General

  • Target

    2024-01-25_d8bfcf526204c125175c6464a95a85fc_cryptolocker

  • Size

    82KB

  • Sample

    240125-v7zxesbha8

  • MD5

    d8bfcf526204c125175c6464a95a85fc

  • SHA1

    bbacfed023311f2946b02aa1bd18be4a0e4cbbd0

  • SHA256

    080dcc93111a9aae10255f9d459556f588c631758196e9d8fc3580d7da9d02a8

  • SHA512

    b977bf9f90febca34a5662e84c0ee8df9168196ce2051ab7df26243dccc303b1bc137e6937631eeeeef9548dcb5e04dfaf0dfe865e91df1a37cc6178d07af4e4

  • SSDEEP

    768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLa5VccPtNw5CS95yFPFHn:V6QFElP6n+gMQMOtEvwDpjyaLccVNlr

Score
10/10

Malware Config

Targets

    • Target

      2024-01-25_d8bfcf526204c125175c6464a95a85fc_cryptolocker

    • Size

      82KB

    • MD5

      d8bfcf526204c125175c6464a95a85fc

    • SHA1

      bbacfed023311f2946b02aa1bd18be4a0e4cbbd0

    • SHA256

      080dcc93111a9aae10255f9d459556f588c631758196e9d8fc3580d7da9d02a8

    • SHA512

      b977bf9f90febca34a5662e84c0ee8df9168196ce2051ab7df26243dccc303b1bc137e6937631eeeeef9548dcb5e04dfaf0dfe865e91df1a37cc6178d07af4e4

    • SSDEEP

      768:V6LsoEEeegiZPvEhHSG+gDYQtOOtEvwDpj/MLa5VccPtNw5CS95yFPFHn:V6QFElP6n+gMQMOtEvwDpjyaLccVNlr

    Score
    10/10
    • Kinsing

      Kinsing is a loader written in Golang.

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks