General
-
Target
c707563d073332ea3c40d15197b25de2.bin
-
Size
1.9MB
-
Sample
230330-caf4yacc3x
-
MD5
b0575a603b4df2b4bf628fd1578f5475
-
SHA1
089645b037457e5f095e50112301e915bcaf69fe
-
SHA256
fcc2b0ca0dda8ec00f6049ed8286670f29f1502c4acd06af05d25bb9f93155dc
-
SHA512
52338aea5e7818d7c26c6cded5973e3527a1d7f032b076e11fb45b52f4433632ac95f32d0243599676dc649343a5175588ed205fdc615a3e2f84a437fb94b686
-
SSDEEP
49152:frmRMbQr8tUmMWhsrrD5n6BUV6s/TKvW2zeco+Kzf7pj1GzZ:KuQr8UWhi35n6BUV6syW2ycorzzZYzZ
Static task
static1
Behavioral task
behavioral1
Sample
4cf0cf3a0b856198ae76247b43b6b2f9f7d92f31d4b131ca8b3a9ec46f0964a1.exe
Resource
win7-20230220-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
4cf0cf3a0b856198ae76247b43b6b2f9f7d92f31d4b131ca8b3a9ec46f0964a1.exe
-
Size
1.9MB
-
MD5
c707563d073332ea3c40d15197b25de2
-
SHA1
425a9f25d638e5ae791d4ec0969b5f119afd9043
-
SHA256
4cf0cf3a0b856198ae76247b43b6b2f9f7d92f31d4b131ca8b3a9ec46f0964a1
-
SHA512
b89fe8fae2a1af0d50c26123e02a7c0301e34815f9796150305dfbb61d73d9000f60450dca2623d2614cb9652f204bf87c36ff2703f5aeb07107139c9f133be9
-
SSDEEP
49152:EGlJfsUsCSwYqUGz+1yQMYhIcyYueJnf9zV9Rg0IafR/5dlLYp:5NlFTUw+wpx9qf9B9a0IaffPYp
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-