gandcrab | 3753265dba97b2f6e64b3b188e3d3a52842570d346b96845b4a1797589e7c9bc | Triage

Sharing

General

Target

3753265dba97b2f6e64b3b188e3d3a52842570d346b96845b4a1797589e7c9bc
Size

69KB
MD5

1827c38b128762ed3427c61f01169783
SHA1

0d3e65c206ac45ffe594e89ef0d5c7af8ab537f6
SHA256

3753265dba97b2f6e64b3b188e3d3a52842570d346b96845b4a1797589e7c9bc
SHA512

0295a185a450d6ef8879cf76ced720de16fdf09f657c9bd50716037d5b8effd87a31cb84d78d2fa453aa051d908dc24faed09e0c3c5d5aa5e7730d106ef13caa
SSDEEP

1536:IZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAmMqqU+2bbbAV2/S2Lccu:GBounVyFHjMqqDL2/Lcc

Score

10^/10

gandcrab

Malware Config

Signatures

GandCrab Payload 1 IoCs

Processes:

resource yara_rule

sample family_gandcrab
Gandcrab family
gandcrab

Files

3753265dba97b2f6e64b3b188e3d3a52842570d346b96845b4a1797589e7c9bc
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

_ReflectiveLoader@0

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ