General
-
Target
CCleaner_v5.84.9126.exe
-
Size
24.3MB
-
Sample
230329-dj9chsee46
-
MD5
f5f6a78587b0daf42518a5dbf6ef028b
-
SHA1
5fd7e0493a6ee0dd60ae2d78a0c3c2ed918f6347
-
SHA256
a398fff09ee7b0aa3a77540e7efd3da0a9792b34fbc8820377cdb9c04dc6eb25
-
SHA512
724725bb1b2960ae648155af4463a83c4a18672fcc4d93143498000f5330374007b6e233942f626ab5d45e614d3d782aa2fca68789a290e8a60df9ee01e05afd
-
SSDEEP
786432:RN1dAWoyVU9uom48R5xTgWfWof+pph3Aw2I3D:RN1WAVvtVRAymnxAw2I3D
Static task
static1
Behavioral task
behavioral1
Sample
CCleaner_v5.84.9126.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
CCleaner_v5.84.9126.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
CCleaner_v5.84.9126.exe
-
Size
24.3MB
-
MD5
f5f6a78587b0daf42518a5dbf6ef028b
-
SHA1
5fd7e0493a6ee0dd60ae2d78a0c3c2ed918f6347
-
SHA256
a398fff09ee7b0aa3a77540e7efd3da0a9792b34fbc8820377cdb9c04dc6eb25
-
SHA512
724725bb1b2960ae648155af4463a83c4a18672fcc4d93143498000f5330374007b6e233942f626ab5d45e614d3d782aa2fca68789a290e8a60df9ee01e05afd
-
SSDEEP
786432:RN1dAWoyVU9uom48R5xTgWfWof+pph3Aw2I3D:RN1WAVvtVRAymnxAw2I3D
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-