General

  • Target

    fdf55aadcc784f938afb3abef9c24c5e5fd0f38da2e7103811a8a1a6e74fd180

  • Size

    337KB

  • Sample

    240503-tbqs7sdd63

  • MD5

    9bab899b2e76b4176c3c294036899d7e

  • SHA1

    0ed50237534f4aff1b6394e66f046749c08c08fa

  • SHA256

    fdf55aadcc784f938afb3abef9c24c5e5fd0f38da2e7103811a8a1a6e74fd180

  • SHA512

    16c20b627f899dad6b9e9bfe2fd98319523e9832222a18c7ae96bbeacf3793d18dafd32b89cdc65bae5cfe303d3f673e95321dc1c353cedc23d8a2520286cd11

  • SSDEEP

    6144:ZHhKb/jMSzZYjSq25HHk6YacDHdZO+C3Dasuz:hhKDYSG25n4ASz

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      fdf55aadcc784f938afb3abef9c24c5e5fd0f38da2e7103811a8a1a6e74fd180

    • Size

      337KB

    • MD5

      9bab899b2e76b4176c3c294036899d7e

    • SHA1

      0ed50237534f4aff1b6394e66f046749c08c08fa

    • SHA256

      fdf55aadcc784f938afb3abef9c24c5e5fd0f38da2e7103811a8a1a6e74fd180

    • SHA512

      16c20b627f899dad6b9e9bfe2fd98319523e9832222a18c7ae96bbeacf3793d18dafd32b89cdc65bae5cfe303d3f673e95321dc1c353cedc23d8a2520286cd11

    • SSDEEP

      6144:ZHhKb/jMSzZYjSq25HHk6YacDHdZO+C3Dasuz:hhKDYSG25n4ASz

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks