General

  • Target

    2024-03-24_dfeb91b62a93a9b723001be955601a40_gandcrab

  • Size

    88KB

  • MD5

    dfeb91b62a93a9b723001be955601a40

  • SHA1

    bca256b6275343c38d97ab0a9343ef484daf7329

  • SHA256

    c82f95569e6dd09f94955b83ae11d6427b3db465703badc4aecd824de9fb6e45

  • SHA512

    ca21faa0526419d4c6555364610e15f1ca2afb518907bc1d927762ecc4317e9096e7c63753402a1c7e4912d384110aa3b1273ab563997ed9e2550afb445476b3

  • SSDEEP

    1536:zrsWDX9pwpQUMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:zjDX9pwzMqqDL2/mr3IdE8we0Avu5r+g

Score
10/10

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Signatures

  • Detects ransomware indicator 1 IoCs
  • GandCrab payload 1 IoCs
  • Gandcrab Payload 1 IoCs
  • Gandcrab family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-03-24_dfeb91b62a93a9b723001be955601a40_gandcrab
    .exe windows:5 windows x86 arch:x86

    40306b615af659fc1f93cfb121cc38d9


    Headers

    Imports

    Sections