General
-
Target
b108df4182d465644289ca8d625ffbf9.exe
-
Size
3.0MB
-
Sample
230410-rny91abf4z
-
MD5
b108df4182d465644289ca8d625ffbf9
-
SHA1
cd67096e7096ba17d279825711499625a2b21c9b
-
SHA256
3855e86e415a59e0b4a3641ca1d0620c2ebc5832bec90ba30ff017848de0f50e
-
SHA512
a1213a83fa503bea2ed61951e11705a759458db2bc9b2a0b4e76a9c613533f7644e654ae74a74e8ab1b323943ccf5ebc80d92330e42e848dd397869918fbfa99
-
SSDEEP
49152:zGlJfsYV48BkoYAJowu8KEgxAu5eknLSrPgyt3nHUeHAWAgtwyZpDzsehHNpAKoo:qu8Jgx127t33wguGDoetZ9WSt
Static task
static1
Behavioral task
behavioral1
Sample
b108df4182d465644289ca8d625ffbf9.exe
Resource
win7-20230220-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
b108df4182d465644289ca8d625ffbf9.exe
-
Size
3.0MB
-
MD5
b108df4182d465644289ca8d625ffbf9
-
SHA1
cd67096e7096ba17d279825711499625a2b21c9b
-
SHA256
3855e86e415a59e0b4a3641ca1d0620c2ebc5832bec90ba30ff017848de0f50e
-
SHA512
a1213a83fa503bea2ed61951e11705a759458db2bc9b2a0b4e76a9c613533f7644e654ae74a74e8ab1b323943ccf5ebc80d92330e42e848dd397869918fbfa99
-
SSDEEP
49152:zGlJfsYV48BkoYAJowu8KEgxAu5eknLSrPgyt3nHUeHAWAgtwyZpDzsehHNpAKoo:qu8Jgx127t33wguGDoetZ9WSt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-