General

  • Target

    7f8ca779c93161bfe0757abfbbf7a623053f297b0ef1b0455f403a0467bdbb86

  • Size

    282KB

  • Sample

    240503-akazkaab7w

  • MD5

    5fae5c233a79e76178831624040810c2

  • SHA1

    9e87009afc8df7de06b208004771b3568f9cab7e

  • SHA256

    7f8ca779c93161bfe0757abfbbf7a623053f297b0ef1b0455f403a0467bdbb86

  • SHA512

    32918ce97dd6ccc9289f22c09d19c4053974036f2bdcdc6d0fb64a61a062155ea65feecf0d3823f2bda73a94812705bc668a8301f7d632b257b9990bc3f3860b

  • SSDEEP

    3072:U71ETgQVNCOG0QnWT7auDrbfxty9A86m+ilD5A4LAV1OxXoIMd+h5cSBQbn5:TTgQRGdS7jrbf/K+shLAON4ZyQD5

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      7f8ca779c93161bfe0757abfbbf7a623053f297b0ef1b0455f403a0467bdbb86

    • Size

      282KB

    • MD5

      5fae5c233a79e76178831624040810c2

    • SHA1

      9e87009afc8df7de06b208004771b3568f9cab7e

    • SHA256

      7f8ca779c93161bfe0757abfbbf7a623053f297b0ef1b0455f403a0467bdbb86

    • SHA512

      32918ce97dd6ccc9289f22c09d19c4053974036f2bdcdc6d0fb64a61a062155ea65feecf0d3823f2bda73a94812705bc668a8301f7d632b257b9990bc3f3860b

    • SSDEEP

      3072:U71ETgQVNCOG0QnWT7auDrbfxty9A86m+ilD5A4LAV1OxXoIMd+h5cSBQbn5:TTgQRGdS7jrbf/K+shLAON4ZyQD5

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks