General

  • Target

    33f3f802f43dcc02802309481e21653e482b8273681dfcad684918d101bb9d36

  • Size

    284KB

  • Sample

    240402-y3t26ace58

  • MD5

    81a7b7eefddaff8959f2a54e95f09faa

  • SHA1

    d3d5d387bcada7f949420a7cb6ac26624a0dbe93

  • SHA256

    33f3f802f43dcc02802309481e21653e482b8273681dfcad684918d101bb9d36

  • SHA512

    5ea09b824e1953d8c331391c53806f7773fbdd08ccef8ccebd1a52d6922cf2288d2a9a483a73b5786f50473838c77c0d5a395022372377f0f09eb8a863ab788f

  • SSDEEP

    6144:ErqLPJ3lEpfRHODd77VgNK0yOCBLyz34XVe:FLB3lE7HO3xdB+zoV

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      33f3f802f43dcc02802309481e21653e482b8273681dfcad684918d101bb9d36

    • Size

      284KB

    • MD5

      81a7b7eefddaff8959f2a54e95f09faa

    • SHA1

      d3d5d387bcada7f949420a7cb6ac26624a0dbe93

    • SHA256

      33f3f802f43dcc02802309481e21653e482b8273681dfcad684918d101bb9d36

    • SHA512

      5ea09b824e1953d8c331391c53806f7773fbdd08ccef8ccebd1a52d6922cf2288d2a9a483a73b5786f50473838c77c0d5a395022372377f0f09eb8a863ab788f

    • SSDEEP

      6144:ErqLPJ3lEpfRHODd77VgNK0yOCBLyz34XVe:FLB3lE7HO3xdB+zoV

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks