Threat Landscape Dashboard

Home

GandCrab 5 - Ransomware

The ransomware appends random extensions to encrypted files and directs the victim to an html file for instructions on how to decrypt infected files. The threat actor demands the ransom be paid in either Bitcoin or DASH. GandCrab 5 also scans network shares and mapped drives to find files to encrypt. The threat actors behind the ransomware use a variety of infection vectors including PowerShell, Botnets, Exploit Kits, Trojanized Programs, SpearPhishing, and Remote Desktop.

Name	Modified Date	Sources
GandCrab 5 - Ransomware	2019-04-25	https://securingtomorrow.mcafee.com/mcafee-labs/rapidly-evolving-ransomware-gandcrab-version-5-partners-with-crypter-service-for-obfuscation/ https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/gandcrab-ransomware/ https://kc.mcafee.com/corporate/index?page=content&id=PD25203 https://www.mcafee.com/enterprise/en-us/security-awareness/ransomware.html https://www.nomoreransom.org/en/index.html

Related Threats

Exploit Kits

Fallout Exploit Kit^/content/enterprise/en-us/threat-center/threat-landscape-dashboard/exploit-kits-details.fallout-exploit-kit.html

Campaigns

Ransomware

GandCrab 4 - Ransomware^/content/enterprise/en-us/threat-center/threat-landscape-dashboard/ransomware-details.gandcrab-4-ransomware.html

Featured Solutions

Explore Our Portfolio

Security Outcomes

Industries

Products

Featured Solutions

Explore Our Portfolio

MVISION Products

Services & Training

Threat Research

Our Researchers

Threat Landscape Dashboard

Tools

Contact Us

Resources

Downloads

Product Help

Connect with Us

Explore

Our Company

Our Efforts

Other Resources

Careers

Partnerships

Threat Landscape Dashboard

GandCrab 5 - Ransomware

Related Threats

Exploit Kits

Campaigns

Ransomware

Vulnerabilities

Choose your region