Overview

overview

10

Static

static

10

2024-06-20...ab.exe

windows7-x64

10

2024-06-20...ab.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-06-20_1967cda21d6cdb6830eede4ab6077a85_gandcrab

  • Size

    99KB

  • MD5

    1967cda21d6cdb6830eede4ab6077a85

  • SHA1

    178202542bd7a43c51da5d3ebcc5661cf338040c

  • SHA256

    937c6c1673d1f1db9a5da93fa7497b38f5f733fc7a79f6d26a4fecf2af101329

  • SHA512

    bc4bf0b5fc8bbff6173862c80bbeb04bc1789772d1956e70ac643f6ec0a123fb794400bc056d86130338eb6923ce3f32c7e93d24dc99543de483cb4dc8cb72f3

  • SSDEEP

    3072:jMSjOnrmBIMqqDL2/mr3IdE8we0Avu5r++ygLIaaypQ8CrS6:jXjOnr6jqqDL6aprYS6

Score
10/10
upxgandcrab

Malware Config

Extracted

Family

gandcrab

C2

http://gdcbghvjyqy7jclk.onion.top/

Signatures

  • Detects ransomware indicator 1 IoCs
  • GandCrab payload 1 IoCs
  • Gandcrab Payload 1 IoCs
  • Gandcrab family
    gandcrab
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-06-20_1967cda21d6cdb6830eede4ab6077a85_gandcrab
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections