General

  • Target

    c442982008035fdf79a30f581aac0a9ea910b4e93be97a3a72de7c1af4cc44da

  • Size

    284KB

  • Sample

    240503-bd3axada88

  • MD5

    0f7d9391ea6159bc8bc00f1d128ec169

  • SHA1

    c10069bc00685f0c3e37d8b763199af763764202

  • SHA256

    c442982008035fdf79a30f581aac0a9ea910b4e93be97a3a72de7c1af4cc44da

  • SHA512

    1e77882ab941fe856ec9da4ec275f6123285aadbf979752c16ef740271a34c259ff19c8c3570fbbb65f2bc04f19bae756f0247f288f8bf52c946ca2450966972

  • SSDEEP

    6144:OHSvjtLpis9DAyXnAfnM7oj1idAKLQD5:sSLtkWzAfnQojQ

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      c442982008035fdf79a30f581aac0a9ea910b4e93be97a3a72de7c1af4cc44da

    • Size

      284KB

    • MD5

      0f7d9391ea6159bc8bc00f1d128ec169

    • SHA1

      c10069bc00685f0c3e37d8b763199af763764202

    • SHA256

      c442982008035fdf79a30f581aac0a9ea910b4e93be97a3a72de7c1af4cc44da

    • SHA512

      1e77882ab941fe856ec9da4ec275f6123285aadbf979752c16ef740271a34c259ff19c8c3570fbbb65f2bc04f19bae756f0247f288f8bf52c946ca2450966972

    • SSDEEP

      6144:OHSvjtLpis9DAyXnAfnM7oj1idAKLQD5:sSLtkWzAfnQojQ

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks