Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_df60a358642e121721b3c7474720fff6_cryptolocker

  • Size

    43KB

  • Sample

    240125-tbdtmsaah4

  • MD5

    df60a358642e121721b3c7474720fff6

  • SHA1

    0a77d5e946b7a035a4ee500ce4c14d4d163eff3c

  • SHA256

    851768eb3ecf9ba194b8c0f16e051834f07a239d52c378b5835bb6b58826bef7

  • SHA512

    8898554922f894cfa024d1a00fa1427fa8ca5a08c89a1a77f7c9186176b07c8d024fcc346580269ce129e20269ddeb070b5d0ce46647c192d196c3cce7e354cf

  • SSDEEP

    768:b7o/2n1TCraU6GD1a4X0WcO+wMVm+slAMRqmz4kmmbO:bc/y2lkF0+BjjIbO

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_df60a358642e121721b3c7474720fff6_cryptolocker

    • Size

      43KB

    • MD5

      df60a358642e121721b3c7474720fff6

    • SHA1

      0a77d5e946b7a035a4ee500ce4c14d4d163eff3c

    • SHA256

      851768eb3ecf9ba194b8c0f16e051834f07a239d52c378b5835bb6b58826bef7

    • SHA512

      8898554922f894cfa024d1a00fa1427fa8ca5a08c89a1a77f7c9186176b07c8d024fcc346580269ce129e20269ddeb070b5d0ce46647c192d196c3cce7e354cf

    • SSDEEP

      768:b7o/2n1TCraU6GD1a4X0WcO+wMVm+slAMRqmz4kmmbO:bc/y2lkF0+BjjIbO

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks