General
-
Target
3f360e06cab641849ccbe123e0bbe7ab.exe
-
Size
2.1MB
-
Sample
230322-xsnxqacf9z
-
MD5
3f360e06cab641849ccbe123e0bbe7ab
-
SHA1
a7990f433ab8745c25ed8e2a6634f1b81d77d466
-
SHA256
8109b95b342d5d5e160d4c80742fbab59e1987eca6ecbb083853551d87415e44
-
SHA512
d9442faead7dc5b2ec52aeabf1e4996981d53c4f09c585a14769d7fc88d3a60fbc5926a9077de73eb9b53ae1c75c4196c93fe0a6ccd8bef8174703f5fbd3fb75
-
SSDEEP
49152:EGlJfskIIiXlZsE2EceOGQJLw3Y2oMgDBFQM0sB5dlLYp:5w1s/EVHYRMgNFQns3PYp
Static task
static1
Behavioral task
behavioral1
Sample
3f360e06cab641849ccbe123e0bbe7ab.exe
Resource
win7-20230220-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
3f360e06cab641849ccbe123e0bbe7ab.exe
-
Size
2.1MB
-
MD5
3f360e06cab641849ccbe123e0bbe7ab
-
SHA1
a7990f433ab8745c25ed8e2a6634f1b81d77d466
-
SHA256
8109b95b342d5d5e160d4c80742fbab59e1987eca6ecbb083853551d87415e44
-
SHA512
d9442faead7dc5b2ec52aeabf1e4996981d53c4f09c585a14769d7fc88d3a60fbc5926a9077de73eb9b53ae1c75c4196c93fe0a6ccd8bef8174703f5fbd3fb75
-
SSDEEP
49152:EGlJfskIIiXlZsE2EceOGQJLw3Y2oMgDBFQM0sB5dlLYp:5w1s/EVHYRMgNFQns3PYp
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-