Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file

  • Size

    1.3MB

  • Sample

    230731-1bnr6scc81

  • MD5

    9da802c149a4f5386685baf08bbe8531

  • SHA1

    b2ea45b94346665aa3522c144b96bc06eec15e7c

  • SHA256

    9d6bdf9c821aeb3a727c396b7b902d0d2d5eb0f55a6f4027574fb8bb16732f4c

  • SHA512

    27015a67e18989e465ba865ac50aee957aeb6ad6ac2155ea987e0300ced1d7ab802534238c4e39e106929232ad9d89d544948f3c46cad465acb6071cc88eb97e

  • SSDEEP

    24576:D2lAnRICUKvwldcqWuUaIay4l/XTWpDJXHgwx8IINqetMh9GxanV:D2uRIIwltEaIQleJwYrqMhMxOV

Score
10/10
gcleanerloader

Malware Config

Extracted

Family

gcleaner

C2

45.12.253.56

45.12.253.72

45.12.253.98

45.12.253.75
Attributes
  • url_path

    /default/puk.php

Targets

    • Target

      file

    • Size

      1.3MB

    • MD5

      9da802c149a4f5386685baf08bbe8531

    • SHA1

      b2ea45b94346665aa3522c144b96bc06eec15e7c

    • SHA256

      9d6bdf9c821aeb3a727c396b7b902d0d2d5eb0f55a6f4027574fb8bb16732f4c

    • SHA512

      27015a67e18989e465ba865ac50aee957aeb6ad6ac2155ea987e0300ced1d7ab802534238c4e39e106929232ad9d89d544948f3c46cad465acb6071cc88eb97e

    • SSDEEP

      24576:D2lAnRICUKvwldcqWuUaIay4l/XTWpDJXHgwx8IINqetMh9GxanV:D2uRIIwltEaIQleJwYrqMhMxOV

    Score
    10/10
    gcleanerloader

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks