General
-
Target
12f3214c9581a47758b3fb99bd7d80f6.bin
-
Size
3.0MB
-
Sample
230412-bpl33aac4v
-
MD5
f857574f9c0c3a366a54ae8cd6f64006
-
SHA1
e12754a2ebb5f62cd21358b8e526bb360049336b
-
SHA256
eca833dc87de4d9e761f4640db473717d3001c45ce42cfe40e811a98e5d07cd1
-
SHA512
edee317e3546211d0211e552a06335f14a05a51908d534b6e8e4bced8b0c6fe8c1b45db2a4df0402259acf360301f4d9bba14567b619af59ae3fe45ba3a36a08
-
SSDEEP
49152:Ir3vI8jdwawzxYA5ckSxwVOw/bxFnF0ehCB+2dy8WMH0WUbexjfysGpid2:Ir3QHawtpMxC1TxFnF0EozsexjfcpQ2
Static task
static1
Behavioral task
behavioral1
Sample
059a1b15676e7c91758561e040ab79148a9d6c575aa08f6b1fe227820be1149d.exe
Resource
win7-20230220-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
059a1b15676e7c91758561e040ab79148a9d6c575aa08f6b1fe227820be1149d.exe
-
Size
3.0MB
-
MD5
12f3214c9581a47758b3fb99bd7d80f6
-
SHA1
414509393eb9b8aa8562e782621bc27e1d211c07
-
SHA256
059a1b15676e7c91758561e040ab79148a9d6c575aa08f6b1fe227820be1149d
-
SHA512
2bbe01bfbc7dd6718d321774c18f8e532d3c76b9170f5caeed852c0cbc5e7d0d175caf6556ed5403ba27065e4793d2551da9aefed5f7846fd6dc1059deaeddbe
-
SSDEEP
49152:zGlJfshRyuzgYgb7riUUecszYJN+hvGK+IlaYpxc880miNKA016NSYMkhHmfWHyt:qUUB7zmD+NGylcjEgAE/OHeWSt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-