Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_ea55caa34f65fb5d32d43d2aa742b049_cryptolocker

  • Size

    97KB

  • Sample

    240125-tcwqvaabb5

  • MD5

    ea55caa34f65fb5d32d43d2aa742b049

  • SHA1

    49f9716f772dc07b6107f61d7bd293f97ba736fe

  • SHA256

    4d43da5733c7fab938d1d95a8fcfaab37da6c9206a92d8c57cdb9a402e02ae91

  • SHA512

    cc62b2d3c24f839832111de42c50fc9a9f7d99caf2eafdbbad8cea4d0caae8cb07b9b7c592bc42c48671b390cf8d5847c3273598214a15a2ff13b17090260939

  • SSDEEP

    1536:26QFElP6n+gBQMOtEvwDpjQGYQbN/PKwNCJz:26a+2OtEvwDpjtzi

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_ea55caa34f65fb5d32d43d2aa742b049_cryptolocker

    • Size

      97KB

    • MD5

      ea55caa34f65fb5d32d43d2aa742b049

    • SHA1

      49f9716f772dc07b6107f61d7bd293f97ba736fe

    • SHA256

      4d43da5733c7fab938d1d95a8fcfaab37da6c9206a92d8c57cdb9a402e02ae91

    • SHA512

      cc62b2d3c24f839832111de42c50fc9a9f7d99caf2eafdbbad8cea4d0caae8cb07b9b7c592bc42c48671b390cf8d5847c3273598214a15a2ff13b17090260939

    • SSDEEP

      1536:26QFElP6n+gBQMOtEvwDpjQGYQbN/PKwNCJz:26a+2OtEvwDpjtzi

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks