General

  • Target

    2024-01-25_cce764b74e3f188e39e761096c1f7077_cryptolocker

  • Size

    31KB

  • Sample

    240125-v7hyxabgh7

  • MD5

    cce764b74e3f188e39e761096c1f7077

  • SHA1

    7398613dd9f784df796fed4829a8ed409779d9dc

  • SHA256

    b87f9b1c76c29c034b798b890ee2852111e08f0960cc0a640b3603cd646547a3

  • SHA512

    97f91a4e7beafada60ccb32121a361f5be73bb0aad4982b68b9f7d6b468d81809eb350e4751124c9056eddcc763d7a640cd18c3c82597ac647a1b619919a554f

  • SSDEEP

    384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM98h:bAvJCYOOvbRPDEgXRcuM98h

Score
10/10

Malware Config

Targets

    • Target

      2024-01-25_cce764b74e3f188e39e761096c1f7077_cryptolocker

    • Size

      31KB

    • MD5

      cce764b74e3f188e39e761096c1f7077

    • SHA1

      7398613dd9f784df796fed4829a8ed409779d9dc

    • SHA256

      b87f9b1c76c29c034b798b890ee2852111e08f0960cc0a640b3603cd646547a3

    • SHA512

      97f91a4e7beafada60ccb32121a361f5be73bb0aad4982b68b9f7d6b468d81809eb350e4751124c9056eddcc763d7a640cd18c3c82597ac647a1b619919a554f

    • SSDEEP

      384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cuM98h:bAvJCYOOvbRPDEgXRcuM98h

    Score
    10/10
    • Kinsing

      Kinsing is a loader written in Golang.

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks