Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_88b87431c9d98e8aa0310a715d6461ae_cryptolocker

  • Size

    42KB

  • Sample

    240125-v4g77scfck

  • MD5

    88b87431c9d98e8aa0310a715d6461ae

  • SHA1

    c1998a9eb678f593441d5acfd13267cc97d11158

  • SHA256

    c423f0b5ce7c5df8e15b79186c453c750f4b1b7c30f3a5465503017e548ff77b

  • SHA512

    712afabca80022e9baf9c3532e34b92eea968f8a596e226f3250181274a4943c26e0af382fee1d742767b111b65b4c74375cadc8a6e9ac76ff25e6c86e9722e5

  • SSDEEP

    768:bxNQIE0eBhkL2Fo1CCwgfjOg1tsJ6zeen754XcwxbFp13/7p:bxNrC7kYo1Fxf3s05rwxbF73l

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_88b87431c9d98e8aa0310a715d6461ae_cryptolocker

    • Size

      42KB

    • MD5

      88b87431c9d98e8aa0310a715d6461ae

    • SHA1

      c1998a9eb678f593441d5acfd13267cc97d11158

    • SHA256

      c423f0b5ce7c5df8e15b79186c453c750f4b1b7c30f3a5465503017e548ff77b

    • SHA512

      712afabca80022e9baf9c3532e34b92eea968f8a596e226f3250181274a4943c26e0af382fee1d742767b111b65b4c74375cadc8a6e9ac76ff25e6c86e9722e5

    • SSDEEP

      768:bxNQIE0eBhkL2Fo1CCwgfjOg1tsJ6zeen754XcwxbFp13/7p:bxNrC7kYo1Fxf3s05rwxbF73l

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks