General

  • Target

    0a1fecbe23123af0af6057c65ec15b0b25f58d4aead1044abb603b875c58abf2

  • Size

    251KB

  • Sample

    240507-281zfade5y

  • MD5

    336fe7d78d3bca75a24753ace2de600e

  • SHA1

    f8c35f8674793ce1e7edfaf4c86868ea5456888a

  • SHA256

    0a1fecbe23123af0af6057c65ec15b0b25f58d4aead1044abb603b875c58abf2

  • SHA512

    3d044be48c14d6407c2080768061e6d94118790f9aa0f94d9cbd8e9f5dd5d4d77ef83116a26bb518fec413e899a735362f4b28f8118ebe5a96d065dc8014a302

  • SSDEEP

    3072:J33wECzwI7ORulV72yzLYi4fXz90WXakiSJKFagme/k1Ef534sMS8:N3hj70lRzzLD4fXq4zp0agDk1EA3

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      0a1fecbe23123af0af6057c65ec15b0b25f58d4aead1044abb603b875c58abf2

    • Size

      251KB

    • MD5

      336fe7d78d3bca75a24753ace2de600e

    • SHA1

      f8c35f8674793ce1e7edfaf4c86868ea5456888a

    • SHA256

      0a1fecbe23123af0af6057c65ec15b0b25f58d4aead1044abb603b875c58abf2

    • SHA512

      3d044be48c14d6407c2080768061e6d94118790f9aa0f94d9cbd8e9f5dd5d4d77ef83116a26bb518fec413e899a735362f4b28f8118ebe5a96d065dc8014a302

    • SSDEEP

      3072:J33wECzwI7ORulV72yzLYi4fXz90WXakiSJKFagme/k1Ef534sMS8:N3hj70lRzzLD4fXq4zp0agDk1EA3

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks