Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_5b96ff759a2ffefb0926e2abca1997ad_cryptolocker

  • Size

    61KB

  • Sample

    240125-szqyfaagcj

  • MD5

    5b96ff759a2ffefb0926e2abca1997ad

  • SHA1

    833e537d8d1747d8e18ac3ea56a4999eba891359

  • SHA256

    d20f1fb84fc4293866e27461f65cbbe085e03bede03df5c633c0b43b13266848

  • SHA512

    a0b1afbddc3e5a4e63359f036a3a2512d8fe1106d1c90e6bc73cbc1126eb7c85163da654e65bc71cb1b92711f19869e5f82f9b7cfc1d17bd030def59e0b0fe9a

  • SSDEEP

    1536:V6QFElP6n+gMQMOtEvwDpjyaLccVCbmhk1:V6a+pOtEvwDpjvk

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_5b96ff759a2ffefb0926e2abca1997ad_cryptolocker

    • Size

      61KB

    • MD5

      5b96ff759a2ffefb0926e2abca1997ad

    • SHA1

      833e537d8d1747d8e18ac3ea56a4999eba891359

    • SHA256

      d20f1fb84fc4293866e27461f65cbbe085e03bede03df5c633c0b43b13266848

    • SHA512

      a0b1afbddc3e5a4e63359f036a3a2512d8fe1106d1c90e6bc73cbc1126eb7c85163da654e65bc71cb1b92711f19869e5f82f9b7cfc1d17bd030def59e0b0fe9a

    • SSDEEP

      1536:V6QFElP6n+gMQMOtEvwDpjyaLccVCbmhk1:V6a+pOtEvwDpjvk

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks