Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_7a967491d20b799cab6af850c73af3be_cryptolocker

  • Size

    51KB

  • Sample

    240125-v3n95acfaj

  • MD5

    7a967491d20b799cab6af850c73af3be

  • SHA1

    325332d1fe41cb467ab9b65b89101e17eff34499

  • SHA256

    e1a013601c6b0e33e00e091d7cbf9991103359e81baee1daecb8f77f7a33b3e5

  • SHA512

    9573ead97632f2b4dd9f2e2fbe9107d1573c64592c73f1823dcbb787edc123a6a25afd4b0d9db6c7d2e36815287de4c0424252f280b5c0054b412dbdbfaf0954

  • SSDEEP

    768:bIDOw9UiaCHfjnE0Sfa7ilR0p9u6p4ICNBCXK9GZ:bIDOw9a0DwitDZzv

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_7a967491d20b799cab6af850c73af3be_cryptolocker

    • Size

      51KB

    • MD5

      7a967491d20b799cab6af850c73af3be

    • SHA1

      325332d1fe41cb467ab9b65b89101e17eff34499

    • SHA256

      e1a013601c6b0e33e00e091d7cbf9991103359e81baee1daecb8f77f7a33b3e5

    • SHA512

      9573ead97632f2b4dd9f2e2fbe9107d1573c64592c73f1823dcbb787edc123a6a25afd4b0d9db6c7d2e36815287de4c0424252f280b5c0054b412dbdbfaf0954

    • SSDEEP

      768:bIDOw9UiaCHfjnE0Sfa7ilR0p9u6p4ICNBCXK9GZ:bIDOw9a0DwitDZzv

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks