General
-
Target
file.exe
-
Size
2.8MB
-
Sample
230413-bfhpaagd55
-
MD5
df048e7a994c78ffc7ef2f8bcb88f6ee
-
SHA1
03498a30e689e8d27077df996f6f8fe865706040
-
SHA256
919ae2ce82a45a09ee73c1e91e66db95872318e624df0bf85f2c9f775e8717a7
-
SHA512
3abcf59b0a8f7b0682427c6c432000c710cf23c028211048fe7bcb10d9d6331cbc9664342b6754b8222069fd9823da5456f1ef0476ff21b592372b997d179e8f
-
SSDEEP
49152:zGlJfsodMXN8DzqP72cewYC3leHKxS+HHP7C3KI/VgW02ROgIJH1ycYTNeoaEHwo:qde8bNwtsQC3N/LhfIJH8deohHc+fdWQ
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230220-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
file.exe
-
Size
2.8MB
-
MD5
df048e7a994c78ffc7ef2f8bcb88f6ee
-
SHA1
03498a30e689e8d27077df996f6f8fe865706040
-
SHA256
919ae2ce82a45a09ee73c1e91e66db95872318e624df0bf85f2c9f775e8717a7
-
SHA512
3abcf59b0a8f7b0682427c6c432000c710cf23c028211048fe7bcb10d9d6331cbc9664342b6754b8222069fd9823da5456f1ef0476ff21b592372b997d179e8f
-
SSDEEP
49152:zGlJfsodMXN8DzqP72cewYC3leHKxS+HHP7C3KI/VgW02ROgIJH1ycYTNeoaEHwo:qde8bNwtsQC3N/LhfIJH8deohHc+fdWQ
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-