General

  • Target

    2024-01-25_5ef553290eefdf29a58decf9ce6e36b3_cryptolocker

  • Size

    71KB

  • Sample

    240125-wff6nsdael

  • MD5

    5ef553290eefdf29a58decf9ce6e36b3

  • SHA1

    5e62c82bdee69dc57db8cf2f5e3521c71061d5f3

  • SHA256

    2ce181456f1c9ab60f789e29b5290e53bee1bfe021636c109595dae0211538c5

  • SHA512

    3f062302e3f671bdb28f20c75ee56bd6d908ac32533ff848b5f43b8f87277bd2275ae42198010d7e760762ef8fc0c3dff451f0edce9efe351530a29e4fd321c9

  • SSDEEP

    1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1bb:X6a+SOtEvwDpjBZYvQd2H

Score
10/10

Malware Config

Targets

    • Target

      2024-01-25_5ef553290eefdf29a58decf9ce6e36b3_cryptolocker

    • Size

      71KB

    • MD5

      5ef553290eefdf29a58decf9ce6e36b3

    • SHA1

      5e62c82bdee69dc57db8cf2f5e3521c71061d5f3

    • SHA256

      2ce181456f1c9ab60f789e29b5290e53bee1bfe021636c109595dae0211538c5

    • SHA512

      3f062302e3f671bdb28f20c75ee56bd6d908ac32533ff848b5f43b8f87277bd2275ae42198010d7e760762ef8fc0c3dff451f0edce9efe351530a29e4fd321c9

    • SSDEEP

      1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1bb:X6a+SOtEvwDpjBZYvQd2H

    Score
    10/10
    • Kinsing

      Kinsing is a loader written in Golang.

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks