Overview

overview

10

Static

static

10

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-01-25_120f510165c503b25eeb8fc35f2b6795_cryptolocker

  • Size

    59KB

  • Sample

    240125-vx12qscdgp

  • MD5

    120f510165c503b25eeb8fc35f2b6795

  • SHA1

    0de1f337da210dcec7eab09afbb0e7268605af78

  • SHA256

    50763460bc266ef8b35103d0c54aeb66e457b445bf8b14e6f3deb09f3c349a0b

  • SHA512

    a27f6203898f2b44b45367c26e01b553870afaddecf591866b3db9a2e099b033d8bf658e79b9a30cc0e1684f87c8100d686d314f5b0cbe019486e8663f8ddfa9

  • SSDEEP

    1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMI:TCjsIOtEvwDpj5HE/OUHnSMv

Score
10/10
kinsingloader

Malware Config

Targets

    • Target

      2024-01-25_120f510165c503b25eeb8fc35f2b6795_cryptolocker

    • Size

      59KB

    • MD5

      120f510165c503b25eeb8fc35f2b6795

    • SHA1

      0de1f337da210dcec7eab09afbb0e7268605af78

    • SHA256

      50763460bc266ef8b35103d0c54aeb66e457b445bf8b14e6f3deb09f3c349a0b

    • SHA512

      a27f6203898f2b44b45367c26e01b553870afaddecf591866b3db9a2e099b033d8bf658e79b9a30cc0e1684f87c8100d686d314f5b0cbe019486e8663f8ddfa9

    • SSDEEP

      1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMI:TCjsIOtEvwDpj5HE/OUHnSMv

    Score
    10/10
    kinsingloader

    • Kinsing

      Kinsing is a loader written in Golang.

      loaderkinsing

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks