General

  • Target

    7dcc965498fd46237d9e0b1cb876bd40515f117ba14c6a095f899cf82514642a

  • Size

    314KB

  • Sample

    240403-llsrjscb26

  • MD5

    62c56305cbb0cfd240e7a7caf409eb33

  • SHA1

    a0a6a72a5d609a8a96e10ac1189ef2e43c3f8690

  • SHA256

    7dcc965498fd46237d9e0b1cb876bd40515f117ba14c6a095f899cf82514642a

  • SHA512

    71eb57908248d37135ace0e16933966b9484845e08c5b2f8650e7723f1a5c31a28ee21b26564bbf85de3a793564bb03fdd86577727ab04f77304d9ea22995d11

  • SSDEEP

    3072:TR+jfMceOC0JcX+d+MNUM0RiVd/eYiME6b7VMTB9lt2bKuihMiRWtNf4O/itMTQ:TW3epycqfuRi993V+/FReiRWt54uiMT

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      7dcc965498fd46237d9e0b1cb876bd40515f117ba14c6a095f899cf82514642a

    • Size

      314KB

    • MD5

      62c56305cbb0cfd240e7a7caf409eb33

    • SHA1

      a0a6a72a5d609a8a96e10ac1189ef2e43c3f8690

    • SHA256

      7dcc965498fd46237d9e0b1cb876bd40515f117ba14c6a095f899cf82514642a

    • SHA512

      71eb57908248d37135ace0e16933966b9484845e08c5b2f8650e7723f1a5c31a28ee21b26564bbf85de3a793564bb03fdd86577727ab04f77304d9ea22995d11

    • SSDEEP

      3072:TR+jfMceOC0JcX+d+MNUM0RiVd/eYiME6b7VMTB9lt2bKuihMiRWtNf4O/itMTQ:TW3epycqfuRi993V+/FReiRWt54uiMT

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks