General

  • Target

    cae00469e596879445ad223c088b64c3649b6d2fd4374694aba7cbcdcd832713

  • Size

    313KB

  • Sample

    240403-k9ap7sbd6y

  • MD5

    78e3890f59b7a65e35ebee043fe42029

  • SHA1

    1158d3c4b7bf7d0a104de72e70190b89edc74132

  • SHA256

    cae00469e596879445ad223c088b64c3649b6d2fd4374694aba7cbcdcd832713

  • SHA512

    9ede738294f18717afde9cedfed47250fed98d51038856899958d538e936016d3297b0eeef1d65432d8be79a44d51e1034cf158fbe9c73395e7de7cd1d257a31

  • SSDEEP

    3072:9XJK67svdoHwVtn/+MOqULWRYgkc1vHtHE/0V68qXnCXfLmPoqSrMYMXPVTMBF/:9TQVBr2QFps0Jq36t1MJ/ufiMT

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      cae00469e596879445ad223c088b64c3649b6d2fd4374694aba7cbcdcd832713

    • Size

      313KB

    • MD5

      78e3890f59b7a65e35ebee043fe42029

    • SHA1

      1158d3c4b7bf7d0a104de72e70190b89edc74132

    • SHA256

      cae00469e596879445ad223c088b64c3649b6d2fd4374694aba7cbcdcd832713

    • SHA512

      9ede738294f18717afde9cedfed47250fed98d51038856899958d538e936016d3297b0eeef1d65432d8be79a44d51e1034cf158fbe9c73395e7de7cd1d257a31

    • SSDEEP

      3072:9XJK67svdoHwVtn/+MOqULWRYgkc1vHtHE/0V68qXnCXfLmPoqSrMYMXPVTMBF/:9TQVBr2QFps0Jq36t1MJ/ufiMT

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks