Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_78b96fcddd8e391548a2bcfafaa868b7_cryptolocker

  • Size

    125KB

  • Sample

    240125-t67p7sahb4

  • MD5

    78b96fcddd8e391548a2bcfafaa868b7

  • SHA1

    f4dd67f6a56c327356a72e3392874fbe93eab9c3

  • SHA256

    ca5666a5f6d325566b2fd76ff3c6d29564094ef1e6d0db57a6ed67d6e2052ca5

  • SHA512

    4d44d94206b6f11f60c417325b2c294ce3130b697253b368c63843e5b8768aef023880ecd40456c54e781966f94ff5b5ceda5facee1528cedc57f3bf769e3c4b

  • SSDEEP

    1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuBKLUYOVbvh//iX:vCjsIOtEvwDpj5H9YvQd2Rq

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_78b96fcddd8e391548a2bcfafaa868b7_cryptolocker

    • Size

      125KB

    • MD5

      78b96fcddd8e391548a2bcfafaa868b7

    • SHA1

      f4dd67f6a56c327356a72e3392874fbe93eab9c3

    • SHA256

      ca5666a5f6d325566b2fd76ff3c6d29564094ef1e6d0db57a6ed67d6e2052ca5

    • SHA512

      4d44d94206b6f11f60c417325b2c294ce3130b697253b368c63843e5b8768aef023880ecd40456c54e781966f94ff5b5ceda5facee1528cedc57f3bf769e3c4b

    • SSDEEP

      1536:vj+jsMQMOtEvwDpj5HwYYTjipvF2hBfIuBKLUYOVbvh//iX:vCjsIOtEvwDpj5H9YvQd2Rq

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks