General
-
Target
file.exe
-
Size
2.1MB
-
Sample
230323-b1tbhsef6v
-
MD5
c33390795c21a5074432d7b94205946d
-
SHA1
07e45eb6b1ce624b48ca11f3a9dac4a7b9c98f74
-
SHA256
5621cd4a0de05cddb766e3cfb98392bf50f6ee2e9f9befc62e9961788e193c22
-
SHA512
4a112a5b9955d91ec4d64c02fe2d4f5ba3951db6971d960de47a03e7860dd410a8ea8d7295601e62def747b3c9f4210daadce85746d2d7a2cd004ecccc5a5009
-
SSDEEP
49152:EGlJfsg0r9MIYviL2AKwX3Xb0c0hDfcCdicsGcxhSnTj6fgkBVEOM5dlLYp:5ArS9uKwwc5msGySHkBSOmPYp
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230220-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
file.exe
-
Size
2.1MB
-
MD5
c33390795c21a5074432d7b94205946d
-
SHA1
07e45eb6b1ce624b48ca11f3a9dac4a7b9c98f74
-
SHA256
5621cd4a0de05cddb766e3cfb98392bf50f6ee2e9f9befc62e9961788e193c22
-
SHA512
4a112a5b9955d91ec4d64c02fe2d4f5ba3951db6971d960de47a03e7860dd410a8ea8d7295601e62def747b3c9f4210daadce85746d2d7a2cd004ecccc5a5009
-
SSDEEP
49152:EGlJfsg0r9MIYviL2AKwX3Xb0c0hDfcCdicsGcxhSnTj6fgkBVEOM5dlLYp:5ArS9uKwwc5msGySHkBSOmPYp
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-