Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

71dff14ffd...ff.exe

windows7-x64

10

71dff14ffd...ff.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    71dff14ffdc3e09c404c2a55e84430ff.exe

  • Size

    266KB

  • Sample

    230614-f1ewcadd3v

  • MD5

    71dff14ffdc3e09c404c2a55e84430ff

  • SHA1

    bd4f363cfa68f9988c38c4c5bb08935081486ec0

  • SHA256

    a77732ddffe3379c1637253174c4ee2f4b6b3f619efcee3bc2e9da2f39608bd2

  • SHA512

    e15f76b7fb10cdd29f95c64162ec76b549c6a17e6b5cc821f51f28470b71ed735c5fc29303db9e4a0dc9dec66a0d84bb7de2ac06674747f99febaedfad4a9169

  • SSDEEP

    3072:4wvy57PHN2Zl7uToLz8UxzD80+djrEnHWGYaaSKDrj206FqvPuMS2L5YW5uub:WPHN2PqToLAa80yXm2GzPGu06cvPuMu

Score
10/10
gcleanerloader

Malware Config

Extracted

Family

gcleaner

C2

45.12.253.56

45.12.253.72

45.12.253.98

45.12.253.75

Targets

    • Target

      71dff14ffdc3e09c404c2a55e84430ff.exe

    • Size

      266KB

    • MD5

      71dff14ffdc3e09c404c2a55e84430ff

    • SHA1

      bd4f363cfa68f9988c38c4c5bb08935081486ec0

    • SHA256

      a77732ddffe3379c1637253174c4ee2f4b6b3f619efcee3bc2e9da2f39608bd2

    • SHA512

      e15f76b7fb10cdd29f95c64162ec76b549c6a17e6b5cc821f51f28470b71ed735c5fc29303db9e4a0dc9dec66a0d84bb7de2ac06674747f99febaedfad4a9169

    • SSDEEP

      3072:4wvy57PHN2Zl7uToLz8UxzD80+djrEnHWGYaaSKDrj206FqvPuMS2L5YW5uub:WPHN2PqToLAa80yXm2GzPGu06cvPuMu

    Score
    10/10
    gcleanerloader

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner

    • Downloads MZ/PE file

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks