General

  • Target

    54935c8ce5efca8a4589caa0d3e9258f.bin

  • Size

    186KB

  • Sample

    240403-bqpwcabe81

  • MD5

    238aac60e3aab15c27eab8484fd759b2

  • SHA1

    bc276e28350d8f1e3b48ba0c93707748d909e46c

  • SHA256

    2d66610bf1026a8323cd270c56565dc6d2dd325a9e1ffa35ab009b53ba5e80d4

  • SHA512

    af24609f61f3447abef4408c62777ac41d0e51fd2c09e14fa924745fcd06be956e4bf57c977e585c0d9350fc4e6d1bb84b2f870dfab8d91f77b3f4efcb3fed4d

  • SSDEEP

    3072:PbO6ErC7qoco/lu6+2TL3QwqSnCktG74gsdGaQb4syRLcd9BAtcCTOMMJaG6rNF9:y6Eruq5+nv1n/Ngd9WT40G6J5ywQkNHd

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Targets

    • Target

      3c187ba3a074078ac5edd0382992f66e784eb26faff2fbd55b97b1d0b0740ae9.exe

    • Size

      294KB

    • MD5

      54935c8ce5efca8a4589caa0d3e9258f

    • SHA1

      b0eb42a85371e15ef92020c37406f59e786a503d

    • SHA256

      3c187ba3a074078ac5edd0382992f66e784eb26faff2fbd55b97b1d0b0740ae9

    • SHA512

      3fb388b769a5cae21a035ae999e5d190d941c4a146cf77e5481a5ea8337b8e1a0259a206ad04d1a902842412584825db5d2fbd7c9425fcc855581e294b7d26bc

    • SSDEEP

      3072:CX8L3hvoXS+bakYZXhJ1KcRvPHiiKXU57jdPWfd9Drt67JUPFk+Hc/vyK1nhlXWl:CsvYSo6r1xIiKkLixP+qIyK1nfXy5IB

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks