General
-
Target
f0a6f13b482273d029a6a8613664c33a8f6381dcf98d2cdc7954bbf161c93f49.exe
-
Size
285KB
-
Sample
240403-ckbbfadb36
-
MD5
c095c87e67b0964a91603f3af00dcd97
-
SHA1
d99699c361864fe49ce29c50f9421ef4813c74a0
-
SHA256
f0a6f13b482273d029a6a8613664c33a8f6381dcf98d2cdc7954bbf161c93f49
-
SHA512
e03efb6b5e60f523a96559346362874e32e4fd8e538c752cc571fe0df8aca171c0560c459e473abaa4d36bf3c296747831fdece96baa149a1ef7013d00d09049
-
SSDEEP
6144:D8qrKd3vhpFsfpmG/1DjHyYmT2t+34XVe:Br03vhbc1DGC+oV
Static task
static1
Behavioral task
behavioral1
Sample
f0a6f13b482273d029a6a8613664c33a8f6381dcf98d2cdc7954bbf161c93f49.exe
Resource
win7-20240221-en
Malware Config
Extracted
gcleaner
185.172.128.90
5.42.65.64
-
url_path
/advdlc.php
Targets
-
-
Target
f0a6f13b482273d029a6a8613664c33a8f6381dcf98d2cdc7954bbf161c93f49.exe
-
Size
285KB
-
MD5
c095c87e67b0964a91603f3af00dcd97
-
SHA1
d99699c361864fe49ce29c50f9421ef4813c74a0
-
SHA256
f0a6f13b482273d029a6a8613664c33a8f6381dcf98d2cdc7954bbf161c93f49
-
SHA512
e03efb6b5e60f523a96559346362874e32e4fd8e538c752cc571fe0df8aca171c0560c459e473abaa4d36bf3c296747831fdece96baa149a1ef7013d00d09049
-
SSDEEP
6144:D8qrKd3vhpFsfpmG/1DjHyYmT2t+34XVe:Br03vhbc1DGC+oV
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-