Static task
static1
Behavioral task
behavioral1
Sample
872bf2c276fe3242513c2ed1b254a5ab3c0dea273dde944c05b711697811753f.sample.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
872bf2c276fe3242513c2ed1b254a5ab3c0dea273dde944c05b711697811753f.sample.exe
Resource
win11
Behavioral task
behavioral3
Sample
872bf2c276fe3242513c2ed1b254a5ab3c0dea273dde944c05b711697811753f.sample.exe
Resource
win10-en-20210920
General
-
Target
sample1.zip
-
Size
80KB
-
MD5
2c112897a40cafed56cb84522a5daaf7
-
SHA1
4b1ced5dc5f01133a0bfc925b66fe34a3bf9e975
-
SHA256
d291fc899f31591a3acdd91c7f0f5199384e2b587234157a0c0ec9d05e93cefd
-
SHA512
233c075be1f25f8029ff477097812ab9623e9d50531342c33003f2471212178575a38b9c3a3df8aeaf855bd538e7aee5f7923ee238f94adef1683d7401c974b8
Malware Config
Signatures
-
GandCrab Payload 1 IoCs
Processes:
resource yara_rule static1/unpack001/872bf2c276fe3242513c2ed1b254a5ab3c0dea273dde944c05b711697811753f.sample family_gandcrab -
Gandcrab family
Files
-
sample1.zip.zip
Password: infected
-
872bf2c276fe3242513c2ed1b254a5ab3c0dea273dde944c05b711697811753f.sample.exe windows x86