Overview

overview

10

Static

static

10

202406189a...ab.exe

windows7-x64

10

202406189a...ab.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    202406189adc543a5e85943b579143340e0ac858gandcrab

  • Size

    99KB

  • MD5

    9adc543a5e85943b579143340e0ac858

  • SHA1

    8dc071b878d26b7cfa6d5f886ef19ca61d8b27c8

  • SHA256

    73fd8463f16eb8dcc57604894e92e8a73b61102793f8bb35e0f3011d6d22f6cd

  • SHA512

    7fe1381423b7f8462ecc6801109ec0bdca56501a485a69af2034390907e0ea6105b2d8916a9574839d5a1dbc35c73b8ecbb0d1fb8d9dd940c692121b7076947e

  • SSDEEP

    3072:XMSjOnrmBIMqqDL2/mr3IdE8we0Avu5r++ygLIaaypQ8CrS6:XXjOnr6jqqDL6aprYS6

Score
10/10
upxgandcrab

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Signatures

  • GandCrab payload 1 IoCs
  • Gandcrab family
    gandcrab
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 202406189adc543a5e85943b579143340e0ac858gandcrab
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections