General

  • Target

    f6784181208db14d2bf3c8c4b52e6d31673bed99ab5373f890e8e9067507aed0

  • Size

    285KB

  • Sample

    240402-xs8l5aaf91

  • MD5

    24d2d76878a44105955f3f05dad3f103

  • SHA1

    3704a9ea591153f87b527c4551bff6b08af8a147

  • SHA256

    f6784181208db14d2bf3c8c4b52e6d31673bed99ab5373f890e8e9067507aed0

  • SHA512

    bb0905235955a75e09616e99b688c8f914c1fd94bd40553e0c164ff57ea0e9fbf1badb02f5303738838334f57ad2628469a0eeea69c06b4db8add631a8606fcd

  • SSDEEP

    6144:thqrqd3c6ppUfWoaIz0vispNb04z3qQ/xShzUOzwMMKS:irU3c6/Uf1z0xN04Funz

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      f6784181208db14d2bf3c8c4b52e6d31673bed99ab5373f890e8e9067507aed0

    • Size

      285KB

    • MD5

      24d2d76878a44105955f3f05dad3f103

    • SHA1

      3704a9ea591153f87b527c4551bff6b08af8a147

    • SHA256

      f6784181208db14d2bf3c8c4b52e6d31673bed99ab5373f890e8e9067507aed0

    • SHA512

      bb0905235955a75e09616e99b688c8f914c1fd94bd40553e0c164ff57ea0e9fbf1badb02f5303738838334f57ad2628469a0eeea69c06b4db8add631a8606fcd

    • SSDEEP

      6144:thqrqd3c6ppUfWoaIz0vispNb04z3qQ/xShzUOzwMMKS:irU3c6/Uf1z0xN04Funz

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks