General
-
Target
1f8bb766c1400ea1efb742ee853f6db7.bin
-
Size
3.0MB
-
Sample
230412-bxna4aac9z
-
MD5
3bfa1faa0fb166a16c04ab46c626c037
-
SHA1
107ee5a6ddad7f6fcf981895e58e52d761be17ea
-
SHA256
154cfdb48e4206538c330b843fceaee74d8f76d81b42864f1735286cfb60ceb3
-
SHA512
03136fd5362396924f89a5522887e76834dffaa5fde04f58b5a7d95458491b5017d44de4bb364ed7822f1c6a8df48921a8e2b1f469c107c102e36d336d2edfc7
-
SSDEEP
49152:gMtgVcjmIKd+X9ZWk3SlqtJ+duaDZD/sXuhJaLk3A207z3Z/ivLCPf88FLlH:vtg2XUuZWsSlqt+uWZDr34BijCPf5FJH
Static task
static1
Behavioral task
behavioral1
Sample
d4f6be2b386b1ded0cf214dd80e305916deefaa53d946f3dc049d8fdcda706a1.exe
Resource
win7-20230220-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
d4f6be2b386b1ded0cf214dd80e305916deefaa53d946f3dc049d8fdcda706a1.exe
-
Size
3.0MB
-
MD5
1f8bb766c1400ea1efb742ee853f6db7
-
SHA1
984fdab9006992995753d9d7a7714304dc9408e0
-
SHA256
d4f6be2b386b1ded0cf214dd80e305916deefaa53d946f3dc049d8fdcda706a1
-
SHA512
d82b08d4c80acae9c81b83a4436f8e78692cc896f9750515df5f1270b3e1f54653c64f15124c4983fda4c70c1accdf6b00e3f863a69a7fa65ff90ff4e4743085
-
SSDEEP
49152:zGlJfszHgKKXXHrFCkhVOBL2XdhCTrVSL+o0HD99kBseVjgdUTH9dk1c4owWHygU:qMH7IVCLwsTML3+bkBttguTH9KowWSt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-