General

  • Target

    af076f5b52d72ca1087120d530d51acfc05e2391b9c493f2150e93ca7e177784

  • Size

    274KB

  • Sample

    240502-3sgfjabf63

  • MD5

    bda85dcc0a3dbbb6cea1522e25fdfb3f

  • SHA1

    6b9575a5082236b13d37724022f25106ce455899

  • SHA256

    af076f5b52d72ca1087120d530d51acfc05e2391b9c493f2150e93ca7e177784

  • SHA512

    f406164c64cc99bfc40ac37c5969cf89fa1840c9949dcc8676234c213e9fc76978a353f5a0d456d1b66812cd41d9e3738cda7074eab61d92923b8d2aab47bbca

  • SSDEEP

    6144:dzyHOG1D2edbrzZ8Yekorw26HMT5WniffQD5:ZqrR2KzEDgMT5z

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      af076f5b52d72ca1087120d530d51acfc05e2391b9c493f2150e93ca7e177784

    • Size

      274KB

    • MD5

      bda85dcc0a3dbbb6cea1522e25fdfb3f

    • SHA1

      6b9575a5082236b13d37724022f25106ce455899

    • SHA256

      af076f5b52d72ca1087120d530d51acfc05e2391b9c493f2150e93ca7e177784

    • SHA512

      f406164c64cc99bfc40ac37c5969cf89fa1840c9949dcc8676234c213e9fc76978a353f5a0d456d1b66812cd41d9e3738cda7074eab61d92923b8d2aab47bbca

    • SSDEEP

      6144:dzyHOG1D2edbrzZ8Yekorw26HMT5WniffQD5:ZqrR2KzEDgMT5z

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks