General
-
Target
file.exe
-
Size
1.1MB
-
Sample
230702-weksgacb79
-
MD5
b32f213a595af856ecab6976e6e305dd
-
SHA1
f1d57744af5863ff420bf13e06429db7dc3c63f5
-
SHA256
864d4ac2ae2311cfd01324e9b760872a861e565ef57da7df2d0919e0c9aafaa6
-
SHA512
54cf58f3b6251451768e6d034776887aa85117c99f191b61ce13332cf5aa2140a8a4e23bb8e9b57f883c0aeb6fc73e798225869ca62839160fd7cd52551e24d7
-
SSDEEP
24576:JfOy0++so8yYamE9i2Y9zHJNYAbvgGwunGVBDREPKAWnNUWCMW6:JGvExy5TjYbNYAPA7DDvT
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230621-en
Malware Config
Extracted
gcleaner
45.12.253.56
45.12.253.72
45.12.253.98
45.12.253.75
Targets
-
-
Target
file.exe
-
Size
1.1MB
-
MD5
b32f213a595af856ecab6976e6e305dd
-
SHA1
f1d57744af5863ff420bf13e06429db7dc3c63f5
-
SHA256
864d4ac2ae2311cfd01324e9b760872a861e565ef57da7df2d0919e0c9aafaa6
-
SHA512
54cf58f3b6251451768e6d034776887aa85117c99f191b61ce13332cf5aa2140a8a4e23bb8e9b57f883c0aeb6fc73e798225869ca62839160fd7cd52551e24d7
-
SSDEEP
24576:JfOy0++so8yYamE9i2Y9zHJNYAbvgGwunGVBDREPKAWnNUWCMW6:JGvExy5TjYbNYAPA7DDvT
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-