Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_bc5699063b4aa91e5ad6c6aafc867718_cryptolocker

  • Size

    60KB

  • Sample

    240125-s8vmzsaac9

  • MD5

    bc5699063b4aa91e5ad6c6aafc867718

  • SHA1

    d1714b53b783571cf273ee19c02a2fddd4c65f4e

  • SHA256

    07e565a99ce6b79c029f0d58c19c2c200508aedc320dc1ea79b467008a0a55be

  • SHA512

    ed293064e9c1c5e17b8ceefb5e5e2a10fe9763ede87e3b1b06b7fbb3717010976d5ce51f1941ca7a2eb80e9c58fdedec451e7b7357b105baa05236a886c56da5

  • SSDEEP

    768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4hdCY8EQMjpi/Wpi3B3URiLnuoUwUsfqB1p:vj+jsMQMOtEvwDpj5Hy7B3gG8xzUw

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_bc5699063b4aa91e5ad6c6aafc867718_cryptolocker

    • Size

      60KB

    • MD5

      bc5699063b4aa91e5ad6c6aafc867718

    • SHA1

      d1714b53b783571cf273ee19c02a2fddd4c65f4e

    • SHA256

      07e565a99ce6b79c029f0d58c19c2c200508aedc320dc1ea79b467008a0a55be

    • SHA512

      ed293064e9c1c5e17b8ceefb5e5e2a10fe9763ede87e3b1b06b7fbb3717010976d5ce51f1941ca7a2eb80e9c58fdedec451e7b7357b105baa05236a886c56da5

    • SSDEEP

      768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4hdCY8EQMjpi/Wpi3B3URiLnuoUwUsfqB1p:vj+jsMQMOtEvwDpj5Hy7B3gG8xzUw

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks