General

  • Target

    2024-03-24_32616feb5060e95a650f742e2243a043_gandcrab

  • Size

    83KB

  • MD5

    32616feb5060e95a650f742e2243a043

  • SHA1

    f808294e16d034011a1215a672abf08f006b66f7

  • SHA256

    203dab518094a0ddcadb655dde956fd19da8f26bfeddecd4767e24d21a9a8d21

  • SHA512

    2d5392fbc3dcdb963c558b3aee73a7a83cbecb6d2bd59243360be25ba486b070d61efb3150e6155a35128d16006018d6bc6bc680a121d54852bc7263d4090eb1

  • SSDEEP

    1536:G55u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r5:sMSjOnrmBTMqqDL2/mr3IdE8we0Avu5l

Score
10/10

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Signatures

  • Detects ransomware indicator 1 IoCs
  • GandCrab payload 1 IoCs
  • Gandcrab Payload 1 IoCs
  • Gandcrab family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-03-24_32616feb5060e95a650f742e2243a043_gandcrab
    .exe windows:5 windows x86 arch:x86

    40306b615af659fc1f93cfb121cc38d9


    Headers

    Imports

    Sections