General
-
Target
7c8bc88fc4dcde08fda121950b741607.bin
-
Size
2MB
-
Sample
230324-b5lr8sde2w
-
MD5
fb668596573581236ea3280ff3355d62
-
SHA1
81b15f11b88579e34e6de21212267b843e05ddda
-
SHA256
08ce08e41c6593a6a9907df7c20461f94de3fe3266abdfa65e671be3b3797e43
-
SHA512
91c08bbf3d00c74a3a8706128f1a3a2215e4f1484412e5b71c9982e66d84f0eda7c77a38bba641e89270674dddc681086c49458119911dc1e4d0844fcba99f84
-
SSDEEP
49152:7JDoeJN817ttSlbvW9xW3bakUesPgv+m6LChyxfEBzZ:VDoDSlSa+eSsX6LJyBzZ
Static task
static1
Behavioral task
behavioral1
Sample
1ed63828c472771cf59e95852088a702e381e3350d9c4cf831ca102d922e611a.exe
Resource
win7-20230220-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
1ed63828c472771cf59e95852088a702e381e3350d9c4cf831ca102d922e611a.exe
-
Size
2MB
-
MD5
7c8bc88fc4dcde08fda121950b741607
-
SHA1
e654e807674334967b738057ea6d21b827a0a01c
-
SHA256
1ed63828c472771cf59e95852088a702e381e3350d9c4cf831ca102d922e611a
-
SHA512
2e130aa52cb92282085583a893f29fd5af18cc88dcb787235f44de20a287f2818ae71e92091e133a958f4947b3302b325d2592a2860dbf3361c51262098bbc97
-
SSDEEP
49152:EGlJfs/Qq/vsfccJReTkMBuyJ/WyFMHQh3qrDIHxAUZl1ufBDwPj5dlLYp:5mQq/vsfOu+OLw9yI/Zl1ma1PYp
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-