General

  • Target

    ecc5c10b6a6f399755c17460ba7ada97ad122c92e3e883035dc8ddb2613fbd9b

  • Size

    361KB

  • Sample

    240503-yzxc4sec81

  • MD5

    13b7ade6cd5211885f4012a4dd127336

  • SHA1

    b25e37efcac222bbe027eb259232619cf2877d85

  • SHA256

    ecc5c10b6a6f399755c17460ba7ada97ad122c92e3e883035dc8ddb2613fbd9b

  • SHA512

    e3c37818d8cc33a919bb9c16740b2c96585dcd03cac0606f3464a1d590eccff6f420c20b6181d176374340cc19f351ce052df8852d4629998c3df0a723516514

  • SSDEEP

    6144:R2KgBDEbzcEdquq0W+3fkm9ih6pNV4TA10W1i:RpgBDxEdquFWcfjiQv4wvi

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      ecc5c10b6a6f399755c17460ba7ada97ad122c92e3e883035dc8ddb2613fbd9b

    • Size

      361KB

    • MD5

      13b7ade6cd5211885f4012a4dd127336

    • SHA1

      b25e37efcac222bbe027eb259232619cf2877d85

    • SHA256

      ecc5c10b6a6f399755c17460ba7ada97ad122c92e3e883035dc8ddb2613fbd9b

    • SHA512

      e3c37818d8cc33a919bb9c16740b2c96585dcd03cac0606f3464a1d590eccff6f420c20b6181d176374340cc19f351ce052df8852d4629998c3df0a723516514

    • SSDEEP

      6144:R2KgBDEbzcEdquq0W+3fkm9ih6pNV4TA10W1i:RpgBDxEdquFWcfjiQv4wvi

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks