General

  • Target

    2024-04-28_db370d524ad8012c235425f992086a28_gandcrab

  • Size

    88KB

  • MD5

    db370d524ad8012c235425f992086a28

  • SHA1

    903d7e7dfc02e883eeb11682a1c564afa6e3a30a

  • SHA256

    197eda78171fd6a7ec55cd113a4b77813f104056583f28f2f9df62e510b4509f

  • SHA512

    ea8ee24e58dd69ff820023b7b68418f6922e8fc20012e11e5ddb0c0de6056b6a036c91e9a04361020f00aea058226b38d68944a6d9a6295a3bbdaafdc8494fd4

  • SSDEEP

    1536:irsWDX9pwpQUMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r++yy7CA7GcIaapavdv:ijDX9pwzMqqDL2/mr3IdE8we0Avu5r+g

Score
10/10

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Signatures

  • Detects ransomware indicator 1 IoCs
  • GandCrab payload 1 IoCs
  • Gandcrab Payload 1 IoCs
  • Gandcrab family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-04-28_db370d524ad8012c235425f992086a28_gandcrab
    .exe windows:5 windows x86 arch:x86

    40306b615af659fc1f93cfb121cc38d9


    Headers

    Imports

    Sections