General
-
Target
2024-01-25_28cefed9c92a884d2f86fc72c1dc844c_cryptolocker
-
Size
43KB
-
Sample
240125-wa8zhachcn
-
MD5
28cefed9c92a884d2f86fc72c1dc844c
-
SHA1
5f8a38246fa5e1fb88dd0954294eaafdda4208f4
-
SHA256
e0c56bedf72b3d32cd5d0f793d062bde103cb3265ee6cb92f392337eda598300
-
SHA512
79fac09b03aa6b02e6e5a0c918534241041ee27cf707a90bb171698b547d7db2cafc1324aea6f12df067067bcb1a85a5fe4401e30c461d56c72fa6a69c26ec3a
-
SSDEEP
768:Kf1K2exg2kBwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGGpebVIYLHA3Kxp:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XA
Malware Config
Targets
-
-
Target
2024-01-25_28cefed9c92a884d2f86fc72c1dc844c_cryptolocker
-
Size
43KB
-
MD5
28cefed9c92a884d2f86fc72c1dc844c
-
SHA1
5f8a38246fa5e1fb88dd0954294eaafdda4208f4
-
SHA256
e0c56bedf72b3d32cd5d0f793d062bde103cb3265ee6cb92f392337eda598300
-
SHA512
79fac09b03aa6b02e6e5a0c918534241041ee27cf707a90bb171698b547d7db2cafc1324aea6f12df067067bcb1a85a5fe4401e30c461d56c72fa6a69c26ec3a
-
SSDEEP
768:Kf1K2exg2kBwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGGpebVIYLHA3Kxp:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XA
Score10/10-
Kinsing
Kinsing is a loader written in Golang.
-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-