gcleaner | 2e5b1d28e107e94110199d3351934fd4a81fb740322a85eeb2a0944ee7a29b16 | Triage

Submit
Reports

Overview

overview

Static

static

1

OitFiles450.exe

windows7-x64

OitFiles450.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

OitFiles450.exe
Size

1.9MB
Sample

230206-h9jxrsfh8t
MD5

9a78d8ecea8ffc07a876d89890834c52
SHA1

b2696d7a7157ad116e0e562f3bac8f7bb7878784
SHA256

2e5b1d28e107e94110199d3351934fd4a81fb740322a85eeb2a0944ee7a29b16
SHA512

6270bf4172a432e15a4db1cdfb16ca3bacd1ea04bf4794f8d73789b372326243327132f9ed33f336d4aba47f878ee4cd403d2c3d0a1a68b285208d3258073e8c
SSDEEP

24576:mU0h+mosggSWGkj9Z/9Hy1LYclZf7ii1UqTTRfiTvoCwGLem:J1mosggSWGkTQiQf7lPnRovEAZ

Score

10^/10

gcleaner loader

Static task

static1

Behavioral task

behavioral1

Sample

OitFiles450.exe

Resource

win7-20221111-en

gcleaner loader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

OitFiles450.exe

Resource

win10v2004-20221111-en

gcleaner loader

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

gcleaner

C2

45.139.105.171

85.31.46.167

107.182.129.235

171.22.30.106

Targets

- Target
  
  OitFiles450.exe
- Size
  
  1.9MB
- MD5
  
  9a78d8ecea8ffc07a876d89890834c52
- SHA1
  
  b2696d7a7157ad116e0e562f3bac8f7bb7878784
- SHA256
  
  2e5b1d28e107e94110199d3351934fd4a81fb740322a85eeb2a0944ee7a29b16
- SHA512
  
  6270bf4172a432e15a4db1cdfb16ca3bacd1ea04bf4794f8d73789b372326243327132f9ed33f336d4aba47f878ee4cd403d2c3d0a1a68b285208d3258073e8c
- SSDEEP
  
  24576:mU0h+mosggSWGkj9Z/9Hy1LYclZf7ii1UqTTRfiTvoCwGLem:J1mosggSWGkTQiQf7lPnRovEAZ
Score

10^/10

gcleaner loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy