gcleaner | f04f7c4388d063e19fdd1a7a9661c7e74294a5db335d4981cfda0abd7a158372 | Triage

Sharing

General

Target

c72d0a13d76f6cbb713922b5b48e2d3f.exe
Size

404KB
Sample

230402-szrvqsad4z
MD5

c72d0a13d76f6cbb713922b5b48e2d3f
SHA1

32ec79cddbcc637fff8bc9aeb730ceb3f249e6b3
SHA256

f04f7c4388d063e19fdd1a7a9661c7e74294a5db335d4981cfda0abd7a158372
SHA512

d370f238f60e1f772804715d6c55731433d7357d32ac692f8d7f1fa66ffadbd94aebc5542df3a402e89e95e43828a67fecf22c0e040c4f5c5e830d3338b2e9e6
SSDEEP

3072:BPGFHcVVF6fNgGCR4QinHZCdh+6qM3wG//xuFoqy1Ib7jYuVrrcaCNoe3dM3dNBb:pUHcLF6TL6/89MOY0CiRBC1qj0

Score

10^/10

gcleaner loader

Malware Config

Extracted

Family

gcleaner

C2

45.12.253.56

45.12.253.72

45.12.253.98

45.12.253.75

Targets

- Target
  
  c72d0a13d76f6cbb713922b5b48e2d3f.exe
- Size
  
  404KB
- MD5
  
  c72d0a13d76f6cbb713922b5b48e2d3f
- SHA1
  
  32ec79cddbcc637fff8bc9aeb730ceb3f249e6b3
- SHA256
  
  f04f7c4388d063e19fdd1a7a9661c7e74294a5db335d4981cfda0abd7a158372
- SHA512
  
  d370f238f60e1f772804715d6c55731433d7357d32ac692f8d7f1fa66ffadbd94aebc5542df3a402e89e95e43828a67fecf22c0e040c4f5c5e830d3338b2e9e6
- SSDEEP
  
  3072:BPGFHcVVF6fNgGCR4QinHZCdh+6qM3wG//xuFoqy1Ib7jYuVrrcaCNoe3dM3dNBb:pUHcLF6TL6/89MOY0CiRBC1qj0
Score

10^/10

gcleaner loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2