gandcrab | 88eb3e058dc538f1df6dd361b7c07a8f683ec4fc18eca0db6153dff5b297e12e | Triage

Submit
Reports

Overview

overview

Static

static

2025-01-02...ab.exe

windows7-x64

2025-01-02...ab.exe

windows10-2004-x64

Sharing

General

Target

2025-01-02_8156536cef4671db835c9ecc5bd3c232_gandcrab
Size

78KB
Sample

250102-h6vj4azqfx
MD5

8156536cef4671db835c9ecc5bd3c232
SHA1

1f40c66bf428fcb85f47b52f0851d4cdab63c6bb
SHA256

88eb3e058dc538f1df6dd361b7c07a8f683ec4fc18eca0db6153dff5b297e12e
SHA512

6c47183f847b4bceec2de1b2ec286744b740ebd0f7ec4751eb5bff2c28ca5778fa77af716bcab606f2183463054aeb0ee845de26c92e84ea0ccfbeb094110587
SSDEEP

1536:z55u555555555pmgSeGDjtQhnwmmB0ysMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r9:vMSjOnrmBUMqqDL2/mr3IdE8we0Avu5l

Score

10^/10

gandcrab backdoor discovery ransomware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2025-01-02_8156536cef4671db835c9ecc5bd3c232_gandcrab.exe

Resource

win7-20240903-en

gandcrab backdoor ransomware

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-01-02_8156536cef4671db835c9ecc5bd3c232_gandcrab.exe

Resource

win10v2004-20241007-en

gandcrab backdoor discovery ransomware

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Targets

- Target
  
  2025-01-02_8156536cef4671db835c9ecc5bd3c232_gandcrab
- Size
  
  78KB
- MD5
  
  8156536cef4671db835c9ecc5bd3c232
- SHA1
  
  1f40c66bf428fcb85f47b52f0851d4cdab63c6bb
- SHA256
  
  88eb3e058dc538f1df6dd361b7c07a8f683ec4fc18eca0db6153dff5b297e12e
- SHA512
  
  6c47183f847b4bceec2de1b2ec286744b740ebd0f7ec4751eb5bff2c28ca5778fa77af716bcab606f2183463054aeb0ee845de26c92e84ea0ccfbeb094110587
- SSDEEP
  
  1536:z55u555555555pmgSeGDjtQhnwmmB0ysMqqU+2bbbAV2/S2mr3IdE8mne0Avu5r9:vMSjOnrmBUMqqDL2/mr3IdE8we0Avu5l
Score

10^/10

gandcrab backdoor ransomware discovery
- GandCrab payload
- Gandcrab
  Gandcrab is a Trojan horse that encrypts files on a computer.
  ransomware backdoor gandcrab
- Gandcrab family
  gandcrab
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gandcrabbackdoorransomware

behavioral2

gandcrabbackdoordiscoveryransomware

© 2018-2025

Terms | Privacy