87bb9ee9bd5499eab2cc19547b2f2005
SHA1

187dc92794fcbc421fa8a22cef9b69a4dbbcc448
SHA256

96622bdbe5036a822168712a019f8ff2a29811f1496445eaa78a2d4e534879c3
SHA512

49413a6c80ff7b596757caa443b5cd901afea63c36e9c13bbe32d859ae27ba5328ad025192866ad46418afc58d00b613df167fc4c138990966a360cb5fd795f0
SSDEEP

1536:V6QFElP6n+gMQMOtEvwDpjQGYQbxGYQbxGYQbPlooHPPFYr7:V6a+pOtEvwDpjt22S

Score

10^/10

kinsing loader

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2024-01-25_87bb9ee9bd5499eab2cc19547b2f2005_cryptolocker.exe

Resource

win7-20231215-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-01-25_87bb9ee9bd5499eab2cc19547b2f2005_cryptolocker.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-01-25_87bb9ee9bd5499eab2cc19547b2f2005_cryptolocker
- Size
  
  149KB
- MD5
  
  87bb9ee9bd5499eab2cc19547b2f2005
- SHA1
  
  187dc92794fcbc421fa8a22cef9b69a4dbbcc448
- SHA256
  
  96622bdbe5036a822168712a019f8ff2a29811f1496445eaa78a2d4e534879c3
- SHA512
  
  49413a6c80ff7b596757caa443b5cd901afea63c36e9c13bbe32d859ae27ba5328ad025192866ad46418afc58d00b613df167fc4c138990966a360cb5fd795f0
- SSDEEP
  
  1536:V6QFElP6n+gMQMOtEvwDpjQGYQbxGYQbxGYQbPlooHPPFYr7:V6a+pOtEvwDpjt22S
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy