General

  • Target

    8baccd2761cb029ca6e15844aaed77d432eda2695566b98f47cb14ad8300754c

  • Size

    272KB

  • Sample

    240502-1wxwkshg67

  • MD5

    d794900fc35a0b2e4b2669ee290e9472

  • SHA1

    19222eb4481c296ed3b87d5852416cb2bf19758c

  • SHA256

    8baccd2761cb029ca6e15844aaed77d432eda2695566b98f47cb14ad8300754c

  • SHA512

    e63b96718fabed24de0be1a263fba2e5b3876aa3984f714996410b7681e7462b88450b4374fc4c35e44e490ad27b676cdfb6f66932cd7813f44d82389b66974f

  • SSDEEP

    3072:YrzSOzJ1MtznZkTgTPPJ/wCm00pQvmLm3+Ti2Cx5Wl97BQbn:YrztzJGtrk8JIU0pQeLmOTi2Cq/1QD

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      8baccd2761cb029ca6e15844aaed77d432eda2695566b98f47cb14ad8300754c

    • Size

      272KB

    • MD5

      d794900fc35a0b2e4b2669ee290e9472

    • SHA1

      19222eb4481c296ed3b87d5852416cb2bf19758c

    • SHA256

      8baccd2761cb029ca6e15844aaed77d432eda2695566b98f47cb14ad8300754c

    • SHA512

      e63b96718fabed24de0be1a263fba2e5b3876aa3984f714996410b7681e7462b88450b4374fc4c35e44e490ad27b676cdfb6f66932cd7813f44d82389b66974f

    • SSDEEP

      3072:YrzSOzJ1MtznZkTgTPPJ/wCm00pQvmLm3+Ti2Cx5Wl97BQbn:YrztzJGtrk8JIU0pQeLmOTi2Cq/1QD

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks