General

  • Target

    8bffa2a96c2b4c97a324e711cba5bbeabc342b6d320b31efc1231b77ec5a5ba2

  • Size

    344KB

  • Sample

    240503-ppv8maed5s

  • MD5

    f206dd3eb33b3b57dea9ef8d5ffa113d

  • SHA1

    9ec503d2969a66e9d00801903a8be73db4957caf

  • SHA256

    8bffa2a96c2b4c97a324e711cba5bbeabc342b6d320b31efc1231b77ec5a5ba2

  • SHA512

    7cdffae7792e5c10fee39d88edc7830c2759b429c636d607e005e710cca2d39ed12cc72e921774b0edc3d37e6e22a51381174fc63ff0140f48ccac35b9f51de7

  • SSDEEP

    6144:hzpOG7RfvycfjhNdes6Ws4/fDFJX61eUzxtI:hzwGBac71LXM

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      8bffa2a96c2b4c97a324e711cba5bbeabc342b6d320b31efc1231b77ec5a5ba2

    • Size

      344KB

    • MD5

      f206dd3eb33b3b57dea9ef8d5ffa113d

    • SHA1

      9ec503d2969a66e9d00801903a8be73db4957caf

    • SHA256

      8bffa2a96c2b4c97a324e711cba5bbeabc342b6d320b31efc1231b77ec5a5ba2

    • SHA512

      7cdffae7792e5c10fee39d88edc7830c2759b429c636d607e005e710cca2d39ed12cc72e921774b0edc3d37e6e22a51381174fc63ff0140f48ccac35b9f51de7

    • SSDEEP

      6144:hzpOG7RfvycfjhNdes6Ws4/fDFJX61eUzxtI:hzwGBac71LXM

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks