Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4094bd82da3c7108956e513389d4966f8a3553270fd0d02c827f10025155d2f7

  • Size

    276KB

  • Sample

    240427-dnj87aaf4v

  • MD5

    59bdda4fe72c51e5a4e14399038c8383

  • SHA1

    6cfa117afa2a0da1bcd70490f54fffac795d5961

  • SHA256

    4094bd82da3c7108956e513389d4966f8a3553270fd0d02c827f10025155d2f7

  • SHA512

    0dd55d596481a7607bac2ab43482d603d595550c79a654f731ef79339d1772cdc1f1000d467ac2c0e6427c9645b594cd0c8d85d656642292929dba206bbea2c4

  • SSDEEP

    3072:ylUvCCc1hdl/VT2z/+umSW8iz++jq1i7r2+5Tgxv0tmM32:d7Mjh2zGcW8izqwrhA0tp

Score
10/10
gcleanerloader

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64
Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      4094bd82da3c7108956e513389d4966f8a3553270fd0d02c827f10025155d2f7

    • Size

      276KB

    • MD5

      59bdda4fe72c51e5a4e14399038c8383

    • SHA1

      6cfa117afa2a0da1bcd70490f54fffac795d5961

    • SHA256

      4094bd82da3c7108956e513389d4966f8a3553270fd0d02c827f10025155d2f7

    • SHA512

      0dd55d596481a7607bac2ab43482d603d595550c79a654f731ef79339d1772cdc1f1000d467ac2c0e6427c9645b594cd0c8d85d656642292929dba206bbea2c4

    • SSDEEP

      3072:ylUvCCc1hdl/VT2z/+umSW8iz++jq1i7r2+5Tgxv0tmM32:d7Mjh2zGcW8izqwrhA0tp

    Score
    10/10
    gcleanerloader

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks