Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_d4c8718e9141a225c4924a133004b83f_cryptolocker

  • Size

    39KB

  • Sample

    240125-tanbpabaan

  • MD5

    d4c8718e9141a225c4924a133004b83f

  • SHA1

    be12a7dbfdaa8bc4470b9d6d639e88cd21e3a071

  • SHA256

    ac24ef111464615583f608b1dc0b8e8810d0ca7474acbefa0f2ed927ccc0fe20

  • SHA512

    01a440e0a4abda0d1bdc7424ba1dc4b325b995ee25f7ca87a9646b791b5f2450a2e6d34d16a42e9493046bb001ce21a8de7cfe3c27ac3d375d5b8f1f9b86b1ff

  • SSDEEP

    768:bgX4zYcgTEu6QOaryfjqDDw3sCu5b+rc5vrN:bgGYcA/53GADw8Clrcv

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_d4c8718e9141a225c4924a133004b83f_cryptolocker

    • Size

      39KB

    • MD5

      d4c8718e9141a225c4924a133004b83f

    • SHA1

      be12a7dbfdaa8bc4470b9d6d639e88cd21e3a071

    • SHA256

      ac24ef111464615583f608b1dc0b8e8810d0ca7474acbefa0f2ed927ccc0fe20

    • SHA512

      01a440e0a4abda0d1bdc7424ba1dc4b325b995ee25f7ca87a9646b791b5f2450a2e6d34d16a42e9493046bb001ce21a8de7cfe3c27ac3d375d5b8f1f9b86b1ff

    • SSDEEP

      768:bgX4zYcgTEu6QOaryfjqDDw3sCu5b+rc5vrN:bgGYcA/53GADw8Clrcv

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks