gcleaner | 874c02a20f4fff607f9631c6644fc414c153196648764544be06a39bb6984cc2 | Triage

Sharing

General

Target

04a0a92818fff9b931159046aae65313.bin
Size

223KB
Sample

230402-bjbedadg94
MD5

b24b8ccc0a1145fc77461667e5bd2e4b
SHA1

3b493723ad105d370168437d58dbb18c58e52303
SHA256

874c02a20f4fff607f9631c6644fc414c153196648764544be06a39bb6984cc2
SHA512

392c3dae88154d1a0ba78140d41a7aa39d1b87117271264022d2ea73025a5bebbe48752b5e0f9f0af7b0f7b07df000d3c2b1b349ea902607cf92942c0b7b62bd
SSDEEP

6144:hprw3hv9f2/TAwOZWp0L1Cm5FPieEAV7SY22y/:4t9f2/hOU0xDKeEQ7y2y/

Score

10^/10

gcleaner loader

Malware Config

Extracted

Family

gcleaner

C2

45.12.253.56

45.12.253.72

45.12.253.98

45.12.253.75

Targets

- Target
  
  81cbb252bf93891c7ff2242c6e792e7dbfc1dcc39cb17ebb47f2b630a46ca4e8.exe
- Size
  
  286KB
- MD5
  
  04a0a92818fff9b931159046aae65313
- SHA1
  
  5d216cceee67ac22373e4ef81ae09f7bed148c3b
- SHA256
  
  81cbb252bf93891c7ff2242c6e792e7dbfc1dcc39cb17ebb47f2b630a46ca4e8
- SHA512
  
  cc24a04193961ee240719974f9969201bb6d21caad6c4cb6f428b0b6d6e1474409384a105f66d7f3f64da6b828d3c3d1c06f07798af18202d535f7864d4c53ad
- SSDEEP
  
  3072:hnyj+CWonmWRoMehGOiyks2d0rdyFrmsKgRJhqfI9Wcvta1xnid3GDHia0W5cqVd:t1nWRG0ZY2dPZrKg4fI9Bt2DbUqnP
Score

10^/10

gcleaner loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2