gcleaner | 3809630992fd40ecc6640488fd42aed7a6143a37d79683b8ab8e454c7e4c0506

Analysis

max time kernel
141s
max time network
150s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
17/04/2024, 13:40

Target

03b8ef63390d4611b8caf0670192d03037c0ab000ab9ac4af49fb10043b2a34b.exe
Size

251KB
MD5

fb641c905528cafcdd7dea2f6b418552
SHA1

1752a0074a731a756715006889f3b60a3a41008c
SHA256

03b8ef63390d4611b8caf0670192d03037c0ab000ab9ac4af49fb10043b2a34b
SHA512

1eb0fe1cf41dad00907eed10f38082798f93ccc81c4700b6f54d8152de60d751ba682aef2cc8dfc861d349bf38ca596346bf224adbe0f1c950cc5175062e557b
SSDEEP

6144:fg+fwtDOHDKf0thhI+ePhSPT9eAiIQsflIp:fffwdO40thhI+SS79liIrf

Score

10^/10

gcleaner loader

Family

gcleaner

185.172.128.90

5.42.64.3

5.42.65.115

GCleaner
GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
loader gcleaner
Downloads MZ/PE file

C:\Users\Admin\AppData\Local\Temp\03b8ef63390d4611b8caf0670192d03037c0ab000ab9ac4af49fb10043b2a34b.exe
"C:\Users\Admin\AppData\Local\Temp\03b8ef63390d4611b8caf0670192d03037c0ab000ab9ac4af49fb10043b2a34b.exe"
1⤵
PID:2616

memory/2616-1-0x0000000002420000-0x0000000002520000-memory.dmp

Filesize
1024KB

Download
memory/2616-2-0x0000000000220000-0x000000000025C000-memory.dmp

Filesize
240KB

Download
memory/2616-3-0x0000000000400000-0x00000000022E6000-memory.dmp

Filesize
30.9MB

Download
memory/2616-6-0x0000000002420000-0x0000000002520000-memory.dmp

Filesize
1024KB

Download