Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_95ee53b6ece64b988d7dd1874ed28094_cryptolocker

  • Size

    36KB

  • Sample

    240125-v42xlscfen

  • MD5

    95ee53b6ece64b988d7dd1874ed28094

  • SHA1

    a7707d8e020bb7e4bca6994b4c8a912675978c87

  • SHA256

    2a7ebd822999ee3d8603461679b5f8ae69add72355e8d3e54a21538d5b2e9b3d

  • SHA512

    5632ac38e76ffc1155884c5ec2357851f12f70f1bf9e1791c874c0a60a9dd0fad35d8747abaf5c9d88421b146cd9a0d064f535f3874e131fa11ff3c8b6c10579

  • SSDEEP

    768:wHGGaSawqnwjRQ6ESlmFOsPoOdQtOOtEvwDpjm6WaJIOc+UPPEkLJ:YGzl5wjRQBBOsP1QMOtEvwDpjgarrkLJ

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_95ee53b6ece64b988d7dd1874ed28094_cryptolocker

    • Size

      36KB

    • MD5

      95ee53b6ece64b988d7dd1874ed28094

    • SHA1

      a7707d8e020bb7e4bca6994b4c8a912675978c87

    • SHA256

      2a7ebd822999ee3d8603461679b5f8ae69add72355e8d3e54a21538d5b2e9b3d

    • SHA512

      5632ac38e76ffc1155884c5ec2357851f12f70f1bf9e1791c874c0a60a9dd0fad35d8747abaf5c9d88421b146cd9a0d064f535f3874e131fa11ff3c8b6c10579

    • SSDEEP

      768:wHGGaSawqnwjRQ6ESlmFOsPoOdQtOOtEvwDpjm6WaJIOc+UPPEkLJ:YGzl5wjRQBBOsP1QMOtEvwDpjgarrkLJ

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks