kinsing | 2ce181456f1c9ab60f789e29b5290e53bee1bfe021636c109595dae0211538c5 | Triage

Submit
Reports

Overview

overview

Static

static

2024-01-25...er.exe

windows7-x64

9

2024-01-25...er.exe

windows10-2004-x64

Sharing

General

Target

2024-01-25_5ef553290eefdf29a58decf9ce6e36b3_cryptolocker
Size

71KB
Sample

240125-wff6nsdael
MD5

5ef553290eefdf29a58decf9ce6e36b3
SHA1

5e62c82bdee69dc57db8cf2f5e3521c71061d5f3
SHA256

2ce181456f1c9ab60f789e29b5290e53bee1bfe021636c109595dae0211538c5
SHA512

3f062302e3f671bdb28f20c75ee56bd6d908ac32533ff848b5f43b8f87277bd2275ae42198010d7e760762ef8fc0c3dff451f0edce9efe351530a29e4fd321c9
SSDEEP

1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1bb:X6a+SOtEvwDpjBZYvQd2H

Score

10^/10

kinsing loader

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2024-01-25_5ef553290eefdf29a58decf9ce6e36b3_cryptolocker.exe

Resource

win7-20231129-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-01-25_5ef553290eefdf29a58decf9ce6e36b3_cryptolocker.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-01-25_5ef553290eefdf29a58decf9ce6e36b3_cryptolocker
- Size
  
  71KB
- MD5
  
  5ef553290eefdf29a58decf9ce6e36b3
- SHA1
  
  5e62c82bdee69dc57db8cf2f5e3521c71061d5f3
- SHA256
  
  2ce181456f1c9ab60f789e29b5290e53bee1bfe021636c109595dae0211538c5
- SHA512
  
  3f062302e3f671bdb28f20c75ee56bd6d908ac32533ff848b5f43b8f87277bd2275ae42198010d7e760762ef8fc0c3dff451f0edce9efe351530a29e4fd321c9
- SSDEEP
  
  1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1bb:X6a+SOtEvwDpjBZYvQd2H
Score

10^/10

kinsing loader
- Kinsing
  Kinsing is a loader written in Golang.
  loader kinsing
- Detection of CryptoLocker Variants
- Detection of Cryptolocker Samples
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy