General

  • Target

    2024-03-26_abc9f8fd3313ad3734da8220277e8eeb_gandcrab

  • Size

    73KB

  • MD5

    abc9f8fd3313ad3734da8220277e8eeb

  • SHA1

    bb127136749d708b9b0b27d95ca2b126dfdc3660

  • SHA256

    206683edb04de91a963722dc2f7a9cfd9daed258572d42bcf6435dd5f263f590

  • SHA512

    ba0c84c2f97eb141988dca6487b6b30bce0d1ed5d8b84296f437061991b4ab0400cb1e135c3302403d351bff04606dd9cf4ff644f9d3963ff5b577e71351f6a9

  • SSDEEP

    1536:255u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rJ:8MSjOnrmBTMqqDL2/mr3IdE8we0Avu5F

Score
10/10

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Signatures

  • Detects ransomware indicator 1 IoCs
  • GandCrab payload 1 IoCs
  • Gandcrab Payload 1 IoCs
  • Gandcrab family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-03-26_abc9f8fd3313ad3734da8220277e8eeb_gandcrab
    .exe windows:5 windows x86 arch:x86

    40306b615af659fc1f93cfb121cc38d9


    Headers

    Imports

    Sections