Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_fdb5699a52f5c2de8c9c0d445ec47a56_cryptolocker

  • Size

    42KB

  • Sample

    240125-tdjgxabafj

  • MD5

    fdb5699a52f5c2de8c9c0d445ec47a56

  • SHA1

    39692bfef655fdc3a46b53788316207d73e81fb4

  • SHA256

    a762555ec28dde00a9cd2c763589709e240555e2bd4aabb9f4e14d67a9919bc0

  • SHA512

    1b3e45181d811b068d4d8dac27638ddeab0308b27f7e83be5954f62e8663a458ecacebd9e7ea9dfd1ab26e6b1ce24c275bc61c60ae50e0f8bc0d09ad8b311588

  • SSDEEP

    768:bxNQIE0eBhkL2Fo1CCwgfjOg1tsJ6zeen754XcwxbFqL:bxNrC7kYo1Fxf3s05rwxbFG

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_fdb5699a52f5c2de8c9c0d445ec47a56_cryptolocker

    • Size

      42KB

    • MD5

      fdb5699a52f5c2de8c9c0d445ec47a56

    • SHA1

      39692bfef655fdc3a46b53788316207d73e81fb4

    • SHA256

      a762555ec28dde00a9cd2c763589709e240555e2bd4aabb9f4e14d67a9919bc0

    • SHA512

      1b3e45181d811b068d4d8dac27638ddeab0308b27f7e83be5954f62e8663a458ecacebd9e7ea9dfd1ab26e6b1ce24c275bc61c60ae50e0f8bc0d09ad8b311588

    • SSDEEP

      768:bxNQIE0eBhkL2Fo1CCwgfjOg1tsJ6zeen754XcwxbFqL:bxNrC7kYo1Fxf3s05rwxbFG

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks