Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_e2c6498ef076124c4d73b91619de6245_cryptolocker

  • Size

    88KB

  • Sample

    240125-vk8k2sbca9

  • MD5

    e2c6498ef076124c4d73b91619de6245

  • SHA1

    388b167d0c5e2dfc6da27bd82d4dcfe9780705e9

  • SHA256

    15bdc7e1099487ee93935fca562a3a22d50c1154584f7228fa8fbe7db68c47f9

  • SHA512

    78e1157a683137823f1b40f1e1560413a2ce9e8e83c1f8cdcb4c090e9627774e2b014c92fa300d82236525a85b1ab61a5f65f69ef4af4a1c12aa4e96ef3d1ea8

  • SSDEEP

    1536:vj+jsMQMOtEvwDpj5H8u8rBN6nqEZNi1OkQNj:vCjsIOtEvwDpj5H8zPsH

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_e2c6498ef076124c4d73b91619de6245_cryptolocker

    • Size

      88KB

    • MD5

      e2c6498ef076124c4d73b91619de6245

    • SHA1

      388b167d0c5e2dfc6da27bd82d4dcfe9780705e9

    • SHA256

      15bdc7e1099487ee93935fca562a3a22d50c1154584f7228fa8fbe7db68c47f9

    • SHA512

      78e1157a683137823f1b40f1e1560413a2ce9e8e83c1f8cdcb4c090e9627774e2b014c92fa300d82236525a85b1ab61a5f65f69ef4af4a1c12aa4e96ef3d1ea8

    • SSDEEP

      1536:vj+jsMQMOtEvwDpj5H8u8rBN6nqEZNi1OkQNj:vCjsIOtEvwDpj5H8zPsH

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks