Analysis

  • max time kernel
    31s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    26/06/2023, 06:09

General

  • Target

    b42cc69e78369524fc39c1c8a8c54d62.exe

  • Size

    341KB

  • MD5

    b42cc69e78369524fc39c1c8a8c54d62

  • SHA1

    ce4b2c4e05761dbc282be4a55644b5680f5d633c

  • SHA256

    f238c46012be1759b585926e41ba8e867d358eb9b82e9f856e10a1ee11682bc7

  • SHA512

    0d3dfb1f21c91614538b9421b69e5f70fa9c6011bc7eda5ed23c8e33a6cae7174f4464ff0a5b1a48738a55388c951496cbc745723997eda2a6a58d275cf8e2a0

  • SSDEEP

    6144:TjEsTQwhQ/GHeWQZJUIUsNXZSK8hOvTG6RByNSUJ3mLLmiye+3D:TjTRQ/G+WQgITecG4yNlYP8D

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

45.12.253.56

45.12.253.72

45.12.253.98

45.12.253.75

Signatures

  • GCleaner

    GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

Processes

  • C:\Users\Admin\AppData\Local\Temp\b42cc69e78369524fc39c1c8a8c54d62.exe
    "C:\Users\Admin\AppData\Local\Temp\b42cc69e78369524fc39c1c8a8c54d62.exe"
    1⤵
      PID:1320

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1320-55-0x0000000000220000-0x0000000000262000-memory.dmp

            Filesize

            264KB

          • memory/1320-56-0x0000000000400000-0x00000000006AF000-memory.dmp

            Filesize

            2.7MB

          • memory/1320-58-0x0000000000400000-0x00000000006AF000-memory.dmp

            Filesize

            2.7MB