GANDCRAB Ransomware

Forum for analysis and discussion about malware.
Post Reply
711PartTimeJob
Posts: 9
Joined: Mon Feb 08, 2016 8:11 pm

GANDCRAB Ransomware

Post by 711PartTimeJob » Sun Nov 11, 2018 2:07 pm

The specific variant I have is version 5.0.4.
I found it included with a version of the fastfolders installer that is bundled with various malware.
Encrypted files are marked with a .lhvguht extension.
Sets the following wallpaper:
Image
MD5: de030d9ae03c9a8d2bee41c0df01ee4d
SHA-1: 1ebc7cb36a0f2d5b857de4f1c73f2c0b880c8629
SHA-256: a45bd4059d804b586397f43ee95232378d519c6b8978d334e07f6047435fe926
VT [34/66]: https://www.virustotal.com/#/file/a45bd ... 47435fe926
a45bd4059d804b586397f43ee95232378d519c6b8978d334e07f6047435fe926.zip
You do not have the required permissions to view the files attached to this post.

Post Reply