General

  • Target

    7c610d2fd42fde5780d57768926e3a5f8575e6905b8a5ea62dd43ebda36759f5.zip

  • Size

    188KB

  • Sample

    240402-mm4e4sfb8s

  • MD5

    f987a9cd994e1b4fd1dbaf4d471cb058

  • SHA1

    2cd4bcaae6027193a4fcc965a9ec71c85e7d5868

  • SHA256

    6abe4b1ba78984c07e35010fc8182de3855ca06689dd305781e2ae6524b6996e

  • SHA512

    27e8235b5b1bed0a99c801d4f41dd10b401ca05c96346c3320f5c08033f1ab0a538fc5cfa55f917f834091e6656a12edc056903d7261458acb5a18382930d8be

  • SSDEEP

    3072:gq9cfuV0l5fgtzVs0LfpDHHFcghCBg4ugF/q/YyPjIvD8tR2PJ+iRcS2wE2Q7nA/:gPWVidKzPF3L4ugF/RWYPJ+JSrQAAy5P

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.115

Targets

    • Target

      7c610d2fd42fde5780d57768926e3a5f8575e6905b8a5ea62dd43ebda36759f5.exe

    • Size

      334KB

    • MD5

      7936f2795346b6d22a7e66b7a6d8cb39

    • SHA1

      8735cc71cd3a32e0e09c0239498131cd792ed652

    • SHA256

      7c610d2fd42fde5780d57768926e3a5f8575e6905b8a5ea62dd43ebda36759f5

    • SHA512

      463de02d2a3cca2e0ede7fcad2265d9a52c1af71a3dae9e7045ac2b51d9f44862400f55c41e2c62552acad128e4f81b807e38ac98a963da4b8716ca0093f7aee

    • SSDEEP

      3072:i/1usES1KZ9s4+8cKFEX048M+YqxFGy0lsoglOGYzFY4HcHxmt/IoPijYn5:oPHF4sqVXGb2NxYzFFHcIGoPiu

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks