General

  • Target

    c90a65b71f46867f572e460827a31e48f39a708e9be85b34194b4d2fe57ba48e

  • Size

    290KB

  • Sample

    240505-vzvmqsbc56

  • MD5

    1725a10222e98d4094dcfed99fa353dd

  • SHA1

    75ceeb8acf8bcad67bab4ce4dae9f477fc8e23e3

  • SHA256

    c90a65b71f46867f572e460827a31e48f39a708e9be85b34194b4d2fe57ba48e

  • SHA512

    7bd327a59cfba826fd0b33b006fd8021f92bfca04699fd9f8ec61476385c6d7572ad31d844da2e1b51bbfc9cf08c2968bc3c63bcf3b20083aad5199f9c88fd6f

  • SSDEEP

    3072:Nl2axNxSxTDV71/mgFdyAyaZvluKzCC5InABdJ9m55J4VsohkFTr:hyDdtmgF79ZvMoxAARORohWn

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      c90a65b71f46867f572e460827a31e48f39a708e9be85b34194b4d2fe57ba48e

    • Size

      290KB

    • MD5

      1725a10222e98d4094dcfed99fa353dd

    • SHA1

      75ceeb8acf8bcad67bab4ce4dae9f477fc8e23e3

    • SHA256

      c90a65b71f46867f572e460827a31e48f39a708e9be85b34194b4d2fe57ba48e

    • SHA512

      7bd327a59cfba826fd0b33b006fd8021f92bfca04699fd9f8ec61476385c6d7572ad31d844da2e1b51bbfc9cf08c2968bc3c63bcf3b20083aad5199f9c88fd6f

    • SSDEEP

      3072:Nl2axNxSxTDV71/mgFdyAyaZvluKzCC5InABdJ9m55J4VsohkFTr:hyDdtmgF79ZvMoxAARORohWn

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks