General
-
Target
file.exe
-
Size
2.9MB
-
Sample
230310-k82sasec2s
-
MD5
20937cee5e94b5848b1f1c845b5a6961
-
SHA1
8046f6136a62bd05b9cf2c443d0be3ab14e7c8e2
-
SHA256
49e393dd8488e547422062ebb1d6f81a0e25597b91961227c38756f0f36f189f
-
SHA512
199f78bfca7fdf848e13873deeb8026ac3e2eeb77bf6d3b52393e787932942d649c92de4fcdeb9d0890c55f175735faa4416c4c00cc5b9014d4df62de5ded37a
-
SSDEEP
49152:AGo4EIlCeDcoJHLo//us+DSaSZgc3jQ8F0EMEUICKZ0f9F5u++QVqZXN7ksRnPXL:do4j3q/f+DXNcc822zL08gUxOKz
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230220-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
file.exe
-
Size
2.9MB
-
MD5
20937cee5e94b5848b1f1c845b5a6961
-
SHA1
8046f6136a62bd05b9cf2c443d0be3ab14e7c8e2
-
SHA256
49e393dd8488e547422062ebb1d6f81a0e25597b91961227c38756f0f36f189f
-
SHA512
199f78bfca7fdf848e13873deeb8026ac3e2eeb77bf6d3b52393e787932942d649c92de4fcdeb9d0890c55f175735faa4416c4c00cc5b9014d4df62de5ded37a
-
SSDEEP
49152:AGo4EIlCeDcoJHLo//us+DSaSZgc3jQ8F0EMEUICKZ0f9F5u++QVqZXN7ksRnPXL:do4j3q/f+DXNcc822zL08gUxOKz
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-