Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_97eb67a8daa8d060004feb70a185652c_cryptolocker

  • Size

    126KB

  • Sample

    240125-s6lmashhh2

  • MD5

    97eb67a8daa8d060004feb70a185652c

  • SHA1

    7f6cc2d40c15c44dbf129869399320cf88d7c29b

  • SHA256

    02800e3cacf547b3779ccc68d57c5f8d52537df8fd1658f83ae5af8d60869f08

  • SHA512

    ad90506f543dac50fa658abfe7f7bca1217c79722dfaa83bdc7899a5f642e63c3241fd189f6d6710bb73fc1a643452c275ba21f4ab5c2c4e8e7e50497c23e946

  • SSDEEP

    1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuBKLUYOVbvh//jp:vCjsIOtEvwDpj5H9YvQd2RD

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_97eb67a8daa8d060004feb70a185652c_cryptolocker

    • Size

      126KB

    • MD5

      97eb67a8daa8d060004feb70a185652c

    • SHA1

      7f6cc2d40c15c44dbf129869399320cf88d7c29b

    • SHA256

      02800e3cacf547b3779ccc68d57c5f8d52537df8fd1658f83ae5af8d60869f08

    • SHA512

      ad90506f543dac50fa658abfe7f7bca1217c79722dfaa83bdc7899a5f642e63c3241fd189f6d6710bb73fc1a643452c275ba21f4ab5c2c4e8e7e50497c23e946

    • SSDEEP

      1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuBKLUYOVbvh//jp:vCjsIOtEvwDpj5H9YvQd2RD

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks