Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ec1ccb6c9aa242c1a09c6e7506fe13673b135747aabbbcac8b9489fc9a756e1c

  • Size

    333KB

  • Sample

    240428-1k388ahg99

  • MD5

    47ca5f456c85ebeea7727fd0f6be2ace

  • SHA1

    12e7e50a2f232d9b22ff7f12012cc2773bb9cd30

  • SHA256

    ec1ccb6c9aa242c1a09c6e7506fe13673b135747aabbbcac8b9489fc9a756e1c

  • SHA512

    c4f791f225239ec7c5cd5e9e4441aa663a72a5f299fc8d1d9110f6397f400d0ff0e9a468472f9a5bafadcd31e177f92d75ab655f1dff56f8dc029fcb8870bffd

  • SSDEEP

    6144:BM9UcwQ2zBaSlZ+R6j5yOyYyETRWuEHR8NU:BMqcwxzhlIRHOy4FVjU

Score
10/10
gcleanerloader

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64
Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      ec1ccb6c9aa242c1a09c6e7506fe13673b135747aabbbcac8b9489fc9a756e1c

    • Size

      333KB

    • MD5

      47ca5f456c85ebeea7727fd0f6be2ace

    • SHA1

      12e7e50a2f232d9b22ff7f12012cc2773bb9cd30

    • SHA256

      ec1ccb6c9aa242c1a09c6e7506fe13673b135747aabbbcac8b9489fc9a756e1c

    • SHA512

      c4f791f225239ec7c5cd5e9e4441aa663a72a5f299fc8d1d9110f6397f400d0ff0e9a468472f9a5bafadcd31e177f92d75ab655f1dff56f8dc029fcb8870bffd

    • SSDEEP

      6144:BM9UcwQ2zBaSlZ+R6j5yOyYyETRWuEHR8NU:BMqcwxzhlIRHOy4FVjU

    Score
    10/10
    gcleanerloader

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks