General

  • Target

    037fcb5e2db087724532a720e2d7e9a753a09730ae88fb18a31371ac6dc9c098

  • Size

    286KB

  • Sample

    240402-3y2zeshe89

  • MD5

    36f75323025b17b963ee0852bafff930

  • SHA1

    dd73e864077b2c31b790b941102f9c685f78784a

  • SHA256

    037fcb5e2db087724532a720e2d7e9a753a09730ae88fb18a31371ac6dc9c098

  • SHA512

    456ed634b34f9e161189269c65d723e47f04e8886d001d29b0216465bf6733c48942c4231d7d3eb3040e8e94529117a7baea25eaa4c0cf93339a9d0b21e06f1f

  • SSDEEP

    6144:vaqPDw3x4pM0x0YQpGfFHIOOqm9jH3wqSYO34XVe:XPM3x4D0YQ07m9jAFoV

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      037fcb5e2db087724532a720e2d7e9a753a09730ae88fb18a31371ac6dc9c098

    • Size

      286KB

    • MD5

      36f75323025b17b963ee0852bafff930

    • SHA1

      dd73e864077b2c31b790b941102f9c685f78784a

    • SHA256

      037fcb5e2db087724532a720e2d7e9a753a09730ae88fb18a31371ac6dc9c098

    • SHA512

      456ed634b34f9e161189269c65d723e47f04e8886d001d29b0216465bf6733c48942c4231d7d3eb3040e8e94529117a7baea25eaa4c0cf93339a9d0b21e06f1f

    • SSDEEP

      6144:vaqPDw3x4pM0x0YQpGfFHIOOqm9jH3wqSYO34XVe:XPM3x4D0YQ07m9jAFoV

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks