Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_52f0c5472cd307ab7e04b44ca314da89_cryptolocker

  • Size

    67KB

  • Sample

    240125-sy44nshgf3

  • MD5

    52f0c5472cd307ab7e04b44ca314da89

  • SHA1

    e9e8aafb156d20ec73554ee0aae75a0e49717a0c

  • SHA256

    3c7e20476d3297f74f1ea9cfd055454a9c627f4ef26236d955127748323071d5

  • SHA512

    1730de471bbb2ff58ac251d77657ce984625f7d89692dff319bdeebba51cc8b85a5b8f279f4c82c7e327bd60c0b91ae6dbfd9be2d7579dc536dbba740fe02671

  • SSDEEP

    1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgZ3QzNKU9:DW60sllyWOtEvwDpjwF85j

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_52f0c5472cd307ab7e04b44ca314da89_cryptolocker

    • Size

      67KB

    • MD5

      52f0c5472cd307ab7e04b44ca314da89

    • SHA1

      e9e8aafb156d20ec73554ee0aae75a0e49717a0c

    • SHA256

      3c7e20476d3297f74f1ea9cfd055454a9c627f4ef26236d955127748323071d5

    • SHA512

      1730de471bbb2ff58ac251d77657ce984625f7d89692dff319bdeebba51cc8b85a5b8f279f4c82c7e327bd60c0b91ae6dbfd9be2d7579dc536dbba740fe02671

    • SSDEEP

      1536:Dk/xY0sllyGQMOtEvwDpjwycDtKkQZQRKb61vSbgZ3QzNKU9:DW60sllyWOtEvwDpjwF85j

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks