General

  • Target

    2024-02-13_9d386c2808faa94b04a1a5f1b7813228_gandcrab

  • Size

    97KB

  • MD5

    9d386c2808faa94b04a1a5f1b7813228

  • SHA1

    9254dc84a5a35fefab9bdd74e670fced2d344df8

  • SHA256

    8cfd9715406cd8409786876c269fe120d9092777a7b52debf572b93e86ffd72d

  • SHA512

    39063306a3ed67023948a82299f9dda1fa1aa797b3f252cf19089620c0de841d9505ed4234b76986203a7227d50da5a79055e94f1a327dfcde95e16552a2dddc

  • SSDEEP

    1536:wZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAEMqqU+2bbbAV2/S2LNmHkD:eBounVyFHFMqqDL2/LgHkc2

Score
10/10

Malware Config

Signatures

  • Detects Reflective DLL injection artifacts 1 IoCs
  • Detects ransomware indicator 1 IoCs
  • GandCrab payload 1 IoCs
  • Gandcrab Payload 1 IoCs
  • Gandcrab family
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-02-13_9d386c2808faa94b04a1a5f1b7813228_gandcrab
    .exe windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections