gcleaner | 0bae28922ad0fc2e5d92b6bf45fd23efb20c2639fafef7bcb0e12b642e2a9f5b | Triage

Submit
Reports

Overview

overview

Static

static

1

0bae28922a...5b.exe

windows7-x64

0bae28922a...5b.exe

windows10-2004-x64

Sharing

General

Target

0bae28922ad0fc2e5d92b6bf45fd23efb20c2639fafef7bcb0e12b642e2a9f5b.exe
Size

274KB
Sample

230323-a1g3tacd45
MD5

fc9d6c44a166ea2f7f93de619b904481
SHA1

e47a116cf55e7f3dbb141f0dc4b6c75875fec38a
SHA256

0bae28922ad0fc2e5d92b6bf45fd23efb20c2639fafef7bcb0e12b642e2a9f5b
SHA512

4a60cc0a48f6ec442e6244d9b1a488b6644e250f726631dab286470eee80ccc5f86296abcbacdda233d4f7dbc24973fd8e1476ad302dba21c2302bc9c8a72cf2
SSDEEP

6144:QgnrhUFa2TGI5Z6p+F8duWDHoGjiXECnrSenXJ0v:Qgnr/2TGI5Z6pjEWSBneen5u

Score

10^/10

gcleaner loader

Static task

static1

Behavioral task

behavioral1

Sample

0bae28922ad0fc2e5d92b6bf45fd23efb20c2639fafef7bcb0e12b642e2a9f5b.exe

Resource

win7-20230220-en

gcleaner loader

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

0bae28922ad0fc2e5d92b6bf45fd23efb20c2639fafef7bcb0e12b642e2a9f5b.exe

Resource

win10v2004-20230220-en

gcleaner loader

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

gcleaner

C2

45.12.253.56

45.12.253.72

45.12.253.98

45.12.253.75

Targets

- Target
  
  0bae28922ad0fc2e5d92b6bf45fd23efb20c2639fafef7bcb0e12b642e2a9f5b.exe
- Size
  
  274KB
- MD5
  
  fc9d6c44a166ea2f7f93de619b904481
- SHA1
  
  e47a116cf55e7f3dbb141f0dc4b6c75875fec38a
- SHA256
  
  0bae28922ad0fc2e5d92b6bf45fd23efb20c2639fafef7bcb0e12b642e2a9f5b
- SHA512
  
  4a60cc0a48f6ec442e6244d9b1a488b6644e250f726631dab286470eee80ccc5f86296abcbacdda233d4f7dbc24973fd8e1476ad302dba21c2302bc9c8a72cf2
- SSDEEP
  
  6144:QgnrhUFa2TGI5Z6p+F8duWDHoGjiXECnrSenXJ0v:Qgnr/2TGI5Z6pjEWSBneen5u
Score

10^/10

gcleaner loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy