gcleaner | 353f5d14d5ba38f4a568cd4dd469764d8928044f10bfc792bf7b64c9858df8cc | Triage

Sharing

General

Target

353f5d14d5ba38f4a568cd4dd469764d8928044f10bfc792bf7b64c9858df8cc
Size

368KB
Sample

240327-bf5ttage82
MD5

b14fc228393e49a865ade5491070ed77
SHA1

94d63a23ca5847e751246e9079ae8ab23790a474
SHA256

353f5d14d5ba38f4a568cd4dd469764d8928044f10bfc792bf7b64c9858df8cc
SHA512

279234fe913fcf7c87cee0fcc8f391cc956cb48fbf9e5ef828cf057b42c43a12938aa2d7aea5aaa718bd9b82fb7031758a6084256c2b246e0008fce8550a028c
SSDEEP

3072:njHTQ0rvDH7Vv8l+uYiXfRHtlljWs3IL/w4m4/jCT/H7TANxYtXoRePtDxuyOYgs:nTTXK/ffNmwzAEtSetD6TE0OFjT

Score

10^/10

gcleaner loader

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.64.3

5.42.65.115

Targets

- Target
  
  353f5d14d5ba38f4a568cd4dd469764d8928044f10bfc792bf7b64c9858df8cc
- Size
  
  368KB
- MD5
  
  b14fc228393e49a865ade5491070ed77
- SHA1
  
  94d63a23ca5847e751246e9079ae8ab23790a474
- SHA256
  
  353f5d14d5ba38f4a568cd4dd469764d8928044f10bfc792bf7b64c9858df8cc
- SHA512
  
  279234fe913fcf7c87cee0fcc8f391cc956cb48fbf9e5ef828cf057b42c43a12938aa2d7aea5aaa718bd9b82fb7031758a6084256c2b246e0008fce8550a028c
- SSDEEP
  
  3072:njHTQ0rvDH7Vv8l+uYiXfRHtlljWs3IL/w4m4/jCT/H7TANxYtXoRePtDxuyOYgs:nTTXK/ffNmwzAEtSetD6TE0OFjT
Score

10^/10

gcleaner loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2