Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

2097985355...5e.exe

windows7-x64

10

2097985355...5e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    20979853553bb74161a52d0c828ad65e

  • Size

    309KB

  • Sample

    231230-3t4x8aaba8

  • MD5

    20979853553bb74161a52d0c828ad65e

  • SHA1

    8859eeeac71eb9a06911f933a7be0f7a4f8cd084

  • SHA256

    dac18006bb58f654499575066266f7c455fe9bdafe23b7c54c41dd513a0b2756

  • SHA512

    c063e1df3ec41a8c573ea40c6993bcbf4bc7be254753bdfec025f2a3bb795cee127ac2857c2a9690f0e1ccbb910301eb16bc26b08045d5ecb9e92ec81ed6aeb2

  • SSDEEP

    6144:00zJFRaJtS+WwPAoyIi2WRKX5qmT3UnYzDEJiQ:1/aJtS+bAoyV2WRiqSl8

Score
10/10
gcleaneronlyloggerloader

Malware Config

Extracted

Family

gcleaner

C2

194.145.227.161

Targets

    • Target

      20979853553bb74161a52d0c828ad65e

    • Size

      309KB

    • MD5

      20979853553bb74161a52d0c828ad65e

    • SHA1

      8859eeeac71eb9a06911f933a7be0f7a4f8cd084

    • SHA256

      dac18006bb58f654499575066266f7c455fe9bdafe23b7c54c41dd513a0b2756

    • SHA512

      c063e1df3ec41a8c573ea40c6993bcbf4bc7be254753bdfec025f2a3bb795cee127ac2857c2a9690f0e1ccbb910301eb16bc26b08045d5ecb9e92ec81ed6aeb2

    • SSDEEP

      6144:00zJFRaJtS+WwPAoyIi2WRKX5qmT3UnYzDEJiQ:1/aJtS+bAoyV2WRiqSl8

    Score
    10/10
    gcleaneronlyloggerloader

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner

    • OnlyLogger

      A tiny loader that uses IPLogger to get its payload.

      loaderonlylogger

    • OnlyLogger payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks