gcleaner | 4eab6e8b3e7bf91ab9d323935715298a04def2f07bc0209d0b2b95fef220fb21 | Triage

Submit
Reports

Overview

overview

Static

static

3

ffceaff232...18.exe

windows7-x64

ffceaff232...18.exe

windows10-2004-x64

Sharing

General

Target

ffceaff232f2e205e1dbba7197a28a9a_JaffaCakes118
Size

279KB
Sample

240421-v7c3nagd9w
MD5

ffceaff232f2e205e1dbba7197a28a9a
SHA1

f803f4e45d7762b5b383792eeb8f0246ba136a6a
SHA256

4eab6e8b3e7bf91ab9d323935715298a04def2f07bc0209d0b2b95fef220fb21
SHA512

35bad1e25e4dabb8d062330ed7ffb649eff15f9244e1f0044c81369f79c318d34ad24ea25b18b97f118b2782acf97d2f491ef5587458855a4990ceea43ff584c
SSDEEP

6144:WCIaFPby7cvOOK9qGGxhFCJiS+4TKfBECyVMzcc0g:75by7cv89qGGbM4x4TKfBECoB

Score

10^/10

gcleaner onlylogger loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ffceaff232f2e205e1dbba7197a28a9a_JaffaCakes118.exe

Resource

win7-20240221-en

gcleaner onlylogger loader

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

ffceaff232f2e205e1dbba7197a28a9a_JaffaCakes118.exe

Resource

win10v2004-20240226-en

gcleaner onlylogger loader

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

gcleaner

C2

194.145.227.161

Targets

- Target
  
  ffceaff232f2e205e1dbba7197a28a9a_JaffaCakes118
- Size
  
  279KB
- MD5
  
  ffceaff232f2e205e1dbba7197a28a9a
- SHA1
  
  f803f4e45d7762b5b383792eeb8f0246ba136a6a
- SHA256
  
  4eab6e8b3e7bf91ab9d323935715298a04def2f07bc0209d0b2b95fef220fb21
- SHA512
  
  35bad1e25e4dabb8d062330ed7ffb649eff15f9244e1f0044c81369f79c318d34ad24ea25b18b97f118b2782acf97d2f491ef5587458855a4990ceea43ff584c
- SSDEEP
  
  6144:WCIaFPby7cvOOK9qGGxhFCJiS+4TKfBECyVMzcc0g:75by7cv89qGGbM4x4TKfBECoB
Score

10^/10

gcleaner onlylogger loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
- OnlyLogger
  A tiny loader that uses IPLogger to get its payload.
  loader onlylogger
- OnlyLogger payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gcleaneronlyloggerloader

behavioral2

gcleaneronlyloggerloader

© 2018-2024

Terms | Privacy