General

  • Target

    3c187ba3a074078ac5edd0382992f66e784eb26faff2fbd55b97b1d0b0740ae9.zip

  • Size

    186KB

  • Sample

    240402-mmzrxsfb7y

  • MD5

    09ea4c01f524956e25b3f8ddb3178964

  • SHA1

    8431d6a434a22cc1665046638092d00e02c23036

  • SHA256

    b795cd205039e759c1340e7017b5589110a0c52ef6edbbf5edbaf9e96a41ab77

  • SHA512

    4580898749aaaa309dd4530b126fe9015e7ed5d7c31d46b47eac76d62b21bceb16c3698bae2e459f6be95390c8ef568ba92ce2745247182e2af536c980003f55

  • SSDEEP

    3072:KQqqDbEYU3nCo9O/wGETXtIxekFBy1M7yxeCVmrXKiL5cEjPBnHIupV3o50iHcZW:KQhDnGQ/wGErtIgciM7l+mr6iL5BHPVy

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Targets

    • Target

      3c187ba3a074078ac5edd0382992f66e784eb26faff2fbd55b97b1d0b0740ae9.exe

    • Size

      294KB

    • MD5

      54935c8ce5efca8a4589caa0d3e9258f

    • SHA1

      b0eb42a85371e15ef92020c37406f59e786a503d

    • SHA256

      3c187ba3a074078ac5edd0382992f66e784eb26faff2fbd55b97b1d0b0740ae9

    • SHA512

      3fb388b769a5cae21a035ae999e5d190d941c4a146cf77e5481a5ea8337b8e1a0259a206ad04d1a902842412584825db5d2fbd7c9425fcc855581e294b7d26bc

    • SSDEEP

      3072:CX8L3hvoXS+bakYZXhJ1KcRvPHiiKXU57jdPWfd9Drt67JUPFk+Hc/vyK1nhlXWl:CsvYSo6r1xIiKkLixP+qIyK1nfXy5IB

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks