kinsing | bb58537367ab381abe58d5c50a0687ad5c3ceca2cd4065bbbd8ff0f41c5df49c | Triage

Submit
Reports

Overview

overview

Static

static

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

Sharing

General

Target

2024-01-25_3c24e5335e5e86b0856acde56d82ed5e_cryptolocker
Size

73KB
Sample

240125-vz5spscecq
MD5

3c24e5335e5e86b0856acde56d82ed5e
SHA1

fbf4143abc63fd93c2c2009f35070afc10e2fb57
SHA256

bb58537367ab381abe58d5c50a0687ad5c3ceca2cd4065bbbd8ff0f41c5df49c
SHA512

6b3872442870fdcaf1cdfc2e78b37ef85a5bd5eb11682d20baa48db324b7c3a663bcab94d6b044000beaa88efe5483b7c77d50b16cd0fa2cb28a7c6a2aaaac02
SSDEEP

1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1sdf:X6a+SOtEvwDpjBZYvQd2q

Score

10^/10

kinsing loader

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2024-01-25_3c24e5335e5e86b0856acde56d82ed5e_cryptolocker.exe

Resource

win7-20231215-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-01-25_3c24e5335e5e86b0856acde56d82ed5e_cryptolocker.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-01-25_3c24e5335e5e86b0856acde56d82ed5e_cryptolocker
- Size
  
  73KB
- MD5
  
  3c24e5335e5e86b0856acde56d82ed5e
- SHA1
  
  fbf4143abc63fd93c2c2009f35070afc10e2fb57
- SHA256
  
  bb58537367ab381abe58d5c50a0687ad5c3ceca2cd4065bbbd8ff0f41c5df49c
- SHA512
  
  6b3872442870fdcaf1cdfc2e78b37ef85a5bd5eb11682d20baa48db324b7c3a663bcab94d6b044000beaa88efe5483b7c77d50b16cd0fa2cb28a7c6a2aaaac02
- SSDEEP
  
  1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1sdf:X6a+SOtEvwDpjBZYvQd2q
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy