General

  • Target

    765849168e86a3804615b98c7f8584ab4d17f32a0391ac52e81041ff8809f945

  • Size

    313KB

  • Sample

    240403-k59zhabd4v

  • MD5

    6bd5a2c9e306ff40b99731afc147f0a2

  • SHA1

    ac54e3a5f34e64c6b55ff12af297d269e2742565

  • SHA256

    765849168e86a3804615b98c7f8584ab4d17f32a0391ac52e81041ff8809f945

  • SHA512

    25eacbb6a0731a477375cbcf838ee98cfad65030adca2aacff4c9a6189799c8d99ea75fc7b85e094483dd9da2d41582288bafd1cbdeb2b98f474b03cac509431

  • SSDEEP

    6144:yZZuNMS9MtaqiiL7SfVfltEZy4M9QlpiMT:yZZuuS9MtlDSfBN233

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      765849168e86a3804615b98c7f8584ab4d17f32a0391ac52e81041ff8809f945

    • Size

      313KB

    • MD5

      6bd5a2c9e306ff40b99731afc147f0a2

    • SHA1

      ac54e3a5f34e64c6b55ff12af297d269e2742565

    • SHA256

      765849168e86a3804615b98c7f8584ab4d17f32a0391ac52e81041ff8809f945

    • SHA512

      25eacbb6a0731a477375cbcf838ee98cfad65030adca2aacff4c9a6189799c8d99ea75fc7b85e094483dd9da2d41582288bafd1cbdeb2b98f474b03cac509431

    • SSDEEP

      6144:yZZuNMS9MtaqiiL7SfVfltEZy4M9QlpiMT:yZZuuS9MtlDSfBN233

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks