Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_ad6562c0751562b129cdeea6fce97260_cryptolocker

  • Size

    46KB

  • Sample

    240125-v5tbvsbge7

  • MD5

    ad6562c0751562b129cdeea6fce97260

  • SHA1

    67a283b892fef575cc38d4b2a06843644cf1176e

  • SHA256

    314c051136e3767a6848a8bfb7f1ab7dbd8cc219eaf08a65a40b30b641ef7eef

  • SHA512

    b98a5b301eabeba16802fb3fef728c6f71aa9a6cba564374e6d1bdf6c752fb43953f4619f74a7056f1f80c19556a42571ee95c0691a327ff6fff065d0bfee965

  • SSDEEP

    768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr46xdUUuuMX:vj+jsMQMOtEvwDpj5Hczer5ixuMX

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_ad6562c0751562b129cdeea6fce97260_cryptolocker

    • Size

      46KB

    • MD5

      ad6562c0751562b129cdeea6fce97260

    • SHA1

      67a283b892fef575cc38d4b2a06843644cf1176e

    • SHA256

      314c051136e3767a6848a8bfb7f1ab7dbd8cc219eaf08a65a40b30b641ef7eef

    • SHA512

      b98a5b301eabeba16802fb3fef728c6f71aa9a6cba564374e6d1bdf6c752fb43953f4619f74a7056f1f80c19556a42571ee95c0691a327ff6fff065d0bfee965

    • SSDEEP

      768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4/Uth8igNrr46xdUUuuMX:vj+jsMQMOtEvwDpj5Hczer5ixuMX

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks