General
-
Target
file.exe
-
Size
2.1MB
-
Sample
230624-mxs25aca9x
-
MD5
bd1b8f79433c29955278c3fbcd9096f9
-
SHA1
07f2592afa191014ead41399639c11bdf8424609
-
SHA256
bf1e6887eae7ff57e6ce8355e63829532807b64599c60c2a378faad2522f3ce5
-
SHA512
fd1cdaa93523f9ad8129852a231e019309a7ab34ec4776b2dde27224b3d42749fe99e816897f8cd9e1452c57774c2d7705c0aa382e3a1b53e50c3c8efd15a76d
-
SSDEEP
49152:zGwPVIUWxUXbEx5Eo0C3emuRggECvbWh+5aUUwqQC6fN6O:qwK6PLCO/5vbWyaUuQCwYO
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230621-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
file.exe
-
Size
2.1MB
-
MD5
bd1b8f79433c29955278c3fbcd9096f9
-
SHA1
07f2592afa191014ead41399639c11bdf8424609
-
SHA256
bf1e6887eae7ff57e6ce8355e63829532807b64599c60c2a378faad2522f3ce5
-
SHA512
fd1cdaa93523f9ad8129852a231e019309a7ab34ec4776b2dde27224b3d42749fe99e816897f8cd9e1452c57774c2d7705c0aa382e3a1b53e50c3c8efd15a76d
-
SSDEEP
49152:zGwPVIUWxUXbEx5Eo0C3emuRggECvbWh+5aUUwqQC6fN6O:qwK6PLCO/5vbWyaUuQCwYO
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-