General
-
Target
12f3214c9581a47758b3fb99bd7d80f6.exe
-
Size
3.0MB
-
Sample
230410-v9flkagg6t
-
MD5
12f3214c9581a47758b3fb99bd7d80f6
-
SHA1
414509393eb9b8aa8562e782621bc27e1d211c07
-
SHA256
059a1b15676e7c91758561e040ab79148a9d6c575aa08f6b1fe227820be1149d
-
SHA512
2bbe01bfbc7dd6718d321774c18f8e532d3c76b9170f5caeed852c0cbc5e7d0d175caf6556ed5403ba27065e4793d2551da9aefed5f7846fd6dc1059deaeddbe
-
SSDEEP
49152:zGlJfshRyuzgYgb7riUUecszYJN+hvGK+IlaYpxc880miNKA016NSYMkhHmfWHyt:qUUB7zmD+NGylcjEgAE/OHeWSt
Static task
static1
Behavioral task
behavioral1
Sample
12f3214c9581a47758b3fb99bd7d80f6.exe
Resource
win7-20230220-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
12f3214c9581a47758b3fb99bd7d80f6.exe
-
Size
3.0MB
-
MD5
12f3214c9581a47758b3fb99bd7d80f6
-
SHA1
414509393eb9b8aa8562e782621bc27e1d211c07
-
SHA256
059a1b15676e7c91758561e040ab79148a9d6c575aa08f6b1fe227820be1149d
-
SHA512
2bbe01bfbc7dd6718d321774c18f8e532d3c76b9170f5caeed852c0cbc5e7d0d175caf6556ed5403ba27065e4793d2551da9aefed5f7846fd6dc1059deaeddbe
-
SSDEEP
49152:zGlJfshRyuzgYgb7riUUecszYJN+hvGK+IlaYpxc880miNKA016NSYMkhHmfWHyt:qUUB7zmD+NGylcjEgAE/OHeWSt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-