Overview

overview

10

Static

static

10

2024-06-14...ab.exe

windows7-x64

10

2024-06-14...ab.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-06-14_209bd316f6dcaf9a58206f76b87af5b2_gandcrab

  • Size

    99KB

  • MD5

    209bd316f6dcaf9a58206f76b87af5b2

  • SHA1

    15f2392697334dc2791712c6dcd61374adca768b

  • SHA256

    2830b54cb2b856a599756249b155457ef4976944eb02b16176542c460e58848c

  • SHA512

    e64b388ef3fe9ac261b7629823360a2724f294c9df8cc4dc002d7307b2c818c59e23bed2ea1bacc4b5f3773fccda8925182c0445df7d1c448b7aa0191aa7ec6e

  • SSDEEP

    3072:fMSjOnrmBIMqqDL2/mr3IdE8we0Avu5r++ygLIaaypQ8CrS6e:fXjOnr6jqqDL6aprYS6e

Score
10/10
upxgandcrab

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Signatures

  • Detects ransomware indicator 1 IoCs
  • GandCrab payload 1 IoCs
  • Gandcrab Payload 1 IoCs
  • Gandcrab family
    gandcrab
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-06-14_209bd316f6dcaf9a58206f76b87af5b2_gandcrab
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections