General

  • Target

    2024-03-22_8dd9ef1ce4f28b82e7e4259e2fc03ccb_gandcrab

  • Size

    83KB

  • MD5

    8dd9ef1ce4f28b82e7e4259e2fc03ccb

  • SHA1

    0e8deef97ffced2a548edabf17c35eff5d706f4a

  • SHA256

    c4684688561cf6a6dbb356437d2845710cdc7a5e4b0f5ece98a32e1ab2a93991

  • SHA512

    9e5adaf8d9e48d2b7937d01dcf958a177591347e2aabe5054be68c32637a68c9627a1c5aa42b79dd378e8977c2d34f1ceeb415a99ec2e4c52141b1c91d40663b

  • SSDEEP

    1536:u55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r5:kMSjOnrmBTMqqDL2/mr3IdE8we0Avu5l

Score
10/10

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Signatures

  • Detects ransomware indicator 1 IoCs
  • GandCrab payload 1 IoCs
  • Gandcrab Payload 1 IoCs
  • Gandcrab family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-03-22_8dd9ef1ce4f28b82e7e4259e2fc03ccb_gandcrab
    .exe windows:5 windows x86 arch:x86

    40306b615af659fc1f93cfb121cc38d9


    Headers

    Imports

    Sections