Overview

overview

10

Static

static

10

2024-01-25...ab.exe

windows7-x64

2024-01-25...ab.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-01-25_b0475764f3c4005d561eb980a12d4b0c_gandcrab

  • Size

    160KB

  • MD5

    b0475764f3c4005d561eb980a12d4b0c

  • SHA1

    26d6ee4322cb2737faa296c794272447e1ccc6bb

  • SHA256

    a182a49756bfea50d1a31f899b0cb635beab41974e912de8e6320a4ece9980c5

  • SHA512

    1679c29c809f0fc648ae272ce85d17c438aa853d499e72571dbff2768a24b7f8b2a79978938597ad7fdbe3b053b858e2ab3e69224a3384e09224f1e3269e5da7

  • SSDEEP

    3072:VLx71lq0m90MqqDL2/LHHkc2U6FiPZ8aewZ2ql5f2J9l:VFT4qqDL6LHl2U6CbeOl5f2F

Score
10/10
upxgandcrab

Malware Config

Signatures

  • Detects Reflective DLL injection artifacts 1 IoCs
  • Detects ransomware indicator 1 IoCs
  • GandCrab payload 1 IoCs
  • Gandcrab Payload 1 IoCs
  • Gandcrab family
    gandcrab
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-01-25_b0475764f3c4005d561eb980a12d4b0c_gandcrab
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections