General
-
Target
file.exe
-
Size
3.0MB
-
Sample
230410-z3atysgc84
-
MD5
1f8bb766c1400ea1efb742ee853f6db7
-
SHA1
984fdab9006992995753d9d7a7714304dc9408e0
-
SHA256
d4f6be2b386b1ded0cf214dd80e305916deefaa53d946f3dc049d8fdcda706a1
-
SHA512
d82b08d4c80acae9c81b83a4436f8e78692cc896f9750515df5f1270b3e1f54653c64f15124c4983fda4c70c1accdf6b00e3f863a69a7fa65ff90ff4e4743085
-
SSDEEP
49152:zGlJfszHgKKXXHrFCkhVOBL2XdhCTrVSL+o0HD99kBseVjgdUTH9dk1c4owWHygU:qMH7IVCLwsTML3+bkBttguTH9KowWSt
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230220-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
file.exe
-
Size
3.0MB
-
MD5
1f8bb766c1400ea1efb742ee853f6db7
-
SHA1
984fdab9006992995753d9d7a7714304dc9408e0
-
SHA256
d4f6be2b386b1ded0cf214dd80e305916deefaa53d946f3dc049d8fdcda706a1
-
SHA512
d82b08d4c80acae9c81b83a4436f8e78692cc896f9750515df5f1270b3e1f54653c64f15124c4983fda4c70c1accdf6b00e3f863a69a7fa65ff90ff4e4743085
-
SSDEEP
49152:zGlJfszHgKKXXHrFCkhVOBL2XdhCTrVSL+o0HD99kBseVjgdUTH9dk1c4owWHygU:qMH7IVCLwsTML3+bkBttguTH9KowWSt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-