General

  • Target

    06e92a07ccefaa29731528d0b9b0eb0215abbc1c6efec8dad728ad3e03d31ca7

  • Size

    349KB

  • Sample

    240503-jzc7xace38

  • MD5

    d4e93f4da2b7c8335879be795924e3b6

  • SHA1

    1dc3f1db9ce2f7dcd0880f9061af75c9ec10e188

  • SHA256

    06e92a07ccefaa29731528d0b9b0eb0215abbc1c6efec8dad728ad3e03d31ca7

  • SHA512

    cbdb0d5529440efc3eb884210e1070aa616234b0a0014341e34b1b77ec1bb78662ea7f002445bf63741d4fd45bf97a227cb2cb48b9b58c58f682ab40ea7a3316

  • SSDEEP

    6144:MYqJUlXOdJgA49coOnteh3zv5sSbwf5wUzxtI:MJfdJgJOteh3z5s3fz

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      06e92a07ccefaa29731528d0b9b0eb0215abbc1c6efec8dad728ad3e03d31ca7

    • Size

      349KB

    • MD5

      d4e93f4da2b7c8335879be795924e3b6

    • SHA1

      1dc3f1db9ce2f7dcd0880f9061af75c9ec10e188

    • SHA256

      06e92a07ccefaa29731528d0b9b0eb0215abbc1c6efec8dad728ad3e03d31ca7

    • SHA512

      cbdb0d5529440efc3eb884210e1070aa616234b0a0014341e34b1b77ec1bb78662ea7f002445bf63741d4fd45bf97a227cb2cb48b9b58c58f682ab40ea7a3316

    • SSDEEP

      6144:MYqJUlXOdJgA49coOnteh3zv5sSbwf5wUzxtI:MJfdJgJOteh3z5s3fz

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks