GandCrab 5 - Ransomware

The ransomware appends random extensions to encrypted files and directs the victim to an html file for instructions on how to decrypt infected files. The threat actor demands $800 in either Bitcoin or DASH for the decryption key. GandCrab 5 also scans network shares and mapped drives to find files to encrypt. The threat actors behind the ransomware use a variety of infection vectors including PowerShell, Botnets, Exploit Kits, Trojanized Programs, SpearPhishing, and Remote Desktop.