General

  • Target

    2024-01-25_d62f04daf8a916aba6fa404fe18835a5_cryptolocker

  • Size

    46KB

  • Sample

    240125-v7rk2sbha3

  • MD5

    d62f04daf8a916aba6fa404fe18835a5

  • SHA1

    96580256d98de70a7e49ca5593cfea26d17da332

  • SHA256

    b0b814fc7085583a9adc41e3402e3349913ebeeccee99845dcb9391d51e5d8c3

  • SHA512

    9f0bcddfa43e3b9b8e846a5bd7b183b0c968d2b6d3d85a5c2aaad5424c556d0d924f83f785b14f9af5d1576b04879d2c2e2cc371ff9f6321619e6a696ab2c774

  • SSDEEP

    768:bgX4zYcgTEu6QOaryfjqDlC6JFbK37YbDu5z/hDd:bgGYcA/53GAA6y37nbp

Score
10/10

Malware Config

Targets

    • Target

      2024-01-25_d62f04daf8a916aba6fa404fe18835a5_cryptolocker

    • Size

      46KB

    • MD5

      d62f04daf8a916aba6fa404fe18835a5

    • SHA1

      96580256d98de70a7e49ca5593cfea26d17da332

    • SHA256

      b0b814fc7085583a9adc41e3402e3349913ebeeccee99845dcb9391d51e5d8c3

    • SHA512

      9f0bcddfa43e3b9b8e846a5bd7b183b0c968d2b6d3d85a5c2aaad5424c556d0d924f83f785b14f9af5d1576b04879d2c2e2cc371ff9f6321619e6a696ab2c774

    • SSDEEP

      768:bgX4zYcgTEu6QOaryfjqDlC6JFbK37YbDu5z/hDd:bgGYcA/53GAA6y37nbp

    Score
    10/10
    • Kinsing

      Kinsing is a loader written in Golang.

    • Detection of CryptoLocker Variants

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks