General

  • Target

    2024-03-22_d2fcf39bae18f66d0894643dac9bac60_gandcrab

  • Size

    73KB

  • MD5

    d2fcf39bae18f66d0894643dac9bac60

  • SHA1

    48e59d13a65255dfe0c28bcdf02abdcbcb9f0d9f

  • SHA256

    6849f3866539bdef89ef62226c0ece403346f2b1792d60827948db498bec2ee8

  • SHA512

    87ab6b39935f00cf91fcc9ba95b8b1c7102410f1c3616397cb8d9336ad460f9f532444f82812419855210acf1bb54bd9fb03b0b48cc22d481100b51610931861

  • SSDEEP

    1536:T55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:PMSjOnrmBTMqqDL2/mr3IdE8we0Avu5F

Score
10/10

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Signatures

  • Detects ransomware indicator 1 IoCs
  • GandCrab payload 1 IoCs
  • Gandcrab Payload 1 IoCs
  • Gandcrab family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-03-22_d2fcf39bae18f66d0894643dac9bac60_gandcrab
    .exe windows:5 windows x86 arch:x86

    40306b615af659fc1f93cfb121cc38d9


    Headers

    Imports

    Sections