gcleaner | 3a1fb857968ba65d496b97bb4a47c2e3d775a4b820bfe5f9aa24257fe8abbac2 | Triage

Submit
Reports

Overview

overview

Static

static

3

636fb917c4...8c.exe

windows7-x64

1

636fb917c4...8c.exe

windows10-2004-x64

Sharing

General

Target

636fb917c49769200381edf82768548c
Size

441KB
Sample

231226-lcgmxshab5
MD5

636fb917c49769200381edf82768548c
SHA1

3aaf21d6fc5e94dc42bf816a8ca29467a184436c
SHA256

3a1fb857968ba65d496b97bb4a47c2e3d775a4b820bfe5f9aa24257fe8abbac2
SHA512

78bea4ed0b521d2ef190fb1fd2541c1e80d349086eadb95d78f6e802dd17fafcf59a47632e622cb64b1d2322d0d184be7f6c89b7c975c4ef9a88324a47789d16
SSDEEP

12288:gv80oCk/3vdYHO151WLMWirScN8oln8SsKH:hX3vdYDirWolx

Score

10^/10

gcleaner onlylogger loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

636fb917c49769200381edf82768548c.exe

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

636fb917c49769200381edf82768548c.exe

Resource

win10v2004-20231215-en

gcleaner onlylogger loader

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

gcleaner

C2

gc-prtnrs.top

gcc-prtnrs.top

Targets

- Target
  
  636fb917c49769200381edf82768548c
- Size
  
  441KB
- MD5
  
  636fb917c49769200381edf82768548c
- SHA1
  
  3aaf21d6fc5e94dc42bf816a8ca29467a184436c
- SHA256
  
  3a1fb857968ba65d496b97bb4a47c2e3d775a4b820bfe5f9aa24257fe8abbac2
- SHA512
  
  78bea4ed0b521d2ef190fb1fd2541c1e80d349086eadb95d78f6e802dd17fafcf59a47632e622cb64b1d2322d0d184be7f6c89b7c975c4ef9a88324a47789d16
- SSDEEP
  
  12288:gv80oCk/3vdYHO151WLMWirScN8oln8SsKH:hX3vdYDirWolx
Score

10^/10

gcleaner onlylogger loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- OnlyLogger
  A tiny loader that uses IPLogger to get its payload.
  loader onlylogger
- OnlyLogger payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

gcleaneronlyloggerloader

© 2018-2024

Terms | Privacy