Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    58f48179ed72fe25993150b8e76ed5840df24d2d8a2f44d90029f6c660d13c7f

  • Size

    284KB

  • Sample

    240404-2g5tbaca6t

  • MD5

    d22dd4863869e0398ac4667817757168

  • SHA1

    65a78748b4321cacb529e8750be7b853a33848dc

  • SHA256

    58f48179ed72fe25993150b8e76ed5840df24d2d8a2f44d90029f6c660d13c7f

  • SHA512

    82b22cc22f5ac9b17763fda1a79df4309dcf37d7578c95212655fb427502c03d1630a80105229aca3d4d64407550a7db6dbbcb84f267674f5feadb09ac06743f

  • SSDEEP

    6144:5LQ3SKqUtYuPWmBoZbu/WJwQs00OuqHEsqN+D5wMMKS:FgSKrtNXoZbu/WaTHOTS+9

Score
10/10
gcleanerloader

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64
Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      58f48179ed72fe25993150b8e76ed5840df24d2d8a2f44d90029f6c660d13c7f

    • Size

      284KB

    • MD5

      d22dd4863869e0398ac4667817757168

    • SHA1

      65a78748b4321cacb529e8750be7b853a33848dc

    • SHA256

      58f48179ed72fe25993150b8e76ed5840df24d2d8a2f44d90029f6c660d13c7f

    • SHA512

      82b22cc22f5ac9b17763fda1a79df4309dcf37d7578c95212655fb427502c03d1630a80105229aca3d4d64407550a7db6dbbcb84f267674f5feadb09ac06743f

    • SSDEEP

      6144:5LQ3SKqUtYuPWmBoZbu/WJwQs00OuqHEsqN+D5wMMKS:FgSKrtNXoZbu/WaTHOTS+9

    Score
    10/10
    gcleanerloader

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks