General

  • Target

    05bb13e815e36d2b414a3cbed19e0d18de476f6a0a8dcb469dc83552c4ec3cb1

  • Size

    348KB

  • Sample

    240503-lnkhysdg32

  • MD5

    5b93bf6d91918ef740bab003ad55cd76

  • SHA1

    f8fa22e7319a5d3f5a516336259bf380f3bc03ca

  • SHA256

    05bb13e815e36d2b414a3cbed19e0d18de476f6a0a8dcb469dc83552c4ec3cb1

  • SHA512

    e0024c689f9a7786de5afe989853185f8b0fd41b791746f5b069941d639bed40f321fc35a68d9b3288dfaef23d2ff2896a1284ea1910544ebf0b4d7e1649ef96

  • SSDEEP

    6144:ofbx1UCZ2PU3m5JNTci1QzsmjEQVTSFFVUzxtI:oVp2Pd54i1QzsEEQVTS36

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      05bb13e815e36d2b414a3cbed19e0d18de476f6a0a8dcb469dc83552c4ec3cb1

    • Size

      348KB

    • MD5

      5b93bf6d91918ef740bab003ad55cd76

    • SHA1

      f8fa22e7319a5d3f5a516336259bf380f3bc03ca

    • SHA256

      05bb13e815e36d2b414a3cbed19e0d18de476f6a0a8dcb469dc83552c4ec3cb1

    • SHA512

      e0024c689f9a7786de5afe989853185f8b0fd41b791746f5b069941d639bed40f321fc35a68d9b3288dfaef23d2ff2896a1284ea1910544ebf0b4d7e1649ef96

    • SSDEEP

      6144:ofbx1UCZ2PU3m5JNTci1QzsmjEQVTSFFVUzxtI:oVp2Pd54i1QzsEEQVTS36

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks