General
-
Target
4a291a7f71e95c8e2fd6801fb8e9b78b.bin
-
Size
1.2MB
-
Sample
230702-bs29fsbd31
-
MD5
4a291a7f71e95c8e2fd6801fb8e9b78b
-
SHA1
2e677f91f459834bebd5e604722f2ea757ffc13e
-
SHA256
1f525a6bb5ea914fc8ba49f17f0771d7705cd33a0375cc0ae2c49c8bef2cb4d3
-
SHA512
43658110c516316772d51cfb91e446d85d7a10b4e40332b63ce505f94195c862e81fcc03d3a5b4cc70bbfca5473275bbd86ede04071382988e87e9bb813d19be
-
SSDEEP
24576:IaZVRNrZ9QlLz2BNb3IkMHDrpjPwW+kQ+iAPgHsYM8E2N0gZYFsr:IadRNFIKW3iAPgXE2egZYF0
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230621-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
file.exe
-
Size
1.2MB
-
MD5
21b8f99ca3832a204fd8d08065e1599e
-
SHA1
6a5c3cb76b85e1323f9cb2f364f31cf6bb591a16
-
SHA256
6fb4866ca3fa5e2e0c9926fee2fad2fc3324ef0177ff7b43e1f3990b05f4bd90
-
SHA512
fc5aed584943ee053d843e1b325cf44d4811a84ec722dde13d82c790148d92874664c5e08d2c11bd866d902792047b60c25c06a1e1f48cb9b158c3119c309da6
-
SSDEEP
24576:+fOyskQT9YsemOMi+XShulmLIrPfJL1rARpJjBBp/D:+GfkQT9YsVXQPLYPBJ2pvBp
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-