General

  • Target

    08e47dab9a2c530eeae5c20da5912d08d81fa7a6afa501a794d228c6aa5e65c8

  • Size

    351KB

  • Sample

    240504-hb6nwahe48

  • MD5

    00f175e7fbea3130259d85c5bebbf5b1

  • SHA1

    542408201fc72f03cf63bf371bd25e25ebf2c338

  • SHA256

    08e47dab9a2c530eeae5c20da5912d08d81fa7a6afa501a794d228c6aa5e65c8

  • SHA512

    3ca1e0abd6edd537d1104e1c5d29e0bfbe62e6ef48a0edb855b19659da133f81628d8197d618c58754f267ced096bd1e56c46665d477ce6797eaf343d5c87461

  • SSDEEP

    6144:1ybWaB5VLfo/RW4v4HiPgi/QH5+s/W4Uevb/5:gbBB5VLTCPk5+qvb/5

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      08e47dab9a2c530eeae5c20da5912d08d81fa7a6afa501a794d228c6aa5e65c8

    • Size

      351KB

    • MD5

      00f175e7fbea3130259d85c5bebbf5b1

    • SHA1

      542408201fc72f03cf63bf371bd25e25ebf2c338

    • SHA256

      08e47dab9a2c530eeae5c20da5912d08d81fa7a6afa501a794d228c6aa5e65c8

    • SHA512

      3ca1e0abd6edd537d1104e1c5d29e0bfbe62e6ef48a0edb855b19659da133f81628d8197d618c58754f267ced096bd1e56c46665d477ce6797eaf343d5c87461

    • SSDEEP

      6144:1ybWaB5VLfo/RW4v4HiPgi/QH5+s/W4Uevb/5:gbBB5VLTCPk5+qvb/5

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks