Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_5817e884398565369d2e2d219ee7bea1_cryptolocker

  • Size

    57KB

  • Sample

    240125-szlcyshgg7

  • MD5

    5817e884398565369d2e2d219ee7bea1

  • SHA1

    d6c79333c1887a92c23ef5fa7880e05ee5abab55

  • SHA256

    1ed9e6a4452c35bbdf63020aec30b6b1504fb100ecea7937fbc27656e946816e

  • SHA512

    979a9bc52d78bd574d77a1cca2d906da72606bac2e546b98185d1f46ec08c03f7228f48dd03fa6a78c50c71662fba60dac04f76dad267a47a2228530e7d796c5

  • SSDEEP

    768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7GoFwEh:xj+VGMOtEvwDpjubEgywEh

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_5817e884398565369d2e2d219ee7bea1_cryptolocker

    • Size

      57KB

    • MD5

      5817e884398565369d2e2d219ee7bea1

    • SHA1

      d6c79333c1887a92c23ef5fa7880e05ee5abab55

    • SHA256

      1ed9e6a4452c35bbdf63020aec30b6b1504fb100ecea7937fbc27656e946816e

    • SHA512

      979a9bc52d78bd574d77a1cca2d906da72606bac2e546b98185d1f46ec08c03f7228f48dd03fa6a78c50c71662fba60dac04f76dad267a47a2228530e7d796c5

    • SSDEEP

      768:xQz7yVEhs9+4uR1bytOOtEvwDpjWfbZgBh8i6g7GoFwEh:xj+VGMOtEvwDpjubEgywEh

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Detects executables built or packed with MPress PE compressor

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks