General

  • Target

    49242b78bd6ec54d6b93362f89a6d08d_gandcrab_JC.exe

  • Size

    73KB

  • MD5

    49242b78bd6ec54d6b93362f89a6d08d

  • SHA1

    5e340d3a1669859f1ccdf156e06e2eee67eec694

  • SHA256

    97e770c79d5745d88f3c89b5f347901c39414745fa45c18ac5b76eb40cfddc54

  • SHA512

    21f4291dd1d01ece8c2376a5efcbca21992b0835d2bcec1a71034fed9378c877f5996707b133a818632fcbd44ae06787a6091076ff89ffd9fea0ef7787a3418f

  • SSDEEP

    1536:J55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:BMSjOnrmBTMqqDL2/mr3IdE8we0Avu5h

Score
10/10

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Signatures

  • GandCrab payload 1 IoCs
  • Gandcrab family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 49242b78bd6ec54d6b93362f89a6d08d_gandcrab_JC.exe
    .exe windows x86

    40306b615af659fc1f93cfb121cc38d9


    Headers

    Imports

    Sections