General

  • Target

    2024-01-25_dfe4ac26d67ee8f3875ce51437e0c467_cryptolocker

  • Size

    55KB

  • Sample

    240125-v8jxlabhb9

  • MD5

    dfe4ac26d67ee8f3875ce51437e0c467

  • SHA1

    34191f01a7c809c31f1b99869691ce0f099f0b79

  • SHA256

    1e2a374f545f19b6b22751173a65cd86c8f4e61088c8765a39fa4498d59873a2

  • SHA512

    8f53071f76dcf82d358afb18c12e6ac0ca6cb90ce306667bd816884d53f9a678311d7e4e71c260b9f56a3c53f89a3a7ef9424d364768a41812db41fd9eff07b3

  • SSDEEP

    768:79inqyNR/QtOOtEvwDpjBK/iVTab3GRuv3VylsPxAt:79mqyNhQMOtEvwDpjBPY7xv3gy52

Score
10/10

Malware Config

Targets

    • Target

      2024-01-25_dfe4ac26d67ee8f3875ce51437e0c467_cryptolocker

    • Size

      55KB

    • MD5

      dfe4ac26d67ee8f3875ce51437e0c467

    • SHA1

      34191f01a7c809c31f1b99869691ce0f099f0b79

    • SHA256

      1e2a374f545f19b6b22751173a65cd86c8f4e61088c8765a39fa4498d59873a2

    • SHA512

      8f53071f76dcf82d358afb18c12e6ac0ca6cb90ce306667bd816884d53f9a678311d7e4e71c260b9f56a3c53f89a3a7ef9424d364768a41812db41fd9eff07b3

    • SSDEEP

      768:79inqyNR/QtOOtEvwDpjBK/iVTab3GRuv3VylsPxAt:79mqyNhQMOtEvwDpjBPY7xv3gy52

    Score
    10/10
    • Kinsing

      Kinsing is a loader written in Golang.

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks