gcleaner | 126309b4dfe718dc824c160742c36a02c1d47bc1fbb8e002249fe3a3c64f06f8 | Triage

Analysis

max time kernel
30s
max time network
31s
platform
windows7_x64
resource
win7-20230621-en
resource tags

arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
submitted
27/06/2023, 07:23

Sharing

Report Analysis Logs

General

Target

1b34dddb3b17173cafc2f89676881afb.exe
Size

269KB
MD5

1b34dddb3b17173cafc2f89676881afb
SHA1

59184c76af7a99e20628b513fefe01b68156edd3
SHA256

126309b4dfe718dc824c160742c36a02c1d47bc1fbb8e002249fe3a3c64f06f8
SHA512

834e995a951233c93649595c30ea6d09e2899b8dee9e4b553c962c8a53f40bf623d4a180998a64eb775a72697de3f81214f8fad34e8f688f3a16e8e7f1094cbb
SSDEEP

6144:edP0IAnzsLJNks1GGi/DSv++KBbzSwa8ehJR:wP0WpbR2+WoZvR

Score

10^/10

gcleaner loader

Malware Config

Extracted

Family

gcleaner

C2

45.12.253.56

45.12.253.72

45.12.253.98

45.12.253.75

Signatures

GCleaner
GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
loader gcleaner

C:\Users\Admin\AppData\Local\Temp\1b34dddb3b17173cafc2f89676881afb.exe
"C:\Users\Admin\AppData\Local\Temp\1b34dddb3b17173cafc2f89676881afb.exe"
1⤵
PID:1264

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1264-55-0x00000000004E0000-0x0000000000522000-memory.dmp

Filesize
264KB

Download
memory/1264-56-0x0000000000400000-0x00000000004D1000-memory.dmp

Filesize
836KB

Download
memory/1264-58-0x0000000000400000-0x00000000004D1000-memory.dmp

Filesize
836KB

Download