General

  • Target

    2024-05-06_e9ff99d6c5ae7adae5faec69aa17e9c8_gandcrab

  • Size

    74KB

  • MD5

    e9ff99d6c5ae7adae5faec69aa17e9c8

  • SHA1

    07e81d0ad568af661c705b45a38a5521478120d2

  • SHA256

    9e3a9f8977b38a52cfb40cc2b550f983406e7b29fe33d5d379acb20961140b13

  • SHA512

    35c266b302cfb30a657b5eeaa9e4ac980f80fe3c1a04bfd72a052e45cf9f63b4eb4966db451c147cc60a03a9dc06b0562f08c79cf27dcfe939e7242db42ead9d

  • SSDEEP

    1536:855u555555555pmgSeGDjtQhnwmmB0ybMqqU+2bbbAV2/S2mr3IdE8mne0Avu5rS:+MSjOnrmBTMqqDL2/mr3IdE8we0Avu5O

Score
10/10

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Signatures

  • Detects ransomware indicator 1 IoCs
  • GandCrab payload 1 IoCs
  • Gandcrab Payload 1 IoCs
  • Gandcrab family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-05-06_e9ff99d6c5ae7adae5faec69aa17e9c8_gandcrab
    .exe windows:5 windows x86 arch:x86

    40306b615af659fc1f93cfb121cc38d9


    Headers

    Imports

    Sections