General
-
Target
file.exe
-
Size
3.0MB
-
Sample
230411-ff89fsca7v
-
MD5
7f420b8feb60476588ece4d312475f0c
-
SHA1
286027b7b0d625d41c49c735bab192298bba550c
-
SHA256
1dd38e375c52c69190bebe72918c886a1a3aaf35f78cbea57df74e20b379f96c
-
SHA512
5f7ca403dd581cf7eb1aba9477c260e33c7998df96443498273f5388bb0ac6c5ad6adad96d09e6eee3c9408669a74d6327aaead2a6c7184950af953cfb6c6978
-
SSDEEP
98304:q/BPns8uPsS8lJArNowrkRg9SoD40EAxG4TWSt:afuCDApVG4V4t4zTWQ
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230220-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
file.exe
-
Size
3.0MB
-
MD5
7f420b8feb60476588ece4d312475f0c
-
SHA1
286027b7b0d625d41c49c735bab192298bba550c
-
SHA256
1dd38e375c52c69190bebe72918c886a1a3aaf35f78cbea57df74e20b379f96c
-
SHA512
5f7ca403dd581cf7eb1aba9477c260e33c7998df96443498273f5388bb0ac6c5ad6adad96d09e6eee3c9408669a74d6327aaead2a6c7184950af953cfb6c6978
-
SSDEEP
98304:q/BPns8uPsS8lJArNowrkRg9SoD40EAxG4TWSt:afuCDApVG4V4t4zTWQ
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-