Extracted

• • Target

    file

  • Size

    2.1MB

  • MD5

    214811e792b69344c84b2f31c81742cc

  • SHA1

    61d2173bfb836ea8acb0ee9dab44e51b4b8d7158

  • SHA256

    5637aef3fb43a418cd5bb036103fb3f7427e5062c5d23e14ab3b65c7d87793ec

  • SHA512

    bfa2f2e168e46d9fe7ea69d19a40c4a15f249d1155c2a574e714903cf2300a9e039272a388983e4f76bf79d63a43ac219b47c8c4424ed07ea5c50d78201dbbc3

  • SSDEEP

    49152:EGlJfsR9+UfJuK3iLMYX0yysI6rWDoV+PukCavPycEaD2LhT25dlLYp:5IEouKmMoSsI66DoPkzvo1IPYp

  Score

  10^/10

  gcleanerdiscoveryloader

  • GCleaner

    GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    loadergcleaner

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2