gcleaner | 0ec584f0565c38a70c9c560a7730cc54f4be565f725e837effe747d80cdc51e4 | Triage

Sharing

General

Target

c1da6f537f45f1ddcd4f0677b3f8cb7c.exe
Size

262KB
Sample

230411-k42lqsbe72
MD5

c1da6f537f45f1ddcd4f0677b3f8cb7c
SHA1

d1c99a5a9543380177cd568cb8cabd3355fff089
SHA256

0ec584f0565c38a70c9c560a7730cc54f4be565f725e837effe747d80cdc51e4
SHA512

aa8c836f170f344f27b5623e725365427e8c79c67b12f079cb7b2d98b16b2d10be1fb96c592400a0094de440b8c4f2fb772fb12490d8e41f1061c61c4d50dd93
SSDEEP

3072:40X288hDqoJ1z81tc2wmaS7Rd+ah11TtzLuHHzqnKtAg6Ajwbvz4HKtlqTEG6rHi:V28forZ2wzSHdWTqK09MX62Zt5W9s

Score

10^/10

gcleaner loader

Malware Config

Extracted

Family

gcleaner

C2

45.12.253.56

45.12.253.72

45.12.253.98

45.12.253.75

Targets

- Target
  
  c1da6f537f45f1ddcd4f0677b3f8cb7c.exe
- Size
  
  262KB
- MD5
  
  c1da6f537f45f1ddcd4f0677b3f8cb7c
- SHA1
  
  d1c99a5a9543380177cd568cb8cabd3355fff089
- SHA256
  
  0ec584f0565c38a70c9c560a7730cc54f4be565f725e837effe747d80cdc51e4
- SHA512
  
  aa8c836f170f344f27b5623e725365427e8c79c67b12f079cb7b2d98b16b2d10be1fb96c592400a0094de440b8c4f2fb772fb12490d8e41f1061c61c4d50dd93
- SSDEEP
  
  3072:40X288hDqoJ1z81tc2wmaS7Rd+ah11TtzLuHHzqnKtAg6Ajwbvz4HKtlqTEG6rHi:V28forZ2wzSHdWTqK09MX62Zt5W9s
Score

10^/10

gcleaner loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2