Static task
static1
Behavioral task
behavioral1
Sample
ca1381e1e5a506e5fc69278c6989249c5571dc59df872af69bdd4720a3219e93.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
ca1381e1e5a506e5fc69278c6989249c5571dc59df872af69bdd4720a3219e93.exe
Resource
win10-en-20211208
General
-
Target
ca1381e1e5a506e5fc69278c6989249c5571dc59df872af69bdd4720a3219e93
-
Size
996KB
-
MD5
be106f7d6f2f29724cfb0272c4f024f6
-
SHA1
9c902938348af34c7b7f3324bfa505ff981dec0d
-
SHA256
ca1381e1e5a506e5fc69278c6989249c5571dc59df872af69bdd4720a3219e93
-
SHA512
ad613be282d2f70661acd839feba5d87ec29bb6787d167512986a64371f2c396939b8ff458e750676e3921e79f15e42f11ed4e1dc297ff6a07443b5226478f5a
-
SSDEEP
6144:h4D6Q2NFCvFo8oNFMxyUxquyKCaI8ecZvWSBx/3:W6xNgvWpvSOuybB8TZeC3
Malware Config
Signatures
-
GandCrab Payload 1 IoCs
Processes:
resource yara_rule sample family_gandcrab -
Gandcrab family
Files
-
ca1381e1e5a506e5fc69278c6989249c5571dc59df872af69bdd4720a3219e93.exe windows x64
Code Sign
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
Size: 996KB - Virtual size: 996KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ