General
-
Target
3f360e06cab641849ccbe123e0bbe7ab.bin
-
Size
2.1MB
-
Sample
230324-bsv55sdd3w
-
MD5
d4f2312acb4808f330b400f3c579ff10
-
SHA1
cab94e02df8a9af714b8f73038872f838fa535fb
-
SHA256
302d6d56d93d108cc3f16357a45ebfc0fdb6299a6422c9a9ff6fd4160cb804bf
-
SHA512
77407374b4454f19f24ed04cec02c542b9c71e54eba17d9032788c3926325fc1180136060c72d802d7f539f165b1525e80f2cd6e748387e9544cdaa3a44a308a
-
SSDEEP
49152:bpLrSXqEORE9bDUorl2I2NGzzIyDMk1h9lmAA/gHFy2z3Oy:9KXeuHUoRcw9l4YQIOy
Static task
static1
Behavioral task
behavioral1
Sample
8109b95b342d5d5e160d4c80742fbab59e1987eca6ecbb083853551d87415e44.exe
Resource
win7-20230220-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
8109b95b342d5d5e160d4c80742fbab59e1987eca6ecbb083853551d87415e44.exe
-
Size
2.1MB
-
MD5
3f360e06cab641849ccbe123e0bbe7ab
-
SHA1
a7990f433ab8745c25ed8e2a6634f1b81d77d466
-
SHA256
8109b95b342d5d5e160d4c80742fbab59e1987eca6ecbb083853551d87415e44
-
SHA512
d9442faead7dc5b2ec52aeabf1e4996981d53c4f09c585a14769d7fc88d3a60fbc5926a9077de73eb9b53ae1c75c4196c93fe0a6ccd8bef8174703f5fbd3fb75
-
SSDEEP
49152:EGlJfskIIiXlZsE2EceOGQJLw3Y2oMgDBFQM0sB5dlLYp:5w1s/EVHYRMgNFQns3PYp
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-