General

  • Target

    c7f96e8dafa3f3a892752e19453eedb5f4ff7b885d5de154e29f2130065ec0f8

  • Size

    283KB

  • Sample

    240505-g91pvahh81

  • MD5

    3cf1012353bf913a981cfa3104bbfb44

  • SHA1

    424184f8fae0890005460efb4539e6b89a189b8b

  • SHA256

    c7f96e8dafa3f3a892752e19453eedb5f4ff7b885d5de154e29f2130065ec0f8

  • SHA512

    acbaa4ffcbd38523b4ccf2083fd6788a3c9d0e9fb21f8a8492718cd3e172b81010399c9e1fa227257b77c900d97e371484e5949ca35ee6f15cf956deff998426

  • SSDEEP

    3072:rZlE0EE0btqo6iOh6UckxEDyTf5Ce9oO3lSqWG5jRKOnc:40Ybtz6thxlWyVCel3EuRK

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      c7f96e8dafa3f3a892752e19453eedb5f4ff7b885d5de154e29f2130065ec0f8

    • Size

      283KB

    • MD5

      3cf1012353bf913a981cfa3104bbfb44

    • SHA1

      424184f8fae0890005460efb4539e6b89a189b8b

    • SHA256

      c7f96e8dafa3f3a892752e19453eedb5f4ff7b885d5de154e29f2130065ec0f8

    • SHA512

      acbaa4ffcbd38523b4ccf2083fd6788a3c9d0e9fb21f8a8492718cd3e172b81010399c9e1fa227257b77c900d97e371484e5949ca35ee6f15cf956deff998426

    • SSDEEP

      3072:rZlE0EE0btqo6iOh6UckxEDyTf5Ce9oO3lSqWG5jRKOnc:40Ybtz6thxlWyVCel3EuRK

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks