General

  • Target

    2024-03-24_f5ae70e55d03bb0949c7468b57fb6b55_gandcrab

  • Size

    73KB

  • MD5

    f5ae70e55d03bb0949c7468b57fb6b55

  • SHA1

    b395e00189728b5513661da5b8d47dd13f58b157

  • SHA256

    3002c16559d481c297b75fdcee04fbb6fc230b038fd25616f426e43dc06bd789

  • SHA512

    d503d2a415c234799e4697b3d4aeec92997156adbf49fde5a7cb64ea4320f9251f921f0a8635bed1a13069e7cffe91e3d6633f3ed880f14e345efe38d1ea7a81

  • SSDEEP

    1536:4555555555555pmgSeGDjtQhnwmmB0yYMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rx:VMSjOnrmBAMqqDL2/mr3IdE8we0Avu5h

Score
10/10

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Signatures

  • Detects ransomware indicator 1 IoCs
  • GandCrab payload 1 IoCs
  • Gandcrab Payload 1 IoCs
  • Gandcrab family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-03-24_f5ae70e55d03bb0949c7468b57fb6b55_gandcrab
    .exe windows:5 windows x86 arch:x86

    40306b615af659fc1f93cfb121cc38d9


    Headers

    Imports

    Sections