Are you encrypting these files for yourself or for transport to another party?

Both ccrypt and GPG offer AES encryption, however internally ccrpyt does not implement several security best practices including salting passphrases. [1] GPG does salt passphrases [2].

GPG makes it easy to encrypt and send files to another party by using public key cryptography. You can email each other public keys and they verify fingerprints over the phone. Internally GPG often uses AES encryption (depending on crypto method negotiation so both sides support it) and then encrypts the AES key with Public Key cryptography such as RSA. This makes it easy so you don't need to securely send a 128 or 256bit key to your recipient to allow them to decrypt.

Example, AES 256-bit passphrase with appropriate ~260 bits entropy
f2@+4mhaq@6W?cM:477D|87pJe\CbOVPTO!HCa8\|`FyX

GPG is much more mature with researches actively attacking it for years and fixing issues. For example, they reduced the code leaking information through side-channel attacks.

[1] https://crypto.stackexchange.com/questions/24163/ccrypt-and-its-security

[2] https://security.stackexchange.com/questions/15632/what-is-purpose-of-s2k-gnupg-options