General

  • Target

    98b9d9590f0bc4996af69c51b97d5d483007a63034138c022b09ff629c5681d4

  • Size

    349KB

  • Sample

    240503-lx561sdh95

  • MD5

    a11bd51c66f0ed884d64bac890b0c1b8

  • SHA1

    19f6d77e3be16113049f2e1cf5e23600fcf30e36

  • SHA256

    98b9d9590f0bc4996af69c51b97d5d483007a63034138c022b09ff629c5681d4

  • SHA512

    44b086917469f2a911704ea727ee95e6038de0d37ea88f9f4a954782e21bbc82d59b4dcab5a15ee52f606f343317711b9bcf4c1cbfff9db347d3ec191a9464e8

  • SSDEEP

    6144:a2UUQP4Dmuz7TmJAt71EaSYyJwwvdfpUzxtI:a264DmuzY5LJZ2

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      98b9d9590f0bc4996af69c51b97d5d483007a63034138c022b09ff629c5681d4

    • Size

      349KB

    • MD5

      a11bd51c66f0ed884d64bac890b0c1b8

    • SHA1

      19f6d77e3be16113049f2e1cf5e23600fcf30e36

    • SHA256

      98b9d9590f0bc4996af69c51b97d5d483007a63034138c022b09ff629c5681d4

    • SHA512

      44b086917469f2a911704ea727ee95e6038de0d37ea88f9f4a954782e21bbc82d59b4dcab5a15ee52f606f343317711b9bcf4c1cbfff9db347d3ec191a9464e8

    • SSDEEP

      6144:a2UUQP4Dmuz7TmJAt71EaSYyJwwvdfpUzxtI:a264DmuzY5LJZ2

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks