General
-
Target
2024-05-23_c03aa3cfc65452a66c966ad0aa196992_gandcrab
-
Size
1020KB
-
MD5
c03aa3cfc65452a66c966ad0aa196992
-
SHA1
d65ba8b5aa3ecc8286567195e0243d7da079517b
-
SHA256
2556c49585aea90795a407ec12c3561aac3219bd85c8f8f3d8b8e9fd0e81451b
-
SHA512
c30d00c2c83487ffa91723e5aef4c31b9309e93d633e74de8cc90d36db63794f5cb2767c9096940cb5de76a4e4209aba73c181ffc6672b873099bbb63f330498
-
SSDEEP
6144:QGYCuZJ+Xpj2fXoVJeCQBCWsSElbW88EyMQ7/6FIWM/o:QSuZsQvWJzAsXo7/6uWMw
Score
10/10
Malware Config
Signatures
-
Detected LegionLocker ransomware 1 IoCs
Sample contains strings associated with the LegionLocker family.
-
Detects executables containing the string DcRatBy 1 IoCs
-
Detects executables packed with dotNetProtector 1 IoCs
-
Detects ransomware indicator 1 IoCs
-
Gandcrab Payload 1 IoCs
-
Legionlocker family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2024-05-23_c03aa3cfc65452a66c966ad0aa196992_gandcrab
Headers
Sections