General

  • Target

    2024-03-10_b8dccac6b7cf1778a3d0338ad9ffbd2f_gandcrab

  • Size

    88KB

  • MD5

    b8dccac6b7cf1778a3d0338ad9ffbd2f

  • SHA1

    c5df6947bf5c8ac3f0d9349698915f74572c5e48

  • SHA256

    feed2b7a29cc75225531d5bbc7e35afbfe79ce92cb4bd1477d75d3712890cb6a

  • SHA512

    d3a9dad4a380b6d9e3bd0bff558f0033527986109d7b67b438bb3c9f0d97426d05712118869a4867e45c78b843e8158af4dc4b437c97d85419cdc72607bd39f5

  • SSDEEP

    1536:2rsWDX9pwpQUMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:2jDX9pwzMqqDL2/mr3IdE8we0Avu5r+g

Score
10/10

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Signatures

  • Detects ransomware indicator 1 IoCs
  • GandCrab payload 1 IoCs
  • Gandcrab Payload 1 IoCs
  • Gandcrab family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-03-10_b8dccac6b7cf1778a3d0338ad9ffbd2f_gandcrab
    .exe windows:5 windows x86 arch:x86

    40306b615af659fc1f93cfb121cc38d9


    Headers

    Imports

    Sections