Overview

overview

10

Static

static

10

2024-03-31...ab.exe

windows7-x64

10

2024-03-31...ab.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-31_5596a69939d3678e292df3380844c409_gandcrab

  • Size

    147KB

  • MD5

    5596a69939d3678e292df3380844c409

  • SHA1

    390f667217c4a3681c9335c05ea0a6d45e47db4e

  • SHA256

    cc650c1080af25e9a1bea86e3d6b41509e62f11084b0fc9e44eb7b59c6e609b9

  • SHA512

    82ffa0ce037a60f3efbb3b6bc570c17a9917f3051a84c99d2801e346ca20dd95f8afbbef495e53eb343289f5567bf3c9e902dffe77c398bed8910f2b80b4b54a

  • SSDEEP

    3072:IBounVyFHFMqqDL2/LgHkc2U6FiPZ8aewZ2ql5f2J9lj:IqxHmqqDL6EHl2U6CbeOl5f2Fj

Score
10/10
upxgandcrab

Malware Config

Signatures

  • Detects Reflective DLL injection artifacts 1 IoCs
  • Detects ransomware indicator 1 IoCs
  • GandCrab payload 1 IoCs
  • Gandcrab Payload 1 IoCs
  • Gandcrab family
    gandcrab
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-03-31_5596a69939d3678e292df3380844c409_gandcrab
    .exe windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections