Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

1

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_63847b10ddcb5fc2e1b1385fa1bd6f56_cryptolocker

  • Size

    39KB

  • Sample

    240125-v27ebacehk

  • MD5

    63847b10ddcb5fc2e1b1385fa1bd6f56

  • SHA1

    87de33a92cc16754cafdd3dd71f41939b6853a88

  • SHA256

    156804f2cb2aa2929a317836c58a7b6bd84cd311192a1cd1b5cdbfffd24e271e

  • SHA512

    9a5f04d965932d0e5258cc22e689dabef9047cdc74f18962a5225409b8afa2902ef0f4fd927d2bf5c180c1a961a24b47ed503588622f3f97633d9bb49df7e066

  • SSDEEP

    768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenQL3bTo:ZzFbxmLPWQMOtEvwDpjLeU3w

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_63847b10ddcb5fc2e1b1385fa1bd6f56_cryptolocker

    • Size

      39KB

    • MD5

      63847b10ddcb5fc2e1b1385fa1bd6f56

    • SHA1

      87de33a92cc16754cafdd3dd71f41939b6853a88

    • SHA256

      156804f2cb2aa2929a317836c58a7b6bd84cd311192a1cd1b5cdbfffd24e271e

    • SHA512

      9a5f04d965932d0e5258cc22e689dabef9047cdc74f18962a5225409b8afa2902ef0f4fd927d2bf5c180c1a961a24b47ed503588622f3f97633d9bb49df7e066

    • SSDEEP

      768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLenQL3bTo:ZzFbxmLPWQMOtEvwDpjLeU3w

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks