Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_e7fb8607ddc8db464294f6e6e0699189_cryptolocker

  • Size

    148KB

  • Sample

    240125-v8zytacgfn

  • MD5

    e7fb8607ddc8db464294f6e6e0699189

  • SHA1

    5f471569277efbae5621ca0d93cd32eb6b6b48a2

  • SHA256

    5c474ad42b81c52eb39151e3fdfd345865c4ee6bb23c16d41d21f65fbf9240af

  • SHA512

    68a4b3786ef4ccf6ba2da75bdc360c239d92e6bbdf3abf23c5b51ee5213e4f7ca99d2e9a53d142c7eed52058dd89abacb0234453602d5003486db3bb91053780

  • SSDEEP

    1536:V6QFElP6n+gMQMOtEvwDpjQGYQbxGYQbxGYQbPlooHPPFYfN:V6a+pOtEvwDpjt22M

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_e7fb8607ddc8db464294f6e6e0699189_cryptolocker

    • Size

      148KB

    • MD5

      e7fb8607ddc8db464294f6e6e0699189

    • SHA1

      5f471569277efbae5621ca0d93cd32eb6b6b48a2

    • SHA256

      5c474ad42b81c52eb39151e3fdfd345865c4ee6bb23c16d41d21f65fbf9240af

    • SHA512

      68a4b3786ef4ccf6ba2da75bdc360c239d92e6bbdf3abf23c5b51ee5213e4f7ca99d2e9a53d142c7eed52058dd89abacb0234453602d5003486db3bb91053780

    • SSDEEP

      1536:V6QFElP6n+gMQMOtEvwDpjQGYQbxGYQbxGYQbPlooHPPFYfN:V6a+pOtEvwDpjt22M

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks