General

  • Target

    f88dd3da43f28e222f2a48f763c75e29e8da098ea45a5f8a21885642d9318735

  • Size

    361KB

  • Sample

    240503-x2zqksge87

  • MD5

    9d757e345932e703d784fb2ea8bfe613

  • SHA1

    66afe79632c7b3b247c8ae75f25e77bac5c5edfa

  • SHA256

    f88dd3da43f28e222f2a48f763c75e29e8da098ea45a5f8a21885642d9318735

  • SHA512

    d31ec3797187ceffdcc7b2a27aa6c260690a59e180936b8664973c4d74db713ab2dfb78be3d9e7ca9c519dcba8718c0b771834a23d950780e9d68d71018245ce

  • SSDEEP

    3072:t/RWx3Gp/rvbxQ+MTpjCNyCQLJDTKHHptK+8+eBHyrmOlNmsiAkGWpxT0W5tqFuH:WkliYxJmSrzlNmefI10WDki

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      f88dd3da43f28e222f2a48f763c75e29e8da098ea45a5f8a21885642d9318735

    • Size

      361KB

    • MD5

      9d757e345932e703d784fb2ea8bfe613

    • SHA1

      66afe79632c7b3b247c8ae75f25e77bac5c5edfa

    • SHA256

      f88dd3da43f28e222f2a48f763c75e29e8da098ea45a5f8a21885642d9318735

    • SHA512

      d31ec3797187ceffdcc7b2a27aa6c260690a59e180936b8664973c4d74db713ab2dfb78be3d9e7ca9c519dcba8718c0b771834a23d950780e9d68d71018245ce

    • SSDEEP

      3072:t/RWx3Gp/rvbxQ+MTpjCNyCQLJDTKHHptK+8+eBHyrmOlNmsiAkGWpxT0W5tqFuH:WkliYxJmSrzlNmefI10WDki

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks