General

  • Target

    d36c306369f006586a5a84135e565aa5.bin

  • Size

    73KB

  • MD5

    d36c306369f006586a5a84135e565aa5

  • SHA1

    39277e1a815a29c84e76586a50a47e501a9a48cd

  • SHA256

    cdad6ce85c8c10d60744dffee53ace8a92b7e1e8527fc985cc311f26474a910b

  • SHA512

    de5834d86cfc03e0f0664ff908990a2957d929fcbe0fc6d4fee7e3483b2b45b55d5a09727244d0ee5208367fb4267b390bff2aefcfbd3971cebb9ea12ea018d0

  • SSDEEP

    1536:agSeGDjtQhnwmmB0yjMqqUM2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:aMSjOnrmBbMqqMmr3IdE8we0Avu5r++N

Score
10/10

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Signatures

  • GandCrab payload 1 IoCs
  • Gandcrab family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d36c306369f006586a5a84135e565aa5.bin
    .exe windows:5 windows x86 arch:x86

    40306b615af659fc1f93cfb121cc38d9


    Headers

    Imports

    Sections