General

  • Target

    3e6aadeaba98f3314e954ecbefd825a0269535ec94eb3823a8913d10873f53f2

  • Size

    284KB

  • Sample

    240505-ndynyabf97

  • MD5

    297234d0a537f672aa61629f467cfcb4

  • SHA1

    17e269b5e8a83dd06df6d838ba101c6f2444e971

  • SHA256

    3e6aadeaba98f3314e954ecbefd825a0269535ec94eb3823a8913d10873f53f2

  • SHA512

    4f5aece075430f5d5a514cc0ed1748d0732eae52d331b6aee5e4fa2cafdd6d20dde00ef504c168db9db09ff7ac823a6f8a95289e6f5a2230a0c86234360c28de

  • SSDEEP

    3072:SBMYE5gKO01pu43Z06YSr5sZKfb+6IWzNBJiH5W/KOnx:aE5WIh37YSHFI8NB3/K

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      3e6aadeaba98f3314e954ecbefd825a0269535ec94eb3823a8913d10873f53f2

    • Size

      284KB

    • MD5

      297234d0a537f672aa61629f467cfcb4

    • SHA1

      17e269b5e8a83dd06df6d838ba101c6f2444e971

    • SHA256

      3e6aadeaba98f3314e954ecbefd825a0269535ec94eb3823a8913d10873f53f2

    • SHA512

      4f5aece075430f5d5a514cc0ed1748d0732eae52d331b6aee5e4fa2cafdd6d20dde00ef504c168db9db09ff7ac823a6f8a95289e6f5a2230a0c86234360c28de

    • SSDEEP

      3072:SBMYE5gKO01pu43Z06YSr5sZKfb+6IWzNBJiH5W/KOnx:aE5WIh37YSHFI8NB3/K

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks