gcleaner | 4b2f2e8cc35e90b2f48bdcd093e4d8c9fa7424e412c123657a554357fb6fe201 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8943ecf1ba8d885924dc6c6960ac585.exe
Size

379KB
Sample

240204-n5tt3agef4
MD5

b8943ecf1ba8d885924dc6c6960ac585
SHA1

2916bd9f50da5b0299e33d57b96ae83bb9fb6369
SHA256

4b2f2e8cc35e90b2f48bdcd093e4d8c9fa7424e412c123657a554357fb6fe201
SHA512

a016ea1688ff4bfcd9d71c05fc300a9a84ec1dd6a21444d3dde7ccc80e1612d87c4ed5468f644d9c01bf46d6f46f179c4e431a28fa59b1ed0809d8a0992269e8
SSDEEP

6144:KE9qRXqOi02OBRiIgQCtr2v//KSopPGBX91xJ4ImFhcyD1kDc:KpRdi02OPuD1RpPgX96ImFyeeY

Score

10^/10

gcleaner loader

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.64.3

5.42.65.115

Targets

- Target
  
  b8943ecf1ba8d885924dc6c6960ac585.exe
- Size
  
  379KB
- MD5
  
  b8943ecf1ba8d885924dc6c6960ac585
- SHA1
  
  2916bd9f50da5b0299e33d57b96ae83bb9fb6369
- SHA256
  
  4b2f2e8cc35e90b2f48bdcd093e4d8c9fa7424e412c123657a554357fb6fe201
- SHA512
  
  a016ea1688ff4bfcd9d71c05fc300a9a84ec1dd6a21444d3dde7ccc80e1612d87c4ed5468f644d9c01bf46d6f46f179c4e431a28fa59b1ed0809d8a0992269e8
- SSDEEP
  
  6144:KE9qRXqOi02OBRiIgQCtr2v//KSopPGBX91xJ4ImFhcyD1kDc:KpRdi02OPuD1RpPgX96ImFyeeY
Score

10^/10

gcleaner loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2