ioc[.]one - OSINT Cyber Threat Intelligence Database

GandCrab-5

Tags

country:	Croatia Spain
attack-pattern:	Data Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Powershell - T1086 Third-Party Software - T1072

Show in Graph

Common Information

Type	Value
UUID	b883dcb7-6fd8-4545-8807-0eec13410571
Fingerprint	f72643ba049612cb
Analysis status	DONE
Considered CTI value	1
Text language
Published	Sept. 24, 2018, 5:48 a.m.
Added to db	Jan. 18, 2023, 7:54 p.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	Шифровальщики-вымогатели The Digest "Crypto-Ransomware"
Title	GandCrab-5
Detected Hints/Tags/Attributes	50/2/113

Source URLs

	Redirection	Url
Details	Source	http://id-ransomware.blogspot.com/2018/09/gandcrab-5-ransomware.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	id-ransomware.blogspot.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	www.groupwine.fr
Details	Domain	8	www.fabbfoundation.gm
Details	Domain	8	www.cakav.hu
Details	Domain	4	www.billerimpex.com
Details	Domain	6	wpakademi.com
Details	Domain	4	vjccons.com.vn
Details	Domain	4	unnatimotors.in
Details	Domain	3	topstockexpert.su
Details	Domain	2	top-22.ru
Details	Domain	6	tommarmores.com.br
Details	Domain	5	test.theveeview.com
Details	Domain	4	smbardoli.org
Details	Domain	2	simetribilisim.com
Details	Domain	2	sherouk.com
Details	Domain	5	royal.by
Details	Domain	5	relectrica.com.mx
Details	Domain	6	pp-panda74.ru
Details	Domain	5	picusglancus.pl
Details	Domain	8	perovaphoto.ru
Details	Domain	1	ocsp.trust-provider.com
Details	Domain	2	ocsp.int-x3.letsencrypt.org
Details	Domain	2	ocsp.comodoca4.com
Details	Domain	8	oceanlinen.com
Details	Domain	6	nesten.dk
Details	Domain	1	mrngreens.com
Details	Domain	5	mauricionacif.com
Details	Domain	6	marketisleri.com
Details	Domain	2	lucides.co.uk
Details	Domain	4	krasnaypolyana123.ru
Details	Domain	7	koloritplus.ru
Details	Domain	2	isrg.trustid.ocsp.identrust.com
Details	Domain	4	hoteltravel2018.com
Details	Domain	2	hanaglobalholding.com
Details	Domain	7	h5s.vn
Details	Domain	2	graftedinn.us
Details	Domain	5	goodapd.website
Details	Domain	3	evotech.lu
Details	Domain	8	dna-cp.com
Details	Domain	2	diadelorgasmo.cl
Details	Domain	2	devdev.com.br
Details	Domain	5	cyclevegas.com
Details	Domain	8	cevent.net
Details	Domain	10	boatshowradio.com
Details	Domain	4	blokefeed.club
Details	Domain	3	bloghalm.eu
Details	Domain	5	big-game-fishing-croatia.hr
Details	Domain	3	bethel.com.ve
Details	Domain	7	bellytobabyphotographyseattle.com
Details	Domain	5	aurumwedding.ru
Details	Domain	7	asl-company.ru
Details	Domain	8	alem.be
Details	Domain	6	acbt.fr
Details	Domain	7	6chen.cn
Details	Domain	911	any.run
Details	Domain	110	exploit.in
Details	Domain	1	www.acartegrise.eu
Details	Domain	1	www.perovaphoto.ru
Details	Domain	1	www.asl-company.ru
Details	Domain	3	email.vccs.edu
Details	Domain	396	protonmail.com
Details	Domain	1	www.kakaocorp.link
Details	Email	2	ik253@email.vccs.edu
Details	Email	2	milesflannagan@protonmail.com
Details	File	2	-decrypt.html
Details	File	1	xmmfa-decrypt.html
Details	File	1	ibagx-decrypt.html
Details	File	1	qikka-decrypt.html
Details	File	1	my-new-play-composition.txt
Details	File	4	pidor.bmp
Details	File	240	wmic.exe
Details	File	1	dd0doq.jpg
Details	File	1	%s-decrypt.html
Details	File	1	%s-decrypt.txt
Details	File	2	krab-decrypt.html
Details	File	11	krab-decrypt.txt
Details	File	8	crab-decrypt.txt
Details	File	28	loader.exe
Details	File	1	winsvc32.exe
Details	File	1	randomld.exe
Details	File	1	c:\windows\t08606085085860\winsvc32.exe
Details	File	1	picusglancus.pl
Details	File	1	hznks-decrypt.txt
Details	CVE	92	cve-2018-4878
Details	CVE	106	cve-2018-8174
Details	Domain	179	www.torproject.org
Details	Domain	4	gandcrabmfe6mnef.onion
Details	Domain	1	memesmix.net
Details	Domain	5	malc0de.com
Details	Domain	5	zaeba.co.uk
Details	Domain	8	www.wash-wear.com
Details	Domain	3	www.rment.in
Details	Domain	8	www.poketeg.com
Details	Domain	6	www.perfectfunnelblueprint.com
Details	Domain	4	www.n2plus.co.th
Details	Domain	7	www.mimid.cz
Details	Domain	5	www.macartegrise.eu
Details	Domain	7	www.lagouttedelixir.com
Details	Domain	4	www.krishnagrp.com
Details	Domain	3	www.ismcrossconnect.com
Details	Domain	3	www.himmerlandgolf.dk
Details	File	4	-decrypt.txt
Details	File	1	hhfehiol-decrypt.txt
Details	File	1	umgunbnryf-decrypt.txt
Details	File	1	agfqzvoa-decrypt.txt
Details	File	1	gstdmcutby-decrypt.txt
Details	File	156	1.exe
Details	File	1	-manual.txt
Details	File	1	rsdzagwt-manual.txt
Details	File	1	lgeypws-manual.txt
Details	File	1	uqsnorzlpd-manual.txt
Details	Url	63	https://www.torproject.org
Details	Url	1	http://gandcrabmfe6mnef.onion/e499c8afc4ba3647
Details	Url	1	http://gandcrabmfe6mnef.onion/b99ffda26b799fa