General

  • Target

    57e40b594ece1d02be881363f4f287b8b92bec8ebfb4f97c2e47cd86fa8b3621

  • Size

    285KB

  • Sample

    240402-3lnw2agh9y

  • MD5

    7c10ccc1a0b4e35d5e2dc904dbf0e22a

  • SHA1

    1d1f7f0915c69f621923d22a805ef813fe7cf6ae

  • SHA256

    57e40b594ece1d02be881363f4f287b8b92bec8ebfb4f97c2e47cd86fa8b3621

  • SHA512

    c5f88187b2160c3fc86377313c64f9d07e02e943516ddce20cf450c0d0f164e2ac7019b48e6955979a1eaddc2729ac02f0b97de28eed32ba22c79f2411892276

  • SSDEEP

    6144:y6qPj53ORpL0RnmpjvM8UM5k3I1LUaYf1TEJghXI34XVe:yPl3ORonFMlfYdjIoV

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      57e40b594ece1d02be881363f4f287b8b92bec8ebfb4f97c2e47cd86fa8b3621

    • Size

      285KB

    • MD5

      7c10ccc1a0b4e35d5e2dc904dbf0e22a

    • SHA1

      1d1f7f0915c69f621923d22a805ef813fe7cf6ae

    • SHA256

      57e40b594ece1d02be881363f4f287b8b92bec8ebfb4f97c2e47cd86fa8b3621

    • SHA512

      c5f88187b2160c3fc86377313c64f9d07e02e943516ddce20cf450c0d0f164e2ac7019b48e6955979a1eaddc2729ac02f0b97de28eed32ba22c79f2411892276

    • SSDEEP

      6144:y6qPj53ORpL0RnmpjvM8UM5k3I1LUaYf1TEJghXI34XVe:yPl3ORonFMlfYdjIoV

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks