General

  • Target

    b60efaf72765a019ff50b5bb7b1da848e87748907a48f1ade46d2b4f1a426c5f

  • Size

    352KB

  • Sample

    240504-kwt7paca63

  • MD5

    800e8a360097169a1a3b2d8ac5f228d7

  • SHA1

    450b7c48c2bc9802131612ecad161abffcb19482

  • SHA256

    b60efaf72765a019ff50b5bb7b1da848e87748907a48f1ade46d2b4f1a426c5f

  • SHA512

    8f8397e04a713c5b7a164ec3d403abab6edbc4165bd61ddd8bb74881f9fb07b101d46b085a4f32951ca3164cebcb8a8d668606265df7c5ba537291ce16a360ba

  • SSDEEP

    6144:+7rZPRVZdhd9//CNEoqyz3Vm2cqODydatu9sb/5:+7VPRVZdT0Eh0ZJP2b/5

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      b60efaf72765a019ff50b5bb7b1da848e87748907a48f1ade46d2b4f1a426c5f

    • Size

      352KB

    • MD5

      800e8a360097169a1a3b2d8ac5f228d7

    • SHA1

      450b7c48c2bc9802131612ecad161abffcb19482

    • SHA256

      b60efaf72765a019ff50b5bb7b1da848e87748907a48f1ade46d2b4f1a426c5f

    • SHA512

      8f8397e04a713c5b7a164ec3d403abab6edbc4165bd61ddd8bb74881f9fb07b101d46b085a4f32951ca3164cebcb8a8d668606265df7c5ba537291ce16a360ba

    • SSDEEP

      6144:+7rZPRVZdhd9//CNEoqyz3Vm2cqODydatu9sb/5:+7VPRVZdT0Eh0ZJP2b/5

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks