Extracted

• • Target

    file.exe

  • Size

    3.5MB

  • MD5

    118071bd80465e63f67ef706fe232eee

  • SHA1

    7e7b5a884d9f67b60c9337fffa9d798182ae5352

  • SHA256

    4fa2e40e4f3d1979769b39b358e234db112ba64fa2296234d016052ce59fc225

  • SHA512

    f9c89187788dc967d65f9a224c7a27e6a10e3371bad7d79c2bf353cbed5092968821361ce280f9a13785f69cbcd77377ab8a54adbe95447db109092b879d33f0

  • SSDEEP

    98304:JHsel+0yPv4aPW5UoKC3JUulAYElT3c5Tev2MR:dNl+0I/IKVlYElTlvjR

  Score

  10^/10

  gcleanerdiscoveryloader

  • GCleaner

    GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    loadergcleaner

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2