Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    3.2MB

  • Sample

    230213-jlzhzsbg65

  • MD5

    25749bf7523b6b1a24b10cb10be6be5b

  • SHA1

    c6595c33b79f78722b1db6b97fff8ea9aed914dc

  • SHA256

    699f44342466c7424f7942aa1f476b2565eb741b37f6c26ebb9b6c03cde91b66

  • SHA512

    3e9acc348d02c1258205867e17890f6cd880df64204290e23774ea664c9d3f808a5242dfcf8ae5a1c7e4c612871b606042ee147bcc292f5b45eb7418f5008840

  • SSDEEP

    49152:rdHan0o1h33vMpZVunS9KNNZ0FL/czGkra0G9MrjK3Nzjk+5qraLCgv2MR:JHVo1hn4oNOpEz1zGawtXYmv2MR

Score
10/10
gcleanerdiscoveryloader

Malware Config

Extracted

Family

gcleaner

C2

45.12.253.56

45.12.253.72

45.12.253.98

45.12.253.75

Targets

    • Target

      file.exe

    • Size

      3.2MB

    • MD5

      25749bf7523b6b1a24b10cb10be6be5b

    • SHA1

      c6595c33b79f78722b1db6b97fff8ea9aed914dc

    • SHA256

      699f44342466c7424f7942aa1f476b2565eb741b37f6c26ebb9b6c03cde91b66

    • SHA512

      3e9acc348d02c1258205867e17890f6cd880df64204290e23774ea664c9d3f808a5242dfcf8ae5a1c7e4c612871b606042ee147bcc292f5b45eb7418f5008840

    • SSDEEP

      49152:rdHan0o1h33vMpZVunS9KNNZ0FL/czGkra0G9MrjK3Nzjk+5qraLCgv2MR:JHVo1hn4oNOpEz1zGawtXYmv2MR

    Score
    10/10
    gcleanerdiscoveryloader

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks