Overview

overview

10

Static

static

10

2024-06-15...ab.exe

windows7-x64

10

2024-06-15...ab.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-06-15_3c996d084d9ea81bbf7d8a3482be2732_gandcrab

  • Size

    97KB

  • MD5

    3c996d084d9ea81bbf7d8a3482be2732

  • SHA1

    22adae3ee88dabb3d06a8a5907a580b796f49300

  • SHA256

    5e217b304848ca933e10ce2e0c6db202bbbec0ea37ecbe3df0544b4412167227

  • SHA512

    a6aef88c3c70153d091135153de9c8c1572c8a0d790e35a667b87dced233c208356a17a918a5efd2ab05060e671056d13081dc780988e3f3defd1709d06511eb

  • SSDEEP

    1536:XZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAlMqqU+2bbbAV2/S2LNmHkf:fBounVyFHkMqqDL2/LgHkctc

Score
10/10
upxgandcrab

Malware Config

Signatures

  • Detects Reflective DLL injection artifacts 1 IoCs
  • Detects ransomware indicator 1 IoCs
  • GandCrab payload 1 IoCs
  • Gandcrab Payload 1 IoCs
  • Gandcrab family
    gandcrab
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-06-15_3c996d084d9ea81bbf7d8a3482be2732_gandcrab
    .exe windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections