General
-
Target
2024-01-25_b16c8a918fca6c8fed9d088a882caa03_cryptolocker
-
Size
36KB
-
Sample
240125-v6d9bscfhp
-
MD5
b16c8a918fca6c8fed9d088a882caa03
-
SHA1
a07a976bd7428755098059ee03c90b879d9d5fe5
-
SHA256
23e7e67d8b187e9ff6655784b0adb1af5a43ee629ff962c3ab32b270af690f09
-
SHA512
c1b9801dee94f49b20d4a12db632904249a925d39f93a7d3599eccbe5c19d7d72b942d457e78d398b5a601699497bca029024818c0ad47fe90d802d8cfc9a2a3
-
SSDEEP
768:wHGGaSawqnwjRQ6ESlmFOsPoOdQtOOtEvwDpjm6WaJIOc+UPPEkLv:YGzl5wjRQBBOsP1QMOtEvwDpjgarrkLv
Malware Config
Targets
-
-
Target
2024-01-25_b16c8a918fca6c8fed9d088a882caa03_cryptolocker
-
Size
36KB
-
MD5
b16c8a918fca6c8fed9d088a882caa03
-
SHA1
a07a976bd7428755098059ee03c90b879d9d5fe5
-
SHA256
23e7e67d8b187e9ff6655784b0adb1af5a43ee629ff962c3ab32b270af690f09
-
SHA512
c1b9801dee94f49b20d4a12db632904249a925d39f93a7d3599eccbe5c19d7d72b942d457e78d398b5a601699497bca029024818c0ad47fe90d802d8cfc9a2a3
-
SSDEEP
768:wHGGaSawqnwjRQ6ESlmFOsPoOdQtOOtEvwDpjm6WaJIOc+UPPEkLv:YGzl5wjRQBBOsP1QMOtEvwDpjgarrkLv
Score10/10-
Kinsing
Kinsing is a loader written in Golang.
-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-