gcleaner | 232c541e2a191a25b874cd8def1b41c023ae0b06b408b9db60e1055f38a7fc8c | Triage

Sharing

General

Target

c72d0a13d76f6cbb713922b5b48e2d3f.bin
Size

218KB
Sample

230404-cb6qzscc82
MD5

d20dcae7e14eb7b621840f54e89ef4fb
SHA1

8058bae35d2cff719fcefd8ebc81fceef4877fc8
SHA256

232c541e2a191a25b874cd8def1b41c023ae0b06b408b9db60e1055f38a7fc8c
SHA512

5fbe637f90c2b1f783c46c15b4908f422d37127873d3780e3838d8bf53accf15edb608d57f1a6d2764fa826d55ffc45f0bf79883b31439c3a2d7667c6b494e15
SSDEEP

6144:2Yca18fBGub9SDPo20NWvBk7y31xtAdgQ/EUTRtm:OUagsRNaZAdB/EUTRtm

Score

10^/10

gcleaner loader

Malware Config

Extracted

Family

gcleaner

C2

45.12.253.56

45.12.253.72

45.12.253.98

45.12.253.75

Targets

- Target
  
  f04f7c4388d063e19fdd1a7a9661c7e74294a5db335d4981cfda0abd7a158372.exe
- Size
  
  404KB
- MD5
  
  c72d0a13d76f6cbb713922b5b48e2d3f
- SHA1
  
  32ec79cddbcc637fff8bc9aeb730ceb3f249e6b3
- SHA256
  
  f04f7c4388d063e19fdd1a7a9661c7e74294a5db335d4981cfda0abd7a158372
- SHA512
  
  d370f238f60e1f772804715d6c55731433d7357d32ac692f8d7f1fa66ffadbd94aebc5542df3a402e89e95e43828a67fecf22c0e040c4f5c5e830d3338b2e9e6
- SSDEEP
  
  3072:BPGFHcVVF6fNgGCR4QinHZCdh+6qM3wG//xuFoqy1Ib7jYuVrrcaCNoe3dM3dNBb:pUHcLF6TL6/89MOY0CiRBC1qj0
Score

10^/10

gcleaner loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2