General
-
Target
3d5fafa9b49865b274fb47abbdd087cf9617003e56b27501292f535bf2f0cb18.zip
-
Size
285KB
-
Sample
230321-qrdxsscf8t
-
MD5
0c914a8e8bdbb6227b0b958fa80460e3
-
SHA1
6e14ebd52140b5905ed784638ae93e07a450327d
-
SHA256
3ffcec5986af1570ad016c8131cbf09bcc2158d7e1c5f70d7828b1d0effd09c4
-
SHA512
26cb219340f770195263dc6843b71bfd6637f92f8c41fc2d96e77cda507408268871f5f50d92b832c8ec6f204037fad467f53d6da3aa59ef29d3e99632538bcf
-
SSDEEP
6144:j5LeyXOcHppKeUF043EwoSb4GmzXnJbB/Iehqz4d1CEk8G:/j3ezUwHb4GGXJFIee4Dk8G
Static task
static1
Behavioral task
behavioral1
Sample
3d5fafa9b49865b274fb47abbdd087cf9617003e56b27501292f535bf2f0cb18.exe
Resource
win7-20230220-en
Malware Config
Extracted
gcleaner
45.139.105.171
85.31.46.167
107.182.129.235
171.22.30.106
Targets
-
-
Target
3d5fafa9b49865b274fb47abbdd087cf9617003e56b27501292f535bf2f0cb18.exe
-
Size
395KB
-
MD5
32b85e5061a27630ddea16c0d4f3f9a0
-
SHA1
821e6ab0fe1fe841cf9ba24b3fc838846b4785f4
-
SHA256
3d5fafa9b49865b274fb47abbdd087cf9617003e56b27501292f535bf2f0cb18
-
SHA512
b2c52fb67df7b28e15c24a25fca350057ca7aa9bb3fed3dd67cebe60a8b73f640de0ddea8057ec54aeddb28746e01799d13b79d860b788420aff66b851e09246
-
SSDEEP
6144:WkcteyLKfKtUdaXSc1l5JPIv5VR+ExfFtzM0sRQGHRbpLje1atpBYQW:WkjyWfKt5l5og4F20sXxbljaatUQW
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-