General

  • Target

    a5d66a7d45ad000c9925a7cc6.exe

  • Size

    300KB

  • Sample

    230701-jjlt4sga53

  • MD5

    5d2f16ef266104387e196951e7a54383

  • SHA1

    025c8f532bd1b3824730e2b110da6240fad56201

  • SHA256

    a5d66a7d45ad000c9925a7cc663df2a8944fcd5cf8de64533ea36f545599ca39

  • SHA512

    ff9a1c4750bce23ab2c4560e74a184043e7734d60d9b363cf731f25dc224ee6ad534ab76473297d6a32ab0c2caa1a1f814e9b70921bc9d9de19abf39f8ae2d6a

  • SSDEEP

    6144:hsb5LBhvt3Lms9OJI9EELu4bqA9fkPf41b:hsb59hV3LGJIRjDsPSb

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

45.139.105.171

85.31.46.167

107.182.129.235

171.22.30.106

Targets

    • Target

      a5d66a7d45ad000c9925a7cc6.exe

    • Size

      300KB

    • MD5

      5d2f16ef266104387e196951e7a54383

    • SHA1

      025c8f532bd1b3824730e2b110da6240fad56201

    • SHA256

      a5d66a7d45ad000c9925a7cc663df2a8944fcd5cf8de64533ea36f545599ca39

    • SHA512

      ff9a1c4750bce23ab2c4560e74a184043e7734d60d9b363cf731f25dc224ee6ad534ab76473297d6a32ab0c2caa1a1f814e9b70921bc9d9de19abf39f8ae2d6a

    • SSDEEP

      6144:hsb5LBhvt3Lms9OJI9EELu4bqA9fkPf41b:hsb59hV3LGJIRjDsPSb

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

MITRE ATT&CK Enterprise v6

Tasks